BACKOUT changes to the SIEM cypress setup

paul-tavares · Jul 24, 2023 · 63d8987 · 63d8987
1 parent 78bd106
commit 63d8987
Show file tree

Hide file tree

Showing 9 changed files with 31 additions and 65 deletions.
diff --git a/x-pack/plugins/security_solution/cypress/e2e/detection_rules/rule_actions.cy.ts b/x-pack/plugins/security_solution/cypress/e2e/detection_rules/rule_actions.cy.ts
@@ -63,7 +63,7 @@ describe('Rule actions during detection rule creation', () => {
     /* We assert that the new indexed document is the one set on the index action */
     cy.request({
       method: 'GET',
-      url: `${Cypress.env('ELASTICSEARCH_URL_WITH_AUTH')}/${index}/_search`,
+      url: `${Cypress.env('ELASTICSEARCH_URL')}/${index}/_search`,
       headers: { 'kbn-xsrf': 'cypress-creds' },
     }).then((response) => {
       expect(response.body.hits.hits[0]._source).to.deep.equal(expectedJson);

diff --git a/x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/notes_tab.cy.ts b/x-pack/plugins/security_solution/cypress/e2e/investigations/timelines/notes_tab.cy.ts
@@ -32,7 +32,7 @@ import {
 
 import { TIMELINES_URL } from '../../../urls/navigation';
 
-const text = 'elastic';
+const text = 'system_indices_superuser';
 const link = 'https://www.elastic.co/';
 
 describe('Timeline notes tab', () => {

diff --git a/x-pack/plugins/security_solution/cypress/support/es_archiver.ts b/x-pack/plugins/security_solution/cypress/support/es_archiver.ts
@@ -17,13 +17,13 @@ export const esArchiver = (
   const log = new ToolingLog({ level: 'verbose', writeTo: process.stdout });
 
   const client = new Client({
-    node: config.env.ELASTICSEARCH_URL_WITH_AUTH,
+    node: config.env.ELASTICSEARCH_URL,
     Connection: HttpConnection,
   });
 
   const kbnClient = new KbnClient({
     log,
-    url: config.env.KIBANA_URL_WITH_AUTH,
+    url: config.env.CYPRESS_BASE_URL as string,
   });
 
   const esArchiverInstance = new EsArchiver({

diff --git a/x-pack/plugins/security_solution/cypress/tasks/api_calls/elasticsearch.ts b/x-pack/plugins/security_solution/cypress/tasks/api_calls/elasticsearch.ts
@@ -9,7 +9,7 @@ import { rootRequest } from '../common';
 export const deleteIndex = (index: string) => {
   rootRequest({
     method: 'DELETE',
-    url: `${Cypress.env('ELASTICSEARCH_URL_WITH_AUTH')}/${index}`,
+    url: `${Cypress.env('ELASTICSEARCH_URL')}/${index}`,
     headers: { 'kbn-xsrf': 'cypress-creds' },
     failOnStatusCode: false,
   });
@@ -18,7 +18,7 @@ export const deleteIndex = (index: string) => {
 export const createIndex = (indexName: string, properties: Record<string, unknown>) =>
   rootRequest({
     method: 'PUT',
-    url: `${Cypress.env('ELASTICSEARCH_URL_WITH_AUTH')}/${indexName}`,
+    url: `${Cypress.env('ELASTICSEARCH_URL')}/${indexName}`,
     body: {
       mappings: {
         properties,
@@ -29,7 +29,7 @@ export const createIndex = (indexName: string, properties: Record<string, unknow
 export const createDocument = (indexName: string, document: Record<string, unknown>) =>
   rootRequest({
     method: 'POST',
-    url: `${Cypress.env('ELASTICSEARCH_URL_WITH_AUTH')}/${indexName}/_doc`,
+    url: `${Cypress.env('ELASTICSEARCH_URL')}/${indexName}/_doc`,
     body: document,
   });
 
@@ -38,7 +38,7 @@ export const waitForNewDocumentToBeIndexed = (index: string, initialNumberOfDocu
     () =>
       rootRequest<{ hits: { hits: unknown[] } }>({
         method: 'GET',
-        url: `${Cypress.env('ELASTICSEARCH_URL_WITH_AUTH')}/${index}/_search`,
+        url: `${Cypress.env('ELASTICSEARCH_URL')}/${index}/_search`,
         headers: { 'kbn-xsrf': 'cypress-creds' },
         failOnStatusCode: false,
       }).then((response) => {
@@ -57,7 +57,7 @@ export const refreshIndex = (index: string) => {
     () =>
       rootRequest({
         method: 'POST',
-        url: `${Cypress.env('ELASTICSEARCH_URL_WITH_AUTH')}/${index}/_refresh`,
+        url: `${Cypress.env('ELASTICSEARCH_URL')}/${index}/_refresh`,
         headers: { 'kbn-xsrf': 'cypress-creds' },
         failOnStatusCode: false,
       }).then((response) => {

diff --git a/x-pack/plugins/security_solution/cypress/tasks/api_calls/prebuilt_rules.ts b/x-pack/plugins/security_solution/cypress/tasks/api_calls/prebuilt_rules.ts
@@ -81,7 +81,7 @@ export const createNewRuleAsset = ({
   index?: string;
   rule?: typeof SAMPLE_PREBUILT_RULE;
 }) => {
-  const url = `${Cypress.env('ELASTICSEARCH_URL_WITH_AUTH')}/${index}/_doc/security-rule:${
+  const url = `${Cypress.env('ELASTICSEARCH_URL')}/${index}/_doc/security-rule:${
     rule['security-rule'].rule_id
   }`;
   cy.waitUntil(
@@ -107,7 +107,7 @@ export const bulkCreateRuleAssets = ({
   index?: string;
   rules?: Array<typeof SAMPLE_PREBUILT_RULE>;
 }) => {
-  const url = `${Cypress.env('ELASTICSEARCH_URL_WITH_AUTH')}/${index}/_bulk`;
+  const url = `${Cypress.env('ELASTICSEARCH_URL')}/${index}/_bulk`;
 
   const bulkIndexRequestBody = rules.reduce((body, rule) => {
     const indexOperation = {
@@ -124,7 +124,7 @@ export const bulkCreateRuleAssets = ({
 
   cy.request({
     method: 'PUT',
-    url: `${Cypress.env('ELASTICSEARCH_URL_WITH_AUTH')}/${index}/_mapping`,
+    url: `${Cypress.env('ELASTICSEARCH_URL')}/${index}/_mapping`,
     body: {
       dynamic: true,
     },
@@ -150,7 +150,7 @@ export const bulkCreateRuleAssets = ({
 };
 
 export const getRuleAssets = (index: string | undefined = '.kibana_security_solution') => {
-  const url = `${Cypress.env('ELASTICSEARCH_URL_WITH_AUTH')}/${index}/_search?size=10000`;
+  const url = `${Cypress.env('ELASTICSEARCH_URL')}/${index}/_search?size=10000`;
   return cy.request({
     method: 'GET',
     url,

diff --git a/x-pack/plugins/security_solution/cypress/tasks/api_calls/saved_queries.ts b/x-pack/plugins/security_solution/cypress/tasks/api_calls/saved_queries.ts
@@ -40,7 +40,7 @@ export const createSavedQuery = (
   });
 
 export const deleteSavedQueries = () => {
-  const kibanaIndexUrl = `${Cypress.env('ELASTICSEARCH_URL_WITH_AUTH')}/.kibana_\*`;
+  const kibanaIndexUrl = `${Cypress.env('ELASTICSEARCH_URL')}/.kibana_\*`;
   rootRequest({
     method: 'POST',
     url: `${kibanaIndexUrl}/_delete_by_query?conflicts=proceed`,

diff --git a/x-pack/plugins/security_solution/cypress/tasks/common.ts b/x-pack/plugins/security_solution/cypress/tasks/common.ts
@@ -23,8 +23,8 @@ const primaryButton = 0;
 const dndSloppyClickDetectionThreshold = 5;
 
 export const API_AUTH = Object.freeze({
-  user: Cypress.env('KIBANA_USERNAME') ?? Cypress.env('ELASTICSEARCH_USERNAME'),
-  pass: Cypress.env('KIBANA_PASSWORD') ?? Cypress.env('ELASTICSEARCH_PASSWORD'),
+  user: Cypress.env('ELASTICSEARCH_USERNAME'),
+  pass: Cypress.env('ELASTICSEARCH_PASSWORD'),
 });
 
 export const API_HEADERS = Object.freeze({ 'kbn-xsrf': 'cypress' });
@@ -102,7 +102,7 @@ export const cleanKibana = () => {
 
 export const deleteAlertsAndRules = () => {
   cy.log('Delete all alerts and rules');
-  const kibanaIndexUrl = `${Cypress.env('ELASTICSEARCH_URL_WITH_AUTH')}/.kibana_\*`;
+  const kibanaIndexUrl = `${Cypress.env('ELASTICSEARCH_URL')}/.kibana_\*`;
 
   rootRequest({
     method: 'POST',
@@ -137,7 +137,7 @@ export const deleteAlertsAndRules = () => {
   rootRequest({
     method: 'POST',
     url: `${Cypress.env(
-      'ELASTICSEARCH_URL_WITH_AUTH'
+      'ELASTICSEARCH_URL'
     )}/.lists-*,.items-*,.alerts-security.alerts-*/_delete_by_query?conflicts=proceed&scroll_size=10000`,
     body: {
       query: {
@@ -148,7 +148,7 @@ export const deleteAlertsAndRules = () => {
 };
 
 export const deleteTimelines = () => {
-  const kibanaIndexUrl = `${Cypress.env('ELASTICSEARCH_URL_WITH_AUTH')}/.kibana_\*`;
+  const kibanaIndexUrl = `${Cypress.env('ELASTICSEARCH_URL')}/.kibana_\*`;
   rootRequest({
     method: 'POST',
     url: `${kibanaIndexUrl}/_delete_by_query?conflicts=proceed`,
@@ -178,7 +178,7 @@ export const deleteAlertsIndex = () => {
 };
 
 export const deleteCases = () => {
-  const kibanaIndexUrl = `${Cypress.env('ELASTICSEARCH_URL_WITH_AUTH')}/.kibana_\*`;
+  const kibanaIndexUrl = `${Cypress.env('ELASTICSEARCH_URL')}/.kibana_\*`;
   rootRequest({
     method: 'POST',
     url: `${kibanaIndexUrl}/_delete_by_query?conflicts=proceed`,
@@ -199,7 +199,7 @@ export const deleteCases = () => {
 };
 
 export const deleteConnectors = () => {
-  const kibanaIndexUrl = `${Cypress.env('ELASTICSEARCH_URL_WITH_AUTH')}/.kibana_\*`;
+  const kibanaIndexUrl = `${Cypress.env('ELASTICSEARCH_URL')}/.kibana_\*`;
   rootRequest({
     method: 'POST',
     url: `${kibanaIndexUrl}/_delete_by_query?conflicts=proceed`,
@@ -220,7 +220,7 @@ export const deleteConnectors = () => {
 };
 
 export const deletePrebuiltRulesAssets = () => {
-  const kibanaIndexUrl = `${Cypress.env('ELASTICSEARCH_URL_WITH_AUTH')}/.kibana_\*`;
+  const kibanaIndexUrl = `${Cypress.env('ELASTICSEARCH_URL')}/.kibana_\*`;
   rootRequest({
     method: 'POST',
     url: `${kibanaIndexUrl}/_delete_by_query?conflicts=proceed`,

diff --git a/x-pack/plugins/security_solution/cypress/tasks/login.ts b/x-pack/plugins/security_solution/cypress/tasks/login.ts
@@ -45,9 +45,6 @@ const ELASTICSEARCH_USERNAME = 'ELASTICSEARCH_USERNAME';
  */
 const ELASTICSEARCH_PASSWORD = 'ELASTICSEARCH_PASSWORD';
 
-const KIBANA_USERNAME = 'KIBANA_USERNAME';
-const KIBANA_PASSWORD = 'KIBANA_PASSWORD';
-
 /**
  * The Kibana server endpoint used for authentication
  */
@@ -206,8 +203,7 @@ export const login = (role?: ROLES) => {
  * via environment variables
  */
 const credentialsProvidedByEnvironment = (): boolean =>
-  (Cypress.env(KIBANA_USERNAME) != null && Cypress.env(KIBANA_PASSWORD) != null) ||
-  (Cypress.env(ELASTICSEARCH_USERNAME) != null && Cypress.env(ELASTICSEARCH_PASSWORD) != null);
+  Cypress.env(ELASTICSEARCH_USERNAME) != null && Cypress.env(ELASTICSEARCH_PASSWORD) != null;
 
 /**
  * Authenticates with Kibana by reading credentials from the
@@ -216,27 +212,13 @@ const credentialsProvidedByEnvironment = (): boolean =>
  * Kibana's `/internal/security/login` endpoint, bypassing the login page (for speed).
  */
 const loginViaEnvironmentCredentials = () => {
-  let username: string;
-  let password: string;
-  let usernameEnvVar: string;
-  let passwordEnvVar: string;
-
-  if (Cypress.env(KIBANA_USERNAME) && Cypress.env(KIBANA_PASSWORD)) {
-    username = Cypress.env(KIBANA_USERNAME);
-    password = Cypress.env(KIBANA_PASSWORD);
-    usernameEnvVar = KIBANA_USERNAME;
-    passwordEnvVar = KIBANA_PASSWORD;
-  } else {
-    username = Cypress.env(ELASTICSEARCH_USERNAME);
-    password = Cypress.env(ELASTICSEARCH_PASSWORD);
-    usernameEnvVar = ELASTICSEARCH_USERNAME;
-    passwordEnvVar = ELASTICSEARCH_PASSWORD;
-  }
-
   cy.log(
-    `Authenticating [${username}] retrieved via environment credentials from the \`CYPRESS_${usernameEnvVar}\` and \`CYPRESS_${passwordEnvVar}\` environment variables`
+    `Authenticating via environment credentials from the \`CYPRESS_${ELASTICSEARCH_USERNAME}\` and \`CYPRESS_${ELASTICSEARCH_PASSWORD}\` environment variables`
   );
 
+  const username = Cypress.env(ELASTICSEARCH_USERNAME);
+  const password = Cypress.env(ELASTICSEARCH_PASSWORD);
+
   cy.session([username, password], () => {
     // programmatically authenticate without interacting with the Kibana login page
     cy.request({
@@ -296,17 +278,14 @@ const loginViaConfig = () => {
 export const getEnvAuth = (): User => {
   if (credentialsProvidedByEnvironment()) {
     return {
-      username: Cypress.env(KIBANA_USERNAME) ?? Cypress.env(ELASTICSEARCH_USERNAME),
-      password: Cypress.env(KIBANA_PASSWORD) ?? Cypress.env(ELASTICSEARCH_PASSWORD),
+      username: Cypress.env(ELASTICSEARCH_USERNAME),
+      password: Cypress.env(ELASTICSEARCH_PASSWORD),
     };
   } else {
     let user: User = { username: '', password: '' };
     cy.readFile(KIBANA_DEV_YML_PATH).then((devYml) => {
       const config = yaml.safeLoad(devYml);
-      user = {
-        username: config.kibana.username ?? config.elasticsearch.username,
-        password: config.kibana.password ?? config.elasticsearch.password,
-      };
+      user = { username: config.elasticsearch.username, password: config.elasticsearch.password };
     });
 
     return user;

diff --git a/x-pack/plugins/security_solution/scripts/run_cypress/parallel.ts b/x-pack/plugins/security_solution/scripts/run_cypress/parallel.ts
@@ -358,6 +358,7 @@ ${JSON.stringify(config.getAll(), null, 2)}
               retries: 1,
             });
 
+            // Normalized the set of available env vars in cypress
             const cyCustomEnv = {
               ...ftrEnv,
 
@@ -367,20 +368,6 @@ ${JSON.stringify(config.getAll(), null, 2)}
               ...createCyEnvVar('KIBANA_URL_WITH_AUTH', createUrlFromFtrConfig('kibana', true)),
               ...createCyEnvVar('KIBANA_USERNAME', config.get('servers.kibana.username')),
               ...createCyEnvVar('KIBANA_PASSWORD', config.get('servers.kibana.password')),
-
-              ...createCyEnvVar('ELASTICSEARCH_URL', createUrlFromFtrConfig('elasticsearch')),
-              ...createCyEnvVar(
-                'ELASTICSEARCH_URL_WITH_AUTH',
-                createUrlFromFtrConfig('elasticsearch', true)
-              ),
-              ...createCyEnvVar(
-                'ELASTICSEARCH_USERNAME',
-                config.get('servers.elasticsearch.username')
-              ),
-              ...createCyEnvVar(
-                'ELASTICSEARCH_PASSWORD',
-                config.get('servers.elasticsearch.password')
-              ),
             };
 
             log.info(`