[Fleet] Add integration test for the cloud policy (#126605)

2025-04-24 09:48:58 -04:00 · 2022-03-01 14:05:37 -05:00 · 2022-03-01 14:05:37 -05:00 · b4375e916f
commit b4375e916f
parent aa3e20e1f5
7 changed files with 615 additions and 31 deletions
--- a/x-pack/plugins/fleet/server/integration_tests/snapshots/cloud_preconfiguration.test.ts.snap
+++ b/x-pack/plugins/fleet/server/integration_tests/snapshots/cloud_preconfiguration.test.ts.snap
@ -0,0 +1,231 @@
+// Jest Snapshot v1, https://goo.gl/fbAQLP
+
+exports[`Fleet preconfiguration reset Preconfigred cloud policy Create correct .fleet-policies 1`] = `
+Object {
+  "agent": Object {
+    "monitoring": Object {
+      "enabled": false,
+      "logs": false,
+      "metrics": false,
+    },
+  },
+  "id": "policy-elastic-agent-on-cloud",
+  "inputs": Array [
+    Object {
+      "data_stream": Object {
+        "namespace": "default",
+      },
+      "id": "elastic-cloud-fleet-server",
+      "meta": Object {
+        "package": Object {
+          "name": "fleet_server",
+          "version": "1.1.1",
+        },
+      },
+      "name": "Fleet Server",
+      "revision": 1,
+      "server": Object {
+        "host": "0.0.0.0",
+        "port": 8220,
+      },
+      "server.runtime": Object {
+        "gc_percent": 20,
+      },
+      "type": "fleet-server",
+      "use_output": "es-containerhost",
+    },
+    Object {
+      "apm-server": Object {
+        "auth": Object {
+          "anonymous": Object {
+            "allow_agent": Array [
+              "rum-js",
+              "js-base",
+              "iOS/swift",
+            ],
+            "allow_service": null,
+            "enabled": true,
+            "rate_limit": Object {
+              "event_limit": 300,
+              "ip_limit": 1000,
+            },
+          },
+          "api_key": Object {
+            "enabled": true,
+            "limit": 100,
+          },
+          "secret_token": "CLOUD_SECRET_TOKEN",
+        },
+        "capture_personal_data": true,
+        "default_service_environment": null,
+        "expvar.enabled": false,
+        "host": "0.0.0.0:8200",
+        "idle_timeout": "45s",
+        "java_attacher": Object {
+          "discovery-rules": null,
+          "download-agent-version": null,
+          "enabled": false,
+        },
+        "max_connections": 0,
+        "max_event_size": 307200,
+        "max_header_size": 1048576,
+        "read_timeout": "3600s",
+        "response_headers": null,
+        "rum": Object {
+          "allow_headers": null,
+          "allow_origins": Array [
+            "*",
+          ],
+          "enabled": true,
+          "exclude_from_grouping": "^/webpack",
+          "library_pattern": "node_modules|bower_components|~",
+          "response_headers": null,
+        },
+        "sampling": Object {
+          "tail": Object {
+            "enabled": false,
+            "interval": "1m",
+            "policies": Array [
+              Object {
+                "sample_rate": 0.1,
+              },
+            ],
+          },
+        },
+        "shutdown_timeout": "30s",
+        "ssl": Object {
+          "certificate": "/app/config/certs/node.crt",
+          "cipher_suites": null,
+          "curve_types": null,
+          "enabled": true,
+          "key": "/app/config/certs/node.key",
+          "key_passphrase": null,
+          "supported_protocols": Array [
+            "TLSv1.0",
+            "TLSv1.1",
+            "TLSv1.2",
+          ],
+        },
+        "write_timeout": "30s",
+      },
+      "data_stream": Object {
+        "namespace": "default",
+      },
+      "id": "elastic-cloud-apm",
+      "meta": Object {
+        "package": Object {
+          "name": "apm",
+          "version": "8.2.0-dev3",
+        },
+      },
+      "name": "Elastic APM",
+      "revision": 1,
+      "type": "apm",
+      "use_output": "es-containerhost",
+    },
+  ],
+  "output_permissions": Object {
+    "es-containerhost": Object {
+      "Elastic APM": Object {
+        "cluster": Array [
+          "cluster:monitor/main",
+        ],
+        "indices": Array [
+          Object {
+            "names": Array [
+              "logs-apm.app-default",
+            ],
+            "privileges": Array [
+              "auto_configure",
+              "create_doc",
+            ],
+          },
+          Object {
+            "names": Array [
+              "metrics-apm.app.*-default",
+            ],
+            "privileges": Array [
+              "auto_configure",
+              "create_doc",
+            ],
+          },
+          Object {
+            "names": Array [
+              "logs-apm.error-default",
+            ],
+            "privileges": Array [
+              "auto_configure",
+              "create_doc",
+            ],
+          },
+          Object {
+            "names": Array [
+              "metrics-apm.internal-default",
+            ],
+            "privileges": Array [
+              "auto_configure",
+              "create_doc",
+            ],
+          },
+          Object {
+            "names": Array [
+              "metrics-apm.profiling-default",
+            ],
+            "privileges": Array [
+              "auto_configure",
+              "create_doc",
+            ],
+          },
+          Object {
+            "names": Array [
+              "traces-apm.rum-default",
+            ],
+            "privileges": Array [
+              "auto_configure",
+              "create_doc",
+            ],
+          },
+          Object {
+            "names": Array [
+              "traces-apm.sampled-default",
+            ],
+            "privileges": Array [
+              "auto_configure",
+              "create_doc",
+              "maintenance",
+              "monitor",
+              "read",
+            ],
+          },
+          Object {
+            "names": Array [
+              "traces-apm-default",
+            ],
+            "privileges": Array [
+              "auto_configure",
+              "create_doc",
+            ],
+          },
+        ],
+      },
+      "_elastic_agent_checks": Object {
+        "cluster": Array [
+          "monitor",
+        ],
+      },
+      "_elastic_agent_monitoring": Object {
+        "indices": Array [],
+      },
+    },
+  },
+  "outputs": Object {
+    "es-containerhost": Object {
+      "hosts": Array [
+        "https://cloudinternales:9200",
+      ],
+      "type": "elasticsearch",
+    },
+  },
+  "revision": 4,
+}
+`;
--- a/x-pack/plugins/fleet/server/integration_tests/cloud_preconfiguration.test.ts
+++ b/x-pack/plugins/fleet/server/integration_tests/cloud_preconfiguration.test.ts
@ -0,0 +1,195 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import Path from 'path';
+
+import * as kbnTestServer from 'src/core/test_helpers/kbn_server';
+
+import { AGENT_POLICY_INDEX } from '../../common';
+import type { PackagePolicySOAttributes } from '../../common';
+import type { AgentPolicySOAttributes } from '../types';
+
+import { useDockerRegistry, waitForFleetSetup } from './helpers';
+import { CLOUD_KIBANA_CONFIG } from './fixtures/cloud_kibana_config';
+
+const logFilePath = Path.join(__dirname, 'logs.log');
+
+describe('Fleet preconfiguration reset', () => {
+  let esServer: kbnTestServer.TestElasticsearchUtils;
+  let kbnServer: kbnTestServer.TestKibanaUtils;
+
+  const registryUrl = useDockerRegistry();
+
+  const startServers = async () => {
+    const { startES } = kbnTestServer.createTestServers({
+      adjustTimeout: (t) => jest.setTimeout(t),
+      settings: {
+        es: {
+          license: 'trial',
+        },
+        kbn: {},
+      },
+    });
+
+    esServer = await startES();
+    const startKibana = async () => {
+      const root = kbnTestServer.createRootWithCorePlugins(
+        {
+          ...CLOUD_KIBANA_CONFIG,
+          'xpack.fleet.registryUrl': registryUrl,
+          logging: {
+            appenders: {
+              file: {
+                type: 'file',
+                fileName: logFilePath,
+                layout: {
+                  type: 'json',
+                },
+              },
+            },
+            loggers: [
+              {
+                name: 'root',
+                appenders: ['file'],
+              },
+              {
+                name: 'plugins.fleet',
+                level: 'all',
+              },
+            ],
+          },
+        },
+        { oss: false }
+      );
+
+      await root.preboot();
+      const coreSetup = await root.setup();
+      const coreStart = await root.start();
+
+      return {
+        root,
+        coreSetup,
+        coreStart,
+        stop: async () => await root.shutdown(),
+      };
+    };
+    kbnServer = await startKibana();
+    await waitForFleetSetup(kbnServer.root);
+  };
+
+  const stopServers = async () => {
+    if (kbnServer) {
+      await kbnServer.stop();
+    }
+
+    if (esServer) {
+      await esServer.stop();
+    }
+
+    await new Promise((res) => setTimeout(res, 10000));
+  };
+
+  // Share the same servers for all the test to make test a lot faster (but test are not isolated anymore)
+  beforeAll(async () => {
+    await startServers();
+  });
+
+  afterAll(async () => {
+    await stopServers();
+  });
+
+  describe('Preconfigred cloud policy', () => {
+    it('Works and preconfigure correctly agent policies', async () => {
+      const agentPolicies = await kbnServer.coreStart.savedObjects
+        .createInternalRepository()
+        .find<AgentPolicySOAttributes>({
+          type: 'ingest-agent-policies',
+          perPage: 10000,
+        });
+
+      expect(agentPolicies.total).toBe(2);
+      expect(
+        agentPolicies.saved_objects.find((so) => so.id === 'policy-elastic-agent-on-cloud')
+      ).toBeDefined();
+      expect(agentPolicies.saved_objects.find((so) => so.id === 'default-policy')).toBeDefined();
+    });
+
+    it('Create correct .fleet-policies', async () => {
+      const res = await kbnServer.coreStart.elasticsearch.client.asInternalUser.search({
+        index: AGENT_POLICY_INDEX,
+        q: `policy_id:policy-elastic-agent-on-cloud`,
+        sort: 'revision_idx:desc',
+      });
+
+      expect((res.hits.hits[0]._source as any)!.data).toMatchSnapshot();
+    });
+
+    it('Create correct package policies', async () => {
+      const packagePolicies = await kbnServer.coreStart.savedObjects
+        .createInternalRepository()
+        .find<PackagePolicySOAttributes>({
+          type: 'ingest-package-policies',
+          perPage: 10000,
+        });
+
+      expect(packagePolicies.total).toBe(3);
+      expect(
+        packagePolicies.saved_objects.find((so) => so.id === 'elastic-cloud-fleet-server')
+      ).toBeDefined();
+      expect(
+        packagePolicies.saved_objects.find((so) => so.id === 'elastic-cloud-apm')
+      ).toBeDefined();
+      expect(packagePolicies.saved_objects.find((so) => so.id === 'default-system')).toBeDefined();
+
+      const fleetServerPackagePolicy = packagePolicies.saved_objects.find(
+        (so) => so.id === 'elastic-cloud-fleet-server'
+      );
+      expect(fleetServerPackagePolicy?.attributes.vars).toMatchInlineSnapshot(`undefined`);
+      expect(fleetServerPackagePolicy?.attributes.inputs).toMatchInlineSnapshot(`
+        Array [
+          Object {
+            "compiled_input": Object {
+              "server": Object {
+                "host": "0.0.0.0",
+                "port": 8220,
+              },
+              "server.runtime": Object {
+                "gc_percent": 20,
+              },
+            },
+            "enabled": true,
+            "keep_enabled": true,
+            "policy_template": "fleet_server",
+            "streams": Array [],
+            "type": "fleet-server",
+            "vars": Object {
+              "custom": Object {
+                "type": "yaml",
+                "value": "server.runtime:
+          gc_percent: 20          # Force the GC to execute more frequently: see https://golang.org/pkg/runtime/debug/#SetGCPercent
+        ",
+              },
+              "host": Object {
+                "frozen": true,
+                "type": "text",
+                "value": "0.0.0.0",
+              },
+              "max_connections": Object {
+                "type": "integer",
+              },
+              "port": Object {
+                "frozen": true,
+                "type": "integer",
+                "value": 8220,
+              },
+            },
+          },
+        ]
+      `);
+    });
+  });
+});
--- a/x-pack/plugins/fleet/server/integration_tests/fixtures/cloud_kibana_config.ts
+++ b/x-pack/plugins/fleet/server/integration_tests/fixtures/cloud_kibana_config.ts
@ -0,0 +1,148 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+export const CLOUD_KIBANA_CONFIG = {
+  xpack: {
+    fleet: {
+      packages: [
+        {
+          name: 'apm',
+          version: 'latest',
+        },
+        {
+          name: 'fleet_server',
+          version: 'latest',
+        },
+        {
+          name: 'system',
+          version: 'latest',
+        },
+      ],
+      outputs: [
+        {
+          name: 'Elastic Cloud internal output',
+          type: 'elasticsearch',
+          id: 'es-containerhost',
+          hosts: ['https://cloudinternales:9200'],
+        },
+      ],
+      agentPolicies: [
+        {
+          name: 'Elastic Cloud agent policy',
+          description: 'Default agent policy for agents hosted on Elastic Cloud',
+          id: 'policy-elastic-agent-on-cloud',
+          data_output_id: 'es-containerhost',
+          monitoring_output_id: 'es-containerhost',
+          is_default: false,
+          is_managed: true,
+          is_default_fleet_server: false,
+          namespace: 'default',
+          monitoring_enabled: [],
+          unenroll_timeout: 86400,
+          package_policies: [
+            {
+              name: 'Fleet Server',
+              id: 'elastic-cloud-fleet-server',
+              package: {
+                name: 'fleet_server',
+              },
+              inputs: [
+                {
+                  type: 'fleet-server',
+                  keep_enabled: true,
+                  vars: [
+                    {
+                      name: 'host',
+                      value: '0.0.0.0',
+                      frozen: true,
+                    },
+                    {
+                      name: 'port',
+                      value: 8220,
+                      frozen: true,
+                    },
+                    {
+                      name: 'custom',
+                      value:
+                        'server.runtime:\n  gc_percent: 20          # Force the GC to execute more frequently: see https://golang.org/pkg/runtime/debug/#SetGCPercent\n',
+                    },
+                  ],
+                },
+              ],
+            },
+            {
+              name: 'Elastic APM',
+              id: 'elastic-cloud-apm',
+              package: {
+                name: 'apm',
+              },
+              inputs: [
+                {
+                  type: 'apm',
+                  keep_enabled: true,
+                  vars: [
+                    {
+                      name: 'api_key_enabled',
+                      value: true,
+                    },
+                    {
+                      name: 'host',
+                      value: '0.0.0.0:8200',
+                      frozen: true,
+                    },
+                    {
+                      name: 'secret_token',
+                      value: 'CLOUD_SECRET_TOKEN',
+                    },
+                    {
+                      name: 'tls_enabled',
+                      value: true,
+                      frozen: true,
+                    },
+                    {
+                      name: 'tls_certificate',
+                      value: '/app/config/certs/node.crt',
+                      frozen: true,
+                    },
+                    {
+                      name: 'tls_key',
+                      value: '/app/config/certs/node.key',
+                      frozen: true,
+                    },
+                    {
+                      name: 'url',
+                      value: 'CLOUD_APM_URL',
+                      frozen: true,
+                    },
+                  ],
+                },
+              ],
+            },
+          ],
+        },
+        {
+          name: 'Default policy',
+          id: 'default-policy',
+          description: 'Default agent policy created by Kibana',
+          is_default: true,
+          is_managed: false,
+          namespace: 'default',
+          monitoring_enabled: ['logs', 'metrics'],
+          package_policies: [
+            {
+              name: 'system-1',
+              id: 'default-system',
+              package: {
+                name: 'system',
+              },
+            },
+          ],
+        },
+      ],
+    },
+  },
+};
--- a/x-pack/plugins/fleet/server/integration_tests/ha_setup.test.ts
+++ b/x-pack/plugins/fleet/server/integration_tests/ha_setup.test.ts
@ -19,7 +19,7 @@ import type {
  PackagePolicySOAttributes,
 } from '../types';

-import { useDockerRegistry } from './docker_registry_helper';
+import { useDockerRegistry } from './helpers';

 const logFilePath = Path.join(__dirname, 'logs.log');

--- a/x-pack/plugins/fleet/server/integration_tests/helpers/docker_registry_helper.ts
+++ b/x-pack/plugins/fleet/server/integration_tests/helpers/docker_registry_helper.ts
--- a/x-pack/plugins/fleet/server/integration_tests/helpers/index.ts
+++ b/x-pack/plugins/fleet/server/integration_tests/helpers/index.ts
@ -0,0 +1,39 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { adminTestUser } from '@kbn/test';
+
+import * as kbnTestServer from 'src/core/test_helpers/kbn_server';
+import type { HttpMethod } from 'src/core/test_helpers/kbn_server';
+
+type Root = ReturnType<typeof kbnTestServer.createRoot>;
+
+export * from './docker_registry_helper';
+
+export const waitForFleetSetup = async (root: Root) => {
+  const isFleetSetupRunning = async () => {
+    const statusApi = getSupertestWithAdminUser(root, 'get', '/api/status');
+    const resp = await statusApi.send();
+    const fleetStatus = resp.body?.status?.plugins?.fleet;
+    if (fleetStatus?.meta?.error) {
+      throw new Error(`Setup failed: ${JSON.stringify(fleetStatus)}`);
+    }
+
+    return !fleetStatus || fleetStatus?.summary === 'Fleet is setting up';
+  };
+
+  while (await isFleetSetupRunning()) {
+    await new Promise((resolve) => setTimeout(resolve, 2000));
+  }
+};
+
+export function getSupertestWithAdminUser(root: Root, method: HttpMethod, path: string) {
+  const testUserCredentials = Buffer.from(`${adminTestUser.username}:${adminTestUser.password}`);
+  return kbnTestServer
+    .getSupertest(root, method, path)
+    .set('Authorization', `Basic ${testUserCredentials.toString('base64')}`);
+}
--- a/x-pack/plugins/fleet/server/integration_tests/reset_preconfiguration.test.ts
+++ b/x-pack/plugins/fleet/server/integration_tests/reset_preconfiguration.test.ts
@ -7,44 +7,15 @@

 import Path from 'path';

-import { adminTestUser } from '@kbn/test';
-
 import * as kbnTestServer from 'src/core/test_helpers/kbn_server';
-import type { HttpMethod } from 'src/core/test_helpers/kbn_server';

 import type { AgentPolicySOAttributes } from '../types';
 import { PRECONFIGURATION_DELETION_RECORD_SAVED_OBJECT_TYPE } from '../../common';

-import { useDockerRegistry } from './docker_registry_helper';
+import { useDockerRegistry, waitForFleetSetup, getSupertestWithAdminUser } from './helpers';

 const logFilePath = Path.join(__dirname, 'logs.log');

-type Root = ReturnType<typeof kbnTestServer.createRoot>;
-
-function getSupertestWithAdminUser(root: Root, method: HttpMethod, path: string) {
-  const testUserCredentials = Buffer.from(`${adminTestUser.username}:${adminTestUser.password}`);
-  return kbnTestServer
-    .getSupertest(root, method, path)
-    .set('Authorization', `Basic ${testUserCredentials.toString('base64')}`);
-}
-
-const waitForFleetSetup = async (root: Root) => {
-  const isFleetSetupRunning = async () => {
-    const statusApi = getSupertestWithAdminUser(root, 'get', '/api/status');
-    const resp = await statusApi.send();
-    const fleetStatus = resp.body?.status?.plugins?.fleet;
-    if (fleetStatus?.meta?.error) {
-      throw new Error(`Setup failed: ${JSON.stringify(fleetStatus)}`);
-    }
-
-    return !fleetStatus || fleetStatus?.summary === 'Fleet is setting up';
-  };
-
-  while (await isFleetSetupRunning()) {
-    await new Promise((resolve) => setTimeout(resolve, 2000));
-  }
-};
-
 describe('Fleet preconfiguration reset', () => {
  let esServer: kbnTestServer.TestElasticsearchUtils;
  let kbnServer: kbnTestServer.TestKibanaUtils;