Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Jamf Pro: fix flaky system tests #12689

Merged
merged 6 commits into from
Feb 14, 2025
Merged

Jamf Pro: fix flaky system tests #12689

merged 6 commits into from
Feb 14, 2025
+77 −9

Conversation

chemamartinez
Copy link
Contributor

@chemamartinez chemamartinez commented Feb 10, 2025
edited
Loading

Proposed commit message

After this pagination fix, the condition to ask for more data is size(body.results) >= state.page_size (more context of this change here). This condition was always met in the system tests with page_size == 1 so the test keeps constantly requesting more data.

  • Tests have been adapted to don't request more data when receiving fewer events than the page size.
  • It has been added the limitation of the page_size minimum value.
  • Removed the unused variable max_executions.
  • Store prev_last_report_date to compare with current last_report_date and avoid repeated API requests when last report filter is the same as the previous request.

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.
  • I have verified that any added dashboard complies with Kibana's Dashboard good practices

Related issues

@chemamartinez chemamartinez added bugfix Pull request that fixes a bug issue Team:Security-Service Integrations Security Service Integrations Team [elastic/security-service-integrations] Integration:jamf_pro Jamf Pro labels Feb 10, 2025
@chemamartinez chemamartinez self-assigned this Feb 10, 2025
@chemamartinez chemamartinez requested a review from a team as a code owner February 10, 2025 15:48
@elasticmachine
Copy link

Pinging @elastic/security-service-integrations (Team:Security-Service Integrations)

@elastic-vault-github-plugin-prod
Copy link

🚀 Benchmarks report

To see the full report comment with /test benchmark fullreport

efd6
efd6 reviewed Feb 10, 2025
View reviewed changes
Copy link
Contributor

@efd6 efd6 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Does this mean that if a user sets the page size to unity, they will have a problem?

@chemamartinez
Copy link
Contributor Author

Does this mean that if a user sets the page size to unity, they will have a problem?

@efd6 I think so, unless the API returns a last empty response which I think is not probable.

@efd6
Copy link
Contributor

efd6 commented Feb 11, 2025

I think in that case we need to document the limitation or fix it.

@chemamartinez
Copy link
Contributor Author

Looking at the PR that changed the logic, I think the fix here would be going back to the previous condition

"want_more": body.totalCount > size(body.results),

as the bug that Chris mentioned was fixed in the logic of populating cursor.last_report_date. I don't see any issues in getting back to the old logic of the want_more check.

What do you think about it?

Otherwise, I can just add the limitation to the page_size description.

@efd6
Copy link
Contributor

efd6 commented Feb 11, 2025

I'd be OK with that provided it was checked against a real endpoint.

@chemamartinez
Copy link
Contributor Author

@efd6, I have tested both ways of defining want_more and both have the same limitation when page_size == 1.

In that case, due to the API design, it gets stuck in an infinite loop asking for the first event on the list. That's because the filter filter=general.reportDate is always populated from the only event received and when making the request, the same event is returned as we can only get one.

I'll leave things as they are and document that limitation.

@chemamartinez chemamartinez requested a review from efd6 February 12, 2025 18:12
@efd6
Copy link
Contributor

efd6 commented Feb 12, 2025

Can we add a check for the last-used last_report_date matching the current value? If they match, this would indicate non-progression. Suggest something like

diff --git a/packages/jamf_pro/data_stream/inventory/agent/stream/cel.yml.hbs b/packages/jamf_pro/data_stream/inventory/agent/stream/cel.yml.hbs
index b6f2131ed4..e0da25d578 100644
--- a/packages/jamf_pro/data_stream/inventory/agent/stream/cel.yml.hbs
+++ b/packages/jamf_pro/data_stream/inventory/agent/stream/cel.yml.hbs
@@ -62,9 +62,9 @@ program: |-
                                                ?"event.original": state.?preserve_original_event.orValue(false) ? optional.of(e.encode_json()) : optional.none(),
                                        }
                                ),
-                               "want_more": size(body.results) >= state.page_size,
                                "cursor": state.?cursor.orValue({}).with(
                                        {
+                                               ?"prev_last_report_date": state.?cursor.last_report_date,
                                                ?"last_report_date": (size(body.results) > 0) ?
                                                        optional.of(
                                                                body.results[size(body.results) - 1].general.reportDate.as(d,
@@ -76,7 +76,9 @@ program: |-
                                        }
                                ),
                        }
-               )
+               ).as(state, state.with({
+                       "want_more": size(body.results) >= state.page_size && (state.?cursor.prev_last_report_date != state.?cursor.last_report_date)
+               }))
        )
   )
 state:

(untested)

@chemamartinez
Copy link
Contributor Author

Good point, added at bb83c61.

It has been tested against the real API, even though we still have the limitation of page_size == 1, it helps with unnecessary requests every interval. Now, we just see one request per interval when the last_report_date filter cannot advance.

@elasticmachine
Copy link

💚 Build Succeeded

History

cc @chemamartinez

@elastic-sonarqube Elastic SonarQube
Copy link

Quality Gate passed Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
100.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube

efd6
efd6 reviewed Feb 13, 2025
View reviewed changes
packages/jamf_pro/data_stream/inventory/manifest.yml
@@ -22,7 +22,7 @@ streams:
required: false
title: Inventory request page size
show_user: false
description: Set page size for computers-inventory API Call. Must not exceed 1000.
description: Set page size for computers-inventory API Call. Its value must be within the range of 2 to 1000.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this change still required?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think so, the difference between before and after the last commit when page_size = 1 is that before, want_more was true when size(body.results) >= state.page_size (one result was returned, and one is expected), so it was constantly asking for more data in the same interval. Now, even though want_more is false because of the new condition state.?cursor.prev_last_report_date != state.?cursor.last_report_date, in the next interval the filter last_report_date is the same and will return the same event every time.

I checked that behaviour with page_size = 1 and the latest changes with the API.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

OK, so the fix we have is just for the cpu overuse. It would be nice to fix the whole issue, but this will do for now.

packages/jamf_pro/_dev/deploy/docker/files/config.yml
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we still need to change the tests?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same reason as for the page size limitation.

@chemamartinez chemamartinez merged commit b0e22a4 into elastic:main Feb 14, 2025
6 checks passed
@chemamartinez chemamartinez deleted the 12314-fix-jamf_pro-system_tests branch February 14, 2025 09:31
@elastic-vault-github-plugin-prod
Copy link

Package jamf_pro - 0.2.4 containing this change is available at https://epr.elastic.co/package/jamf_pro/0.2.4/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@efd6 efd6 efd6 approved these changes

Assignees

@chemamartinez chemamartinez

Labels
bugfix Pull request that fixes a bug issue Integration:jamf_pro Jamf Pro Team:Security-Service Integrations Security Service Integrations Team [elastic/security-service-integrations]
Projects
None yet
Milestone
No milestone
3 participants
@chemamartinez @elasticmachine @efd6