[Cloud Security] add first cloud security e2e test for serverless (#167309)

.buildkite/ftr_configs.yml

@@ -425,6 +425,7 @@ enabled:
   - x-pack/test_serverless/functional/test_suites/search/common_configs/config.group4.ts
   - x-pack/test_serverless/functional/test_suites/security/config.ts
   - x-pack/test_serverless/functional/test_suites/security/config.examples.ts
+  - x-pack/test_serverless/functional/test_suites/security/config.cloud_security_posture.ts
   - x-pack/test_serverless/functional/test_suites/security/common_configs/config.group1.ts
   - x-pack/test_serverless/functional/test_suites/security/common_configs/config.group2.ts
   - x-pack/test_serverless/functional/test_suites/security/common_configs/config.group3.ts

.github/CODEOWNERS

@@ -1388,6 +1388,9 @@ x-pack/test/detection_engine_api_integration/security_and_spaces/group10/risk_en
 /x-pack/plugins/security_solution/public/cloud_security_posture @elastic/kibana-cloud-security-posture
 /x-pack/test/api_integration/apis/cloud_security_posture/ @elastic/kibana-cloud-security-posture
 /x-pack/test/cloud_security_posture_functional/ @elastic/kibana-cloud-security-posture
+/x-pack/test/cloud_security_posture_api/ @elastic/kibana-cloud-security-posture
+/x-pack/test_serverless/functional/test_suites/security/ftr/cloud_security_posture/ @elastic/kibana-cloud-security-posture
+/x-pack/test_serverless/functional/test_suites/security/config.cloud_security_posture.ts @elastic/kibana-cloud-security-posture
 
 # Security Solution onboarding tour
 /x-pack/plugins/security_solution/public/common/components/guided_onboarding @elastic/security-threat-hunting-explore

x-pack/test/cloud_security_posture_functional/page_objects/csp_dashboard_page.ts

@@ -6,7 +6,10 @@
  */
 
 import expect from '@kbn/expect';
-import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common';
+import {
+  ELASTIC_HTTP_VERSION_HEADER,
+  X_ELASTIC_INTERNAL_ORIGIN_REQUEST,
+} from '@kbn/core-http-common';
 import type { FtrProviderContext } from '../ftr_provider_context';
 
 // Defined in CSP plugin
@@ -29,6 +32,7 @@ export function CspDashboardPageProvider({ getService, getPageObjects }: FtrProv
       const response = await supertest
         .get('/internal/cloud_security_posture/status?check=init')
         .set(ELASTIC_HTTP_VERSION_HEADER, '1')
+        .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana')
         .expect(200);
       expect(response.body).to.eql({ isPluginInitialized: true });
       log.debug('CSP plugin is initialized');
@@ -110,7 +114,11 @@ export function CspDashboardPageProvider({ getService, getPageObjects }: FtrProv
     },
 
     getKubernetesComplianceScore: async () => {
-      await dashboard.getKubernetesSummarySection();
+      await retry.waitFor(
+        'Cloud posture dashboard summary section to be displayed',
+        async () => !!(await dashboard.getKubernetesSummarySection())
+      );
+
       return await testSubjects.find('dashboard-summary-section-compliance-score');
     },
   };

x-pack/test/cloud_security_posture_functional/page_objects/index.ts

@@ -10,9 +10,12 @@ import { FindingsPageProvider } from './findings_page';
 import { CspDashboardPageProvider } from './csp_dashboard_page';
 import { VulnerabilityDashboardPageProvider } from './vulnerability_dashboard_page_object';
 
-export const pageObjects = {
-  ...xpackFunctionalPageObjects,
+export const cloudSecurityPosturePageObjects = {
   findings: FindingsPageProvider,
   cloudPostureDashboard: CspDashboardPageProvider,
   vulnerabilityDashboard: VulnerabilityDashboardPageProvider,
 };
+export const pageObjects = {
+  ...xpackFunctionalPageObjects,
+  ...cloudSecurityPosturePageObjects,
+};

x-pack/test_serverless/functional/config.base.ts

@@ -78,6 +78,9 @@ export function createTestConfig(options: CreateTestConfigOptions) {
         login: {
           pathname: '/login',
         },
+        securitySolution: {
+          pathname: '/app/security',
+        },
       },
       // choose where screenshots should be saved
       screenshots: {

x-pack/test_serverless/functional/page_objects/index.ts

@@ -7,6 +7,8 @@
 
 // eslint-disable-next-line @kbn/imports/no_boundary_crossing
 import { pageObjects as xpackFunctionalPageObjects } from '../../../test/functional/page_objects';
+// eslint-disable-next-line @kbn/imports/no_boundary_crossing
+import { cloudSecurityPosturePageObjects } from '../../../test/cloud_security_posture_functional/page_objects';
 import { SvlCommonPageProvider } from './svl_common_page';
 import { SvlCommonNavigationProvider } from './svl_common_navigation';
 import { SvlObltOnboardingPageProvider } from './svl_oblt_onboarding_page';
@@ -18,6 +20,7 @@ import { SvlTriggersActionsPageProvider } from './svl_triggers_actions_ui_page';
 
 export const pageObjects = {
   ...xpackFunctionalPageObjects,
+  ...cloudSecurityPosturePageObjects,
 
   svlCommonPage: SvlCommonPageProvider,
   svlCommonNavigation: SvlCommonNavigationProvider,

x-pack/test_serverless/functional/test_suites/security/config.cloud_security_posture.ts

@@ -0,0 +1,21 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { createTestConfig } from '../../config.base';
+
+export default createTestConfig({
+  serverlessProject: 'security',
+  junit: {
+    reportName: 'Serverless Security Cloud Security Functional Tests',
+  },
+  kbnServerArgs: [
+    `--xpack.fleet.packages.0.name=cloud_security_posture`,
+    `--xpack.fleet.packages.0.version=1.5.2`,
+  ],
+  // load tests in the index file
+  testFiles: [require.resolve('./ftr/cloud_security_posture')],
+});

x-pack/test_serverless/functional/test_suites/security/ftr/cloud_security_posture/compliance_dashboard.ts

@@ -0,0 +1,67 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import expect from '@kbn/expect';
+import Chance from 'chance';
+import type { FtrProviderContext } from '../../../../ftr_provider_context';
+
+export default function ({ getPageObjects, getService }: FtrProviderContext) {
+  const retry = getService('retry');
+  const pageObjects = getPageObjects(['common', 'svlCommonPage', 'cloudPostureDashboard']);
+  const chance = new Chance();
+
+  const data = [
+    {
+      '@timestamp': new Date().toISOString(),
+      resource: { id: chance.guid(), name: `kubelet`, sub_type: 'lower case sub type' },
+      result: { evaluation: 'failed' },
+      rule: {
+        name: 'Upper case rule name',
+        section: 'Upper case section',
+        benchmark: {
+          id: 'cis_k8s',
+          posture_type: 'kspm',
+        },
+      },
+      cluster_id: 'Upper case cluster id',
+    },
+  ];
+
+  describe('Cloud Posture Dashboard Page', function () {
+    // TODO: we need to check if the tests are running on MKI. There is a suspicion that installing csp package via Kibana server args is not working on MKI.
+    this.tags(['skipMKI', 'cloud_security_posture_compliance_dashboard']);
+    let cspDashboard: typeof pageObjects.cloudPostureDashboard;
+    let dashboard: typeof pageObjects.cloudPostureDashboard.dashboard;
+
+    before(async () => {
+      await pageObjects.svlCommonPage.login();
+      cspDashboard = pageObjects.cloudPostureDashboard;
+      dashboard = pageObjects.cloudPostureDashboard.dashboard;
+      await cspDashboard.waitForPluginInitialized();
+
+      await cspDashboard.index.add(data);
+      await cspDashboard.navigateToComplianceDashboardPage();
+      await retry.waitFor(
+        'Cloud posture integration dashboard to be displayed',
+        async () => !!dashboard.getIntegrationDashboardContainer()
+      );
+    });
+
+    after(async () => {
+      await cspDashboard.index.remove();
+      await pageObjects.svlCommonPage.forceLogout();
+    });
+
+    describe('Kubernetes Dashboard', () => {
+      it('displays accurate summary compliance score', async () => {
+        const scoreElement = await dashboard.getKubernetesComplianceScore();
+
+        expect((await scoreElement.getVisibleText()) === '0%').to.be(true);
+      });
+    });
+  });
+}

x-pack/test_serverless/functional/test_suites/security/ftr/cloud_security_posture/index.ts

@@ -0,0 +1,15 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { FtrProviderContext } from '../../../../ftr_provider_context';
+
+export default function ({ loadTestFile }: FtrProviderContext) {
+  describe('cloud_security_posture', function () {
+    this.tags(['cloud_security_posture']);
+    loadTestFile(require.resolve('./compliance_dashboard'));
+  });
+}