[SecuritySolution] Fix inspect_button cypress

[angorayc]

Summary

#153765

Inspect button cypress was found flaky sometimes. I was able to reproduce the scenario when the tests failed by setting network throttling to slow 3G with Chrome.

Here's what I add to reduce the flakyness:

1. Taking welcome icon page into consideration when loading the page. Check the welcome icon has shown and disappeared before checking the loading indicator in the header. This should buy us more time to avoid timeout in comparison to checking the loading indicator straight away.

2. Replace creating data view via api with loading esArchiver auditbeat data. I assume preload the data could reduce the uncertainty of fetching api under slow internet speed, and therefore reduce the possible failure during setting up the tests.

3. Update postDataView task: [SecuritySolution] Fix inspect_button cypress #158543 (comment)

[elasticmachine]

Pinging @elastic/security-threat-hunting (Team:Threat Hunting)

[elasticmachine]

Pinging @elastic/security-solution (Team: SecuritySolution)

[machadoum]

LGTM!

[machadoum]

Was this part flaky? I wrote it to assert that the inspect modal shows the selected data view. After this PR, it will use the security index pattern. It is testing something different but I guess it isn't a problem.

[MadameSheema]

If it is testing something different it is a problem because we are changing the coverage. cc @machadoum @angorayc

[angorayc]

When I tested locally with slow internet, postDataView had some problems few times, so I removed it and replaced it with es archiver. But I think I should leave selectDataView there, putting it back now.

[machadoum]

LGTM!

[angorayc]

@MadameSheema
I have a question for you about a task in cypress.
I am having an issue running the test successfully after putting this line back https://github.com/elastic/kibana/pull/158543/files#diff-ded7ed9f82f26e44471b334017dc747958ad7708f069914b3877329219a35ce1R38

I never had postDataView working when running the test locally, it always return 400. I'd like to update the task

export const postDataView = (dataSource: string) => {
  rootRequest({
    method: 'POST',
    url: `/api/data_views/data_view`,
    body: {
      data_view: {
        name: dataSource,
        fieldAttrs: '{}',
        title: dataSource,
        timeFieldName: '@timestamp',
      },
    },
    headers: {
      'kbn-xsrf': 'cypress-creds-via-config',
      [ELASTIC_HTTP_VERSION_HEADER]: [INITIAL_REST_VERSION],
    },
    failOnStatusCode: false,
  });
};

1. It needs an extra 'elastic-api-version': '2023-10-31' header.
2. Create index pattern is deprecated so I replace it with create data view api. https://www.elastic.co/guide/en/kibana/8.8/index-patterns-api-create.html

I'm not sure why this is not an issue when running CI.

[MadameSheema]

Thanks! :)

[kibana-ci]

💛 Build succeeded, but was flaky

• Buildkite Build
• Commit: 4e6eb19

Failed CI Steps

• FTR Configs #16

Test Failures

• [job] [logs] FTR Configs #16 / Alerting builtin alertTypes es_query rule runs correctly and populates recovery context for searchSource search type

Metrics [docs]

Unknown metric groups

ESLint disabled line counts

id	before	after	diff
enterpriseSearch	13	15	+2
securitySolution	410	414	+4
total			+6

Total ESLint disabled count

id	before	after	diff
enterpriseSearch	14	16	+2
securitySolution	493	497	+4
total			+6

History

• 💛 Build #135347 was flaky 72122fd
• 💚 Build #135205 succeeded 66f6a1b
• 💚 Build #135171 succeeded b2c18d8
• 💔 Build #135131 failed fd5926c
• 💚 Build #134674 succeeded f8e20e2
• 💛 Build #134342 was flaky 356ef27

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @angorayc