[ Security Solution ] One discover security context functional tests (#199818)

## Summary Fixes https://github.com/elastic/security-team/issues/11112 Follow up to - https://github.com/elastic/kibana/pull/199279 Adds functional test for Security Profiles in One Discover. ### Checklist Delete any items that are not applicable to this PR. - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
2025-04-24 01:38:56 -04:00 · 2024-12-10 10:38:43 +01:00 · 2024-12-10 10:38:43 +01:00 · 9619d610d1
commit 9619d610d1
parent b9addc2f23
7 changed files with 172 additions and 11 deletions
--- a/.buildkite/ftr_security_serverless_configs.yml
+++ b/.buildkite/ftr_security_serverless_configs.yml
@ -37,6 +37,7 @@ enabled:
  - x-pack/test_serverless/functional/test_suites/security/config.cloud_security_posture.agentless.ts
  - x-pack/test_serverless/functional/test_suites/security/config.saved_objects_management.ts
  - x-pack/test_serverless/functional/test_suites/security/config.context_awareness.ts
+  - x-pack/test_serverless/functional/test_suites/security/config.examples.context_awareness.ts
  - x-pack/test_serverless/functional/test_suites/security/common_configs/config.group1.ts
  - x-pack/test_serverless/functional/test_suites/security/common_configs/config.group2.ts
  - x-pack/test_serverless/functional/test_suites/security/common_configs/config.group3.ts
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@ -1093,8 +1093,8 @@ x-pack/test_serverless/api_integration/test_suites/common/platform_security @ela
 /x-pack/test/api_integration/apis/kibana/kql_telemetry @elastic/kibana-data-discovery @elastic/kibana-visualizations
 /x-pack/test_serverless/functional/es_archives/pre_calculated_histogram @elastic/kibana-data-discovery
 /x-pack/test_serverless/functional/es_archives/kibana_sample_data_flights_index_pattern @elastic/kibana-data-discovery
-/x-pack/test_serverless/functional/test_suites/security/config.examples.ts @elastic/kibana-data-discovery
-/x-pack/test_serverless/functional/test_suites/security/config.context_awareness.ts @elastic/kibana-data-discovery
+/x-pack/test_serverless/functional/test_suites/security/config.examples.ts   @elastic/kibana-data-discovery
+/x-pack/test_serverless/functional/test_suites/security/config.examples.context_awareness.ts @elastic/kibana-data-discovery
 /test/accessibility/apps/discover.ts @elastic/kibana-data-discovery
 /test/api_integration/apis/data_views @elastic/kibana-data-discovery
 /test/api_integration/apis/data_view_field_editor @elastic/kibana-data-discovery
@ -2112,6 +2112,7 @@ x-pack/test/api_integration/apis/management/index_management/inference_endpoints
 x-pack/test_serverless/functional/test_suites/security/config.mki_only.ts @elastic/security-solution @elastic/appex-qa
 x-pack/test_serverless/functional/test_suites/security/index.mki_only.ts @elastic/security-solution @elastic/appex-qa @elastic/kibana-cloud-security-posture
 /x-pack/test_serverless/functional/test_suites/security/config.feature_flags.ts @elastic/security-solution @elastic/kibana-cloud-security-posture
+/x-pack/test_serverless/functional/test_suites/security/constants.ts @elastic/security-solution
 /x-pack/test_serverless/api_integration/test_suites/observability/config.feature_flags.ts @elastic/security-solution
 /x-pack/test_serverless/functional/test_suites/common/spaces/multiple_spaces_enabled.ts @elastic/security-solution
 /x-pack/test/functional/es_archives/endpoint/ @elastic/security-solution
@ -2245,6 +2246,7 @@ x-pack/test/security_solution_cypress/cypress/tasks/expandable_flyout  @elastic/
 /x-pack/plugins/security_solution/public/app/home/template_wrapper/timeline @elastic/security-threat-hunting-investigations

 /x-pack/plugins/security_solution/server/lib/timeline @elastic/security-threat-hunting-investigations
+/x-pack/test_serverless/functional/test_suites/security/config.context_awareness.ts @elastic/security-threat-hunting-investigations

 ## Security Solution Threat Hunting areas - Threat Hunting Explore
 /x-pack/plugins/security_solution/common/api/tags @elastic/security-threat-hunting-explore
--- a/x-pack/test_serverless/functional/test_suites/security/config.context_awareness.ts
+++ b/x-pack/test_serverless/functional/test_suites/security/config.context_awareness.ts
@ -9,19 +9,15 @@ import { createTestConfig } from '../../config.base';

 export default createTestConfig({
  serverlessProject: 'security',
-  testFiles: [require.resolve('../common/discover/context_awareness')],
+  testFiles: [require.resolve('./ftr/discover/context_awareness')],
  junit: {
-    reportName: 'Serverless Security Discover Context Awareness Functional Tests',
+    reportName:
+      'Serverless Security Discover Context Awareness Functional Tests - Security Profiles',
  },
  kbnServerArgs: [
-    `--discover.experimental.enabledProfiles=${JSON.stringify([
-      'example-root-profile',
-      'example-solution-view-root-profile',
-      'example-data-source-profile',
-      'example-document-profile',
-    ])}`,
+    `--discover.experimental.enabledProfiles=${JSON.stringify(['security-root-profile'])}`,
  ],
  // include settings from project controller
-  // https://github.com/elastic/project-controller/blob/main/internal/project/observability/config/elasticsearch.yml
+  // https://github.com/elastic/elasticsearch-controller/blob/main/helm/values.yaml
  esServerArgs: ['xpack.ml.dfa.enabled=false'],
 });
--- a/x-pack/test_serverless/functional/test_suites/security/config.examples.context_awareness.ts
+++ b/x-pack/test_serverless/functional/test_suites/security/config.examples.context_awareness.ts
@ -0,0 +1,28 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { createTestConfig } from '../../config.base';
+
+export default createTestConfig({
+  serverlessProject: 'security',
+  testFiles: [require.resolve('../common/discover/context_awareness')],
+  junit: {
+    reportName:
+      'Serverless Security Discover Context Awareness Functional Tests - Example Profiles',
+  },
+  kbnServerArgs: [
+    `--discover.experimental.enabledProfiles=${JSON.stringify([
+      'example-root-profile',
+      'example-solution-view-root-profile',
+      'example-data-source-profile',
+      'example-document-profile',
+    ])}`,
+  ],
+  // include settings from project controller
+  // https://github.com/elastic/project-controller/blob/main/internal/project/observability/config/elasticsearch.yml
+  esServerArgs: ['xpack.ml.dfa.enabled=false'],
+});
--- a/x-pack/test_serverless/functional/test_suites/security/constants.ts
+++ b/x-pack/test_serverless/functional/test_suites/security/constants.ts
@ -0,0 +1,8 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+export const SECURITY_ES_ARCHIVES_DIR = 'x-pack/test/security_solution_cypress/es_archives';
--- a/x-pack/test_serverless/functional/test_suites/security/ftr/discover/context_awareness/cell_renderer.ts
+++ b/x-pack/test_serverless/functional/test_suites/security/ftr/discover/context_awareness/cell_renderer.ts
@ -0,0 +1,86 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import kbnRison from '@kbn/rison';
+import expect from '@kbn/expect';
+import path from 'path';
+import { FtrProviderContext } from '../../../../../ftr_provider_context';
+import { SECURITY_ES_ARCHIVES_DIR } from '../../../constants';
+
+export default function ({ getService, getPageObjects }: FtrProviderContext) {
+  const PageObjects = getPageObjects(['common', 'timePicker', 'discover', 'svlCommonPage']);
+  const testSubjects = getService('testSubjects');
+  const dataViews = getService('dataViews');
+  const esArchiver = getService('esArchiver');
+  const queryBar = getService('queryBar');
+
+  describe('security root profile', () => {
+    before(async () => {
+      await PageObjects.svlCommonPage.loginAsViewer();
+      await esArchiver.loadIfNeeded(path.join(SECURITY_ES_ARCHIVES_DIR, 'auditbeat_single'));
+    });
+
+    after(async () => {
+      await esArchiver.unload(path.join(SECURITY_ES_ARCHIVES_DIR, 'auditbeat_single'));
+    });
+
+    describe('cell renderers', () => {
+      describe('host.name', () => {
+        describe('DataView mode', () => {
+          it('should open host.name flyout', async () => {
+            await PageObjects.common.navigateToActualUrl('discover', undefined, {
+              ensureCurrentUrl: false,
+            });
+            await dataViews.createFromSearchBar({
+              name: 'auditbeat-2022',
+              adHoc: true,
+              hasTimeField: true,
+            });
+            await queryBar.setQuery('host.name: "siem-kibana"');
+            await queryBar.clickQuerySubmitButton();
+            await PageObjects.discover.waitUntilSearchingHasFinished();
+            await PageObjects.discover.dragFieldToTable('host.name');
+            expect((await PageObjects.discover.getColumnHeaders()).join(', ')).to.be(
+              '@timestamp, host.name'
+            );
+            // security host.name button
+            const hostName = await testSubjects.findAll('host-details-button', 2500);
+            expect(hostName).to.have.length(1);
+            await hostName[0].click();
+            await testSubjects.existOrFail('host-panel-header', { timeout: 2500 });
+            await testSubjects.existOrFail('asset-criticality-selector', { timeout: 2500 });
+            await testSubjects.existOrFail('observedEntity-accordion', { timeout: 2500 });
+          });
+        });
+
+        describe('ES|QL mode', () => {
+          it('should open host.name flyout', async () => {
+            const state = kbnRison.encode({
+              dataSource: { type: 'esql' },
+
+              query: { esql: 'from auditbeat-2022 | WHERE host.name == "siem-kibana"' },
+            });
+
+            await PageObjects.common.navigateToActualUrl('discover', `?_a=${state}`, {
+              ensureCurrentUrl: false,
+            });
+            await PageObjects.discover.waitUntilSearchingHasFinished();
+            await PageObjects.discover.dragFieldToTable('host.name');
+            expect((await PageObjects.discover.getColumnHeaders()).join(', ')).to.be('host.name');
+            // security host.name button
+            const hostName = await testSubjects.findAll('host-details-button', 2500);
+            expect(hostName).to.have.length(1);
+            await hostName[0].click();
+            await testSubjects.existOrFail('host-panel-header', { timeout: 2500 });
+            await testSubjects.existOrFail('asset-criticality-selector', { timeout: 2500 });
+            await testSubjects.existOrFail('observedEntity-accordion', { timeout: 2500 });
+          });
+        });
+      });
+    });
+  });
+}
--- a/x-pack/test_serverless/functional/test_suites/security/ftr/discover/context_awareness/index.ts
+++ b/x-pack/test_serverless/functional/test_suites/security/ftr/discover/context_awareness/index.ts
@ -0,0 +1,40 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { FtrProviderContext } from '../../../../../ftr_provider_context';
+
+export default function ({ getService, getPageObjects, loadTestFile }: FtrProviderContext) {
+  const esArchiver = getService('esArchiver');
+  const kibanaServer = getService('kibanaServer');
+  const PageObjects = getPageObjects(['timePicker', 'svlCommonPage']);
+  const from = '2017-06-10T14:00:00.000Z';
+  const to = '2024-06-10T16:30:00.000Z';
+
+  describe('discover/security/context_awareness', function () {
+    this.tags(['esGate']);
+
+    before(async () => {
+      await esArchiver.load('test/functional/fixtures/es_archiver/discover/context_awareness');
+      await kibanaServer.importExport.load(
+        'test/functional/fixtures/kbn_archiver/discover/context_awareness'
+      );
+      await kibanaServer.uiSettings.update({
+        'timepicker:timeDefaults': `{ "from": "${from}", "to": "${to}"}`,
+      });
+    });
+
+    after(async () => {
+      await esArchiver.unload('test/functional/fixtures/es_archiver/discover/context_awareness');
+      await kibanaServer.importExport.unload(
+        'test/functional/fixtures/kbn_archiver/discover/context_awareness'
+      );
+      await PageObjects.timePicker.resetDefaultAbsoluteRangeViaUiSettings();
+    });
+
+    loadTestFile(require.resolve('./cell_renderer'));
+  });
+}