-
Notifications
You must be signed in to change notification settings - Fork 8.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Security Solution][Platform] - Add connectors to import/export API #148703
[Security Solution][Platform] - Add connectors to import/export API #148703
Conversation
Pinging @elastic/security-solution (Team: SecuritySolution) |
…import-export-connectors-with-rules
…github.com/WafaaNasr/kibana into 118774-import-export-connectors-with-rules
@elasticmachine merge upstream |
merge conflict between base and head |
@@ -34,6 +34,8 @@ import { importRulesRoute } from './route'; | |||
|
|||
jest.mock('../../../../../machine_learning/authz'); | |||
|
|||
// TODO add tests for connectors |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Are you planning to add them for this PR, or a follow up? 👍 if you'd like to follow-up with an additional test-coverage PR -- would be nice to add a few more FTR tests covering connectors as well.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I did already in this file x-pack/test/detection_engine_api_integration/security_and_spaces/group10/import_rules.ts
which I found exactly the same as this file x-pack/plugins/security_solution/server/lib/detection_engine/rule_management/api/rules/import_rules/route.test.ts
and the interesting thing is this file is not referenced at all, that's why I didn't add tests there and I wanted to ask if we need this file actually?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So this file contains the jest unit tests against the route, whereas .../detection_engine_api_integration/security_and_spaces/group10/import_rules.ts
are the FTR (functional test runner) API integration tests that actually stand up a kibana/es instance to test the import e2e.
This file would be good for testing the basic route inputs and such (or any other conditional logic specific to the route itself), but the latter is best for testing the complete flow from request to response, so good to have both. For these unit tests, the only connector specific test you might want to add is around the new overwrite_action_connectors
query param that was added to the importQuerySchema
, but as you mention, this could be covered by the FTR tests as well.
x-pack/test/detection_engine_api_integration/security_and_spaces/group10/perform_bulk_action.ts
Show resolved
Hide resolved
...on/server/lib/detection_engine/rule_management/logic/import/action_connectors/utils/index.ts
Show resolved
Hide resolved
..._engine/rule_management/logic/import/action_connectors/import_rule_action_connectors.test.ts
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Checked out, tested locally, and did a high-level code review and LGTM! 👍 🚀 🙂
- I did add a few comments/questions for some future cleanup and additional tests, but no changes required in this PR.
- As a note, I did find two tangential issues ([Security Solution] Rule import error toast is too large to view title when many errors happen on import #149994, [Security Solution] Unable to view multiple errors toasts when rule import fails #149995) in testing, but they were pre-existing.
- Also, as mentioned in an above comment, rule import is currently broken (as of [Security Solution] Write and read Rule Execution Logs from rule instead of saved object #147035) since we're exporting additional fields that break validation on import, so I went ahead and patched that locally by returning
execution_summary: undefined
over ininternalRuleToAPIResponse()
so I could perform full e2e testing. - I went ahead and added the
needs_docs
label as a reminder that we'll need to update our API docs with this change
Overall looks great @WafaaNasr -- thank you for all your efforts here and getting our users closer to a one-click backup/recover workflow! 🙌 🙂
Thank you so much @spong for your very thorough review!! really appreciated 🙏🏻😊 |
@ARWNightingale do you have any objections to changing the last part of this warning message from This change would align the message with the one that displays when users perform a similar act on the Saved Objects page, which is importing a connector that needs configuration details re-applied or fixed. I think the consistent messaging can encourage the same behavior (i.e., go to the Connectors page to fix your connectors) and create a seamless experience for users whether they're receiving the warning from the Import rules modal or the Saved Objects page. cc: @WafaaNasr |
1. Warning message
4. Error messages
@nastasha-solomon thanks for the comments, please find the updated state per each item :) |
@elasticmachine merge upstream |
@nastasha-solomon I confirmed with @ARWNightingale that we are going to implement the same UI as in the Saved Object page, I will add the |
@elasticmachine merge upstream |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Response Ops side looks good
💚 Build Succeeded
Metrics [docs]Module Count
Async chunks
History
To update your PR or re-run it, just comment with: cc @WafaaNasr |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Tested locally, LGTM!
Great work!
@@ -589,6 +633,18 @@ export default ({ getService }: FtrProviderContext): void => { | |||
exceptions_errors: [], | |||
exceptions_success: true, | |||
exceptions_success_count: 0, | |||
action_connectors_success: true, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why do we have here action_connectors_success
but also action_connectors_errors
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That's a good question, actually, this test is not needed as per this discussion initially I added the default values of the exported connectors, just to mimic the exported file if no actions' connectors were exported.
Summary
connectors
to the connectors page in the same tab, so that the user can fix imported connectors.Overwrite existing connectors with conflicting action "id"
option to the Import ModalCases:
Screenshots
3.Connector Page
New text: @nastasha-solomon
1. Warning message
title => could be
1 connector imported
orx connectors imported
message =>
1 connector has sensitive information that requires updates. review in connectors
orx connectors have sensitive information that requires updates. review in connectors
2. New
Overwrite
checkbox3. Success Toast message
4. Error messages
a. Missing import action privileges
b. Missing connectors