[Cloud Posture] update status API endpoint for vulnerability manageme…

…nt findings (#153688) This PR: - Update API status endpoint for retrieving the Vulnerabilities integration status. - Implement logic to determine the status based on the following statuses( scenarios where the integration is not installed, installed but not configured, indexing in progress, indexing timed out, indexing complete, and indexing failed). - Add automated tests to ensure the API endpoint returns the correct status for each scenario. - Integrate the API endpoint into the system and test to ensure it's working properly.
elastic · Mar 28, 2023 · 3b51184 · 3b51184
1 parent 67a5d06
commit 3b51184
Show file tree

Hide file tree

Showing 7 changed files with 329 additions and 49 deletions.
diff --git a/x-pack/plugins/cloud_security_posture/common/constants.ts b/x-pack/plugins/cloud_security_posture/common/constants.ts
@@ -5,6 +5,8 @@
  * 2.0.
  */
 
+import { PostureTypes } from './types';
+
 export const STATUS_ROUTE_PATH = '/internal/cloud_security_posture/status';
 export const STATS_ROUTE_PATH = '/internal/cloud_security_posture/stats/{policy_template}';
 export const BENCHMARKS_ROUTE_PATH = '/internal/cloud_security_posture/benchmarks';
@@ -85,3 +87,10 @@ export const SUPPORTED_CLOUDBEAT_INPUTS = [
   CLOUDBEAT_VULN_MGMT_GCP,
   CLOUDBEAT_VULN_MGMT_AZURE,
 ] as const;
+
+export const POSTURE_TYPES: { [x: string]: PostureTypes } = {
+  [KSPM_POLICY_TEMPLATE]: KSPM_POLICY_TEMPLATE,
+  [CSPM_POLICY_TEMPLATE]: CSPM_POLICY_TEMPLATE,
+  [VULN_MGMT_POLICY_TEMPLATE]: VULN_MGMT_POLICY_TEMPLATE,
+  [POSTURE_TYPE_ALL]: POSTURE_TYPE_ALL,
+} as const;
diff --git a/x-pack/plugins/cloud_security_posture/common/types.ts b/x-pack/plugins/cloud_security_posture/common/types.ts
@@ -12,7 +12,7 @@ import { CspRuleTemplateMetadata } from './schemas/csp_rule_template_metadata';
 
 export type Evaluation = 'passed' | 'failed' | 'NA';
 
-export type PostureTypes = 'cspm' | 'kspm' | 'all';
+export type PostureTypes = 'cspm' | 'kspm' | 'vuln_mgmt' | 'all';
 /** number between 1-100 */
 export type Score = number;
 
@@ -85,6 +85,7 @@ export interface BaseCspSetupStatus {
   latestPackageVersion: string;
   cspm: BaseCspSetupBothPolicy;
   kspm: BaseCspSetupBothPolicy;
+  vuln_mgmt: BaseCspSetupBothPolicy;
   isPluginInitialized: boolean;
 }
 

diff --git a/x-pack/plugins/cloud_security_posture/server/lib/check_index_status.ts b/x-pack/plugins/cloud_security_posture/server/lib/check_index_status.ts
@@ -6,13 +6,13 @@
  */
 
 import { ElasticsearchClient, type Logger } from '@kbn/core/server';
-import { IndexStatus } from '../../common/types';
+import { IndexStatus, PostureTypes } from '../../common/types';
 
 export const checkIndexStatus = async (
   esClient: ElasticsearchClient,
   index: string,
   logger: Logger,
-  postureType: 'cspm' | 'kspm' | 'all' = 'all'
+  postureType: PostureTypes = 'all'
 ): Promise<IndexStatus> => {
   const query =
     postureType === 'all'

diff --git a/x-pack/plugins/cloud_security_posture/server/routes/status/status.test.ts b/x-pack/plugins/cloud_security_posture/server/routes/status/status.test.ts
@@ -6,10 +6,10 @@
  */
 
 import { calculateCspStatusCode } from './status';
-import { CSPM_POLICY_TEMPLATE } from '../../../common/constants';
+import { CSPM_POLICY_TEMPLATE, VULN_MGMT_POLICY_TEMPLATE } from '../../../common/constants';
 
-describe('calculateCspStatusCode test', () => {
-  it('Verify status when there are no permission', async () => {
+describe('calculateCspStatusCode for cspm', () => {
+  it('Verify status when there are no permission for cspm', async () => {
     const statusCode = calculateCspStatusCode(
       CSPM_POLICY_TEMPLATE,
       {
@@ -145,3 +145,141 @@ describe('calculateCspStatusCode test', () => {
     expect(statusCode).toMatch('indexing');
   });
 });
+
+describe('calculateCspStatusCode for vul_mgmt', () => {
+  it('Verify status when there are no permission for vul_mgmt', async () => {
+    const statusCode = calculateCspStatusCode(
+      VULN_MGMT_POLICY_TEMPLATE,
+      {
+        findingsLatest: 'unprivileged',
+        findings: 'unprivileged',
+        score: 'unprivileged',
+      },
+      1,
+      1,
+      1,
+      ['cspm']
+    );
+
+    expect(statusCode).toMatch('unprivileged');
+  });
+
+  it('Verify status when there are no vul_mgmt findings, no healthy agents and no installed policy templates', async () => {
+    const statusCode = calculateCspStatusCode(
+      VULN_MGMT_POLICY_TEMPLATE,
+      {
+        findingsLatest: 'empty',
+        findings: 'empty',
+        score: 'empty',
+      },
+      0,
+      0,
+      0,
+      []
+    );
+
+    expect(statusCode).toMatch('not-installed');
+  });
+
+  it('Verify status when there are vul_mgmt findings and installed policies but no healthy agents', async () => {
+    const statusCode = calculateCspStatusCode(
+      VULN_MGMT_POLICY_TEMPLATE,
+      {
+        findingsLatest: 'empty',
+        findings: 'not-empty',
+        score: 'not-empty',
+      },
+      1,
+      0,
+      10,
+      [VULN_MGMT_POLICY_TEMPLATE]
+    );
+
+    expect(statusCode).toMatch('not-deployed');
+  });
+
+  it('Verify status when there are vul_mgmt findings ,installed policies and healthy agents', async () => {
+    const statusCode = calculateCspStatusCode(
+      VULN_MGMT_POLICY_TEMPLATE,
+      {
+        findingsLatest: 'not-empty',
+        findings: 'not-empty',
+        score: 'not-empty',
+      },
+      1,
+      1,
+      10,
+      [VULN_MGMT_POLICY_TEMPLATE]
+    );
+
+    expect(statusCode).toMatch('indexed');
+  });
+
+  it('Verify status when there are no vul_mgmt findings ,installed policies and no healthy agents', async () => {
+    const statusCode = calculateCspStatusCode(
+      VULN_MGMT_POLICY_TEMPLATE,
+      {
+        findingsLatest: 'empty',
+        findings: 'empty',
+        score: 'empty',
+      },
+      1,
+      0,
+      10,
+      [VULN_MGMT_POLICY_TEMPLATE]
+    );
+
+    expect(statusCode).toMatch('not-deployed');
+  });
+
+  it('Verify status when there are installed policies, healthy agents and no vul_mgmt findings', async () => {
+    const statusCode = calculateCspStatusCode(
+      VULN_MGMT_POLICY_TEMPLATE,
+      {
+        findingsLatest: 'empty',
+        findings: 'empty',
+        score: 'empty',
+      },
+      1,
+      1,
+      9,
+      [VULN_MGMT_POLICY_TEMPLATE]
+    );
+
+    expect(statusCode).toMatch('waiting_for_results');
+  });
+
+  it('Verify status when there are installed policies, healthy agents and no vul_mgmt findings and been more than 10 minutes', async () => {
+    const statusCode = calculateCspStatusCode(
+      VULN_MGMT_POLICY_TEMPLATE,
+      {
+        findingsLatest: 'empty',
+        findings: 'empty',
+        score: 'empty',
+      },
+      1,
+      1,
+      11,
+      [VULN_MGMT_POLICY_TEMPLATE]
+    );
+
+    expect(statusCode).toMatch('index-timeout');
+  });
+
+  it('Verify status when there are installed policies, healthy agents past vul_mgmt findings but no recent findings', async () => {
+    const statusCode = calculateCspStatusCode(
+      VULN_MGMT_POLICY_TEMPLATE,
+      {
+        findingsLatest: 'empty',
+        findings: 'not-empty',
+        score: 'not-empty',
+      },
+      1,
+      1,
+      0,
+      [VULN_MGMT_POLICY_TEMPLATE]
+    );
+
+    expect(statusCode).toMatch('indexing');
+  });
+});