mirror of
https://github.com/elastic/kibana.git
synced 2025-06-27 18:51:07 -04:00
542b381fa5
* [ftr] automatically determine config run order * split lens config into two groups * support ftr configs always running against CI * Split detection_engine_api_integration rule exception list tests * Add configs from previous commit * [ftr] remove testMetadata and maintain a unique lifecycle instance per run * Revert "[ftr] remove testMetadata and maintain a unique lifecycle instance per run" This reverts commitd2b4fdb824. * Split alerting_api_integration/security_and_spaces tests * Add groups to yaml * Revert "Revert "[ftr] remove testMetadata and maintain a unique lifecycle instance per run"" This reverts commit56232eea68. * stop ES more forcefully and fix timeout * only cleanup lifecycle phases when the cleanup is totally complete * only use kill when cleaning up an esTestInstance * fix broken import * fix runOptions.alwaysUseSource implementation * fix config access * fix x-pack/ccs config * fix ml import file paths * update kibana build id * revert array.concat() change * fix baseConfig usage * fix pie chart data * split up maps tests * pull in all of group5 so that es archives are loaded correctly * add to ftr configs.yml * fix pie chart data without breaking legacy version * fix more pie_chart stuff in new vis lib * restore normal PR tasks * bump kibana-buildkite-library * remove ciGroup validation * remove the script which is no longer called from checks.sh * [CI] Auto-commit changed files from 'yarn kbn run build -i @kbn/pm' * adapt flaky test runner scripts to handle ftrConfig paths * fix types in alerting_api_integration * improve flaky config parsing and use non-local var name for passing explicit configs to ftr_configs.sh * Split xpack dashboard tests * Add configs * [flaky] remove key from ftr-config steps * [CI] Auto-commit changed files from 'node scripts/eslint --no-cache --fix' * restore cypress builds * remove ciGroups from FTR config files * fixup some docs * add temporary script to hunt for FTR config files * use config.base.js naming for clarity * use script to power ftr_configs.yml * remove usage of removed x-pack/scripts/functional_tests * fix test names in dashboard snapshots * bump kibana-buildkite-library * Try retrying only failed configs * be a little quieter about trying to get testStats from configs with testRunners defined * Remove test code * bump kibana-buildkite-library * update es_snapshot and on_merge jobs too * track duration and exit code for each config and print it at the end of the script * store results in order, rather than by key, in case there are duplicates in $config * bash is hard * fix env source and use +e rather than disabling e for whole file * bash sucks * print config summary in jest jobs too * define results in jest_parallel.sh * simplify config summary print, format times a little better * fix reference to unbound time variable, use better variable name * skip the newline between each result * finish with the nitpicking * sync changes with ftr_configs.sh * refuse to execute config files which aren't listed in the .buildkite/ftr_configs.yml * fix config.edge.js base config import paths * fix some readmes * resolve paths from ftr_configs manifest * fix readConfigFile tests * just allow __fixtures__ configs * list a few more cypress config files * install the main branch of kibana-buildkite-library * split up lens group1 * move ml data_visualizer tests to their own config * fix import paths * fix more imports * install specific commit of buildkite-pipeline-library * sort configs in ftr_configs.yml * bump kibana-buildkite-library * remove temporary script * fix env var for limiting config types * Update docs/developer/contributing/development-functional-tests.asciidoc Co-authored-by: Christiane (Tina) Heiligers <christiane.heiligers@elastic.co> * produce a JUnit report for saved objects field count * apply standard concurrency limits from flaky test runner * support customizing FTR concurrency via the env Co-authored-by: Brian Seeders <brian.seeders@elastic.co> Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: Christiane (Tina) Heiligers <christiane.heiligers@elastic.co>
149 lines
5.1 KiB
TypeScript
149 lines
5.1 KiB
TypeScript
/*
|
|
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
|
|
* or more contributor license agreements. Licensed under the Elastic License
|
|
* 2.0 and the Server Side Public License, v 1; you may not use this file except
|
|
* in compliance with, at your election, the Elastic License 2.0 or the Server
|
|
* Side Public License, v 1.
|
|
*/
|
|
|
|
import expect from '@kbn/expect';
|
|
import { getUrl } from '@kbn/test';
|
|
|
|
import { hasKibanaBooted } from '../fixtures/test_helpers';
|
|
import { getElasticsearchCaCertificate } from '../fixtures/tls_tools';
|
|
import type { FtrProviderContext } from '../ftr_provider_context';
|
|
|
|
export default function (context: FtrProviderContext) {
|
|
const supertest = context.getService('supertest');
|
|
const es = context.getService('es');
|
|
const log = context.getService('log');
|
|
const config = context.getService('config');
|
|
|
|
describe('Interactive setup APIs - Enrollment flow', function () {
|
|
this.tags('skipCloud');
|
|
|
|
let kibanaVerificationCode: string;
|
|
let elasticsearchCaFingerprint: string;
|
|
before(async () => {
|
|
const esServerConfig = config.get('servers.elasticsearch');
|
|
elasticsearchCaFingerprint = (
|
|
await getElasticsearchCaCertificate(esServerConfig.host, esServerConfig.port)
|
|
).fingerprint256.replace(/:/g, '');
|
|
|
|
kibanaVerificationCode = (
|
|
await supertest.get('/test_endpoints/verification_code').expect(200)
|
|
).body.verificationCode;
|
|
});
|
|
|
|
let enrollmentAPIKey: string;
|
|
beforeEach(async () => {
|
|
const apiResponse = await es.security.createApiKey({ body: { name: 'enrollment_api_key' } });
|
|
enrollmentAPIKey = Buffer.from(`${apiResponse.id}:${apiResponse.api_key}`).toString('base64');
|
|
});
|
|
|
|
afterEach(async () => {
|
|
await es.security.invalidateApiKey({ body: { name: 'enrollment_api_key' } });
|
|
});
|
|
|
|
it('fails to enroll with invalid authentication code', async () => {
|
|
const esHost = getUrl.baseUrl(config.get('servers.elasticsearch'));
|
|
const enrollPayload = {
|
|
apiKey: enrollmentAPIKey,
|
|
code: '000000',
|
|
caFingerprint: elasticsearchCaFingerprint,
|
|
hosts: [esHost],
|
|
};
|
|
|
|
log.debug(`Enroll payload ${JSON.stringify(enrollPayload)}`);
|
|
|
|
await supertest
|
|
.post('/internal/interactive_setup/enroll')
|
|
.set('kbn-xsrf', 'xxx')
|
|
.send(enrollPayload)
|
|
.expect(403, { statusCode: 403, error: 'Forbidden', message: 'Forbidden' });
|
|
});
|
|
|
|
it('fails to enroll with invalid CA fingerprint', async () => {
|
|
const esHost = getUrl.baseUrl(config.get('servers.elasticsearch'));
|
|
const enrollPayload = {
|
|
apiKey: enrollmentAPIKey,
|
|
code: kibanaVerificationCode,
|
|
caFingerprint: '3FDAEE71A3604070E6AE6B01412D19772DE5AE129F69C413F0453B293D9BE65D',
|
|
hosts: [esHost],
|
|
};
|
|
|
|
log.debug(`Enroll payload ${JSON.stringify(enrollPayload)}`);
|
|
|
|
await supertest
|
|
.post('/internal/interactive_setup/enroll')
|
|
.set('kbn-xsrf', 'xxx')
|
|
.send(enrollPayload)
|
|
.expect(500, {
|
|
statusCode: 500,
|
|
error: 'Internal Server Error',
|
|
message: 'Failed to enroll.',
|
|
attributes: { type: 'enroll_failure' },
|
|
});
|
|
});
|
|
|
|
it('fails to enroll with invalid api key', async function () {
|
|
const esServerConfig = config.get('servers.elasticsearch');
|
|
const enrollPayload = {
|
|
apiKey: enrollmentAPIKey,
|
|
code: kibanaVerificationCode,
|
|
caFingerprint: elasticsearchCaFingerprint,
|
|
hosts: [getUrl.baseUrl(esServerConfig)],
|
|
};
|
|
|
|
log.debug(`Enroll payload ${JSON.stringify(enrollPayload)}`);
|
|
|
|
// Invalidate API key.
|
|
await es.security.invalidateApiKey({ body: { name: 'enrollment_api_key' } });
|
|
|
|
await supertest
|
|
.post('/internal/interactive_setup/enroll')
|
|
.set('kbn-xsrf', 'xxx')
|
|
.send(enrollPayload)
|
|
.expect(500, {
|
|
statusCode: 500,
|
|
error: 'Internal Server Error',
|
|
message: 'Failed to enroll.',
|
|
attributes: { type: 'enroll_failure' },
|
|
});
|
|
});
|
|
|
|
it('should be able to enroll with valid authentication code', async function () {
|
|
this.timeout(60000);
|
|
|
|
const esServerConfig = config.get('servers.elasticsearch');
|
|
const enrollPayload = {
|
|
apiKey: enrollmentAPIKey,
|
|
code: kibanaVerificationCode,
|
|
caFingerprint: elasticsearchCaFingerprint,
|
|
hosts: [getUrl.baseUrl(esServerConfig)],
|
|
};
|
|
|
|
log.debug(`Enroll payload ${JSON.stringify(enrollPayload)}`);
|
|
|
|
await supertest
|
|
.post('/internal/interactive_setup/enroll')
|
|
.set('kbn-xsrf', 'xxx')
|
|
.send(enrollPayload)
|
|
.expect(204, {});
|
|
|
|
// Enroll should no longer accept requests.
|
|
await supertest
|
|
.post('/internal/interactive_setup/enroll')
|
|
.set('kbn-xsrf', 'xxx')
|
|
.send(enrollPayload)
|
|
.expect(400, {
|
|
error: 'Bad Request',
|
|
message: 'Cannot process request outside of preboot stage.',
|
|
statusCode: 400,
|
|
attributes: { type: 'outside_preboot_stage' },
|
|
});
|
|
|
|
expect(await hasKibanaBooted(context)).to.be(true);
|
|
});
|
|
});
|
|
}
|