github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-23 01:13:23 -04:00
Code Issues Projects Releases Packages Wiki Activity

[Detection Engine] Skips failing tests on the periodic pipeline (#187280)

Browse source 
## Summary

Skips failing tests on the periodic pipeline
This commit is contained in:
Gloria Hornero 2024-07-01 19:32:56 +02:00 committed by GitHub
parent 00337de019
commit a6cc252a83
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 170 additions and 164 deletions
Download patch file Download diff file Expand all files Collapse all files

331
x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/rule_details_flow/add_edit_endpoint_exception.cy.ts
View file

@ -48,185 +48,190 @@ import {
deleteExceptionLists,
} from '../../../../../tasks/api_calls/exceptions';
describe('Add endpoint exception from rule details', { tags: ['@ess', '@serverless'] }, () => {
const ITEM_NAME = 'Sample Exception List Item';
const NEW_ITEM_NAME = 'Exception item-EDITED';
const ITEM_FIELD = 'event.code';
const FIELD_DIFFERENT_FROM_EXISTING_ITEM_FIELD = 'agent.type';
// https://github.com/elastic/kibana/issues/187279
describe(
'Add endpoint exception from rule details',
{ tags: ['@ess', '@serverless, @skipInServerlessMKI'] },
() => {
const ITEM_NAME = 'Sample Exception List Item';
const NEW_ITEM_NAME = 'Exception item-EDITED';
const ITEM_FIELD = 'event.code';
const FIELD_DIFFERENT_FROM_EXISTING_ITEM_FIELD = 'agent.type';
before(() => {
cy.task('esArchiverLoad', { archiveName: 'auditbeat_multiple' });
});
after(() => {
cy.task('esArchiverUnload', { archiveName: 'auditbeat_multiple' });
});
beforeEach(() => {
deleteExceptionLists();
deleteEndpointExceptionList();
login();
deleteAlertsAndRules();
});
describe('without exception items', () => {
beforeEach(() => {
createEndpointExceptionList().then((response) => {
createRule(
getNewRule({
query: 'event.code:*',
index: ['auditbeat*'],
exceptions_list: [
{
id: response.body.id,
list_id: response.body.list_id,
type: response.body.type,
namespace_type: response.body.namespace_type,
},
],
rule_id: '2',
enabled: false,
})
).then((rule) => visitRuleDetailsPage(rule.body.id, { tab: 'endpoint_exceptions' }));
});
before(() => {
cy.task('esArchiverLoad', { archiveName: 'auditbeat_multiple' });
});
it('creates an exception item', () => {
// when no exceptions exist, empty component shows with action to add exception
cy.get(NO_EXCEPTIONS_EXIST_PROMPT).should('exist');
// open add exception modal
openExceptionFlyoutFromEmptyViewerPrompt();
// submit button is disabled if no paramerters were added
cy.get(CONFIRM_BTN).should('have.attr', 'disabled');
// for endpoint exceptions, must specify OS
selectOs('windows');
// add exception item conditions
addExceptionConditions({
field: 'event.code',
operator: 'is',
values: ['foo'],
});
// Name is required so want to check that submit is still disabled
cy.get(CONFIRM_BTN).should('have.attr', 'disabled');
// add exception item name
addExceptionFlyoutItemName(ITEM_NAME);
// Option to add to rule or add to list should NOT appear
cy.get(ADD_TO_RULE_OR_LIST_SECTION).should('not.exist');
// not testing close alert functionality here, just ensuring that the options appear as expected
cy.get(CLOSE_SINGLE_ALERT_CHECKBOX).should('not.exist');
cy.get(CLOSE_ALERTS_CHECKBOX).should('exist');
// submit
submitNewExceptionItem();
// new exception item displays
cy.get(EXCEPTION_ITEM_VIEWER_CONTAINER).should('have.length', 1);
after(() => {
cy.task('esArchiverUnload', { archiveName: 'auditbeat_multiple' });
});
});
// FLAKY: https://github.com/elastic/kibana/issues/179582
describe.skip('with exception items', () => {
beforeEach(() => {
createEndpointExceptionList().then((response) => {
createEndpointExceptionListItem({
comments: [],
description: 'Exception list item',
entries: [
{
field: ITEM_FIELD,
operator: 'included',
type: 'match',
value: 'foo',
},
],
name: ITEM_NAME,
tags: [],
type: 'simple',
os_types: ['windows'],
});
deleteExceptionLists();
deleteEndpointExceptionList();
createRule(
getNewRule({
name: 'Rule with exceptions',
query: 'event.code:*',
index: ['auditbeat*'],
exceptions_list: [
{
id: response.body.id,
list_id: response.body.list_id,
type: response.body.type,
namespace_type: response.body.namespace_type,
},
],
rule_id: '2',
enabled: false,
})
).then((rule) => {
visitRuleDetailsPage(rule.body.id, { tab: 'endpoint_exceptions' });
waitForRuleDetailsPageToBeLoaded('Rule with exceptions');
login();
deleteAlertsAndRules();
});
describe('without exception items', () => {
beforeEach(() => {
createEndpointExceptionList().then((response) => {
createRule(
getNewRule({
query: 'event.code:*',
index: ['auditbeat*'],
exceptions_list: [
{
id: response.body.id,
list_id: response.body.list_id,
type: response.body.type,
namespace_type: response.body.namespace_type,
},
],
rule_id: '2',
enabled: false,
})
).then((rule) => visitRuleDetailsPage(rule.body.id, { tab: 'endpoint_exceptions' }));
});
});
it('creates an exception item', () => {
// when no exceptions exist, empty component shows with action to add exception
cy.get(NO_EXCEPTIONS_EXIST_PROMPT).should('exist');
// open add exception modal
openExceptionFlyoutFromEmptyViewerPrompt();
// submit button is disabled if no paramerters were added
cy.get(CONFIRM_BTN).should('have.attr', 'disabled');
// for endpoint exceptions, must specify OS
selectOs('windows');
// add exception item conditions
addExceptionConditions({
field: 'event.code',
operator: 'is',
values: ['foo'],
});
// Name is required so want to check that submit is still disabled
cy.get(CONFIRM_BTN).should('have.attr', 'disabled');
// add exception item name
addExceptionFlyoutItemName(ITEM_NAME);
// Option to add to rule or add to list should NOT appear
cy.get(ADD_TO_RULE_OR_LIST_SECTION).should('not.exist');
// not testing close alert functionality here, just ensuring that the options appear as expected
cy.get(CLOSE_SINGLE_ALERT_CHECKBOX).should('not.exist');
cy.get(CLOSE_ALERTS_CHECKBOX).should('exist');
// submit
submitNewExceptionItem();
// new exception item displays
cy.get(EXCEPTION_ITEM_VIEWER_CONTAINER).should('have.length', 1);
});
});
it('edits an endpoint exception item', () => {
// displays existing exception items
cy.get(EXCEPTION_ITEM_VIEWER_CONTAINER).should('have.length', 1);
cy.get(NO_EXCEPTIONS_EXIST_PROMPT).should('not.exist');
cy.get(EXCEPTION_CARD_ITEM_NAME).should('have.text', ITEM_NAME);
cy.get(EXCEPTION_CARD_ITEM_CONDITIONS).should('have.text', ` ${ITEM_FIELD}IS foo`);
// FLAKY: https://github.com/elastic/kibana/issues/179582
describe.skip('with exception items', () => {
beforeEach(() => {
createEndpointExceptionList().then((response) => {
createEndpointExceptionListItem({
comments: [],
description: 'Exception list item',
entries: [
{
field: ITEM_FIELD,
operator: 'included',
type: 'match',
value: 'foo',
},
],
name: ITEM_NAME,
tags: [],
type: 'simple',
os_types: ['windows'],
});
// open edit exception modal
openEditException();
createRule(
getNewRule({
name: 'Rule with exceptions',
query: 'event.code:*',
index: ['auditbeat*'],
exceptions_list: [
{
id: response.body.id,
list_id: response.body.list_id,
type: response.body.type,
namespace_type: response.body.namespace_type,
},
],
rule_id: '2',
enabled: false,
})
).then((rule) => {
visitRuleDetailsPage(rule.body.id, { tab: 'endpoint_exceptions' });
waitForRuleDetailsPageToBeLoaded('Rule with exceptions');
});
});
});
// edit exception item name
editExceptionFlyoutItemName(NEW_ITEM_NAME);
it('edits an endpoint exception item', () => {
// displays existing exception items
cy.get(EXCEPTION_ITEM_VIEWER_CONTAINER).should('have.length', 1);
cy.get(NO_EXCEPTIONS_EXIST_PROMPT).should('not.exist');
cy.get(EXCEPTION_CARD_ITEM_NAME).should('have.text', ITEM_NAME);
cy.get(EXCEPTION_CARD_ITEM_CONDITIONS).should('have.text', ` ${ITEM_FIELD}IS foo`);
// check that the existing item's field is being populated
cy.get(EXCEPTION_ITEM_CONTAINER)
.eq(0)
.find(FIELD_INPUT_PARENT)
.eq(0)
.should('have.value', ITEM_FIELD);
cy.get(VALUES_INPUT).should('have.value', 'foo');
// open edit exception modal
openEditException();
// edit conditions
editException(FIELD_DIFFERENT_FROM_EXISTING_ITEM_FIELD, 0, 0);
// edit exception item name
editExceptionFlyoutItemName(NEW_ITEM_NAME);
// submit
submitEditedExceptionItem();
// check that the existing item's field is being populated
cy.get(EXCEPTION_ITEM_CONTAINER)
.eq(0)
.find(FIELD_INPUT_PARENT)
.eq(0)
.should('have.value', ITEM_FIELD);
cy.get(VALUES_INPUT).should('have.value', 'foo');
// new exception item displays
cy.get(EXCEPTION_ITEM_VIEWER_CONTAINER).should('have.length', 1);
// edit conditions
editException(FIELD_DIFFERENT_FROM_EXISTING_ITEM_FIELD, 0, 0);
// check that updates stuck
cy.get(EXCEPTION_CARD_ITEM_NAME).should('have.text', NEW_ITEM_NAME);
cy.get(EXCEPTION_CARD_ITEM_CONDITIONS).should('have.text', ' agent.typeIS foo');
// submit
submitEditedExceptionItem();
// new exception item displays
cy.get(EXCEPTION_ITEM_VIEWER_CONTAINER).should('have.length', 1);
// check that updates stuck
cy.get(EXCEPTION_CARD_ITEM_NAME).should('have.text', NEW_ITEM_NAME);
cy.get(EXCEPTION_CARD_ITEM_CONDITIONS).should('have.text', ' agent.typeIS foo');
});
it('allows user to search for items', () => {
cy.get(EXCEPTION_ITEM_VIEWER_CONTAINER).should('have.length', 1);
// can search for an exception value
searchForExceptionItem('foo');
// new exception item displays
cy.get(EXCEPTION_ITEM_VIEWER_CONTAINER).should('have.length', 1);
// displays empty search result view if no matches found
searchForExceptionItem('abc');
// new exception item displays
cy.get(NO_EXCEPTIONS_SEARCH_RESULTS_PROMPT).should('exist');
});
});
it('allows user to search for items', () => {
cy.get(EXCEPTION_ITEM_VIEWER_CONTAINER).should('have.length', 1);
// can search for an exception value
searchForExceptionItem('foo');
// new exception item displays
cy.get(EXCEPTION_ITEM_VIEWER_CONTAINER).should('have.length', 1);
// displays empty search result view if no matches found
searchForExceptionItem('abc');
// new exception item displays
cy.get(NO_EXCEPTIONS_SEARCH_RESULTS_PROMPT).should('exist');
});
});
});
}
);

3
x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_creation/custom_query_rule.cy.ts
View file

@ -73,7 +73,8 @@ describe('Create custom query rule', { tags: ['@ess', '@serverless'] }, () => {
cy.get(GLOBAL_SEARCH_BAR_FILTER_ITEM).should('have.text', 'host.name: exists');
});
describe('Alert suppression', () => {
// https://github.com/elastic/kibana/issues/187277
describe('Alert suppression', { tags: ['@skipInServerlessMKI'] }, () => {
const SUPPRESS_BY_FIELDS = ['source.ip'];
it('creates rule with suppression', () => {