-
Notifications
You must be signed in to change notification settings - Fork 8.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Cloud Security] Cypress Test for Misconfiguration Preview and Table for Contextual Flyout #193125
Changes from 10 commits
f8ed329
80d3a01
011fb8f
d19bbc2
df19df6
6e0ae67
1888ccd
7c2f468
3964c64
39e8233
c3879b2
1b8db59
ef20875
519dec9
a04efbd
f21365a
675f1c0
a6f95ea
499a692
5672e82
61b251e
bf1f173
4c328bb
9292da7
602865d
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,232 @@ | ||
/* | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Thanks for adding the test. Looks like it's interacting with alerts page and the flyout, shall we move it to x-pack/test/security_solution_cypress/cypress/e2e/investigations/alerts/expandable_flyout? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. ah kk There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. @animehart If the tested feature is only displayed inside the expandable flyout, placing the test where @angorayc suggested might make sense. But that is up to the @elastic/security-threat-hunting-investigations team to decide since they own the There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. @machadoum |
||
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one | ||
* or more contributor license agreements. Licensed under the Elastic License | ||
* 2.0; you may not use this file except in compliance with the Elastic License | ||
* 2.0. | ||
*/ | ||
|
||
import { CDR_LATEST_NATIVE_MISCONFIGURATIONS_INDEX_PATTERN } from '@kbn/cloud-security-posture-common'; | ||
import { createRule } from '../../../tasks/api_calls/rules'; | ||
import { getNewRule } from '../../../objects/rule'; | ||
import { getDataTestSubjectSelector } from '../../../helpers/common'; | ||
|
||
import { rootRequest, deleteAlertsAndRules } from '../../../tasks/api_calls/common'; | ||
import { | ||
expandFirstAlertHostFlyout, | ||
expandFirstAlertUserFlyout, | ||
} from '../../../tasks/asset_criticality/common'; | ||
import { waitForAlertsToPopulate } from '../../../tasks/create_new_rule'; | ||
import { login } from '../../../tasks/login'; | ||
import { ALERTS_URL } from '../../../urls/navigation'; | ||
import { visit } from '../../../tasks/navigation'; | ||
|
||
const CSP_INSIGHT_MISCONFIGURATION_TITLE = getDataTestSubjectSelector( | ||
'securitySolutionFlyoutInsightsMisconfigurationsTitleText' | ||
); | ||
|
||
const CSP_INSIGHT_TAB_TITLE = getDataTestSubjectSelector('securitySolutionFlyoutInsightInputsTab'); | ||
const CSP_INSIGHT_TABLE = getDataTestSubjectSelector( | ||
'securitySolutionFlyoutMisconfigurationFindingsTable' | ||
); | ||
const NO_FINDINGS_TEXT = getDataTestSubjectSelector('noFindingsDataTestSubj'); | ||
const timestamp = Date.now(); | ||
|
||
// Create a Date object using the timestamp | ||
const date = new Date(timestamp); | ||
|
||
// Convert the Date object to ISO 8601 format | ||
const iso8601String = date.toISOString(); | ||
|
||
const mockFindingHostName = (matches: boolean) => { | ||
return { | ||
'@timestamp': iso8601String, | ||
host: { name: matches ? 'siem-kibana' : 'not-siem-kibana' }, | ||
resource: { | ||
id: '1234ABCD', | ||
name: 'kubelet', | ||
sub_type: 'lower case sub type', | ||
}, | ||
result: { evaluation: matches ? 'passed' : 'failed' }, // Adjusting result based on matches | ||
rule: { | ||
name: 'Upper case rule name', | ||
section: 'Upper case section', | ||
benchmark: { | ||
id: 'cis_k8s', | ||
posture_type: 'kspm', | ||
name: 'CIS Kubernetes V1.23', | ||
version: 'v1.0.0', | ||
}, | ||
type: 'process', | ||
}, | ||
cluster_id: 'Upper case cluster id', | ||
data_stream: { | ||
dataset: 'cloud_security_posture.findings', | ||
}, | ||
}; | ||
}; | ||
|
||
const mockFindingUserName = (matches: boolean) => { | ||
return { | ||
'@timestamp': iso8601String, | ||
user: { name: matches ? 'test' : 'not-test' }, | ||
resource: { | ||
id: '1234ABCD', | ||
name: 'kubelet', | ||
sub_type: 'lower case sub type', | ||
}, | ||
result: { evaluation: matches ? 'passed' : 'failed' }, // Adjusting result based on matches | ||
rule: { | ||
name: 'Upper case rule name', | ||
section: 'Upper case section', | ||
benchmark: { | ||
id: 'cis_k8s', | ||
posture_type: 'kspm', | ||
name: 'CIS Kubernetes V1.23', | ||
version: 'v1.0.0', | ||
}, | ||
type: 'process', | ||
}, | ||
cluster_id: 'Upper case cluster id', | ||
data_stream: { | ||
dataset: 'cloud_security_posture.findings', | ||
}, | ||
}; | ||
}; | ||
|
||
const createMockFinding = (isNameMatches: boolean, findingType: 'host.name' | 'user.name') => { | ||
return rootRequest({ | ||
seanrathier marked this conversation as resolved.
Show resolved
Hide resolved
|
||
method: 'POST', | ||
url: `${Cypress.env( | ||
'ELASTICSEARCH_URL' | ||
)}/${CDR_LATEST_NATIVE_MISCONFIGURATIONS_INDEX_PATTERN}/_doc`, | ||
body: | ||
findingType === 'host.name' | ||
? mockFindingHostName(isNameMatches) | ||
: mockFindingUserName(isNameMatches), | ||
}); | ||
}; | ||
|
||
const deleteDataStream = () => { | ||
return rootRequest({ | ||
method: 'DELETE', | ||
url: `${Cypress.env( | ||
'ELASTICSEARCH_URL' | ||
)}/_data_stream/${CDR_LATEST_NATIVE_MISCONFIGURATIONS_INDEX_PATTERN}`, | ||
}); | ||
}; | ||
|
||
describe('Alert Host details expandable flyout', { tags: ['@ess', '@serverless'] }, () => { | ||
beforeEach(() => { | ||
deleteAlertsAndRules(); | ||
login(); | ||
createRule(getNewRule()); | ||
visit(ALERTS_URL); | ||
waitForAlertsToPopulate(); | ||
}); | ||
|
||
context('No Misconfiguration Findings', () => { | ||
it('should not display Misconfiguration preview under Insights Entities when it does not have Misconfiguration Findings', () => { | ||
expandFirstAlertHostFlyout(); | ||
|
||
cy.log('check if Misconfiguration preview title is not shown'); | ||
cy.get(CSP_INSIGHT_MISCONFIGURATION_TITLE).should('not.exist'); | ||
}); | ||
|
||
it('should not display Misconfiguration preview under Insights Entities when it does not have Misconfiguration Findings', () => { | ||
expandFirstAlertUserFlyout(); | ||
|
||
cy.log('check if Misconfiguration preview title is not shown'); | ||
cy.get(CSP_INSIGHT_MISCONFIGURATION_TITLE).should('not.exist'); | ||
}); | ||
}); | ||
|
||
context('Host name - Has misconfiguration findings', () => { | ||
beforeEach(() => { | ||
createMockFinding(true, 'host.name'); | ||
cy.reload(); | ||
expandFirstAlertHostFlyout(); | ||
}); | ||
|
||
afterEach(() => { | ||
deleteDataStream(); | ||
}); | ||
|
||
it('should display Misconfiguration preview under Insights Entities when it has Misconfiguration Findings', () => { | ||
cy.log('check if Misconfiguration preview title shown'); | ||
cy.get(CSP_INSIGHT_MISCONFIGURATION_TITLE).should('be.visible'); | ||
}); | ||
|
||
it('should display insight tabs and findings table upon clicking on misconfiguration accordion', () => { | ||
cy.contains('Failed findings', { timeout: 3000 }); | ||
cy.contains('Misconfigurations').click(); | ||
cy.get(CSP_INSIGHT_TAB_TITLE).should('be.visible'); | ||
cy.get(CSP_INSIGHT_TABLE).should('be.visible'); | ||
}); | ||
}); | ||
|
||
context( | ||
'Host name - Has misconfiguration findings but host name is not the same as alert host name', | ||
() => { | ||
beforeEach(() => { | ||
createMockFinding(false, 'host.name'); | ||
cy.reload(); | ||
expandFirstAlertHostFlyout(); | ||
}); | ||
|
||
afterEach(() => { | ||
deleteDataStream(); | ||
}); | ||
|
||
it('should display Misconfiguration preview under Insights Entities when it has Misconfiguration Findings', () => { | ||
cy.log('check if Misconfiguration preview title shown'); | ||
cy.get(CSP_INSIGHT_MISCONFIGURATION_TITLE).should('be.visible'); | ||
cy.get(NO_FINDINGS_TEXT).should('be.visible'); | ||
}); | ||
} | ||
); | ||
|
||
context('User name - Has misconfiguration findings', () => { | ||
beforeEach(() => { | ||
createMockFinding(true, 'user.name'); | ||
cy.reload(); | ||
expandFirstAlertUserFlyout(); | ||
}); | ||
|
||
afterEach(() => { | ||
deleteDataStream(); | ||
}); | ||
|
||
it('should display Misconfiguration preview under Insights Entities when it has Misconfiguration Findings', () => { | ||
cy.log('check if Misconfiguration preview title shown'); | ||
cy.get(CSP_INSIGHT_MISCONFIGURATION_TITLE).should('be.visible'); | ||
}); | ||
|
||
it('should display insight tabs and findings table upon clicking on misconfiguration accordion', () => { | ||
cy.contains('Failed findings', { timeout: 3000 }); | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 🤔 Whenever I see a time-out in a test, it concerns me that we have a performance issue with the UI (sometimes the test runner). Have we had to do the same in the Selenium tests for the Findings? I would have expected with mock data that we should be showing the table in under 3 seconds. |
||
cy.contains('Misconfigurations').click(); | ||
cy.get(CSP_INSIGHT_TAB_TITLE).should('be.visible'); | ||
cy.get(CSP_INSIGHT_TABLE).should('be.visible'); | ||
}); | ||
}); | ||
|
||
context( | ||
'User name - Has misconfiguration findings but host name is not the same as alert host name', | ||
() => { | ||
beforeEach(() => { | ||
createMockFinding(false, 'user.name'); | ||
cy.reload(); | ||
expandFirstAlertHostFlyout(); | ||
}); | ||
|
||
afterEach(() => { | ||
deleteDataStream(); | ||
}); | ||
|
||
it('should display Misconfiguration preview under Insights Entities when it has Misconfiguration Findings', () => { | ||
cy.log('check if Misconfiguration preview title shown'); | ||
cy.get(CSP_INSIGHT_MISCONFIGURATION_TITLE).should('be.visible'); | ||
cy.get(NO_FINDINGS_TEXT).should('be.visible'); | ||
}); | ||
} | ||
); | ||
}); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The README inside the
security_solution_cypress
folder should be updated as well.