[FTR](reporting) update common serverless api tests to use api keys (#…

…184819) ## Summary - update api tests in `x-pack/test_serverless/api_integration/test_suites/common/reporting/` - update one ui test in `x-pack/test_serverless/functional/test_suites/common/reporting/management.ts` - update snapshot `x-pack/test_serverless/api_integration/test_suites/common/reporting/__snapshots__/generate_csv_discover.snap` - update shared service in `x-pack/test_serverless/shared/services/svl_reporting.ts` Contributes to: #180834 --------- Co-authored-by: Tim Sullivan <tsullivan@users.noreply.github.com> Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
elastic · Jun 21, 2024 · 5478a06 · 5478a06
1 parent 6faadda
commit 5478a06
Show file tree

Hide file tree

Showing 4 changed files with 31 additions and 27 deletions.
diff --git a/x-pack/test_serverless/api_integration/test_suites/common/reporting/datastream.ts b/x-pack/test_serverless/api_integration/test_suites/common/reporting/datastream.ts
@@ -14,8 +14,8 @@ export default function ({ getService }: FtrProviderContext) {
   const kibanaServer = getService('kibanaServer');
   const reportingAPI = getService('svlReportingApi');
   const svlCommonApi = getService('svlCommonApi');
-  const svlUserManager = getService('svlUserManager');
   const supertestWithoutAuth = getService('supertestWithoutAuth');
+  const svlUserManager = getService('svlUserManager');
   let roleAuthc: RoleCredentials;
   let internalReqHeader: InternalRequestHeader;
 
@@ -30,6 +30,7 @@ export default function ({ getService }: FtrProviderContext) {
     before(async () => {
       roleAuthc = await svlUserManager.createApiKeyForRole('admin');
       internalReqHeader = svlCommonApi.getInternalRequestHeader();
+
       await esArchiver.load(archives.ecommerce.data);
       await kibanaServer.importExport.load(archives.ecommerce.savedObjects);
 
@@ -60,11 +61,12 @@ export default function ({ getService }: FtrProviderContext) {
     });
 
     it('uses the datastream configuration with set ILM policy', async () => {
-      const { body } = await supertestWithoutAuth
+      const { status, body } = await supertestWithoutAuth
         .get(`/api/index_management/data_streams/.kibana-reporting`)
         .set(internalReqHeader)
-        .set(roleAuthc.apiKeyHeader)
-        .expect(200);
+        .set(roleAuthc.apiKeyHeader);
+
+      svlCommonApi.assertResponseStatusCode(200, status, body);
 
       expect(body).toEqual({
         _meta: {

diff --git a/x-pack/test_serverless/api_integration/test_suites/common/reporting/management.ts b/x-pack/test_serverless/api_integration/test_suites/common/reporting/management.ts
@@ -9,56 +9,58 @@ import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common/src/con
 import expect from '@kbn/expect';
 import { INTERNAL_ROUTES } from '@kbn/reporting-common';
 import { FtrProviderContext } from '../../../ftr_provider_context';
+import { RoleCredentials } from '../../../../shared/services';
 
 // the archived data holds a report created by test_user
-const TEST_USERNAME = 'test_user';
-const TEST_USER_PASSWORD = 'changeme';
 const API_HEADER: [string, string] = ['kbn-xsrf', 'reporting'];
 const INTERNAL_HEADER: [string, string] = [X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'Kibana'];
 
 export default ({ getService }: FtrProviderContext) => {
   const esArchiver = getService('esArchiver');
-  const supertest = getService('supertestWithoutAuth');
-  const config = getService('config');
-
-  const REPORTING_USER_USERNAME = config.get('servers.kibana.username');
-  const REPORTING_USER_PASSWORD = config.get('servers.kibana.password');
+  const supertestWithoutAuth = getService('supertestWithoutAuth');
+  const svlUserManager = getService('svlUserManager');
+  let roleAuthc: RoleCredentials;
 
   describe('Reporting Management', function () {
     // security_exception: action [indices:admin/create] is unauthorized for user [elastic] with effective roles [superuser] on restricted indices [.reporting-2020.04.19], this action is granted by the index privileges [create_index,manage,all]
     this.tags(['failsOnMKI']);
 
     const dataArchive = 'x-pack/test/functional/es_archives/reporting/archived_reports';
 
+    before(async () => {
+      roleAuthc = await svlUserManager.createApiKeyForRole('admin');
+    });
+
     beforeEach(async () => {
       await esArchiver.load(dataArchive);
     });
 
     after(async () => {
       await esArchiver.unload(dataArchive);
+      await svlUserManager.invalidateApiKeyForRole(roleAuthc);
     });
 
     describe('Deletion', () => {
       const DELETE_REPORT_ID = 'krazcyw4156m0763b503j7f9';
 
       // archived data uses the test user but functionality for specific users is not possible yet for svl
       xit(`user can delete a report they've created`, async () => {
-        const response = await supertest
+        const response = await supertestWithoutAuth
           .delete(`${INTERNAL_ROUTES.JOBS.DELETE_PREFIX}/${DELETE_REPORT_ID}`)
-          .auth(TEST_USERNAME, TEST_USER_PASSWORD)
           .set(...API_HEADER)
-          .set(...INTERNAL_HEADER);
+          .set(...INTERNAL_HEADER)
+          .set(roleAuthc.apiKeyHeader);
 
         expect(response.status).to.be(200);
         expect(response.body).to.eql({ deleted: true });
       });
 
       it(`user can not delete a report they haven't created`, async () => {
-        const response = await supertest
+        const response = await supertestWithoutAuth
           .delete(`${INTERNAL_ROUTES.JOBS.DELETE_PREFIX}/${DELETE_REPORT_ID}`)
-          .auth(REPORTING_USER_USERNAME, REPORTING_USER_PASSWORD)
           .set(...API_HEADER)
-          .set(...INTERNAL_HEADER);
+          .set(...INTERNAL_HEADER)
+          .set(roleAuthc.apiKeyHeader);
 
         expect(response.status).to.be(404);
         expect(response.body.message).to.be('Not Found');

diff --git a/x-pack/test_serverless/functional/test_suites/common/reporting/management.ts b/x-pack/test_serverless/functional/test_suites/common/reporting/management.ts
@@ -20,10 +20,10 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => {
   const retry = getService('retry');
   const PageObjects = getPageObjects(['common', 'svlCommonPage', 'header']);
   const reportingAPI = getService('svlReportingApi');
-  const config = getService('config');
-  const svlCommonApi = getService('svlCommonApi');
   const svlUserManager = getService('svlUserManager');
+  const svlCommonApi = getService('svlCommonApi');
   let roleAuthc: RoleCredentials;
+  let roleName: string;
   let internalReqHeader: InternalRequestHeader;
 
   const navigateToReportingManagement = async () => {
@@ -56,11 +56,9 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => {
     };
 
     // Kibana CI and MKI use different users
-    const TEST_USERNAME = config.get('servers.kibana.username');
-    const TEST_PASSWORD = config.get('servers.kibana.password');
-
     before('initialize saved object archive', async () => {
-      roleAuthc = await svlUserManager.createApiKeyForRole('admin');
+      roleName = 'admin';
+      roleAuthc = await svlUserManager.createApiKeyForRole(roleName);
       internalReqHeader = svlCommonApi.getInternalRequestHeader();
       // add test saved search object
       await kibanaServer.importExport.load(savedObjectsArchive);
@@ -69,6 +67,7 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => {
     after('clean up archives', async () => {
       await kibanaServer.importExport.unload(savedObjectsArchive);
       await svlUserManager.invalidateApiKeyForRole(roleAuthc);
+      await svlUserManager.invalidateApiKeyForRole(roleAuthc);
     });
 
     // Cant auth into the route as it's structured currently
@@ -87,16 +86,17 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => {
     });
 
     // Skipping test for now because functionality is not yet possible to test
+    // See details: https://github.com/elastic/kibana/issues/186558
     xit(`user doesn't see a job another user has created`, async () => {
-      log.debug(`creating a csv report job as '${TEST_USERNAME}'`);
+      log.debug(`creating a csv report job using api keys for role: [${roleName}]`);
 
       const {
         job: { id: jobId },
       } = await reportingAPI.createReportJobInternal(
         CSV_REPORT_TYPE_V2,
         job,
-        TEST_USERNAME,
-        TEST_PASSWORD
+        roleAuthc,
+        internalReqHeader
       );
 
       await navigateToReportingManagement();

diff --git a/x-pack/test_serverless/shared/services/svl_reporting.ts b/x-pack/test_serverless/shared/services/svl_reporting.ts
@@ -98,7 +98,7 @@ export function SvlReportingServiceProvider({ getService }: FtrProviderContext)
     },
 
     /*
-     * This function is only used in the API tests, funtional tests we have to click the download link in the UI
+     * This function is only used in the API tests, functional tests we have to click the download link in the UI
      */
     async getCompletedJobOutput(
       downloadReportPath: string,