-
Notifications
You must be signed in to change notification settings - Fork 8.1k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[Security Solution] Adds a version and OS check for Host Isolation (#…
- Loading branch information
Showing
8 changed files
with
167 additions
and
15 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
66 changes: 66 additions & 0 deletions
66
x-pack/plugins/security_solution/common/endpoint/service/host_isolation/utils.test.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,66 @@ | ||
/* | ||
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one | ||
* or more contributor license agreements. Licensed under the Elastic License | ||
* 2.0; you may not use this file except in compliance with the Elastic License | ||
* 2.0. | ||
*/ | ||
|
||
import { isVersionSupported, isOsSupported, isIsolationSupported } from './utils'; | ||
|
||
describe('Host Isolation utils isVersionSupported', () => { | ||
test.each` | ||
a | b | expected | ||
${'8.14.0'} | ${'7.13.0'} | ${true} | ||
${'7.14.0'} | ${'7.13.0'} | ${true} | ||
${'7.14.1'} | ${'7.14.0'} | ${true} | ||
${'8.14.0'} | ${'9.14.0'} | ${false} | ||
${'7.13.0'} | ${'7.14.0'} | ${false} | ||
${'7.14.0'} | ${'7.14.1'} | ${false} | ||
${'7.14.0'} | ${'7.14.0'} | ${true} | ||
${'7.14.0-SNAPSHOT'} | ${'7.14.0'} | ${true} | ||
${'7.14.0-SNAPSHOT-beta'} | ${'7.14.0'} | ${true} | ||
${'7.14.0-alpha'} | ${'7.14.0'} | ${true} | ||
`('should validate that version $a is compatible($expected) to $b', ({ a, b, expected }) => { | ||
expect( | ||
isVersionSupported({ | ||
currentVersion: a, | ||
minVersionRequired: b, | ||
}) | ||
).toEqual(expected); | ||
}); | ||
}); | ||
|
||
describe('Host Isolation utils isOsSupported', () => { | ||
test.each` | ||
a | b | expected | ||
${'linux'} | ${['macos', 'linux']} | ${true} | ||
${'linux'} | ${['macos', 'windows']} | ${false} | ||
`('should validate that os $a is compatible($expected) to $b', ({ a, b, expected }) => { | ||
expect( | ||
isOsSupported({ | ||
currentOs: a, | ||
supportedOss: b, | ||
}) | ||
).toEqual(expected); | ||
}); | ||
}); | ||
|
||
describe('Host Isolation utils isIsolationSupported', () => { | ||
test.each` | ||
a | b | expected | ||
${'windows'} | ${'7.14.0'} | ${true} | ||
${'linux'} | ${'7.13.0'} | ${false} | ||
${'linux'} | ${'7.14.0'} | ${false} | ||
${'macos'} | ${'7.13.0'} | ${false} | ||
`( | ||
'should validate that os $a and version $b supports hostIsolation($expected)', | ||
({ a, b, expected }) => { | ||
expect( | ||
isIsolationSupported({ | ||
osName: a, | ||
version: b, | ||
}) | ||
).toEqual(expected); | ||
} | ||
); | ||
}); |
46 changes: 46 additions & 0 deletions
46
x-pack/plugins/security_solution/common/endpoint/service/host_isolation/utils.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
/* | ||
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one | ||
* or more contributor license agreements. Licensed under the Elastic License | ||
* 2.0; you may not use this file except in compliance with the Elastic License | ||
* 2.0. | ||
*/ | ||
|
||
export const isVersionSupported = ({ | ||
currentVersion, | ||
minVersionRequired, | ||
}: { | ||
currentVersion: string; | ||
minVersionRequired: string; | ||
}) => { | ||
const parsedCurrentVersion = currentVersion.includes('-SNAPSHOT') | ||
? currentVersion.substring(0, currentVersion.indexOf('-')) | ||
: currentVersion; | ||
const tokenizedCurrent = parsedCurrentVersion | ||
.split('.') | ||
.map((token: string) => parseInt(token, 10)); | ||
const tokenizedMin = minVersionRequired.split('.').map((token: string) => parseInt(token, 10)); | ||
|
||
const versionNotSupported = tokenizedCurrent.some((token: number, index: number) => { | ||
return token < tokenizedMin[index]; | ||
}); | ||
|
||
return !versionNotSupported; | ||
}; | ||
|
||
export const isOsSupported = ({ | ||
currentOs, | ||
supportedOss, | ||
}: { | ||
currentOs: string; | ||
supportedOss: string[]; | ||
}) => { | ||
return supportedOss.some((os) => currentOs === os); | ||
}; | ||
|
||
export const isIsolationSupported = ({ osName, version }: { osName: string; version: string }) => { | ||
const normalizedOs = osName.toLowerCase(); | ||
return ( | ||
isOsSupported({ currentOs: normalizedOs, supportedOss: ['macos', 'windows'] }) && | ||
isVersionSupported({ currentVersion: version, minVersionRequired: '7.14.0' }) | ||
); | ||
}; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters