-
Notifications
You must be signed in to change notification settings - Fork 8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Security Solution][Endpoint] Add additional tests for Policy Response #154505
[Security Solution][Endpoint] Add additional tests for Policy Response #154505
Conversation
…added missing policy response entries
…s customization of output documents)
…tomization of output documents)
…or using new `.custom()` static methods
…electing os type
Pinging @elastic/security-defend-workflows (Team:Defend Workflows) |
Pinging @elastic/fleet (Team:Fleet) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fleet change 🚀
💚 Build Succeeded
Metrics [docs]Async chunks
Unknown metric groupsESLint disabled in files
ESLint disabled line counts
Total ESLint disabled count
History
To update your PR or re-run it, just comment with: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good to go. Left a question and suggestion but nothing that should block you merging this. 🔥
@@ -0,0 +1,94 @@ | |||
/* |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Got curious, why is this in the mocked_data
folder?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
there was no need to actually have a real endpoint for this test, thus I did not include it in the other endpoint suite. Also, the "real endpoint" test suite does not run in CI (yet 🤞 )
@@ -0,0 +1,220 @@ | |||
/* |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could you add a bit of explanation here about what this file does and how it works?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sure. I'll add it in a subsequent PR.
Essentially, it displays a CLI screen that allows you to set a host and then send it a customized policy response action.
return mergeWith(destinationObj, srcObj, customizer); | ||
}; | ||
|
||
export class EndpointPolicyResponseGenerator extends BaseDataGenerator { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Awesome!
elastic#154505) ## Summary - Adds Cypress tests to validate that recent Policy response errors are bubbled up and shown in Fleet Agent Details. - Updated Fleet Agent Details display of Integrations with `data-test-subj`'s for testing In support of the above, the following was also introduced: - New standalone `EndpointPolicyResponseGenerator` which also includes one specific method to retrieve a "connect kernel failure" - New data loaders for Endpoint Policy Responses - Endpoint Emulator CLI was enhanced with a new panel that allows sending policy responses to specific endpoints - Added `EndpointMetadataGenerator.custom()` static method - Creates a custom `EndpointMetadataGenerator` subclass based on input arguments. allows for easier customization of generated endpoint hosts - currently supports setting Host OS and Agent version - Like the above, added `EndpointDocGenerator.custom()` which currently allow for setting a custom endpoint generator for use internally - Added `version` and `os` to `indexEndpointHosts` cypress task - new cypress tasks: - `indexEndpointPolicyResponse` - load a policy response - `deleteIndexedEndpointPolicyResponse` - delete previously loaded policy response -
indexing host timeout has been increased in elastic/pull/159518 added in elastic/pull/154505 skipped in elastic/pull/156104
indexing host timeout has been increased in elastic/pull/159518 added in elastic/pull/154505 skipped in elastic/pull/156104
indexing host timeout has been increased in elastic/pull/159518 added in elastic/pull/154505 skipped in elastic/pull/156104
## Summary Unskip test that was timing out at indexing test hosts. The timeout has since been increased in /pull/159518 Was added in /pull/154505 and skipped in /pull/156104
## Summary Unskip test that was timing out at indexing test hosts. The timeout has since been increased in elastic/pull/159518 Was added in elastic/pull/154505 and skipped in elastic/pull/156104 (cherry picked from commit 5d06694)
# Backport This will backport the following commits from `main` to `8.9`: - [[Defend Workflows] Unskip policy response test (#161588)](#161588) <!--- Backport version: 8.9.7 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Ashokaditya","email":"1849116+ashokaditya@users.noreply.github.com"},"sourceCommit":{"committedDate":"2023-07-11T11:58:42Z","message":"[Defend Workflows] Unskip policy response test (#161588)\n\n## Summary\r\n\r\nUnskip test that was timing out at indexing test hosts. \r\nThe timeout has since been increased in /pull/159518\r\n\r\nWas added in /pull/154505 and skipped in\r\nelastic/kibana/pull/156104","sha":"5d066944fcef558eacc858bb807acb2fb783eaee","branchLabelMapping":{"^v8.10.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:Defend Workflows","OLM Sprint","v8.9.0","v8.10.0"],"number":161588,"url":"#161588 Workflows] Unskip policy response test (#161588)\n\n## Summary\r\n\r\nUnskip test that was timing out at indexing test hosts. \r\nThe timeout has since been increased in /pull/159518\r\n\r\nWas added in /pull/154505 and skipped in\r\nelastic/kibana/pull/156104","sha":"5d066944fcef558eacc858bb807acb2fb783eaee"}},"sourceBranch":"main","suggestedTargetBranches":["8.9"],"targetPullRequestStates":[{"branch":"8.9","label":"v8.9.0","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v8.10.0","labelRegex":"^v8.10.0$","isSourceBranch":true,"state":"MERGED","url":"#161588 Workflows] Unskip policy response test (#161588)\n\n## Summary\r\n\r\nUnskip test that was timing out at indexing test hosts. \r\nThe timeout has since been increased in /pull/159518\r\n\r\nWas added in /pull/154505 and skipped in\r\nelastic/kibana/pull/156104","sha":"5d066944fcef558eacc858bb807acb2fb783eaee"}}]}] BACKPORT--> Co-authored-by: Ashokaditya <1849116+ashokaditya@users.noreply.github.com>
Summary
data-test-subj
's for testingIn support of the above, the following was also introduced:
EndpointPolicyResponseGenerator
which also includes one specific method to retrieve a "connect kernel failure"EndpointMetadataGenerator.custom()
static methodEndpointMetadataGenerator
subclass based on input arguments. allows for easier customization of generated endpoint hostsEndpointDocGenerator.custom()
which currently allow for setting a custom endpoint generator for use internallyversion
andos
toindexEndpointHosts
cypress taskindexEndpointPolicyResponse
- load a policy responsedeleteIndexedEndpointPolicyResponse
- delete previously loaded policy response