[Security Solution] Implement a Zod transformation from snake_case to camelCase and vice versa #180121
Labels
Team:Detection Rule Management
Security Detection Rule Management Team
Team:Detections and Resp
Security Detection Response Team
Team: SecuritySolution
Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
technical debt
Improvement of the software architecture and operational architecture
Comments
jpdjere
added
triage_needed
Team:Detections and Resp
|
Pinging @elastic/security-detections-response (Team:Detections and Resp) |
|
Pinging @elastic/security-solution (Team: SecuritySolution) |
|
Pinging @elastic/security-detection-rule-management (Team:Detection Rule Management) |
banderror
added
technical debt
xcrzx
added a commit
that referenced
this issue
May 2, 2024
…181581) **Resolves: #180121 **Resolves: #180122 **Resolves: #180124 ## Summary As part of the preparatory changes for the work in Milestone 3, we want to add the new `rule_source` field to the API schema. - Added `rule_source` as an **optional** property to `RuleResponse`, by introducing it as an optional property in the `ResponseFields` schema. - For now, all endpoints should return `undefined` for the `rule_source` field. - Added `rule_source` as an **optional** property to `RuleToImport`, which defines the schema of required and accepted fields when importing a rule. - For now, the new `rule_source` field should be ignored in the endpoint logic. - Added the `ruleSource` field to the `BaseRuleParams` schema, as an optional field. - Implemented a Zod transformation from `snake_case` to `camelCase` for object keys to reduce code duplication.
|
The approach proposed in the ticket didn't work as expected, see #184004 for more detail. So I am reopening it. We need to investigate other options for automatic case conversation in schemas |
xcrzx
added a commit
that referenced
this issue
May 23, 2024
…Source (#184004) ## Summary This PR replaces the incorrect Zod schema for the `ruleSource` rule param. Previously, the rule source field schema was implemented using a Zod transformation that automatically converted the snake-cased `is_customized` attribute to its camel-cased version `isCustomized`. ```ts const RuleSourceCamelCased = RuleSource.transform(convertObjectKeysToCamelCase); const RuleSource = z.object({ type: z.literal('external'), is_customized: IsExternalRuleCustomized, }); ``` However, this meant that the expected input type for the schema was snake-cased, as the transformation happened only after validation. **Valid payload before:** ```json5 { "ruleSource": { "type": "external", "is_customized": false // <- it should be camel cased } } ``` To overcome this issue, the rule source schema was implemented without using the transformation (revert #180121). **Valid payload after:** ```json5 { "ruleSource": { "type": "external", "isCustomized": false } } ``` ### Important Note This rule param schema change is considered safe because we do not currently use this field in the code. All values of this field are currently `undefined`. However, to ensure a Serverless release rollout without breaking changes, we need to release this schema change before we start writing any actual data.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Epics: https://github.com/elastic/security-team/issues/1974 (internal), #174168
Needed for: #180124
Summary
We have API schemas where we use
snake_casingfor object properties, and we have internal BE-side schemas for rule parameters and saved object attributes where we usecamelCasingfor object properties. Because of that, we manually transform objects between the two schemas, and every time we add a new rule field, we need to write two schemas for it and two transformations between themkibana/x-pack/plugins/security_solution/common/api/detection_engine/model/rule_schema/common_attributes.gen.ts
Lines 449 to 461 in 7f0701d
kibana/x-pack/plugins/security_solution/server/lib/detection_engine/rule_management/utils/utils.ts
Lines 346 to 366 in 7f0701d
To simplify writing and maintaining schemas, we should try to implement a reusable Zod transformations from
snake_casetocamelCase, something like that:Notes
Some ideas how to do that can be found in a GitHub issue: colinhacks/zod#486 (comment).
This transformation should:
rule_sourcefield:rule_sourceto the API schema #180122During implementation, please evaluate if it would be helpful to have a vice versa
toSnakeCaseZod transformation, in addition totoCamelCase.Note that
toCamelCasewould be in fact a schema and type transformation that would make it easier to define internal schemas that correspond to API schemas. It wouldn't be a data transformation (something we have inrule_converters.ts). To make it easier to write and maintain functions likeconvertAlertSuppressionToCamelandconvertAlertSuppressionToSnakewe might additionally want to write reusable functions for transforming data. Functions from lodash could be useful for that:_.camelCase,_.snakeCase,_.mapKeys.Background
Context from the RFC:
kibana/x-pack/plugins/security_solution/docs/rfcs/detection_response/prebuilt_rules_customization.md
Lines 313 to 330 in 07706fd
The text was updated successfully, but these errors were encountered: