Skip to content

Commit

Permalink
[Security Solution] Add missing alerts (signals) API endpoints OpenAP…
Browse files Browse the repository at this point in the history 
…I specs (#184838)

**Addresses:** #183661

## Summary

This PR adds missing OpenAPI specs for the following API endpoints (Alerts API and Alerts Migration API) available in both Serverless and ESS

- `POST /api/detection_engine/signals/status`
- `POST /api/detection_engine/signals/tags`
- `POST /api/detection_engine/signals/search`

and API endpoints available only in ESS

- `POST /api/detection_engine/signals/migration_status`
- `POST /api/detection_engine/signals/migration`
- `POST /api/detection_engine/signals/finalize_migration`
- `DELETE /api/detection_engine/signals/migration`

**Note:** Code generation is enabled for the added specs to verify that it works and produces expected results. Generated Zod schemas and types aren't integrated in the route's code.
  • Loading branch information
@maximpn
maximpn committed Jun 18, 2024
1 parent 8641aee commit b169a9c
Show file tree
Hide file tree
Showing 55 changed files with 1,325 additions and 569 deletions.
2 changes: 1 addition & 1 deletion x-pack/plugins/security_solution/common/api/detection_engine/alert_tags/index.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,4 +5,4 @@
* 2.0.
*/

export * from './set_alert_tags/set_alert_tags_route';
export * from './set_alert_tags/set_alert_tags.gen';
38 changes: 38 additions & 0 deletions ...rity_solution/common/api/detection_engine/alert_tags/set_alert_tags/set_alert_tags.gen.ts
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/

/*
* NOTICE: Do not edit this file manually.
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: Manage alert tags API endpoint
* version: 2023-10-31
*/

import { z } from 'zod';

import { AlertIds, AlertTags } from '../../../model/alert.gen';

export type ManageAlertTags = z.infer<typeof ManageAlertTags>;
export const ManageAlertTags = z.object({
tags_to_add: AlertTags,
tags_to_remove: AlertTags,
});

export type ManageAlertTagsRequestBody = z.infer<typeof ManageAlertTagsRequestBody>;
export const ManageAlertTagsRequestBody = z.object({
ids: AlertIds,
tags: ManageAlertTags,
});
export type ManageAlertTagsRequestBodyInput = z.input<typeof ManageAlertTagsRequestBody>;

/**
* Elasticsearch update by query response
*/
export type ManageAlertTagsResponse = z.infer<typeof ManageAlertTagsResponse>;
export const ManageAlertTagsResponse = z.object({}).catchall(z.unknown());
70 changes: 70 additions & 0 deletions ...solution/common/api/detection_engine/alert_tags/set_alert_tags/set_alert_tags.schema.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,70 @@
openapi: 3.0.0
info:
title: Manage alert tags API endpoint
version: '2023-10-31'
paths:
/api/detection_engine/signals/tags:
post:
x-labels: [serverless, ess]
operationId: ManageAlertTags
x-codegen-enabled: true
summary: Manage alert tags for a one or more alerts
tags:
- Alerts API
requestBody:
description: An object containing tags to add or remove and alert ids the changes will be applied
required: true
content:
application/json:
schema:
type: object
properties:
ids:
$ref: '../../../model/alert.schema.yaml#/components/schemas/AlertIds'
tags:
$ref: '#/components/schemas/ManageAlertTags'
required:
- ids
- tags
responses:
200:
description: Successful response
content:
application/json:
schema:
type: object
additionalProperties: true
description: Elasticsearch update by query response
400:
description: Invalid input data response
content:
application/json:
schema:
oneOf:
- $ref: '../../../model/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
- $ref: '../../../model/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'
401:
description: Unsuccessful authentication response
content:
application/json:
schema:
$ref: '../../../model/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
500:
description: Internal server error response
content:
application/json:
schema:
$ref: '../../../model/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'

components:
schemas:
ManageAlertTags:
type: object
properties:
tags_to_add:
$ref: '../../../model/alert.schema.yaml#/components/schemas/AlertTags'
tags_to_remove:
$ref: '../../../model/alert.schema.yaml#/components/schemas/AlertTags'
required:
- tags_to_add
- tags_to_remove
4 changes: 2 additions & 2 deletions ...lution/common/api/detection_engine/alert_tags/set_alert_tags/set_alert_tags_route.mock.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,13 +5,13 @@
* 2.0.
*/

import type { SetAlertTagsRequestBody } from './set_alert_tags_route';
import type { ManageAlertTagsRequestBody } from './set_alert_tags.gen';

export const getSetAlertTagsRequestMock = (
tagsToAdd: string[] = [],
tagsToRemove: string[] = [],
ids: string[] = []
): SetAlertTagsRequestBody => ({
): ManageAlertTagsRequestBody => ({
tags: { tags_to_add: tagsToAdd, tags_to_remove: tagsToRemove },
ids,
});
20 changes: 0 additions & 20 deletions ...ty_solution/common/api/detection_engine/alert_tags/set_alert_tags/set_alert_tags_route.ts
View file

This file was deleted.

5 changes: 2 additions & 3 deletions x-pack/plugins/security_solution/common/api/detection_engine/signals/index.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,5 @@
* 2.0.
*/

export * from './query_signals/query_signals_route';
export * from './set_signal_status/set_signal_status_route';
export * from './set_signal_status/set_signal_status_type_dependents';
export * from './query_signals/query_signals_route.gen';
export * from './set_signal_status/set_signals_status_route.gen';
45 changes: 45 additions & 0 deletions ...ity_solution/common/api/detection_engine/signals/query_signals/query_signals_route.gen.ts
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/

/*
* NOTICE: Do not edit this file manually.
* This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator.
*
* info:
* title: Alerts search API endpoint
* version: 2023-10-31
*/

import { z } from 'zod';

export type AlertsSortCombinations = z.infer<typeof AlertsSortCombinations>;
export const AlertsSortCombinations = z.union([z.string(), z.object({}).catchall(z.unknown())]);

export type AlertsSort = z.infer<typeof AlertsSort>;
export const AlertsSort = z.union([AlertsSortCombinations, z.array(AlertsSortCombinations)]);

/**
* Elasticsearch query and aggregation request
*/
export type SearchAlertsRequestBody = z.infer<typeof SearchAlertsRequestBody>;
export const SearchAlertsRequestBody = z.object({
query: z.object({}).catchall(z.unknown()).optional(),
aggs: z.object({}).catchall(z.unknown()).optional(),
size: z.number().int().min(0).optional(),
track_total_hits: z.boolean().optional(),
_source: z.union([z.boolean(), z.string(), z.array(z.string())]).optional(),
fields: z.array(z.string()).optional(),
runtime_mappings: z.object({}).catchall(z.unknown()).optional(),
sort: AlertsSort.optional(),
});
export type SearchAlertsRequestBodyInput = z.input<typeof SearchAlertsRequestBody>;

/**
* Elasticsearch search response
*/
export type SearchAlertsResponse = z.infer<typeof SearchAlertsResponse>;
export const SearchAlertsResponse = z.object({}).catchall(z.unknown());
93 changes: 93 additions & 0 deletions ...olution/common/api/detection_engine/signals/query_signals/query_signals_route.schema.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,93 @@
openapi: 3.0.0
info:
title: Alerts search API endpoint
version: '2023-10-31'
paths:
/api/detection_engine/signals/search:
post:
x-labels: [serverless, ess]
operationId: SearchAlerts
x-codegen-enabled: true
summary: Find and/or aggregate detection alerts that match the given query
tags:
- Alerts API
requestBody:
description: Search and/or aggregation query
required: true
content:
application/json:
schema:
type: object
properties:
query:
type: object
additionalProperties: true
aggs:
type: object
additionalProperties: true
size:
type: integer
minimum: 0
track_total_hits:
type: boolean
_source:
oneOf:
- type: boolean
- type: string
- type: array
items:
type: string
fields:
type: array
items:
type: string
runtime_mappings:
type: object
additionalProperties: true
sort:
$ref: '#/components/schemas/AlertsSort'
description: Elasticsearch query and aggregation request
responses:
200:
description: Successful response
content:
application/json:
schema:
type: object
additionalProperties: true
description: Elasticsearch search response
400:
description: Invalid input data response
content:
application/json:
schema:
oneOf:
- $ref: '../../../model/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
- $ref: '../../../model/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'
401:
description: Unsuccessful authentication response
content:
application/json:
schema:
$ref: '../../../model/error_responses.schema.yaml#/components/schemas/PlatformErrorResponse'
500:
description: Internal server error response
content:
application/json:
schema:
$ref: '../../../model/error_responses.schema.yaml#/components/schemas/SiemErrorResponse'

components:
schemas:
AlertsSortCombinations:
anyOf:
- type: string
- type: object
additionalProperties: true

AlertsSort:
oneOf:
- $ref: '#/components/schemas/AlertsSortCombinations'
- type: array
items:
$ref: '#/components/schemas/AlertsSortCombinations'

0 comments on commit b169a9c

Please sign in to comment.