github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 01:38:56 -04:00
Code Issues Projects Releases Packages Wiki Activity

[Osquery] Update Cypress tests (#159889)

Browse source 
## Summary

Update Osquery tests to changes done in
https://github.com/elastic/kibana/pull/159733
Add Osquery Cypress to `on_merge_unsupported_ftrs.yml` to get
notifications once tests are failing

---------

Co-authored-by: Tomasz Ciecierski <ciecierskitomek@gmail.com>
Co-authored-by: Tomasz Ciecierski <tomasz.ciecierski@elastic.co>
This commit is contained in:
Patryk Kopyciński 2023-06-20 16:18:29 +02:00 committed by GitHub
parent e73381dada
commit 9c70d9737e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 33 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

16
.buildkite/pipelines/on_merge_unsupported_ftrs.yml
View file

@ -107,6 +107,22 @@ steps:
artifact_paths:
- "target/kibana-security-solution/**/*"
- command: .buildkite/scripts/steps/functional/osquery_cypress.sh
label: 'Osquery Cypress Tests'
agents:
queue: n2-4-spot
depends_on: build
timeout_in_minutes: 50
parallelism: 6
retry:
automatic:
- exit_status: '-1'
limit: 3
- exit_status: '*'
limit: 1
artifact_paths:
- "target/kibana-osquery/**/*"
- command: .buildkite/scripts/steps/functional/synthetics_plugin.sh
label: 'Synthetics @elastic/synthetics Tests'
agents:

24
x-pack/plugins/osquery/cypress/e2e/all/alerts.cy.ts
View file

@ -448,8 +448,8 @@ describe('Alert Event Details', () => {
it('sees osquery results from last action and add to a case', () => {
loadRuleAlerts(ruleName);
cy.getBySel('expand-event').first().click();
cy.contains('Osquery Results').click();
cy.getBySel('osquery-results').should('exist');
cy.getBySel('responseActionsViewTab').click();
cy.getBySel('responseActionsViewWrapper').should('exist');
cy.contains('select * from users;');
cy.contains("SELECT * FROM os_version where name='Ubuntu';");
cy.getBySel('osquery-results-comment').each(($comment) => {
@ -498,8 +498,8 @@ describe('Alert Event Details', () => {
const discoverRegex = new RegExp(`action_id: ${UUID_REGEX}`);
loadRuleAlerts(ruleName);
cy.getBySel('expand-event').first().click();
cy.contains('Osquery Results').click();
cy.getBySel('osquery-results').should('exist');
cy.getBySel('responseActionsViewTab').click();
cy.getBySel('responseActionsViewWrapper').should('exist');
checkActionItemsInResults({
lens: true,
discover: true,
@ -539,8 +539,8 @@ describe('Alert Event Details', () => {
const lensRegex = new RegExp(`Action ${UUID_REGEX} results`);
loadRuleAlerts(ruleName);
cy.getBySel('expand-event').first().click();
cy.contains('Osquery Results').click();
cy.getBySel('osquery-results').should('exist');
cy.getBySel('responseActionsViewTab').click();
cy.getBySel('responseActionsViewWrapper').should('exist');
checkActionItemsInResults({
lens: true,
discover: true,
@ -589,8 +589,8 @@ describe('Alert Event Details', () => {
const filterRegex = new RegExp(`action_id: "${UUID_REGEX}"`);
loadRuleAlerts(ruleName);
cy.getBySel('expand-event').first().click();
cy.contains('Osquery Results').click();
cy.getBySel('osquery-results').should('exist');
cy.getBySel('responseActionsViewTab').click();
cy.getBySel('responseActionsViewWrapper').should('exist');
checkActionItemsInResults({
lens: true,
discover: true,
@ -632,22 +632,22 @@ describe('Alert Event Details', () => {
let updatedNotificationCount: number;
loadRuleAlerts(ruleName);
cy.getBySel('expand-event').first().click();
cy.getBySel('osquery-actions-notification')
cy.getBySel('response-actions-notification')
.should('not.have.text', '0')
.then((element) => {
initialNotificationCount = parseInt(element.text(), 10);
});
takeOsqueryActionWithParams();
cy.getBySel('osquery-empty-button').click();
cy.getBySel('osquery-actions-notification')
cy.getBySel('response-actions-notification')
.should('not.have.text', '0')
.then((element) => {
updatedNotificationCount = parseInt(element.text(), 10);
expect(initialNotificationCount).to.be.equal(updatedNotificationCount - 1);
})
.then(() => {
cy.contains('Osquery Results').click();
cy.getBySel('osquery-results').within(() => {
cy.getBySel('responseActionsViewTab').click();
cy.getBySel('responseActionsViewWrapper').within(() => {
cy.contains('tags');
cy.getBySel('osquery-results-comment').should('have.length', updatedNotificationCount);
});

6
x-pack/plugins/osquery/cypress/e2e/roles/none.cy.ts
View file

@ -65,12 +65,8 @@ describe('None', () => {
cy.visit(`/app/security/rules/id/${ruleId}/alerts`);
cy.getBySel('expand-event').first().click();
cy.getBySel('take-action-dropdown-btn').click();
cy.getBySel('osquery-action-item').should('not.exist');
cy.getBySel('osquery-actions-notification').contains('0');
cy.contains('Osquery Results').click();
cy.getBySel('responseActionsViewTab').click();
cy.contains('Permission denied').should('exist');
cy.contains('Error while fetching live queries').should('exist');
});
});
});

5
x-pack/plugins/security_solution/public/management/hooks/response_actions/use_get_automated_action_list.ts
View file

@ -32,6 +32,9 @@ interface GetAutomatedActionsListOptions {
enabled: boolean;
}
// Make sure we keep this and ACTIONS_QUERY_KEY in osquery_flyout.tsx in sync.
const ACTIONS_QUERY_KEY = 'actions';
export const useGetAutomatedActionList = (
query: EndpointAutomatedActionListRequestQuery,
{ enabled }: GetAutomatedActionsListOptions
@ -40,7 +43,7 @@ export const useGetAutomatedActionList = (
const { alertIds } = query;
return useQuery({
queryKey: ['get-automated-action-list', { alertIds }],
queryKey: [ACTIONS_QUERY_KEY, { alertId: alertIds[0] }],
queryFn: async () => {
const responseData = await lastValueFrom(
data.search.search<ActionRequestOptions, ActionRequestStrategyResponse>(