[Security Solution] Improves detections tests #77295
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
MadameSheema
force-pushed
the
improves-detections
branch
from
8c2af58
to
836b7cc
Compare
|
@elasticmachine merge upstream |
# Conflicts: # x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_custom.spec.ts # x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_ml.spec.ts # x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_override.spec.ts # x-pack/plugins/security_solution/cypress/integration/alerts_detection_rules_threshold.spec.ts # x-pack/plugins/security_solution/cypress/screens/rule_details.ts # x-pack/plugins/security_solution/cypress/tasks/create_new_rule.ts
MadameSheema
force-pushed
the
improves-detections
branch
from
afa7850
to
d97ef1a
Compare
|
@elasticmachine merge upstream |
MadameSheema
requested review from
rylnd,
spong,
dhurley14,
yctercero and
FrankHassanabad
MadameSheema
added
Team:SIEM
v7.10.0
v8.0.0
release_note:skip
|
Pinging @elastic/siem (Team:SIEM) |
rylnd
requested changes
Sep 18, 2020
| cy.get(SHOWING_ALERTS) | ||
| .invoke('text') | ||
| .should('eql', `Showing ${expectedNumberOfAlerts.toString()} alerts`); | ||
| cy.get(NUMBER_OF_ALERTS).should('have.text', expectedNumberOfAlerts.toString()); |
There was a problem hiding this comment.
I assume this is the preference for text assertions, now? Is it more robust, or better errors, or both?
There was a problem hiding this comment.
Yes this is the preference now when possible, is more robust because should clause in Cypress will continue to retry its specified assertions until it times out, and also improves the readability of the tests.
| cy.get(LOOK_BACK_TIME_TYPE).select(rule.lookBack.timeType); | ||
| }; | ||
|
|
||
| export const expectDefineFormToRepopulateAndContinue = (rule: CustomRule) => { |
There was a problem hiding this comment.
I think these came from a bad merge resolution; they were removed in #77090
There was a problem hiding this comment.
mmmm you are right! Thanks for catching this :)
| .invoke('text') | ||
| .then((ruleStatus) => { | ||
| if (ruleStatus !== 'succeeded') { | ||
| cy.get('[data-test-subj=refreshButton]').click(); |
There was a problem hiding this comment.
Without the commented-out assertion below, there's nothing to synchronize the results of the refresh, right? Here's how I'm picturing it:
- page is loaded, rule has not finished executing
- we click refresh
- We continue on with the test, with no guarantee that the rule has executed
There was a problem hiding this comment.
I'll take a deeper look to this.
| eqlRule.referenceUrls.forEach((url) => { | ||
| expectedUrls = expectedUrls + url; | ||
| }); | ||
| let expectedFalsePositives = ''; |
There was a problem hiding this comment.
If you're not expecting these values to change it would be nice use const with a .map or .reduce for these guys. I know these are copy/pasted from elsewhere, but I've got the const version in the EQL rule tests.
|
@elasticmachine merge upstream |
|
@elasticmachine merge upstream |
|
@elasticmachine merge upstream |
|
@elasticmachine merge upstream |
rylnd
approved these changes
Sep 24, 2020
| // cy.get('[data-test-subj=ruleStatus]').should('have.text', 'succeeded') | ||
| } | ||
| }); | ||
| cy.get(RULE_STATUS).should((ruleStatus) => { |
There was a problem hiding this comment.
🥇 💯 I was hoping cypress would have have a nice way to do this, but this is better than I expected!
| getDescriptionForTitle('Additional look-back time').invoke('text').should('eql', '1m'); | ||
| getDetails(RUNS_EVERY_DETAILS).should( | ||
| 'have.text', | ||
| `${newRule.runsEvery.interval}${newRule.runsEvery.type}` |
There was a problem hiding this comment.
👍 thanks for adding these scheduling fields!
|
|
||
| goToRuleDetails(); | ||
| waitForTheRuleToBeExecuted(); |
There was a problem hiding this comment.
I would put this guard as close to the dependent assertions as possible: since (I think) it's only required for the alerts assertions, I would move this a bit further down.
|
@elasticmachine merge upstream |
|
@elasticmachine merge upstream |
|
@elasticmachine merge upstream |
|
@elasticmachine merge upstream |
💚 Build SucceededMetrics [docs]async chunks size
History
To update your PR or re-run it, just comment with: |
MadameSheema
added a commit
to MadameSheema/kibana
that referenced
this pull request
Sep 29, 2020
* improves 'Creates and activates a new custom rule' test * fixes constant problem * improves 'Creates and activates a new custom rule with override option' test * improves 'Creates and activates a new threshold rule' test * refactor * fixes type check issue * improves assertions * removes unused code * changes variables for constants * improves 'waitForTheRuleToBeExecuted' test * improves readability * fixes jenkins error * refactor * refactor Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
gmmorris
added a commit
to gmmorris/kibana
that referenced
this pull request
Sep 29, 2020
* master: (365 commits) making expression debug info serializable (elastic#78727) fix lodahs imports in app-arch code (elastic#78582) Make Field a React.lazy export (elastic#78483) [Security Solution] Improves detections tests (elastic#77295) [TSVB] Different field format on different series is ignored (elastic#78138) RFC: Improve saved object migrations (elastic#66056) [Security Solution] Fixes url timeline flaky test (elastic#78556) adds retryability feature (elastic#78611) Aligns several module versions across the repository (elastic#78327) Empty prompt and loading spinner for service map (elastic#78382) Change progress bar to spinner (elastic#78460) [QA][Code Coverage] Coverage teams lookup w/o Additional Config (elastic#77111) Slim down core bundle (elastic#75912) [Alerting] retry internal OCC calls within alertsClient (elastic#77838) [kbn/optimizer] only build xpack examples when building xpack plugins (elastic#78656) [Ingest Manager] Ingest setup upgrade (elastic#78081) [Ingest Manager] Surface saved object client 10,000 limitation to bulk actions UI (elastic#78520) fix name without a category or if field end with .text (elastic#78655) [Security Solution] [Detections] Log message enhancements (elastic#78429) [ML]DF Analytics exploration: default filter of results page by `defaultIsTraining` value in url (elastic#78303) ...
MadameSheema
added a commit
that referenced
this pull request
Sep 29, 2020
* improves 'Creates and activates a new custom rule' test * fixes constant problem * improves 'Creates and activates a new custom rule with override option' test * improves 'Creates and activates a new threshold rule' test * refactor * fixes type check issue * improves assertions * removes unused code * changes variables for constants * improves 'waitForTheRuleToBeExecuted' test * improves readability * fixes jenkins error * refactor * refactor Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com> Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
phillipb
added a commit
to phillipb/kibana
that referenced
this pull request
Sep 29, 2020
…-to-timeline * 'master' of github.com:elastic/kibana: (22 commits) update apm index pattern (elastic#78732) 78024: move transform out of dataset (elastic#78216) [QA][Code Coverage] Upload the coverage static site before ingestion (elastic#78695) [Discover] Make _source field not clickable (elastic#78698) [Fleet] Rename Ingest Manager => Fleet, Fleet => Agents in the UI (elastic#78685) [APM] Review feedback from distribution + transaction metrics (elastic#78752) [Ingest pipelines] Add ability to stop pipeline simulation (elastic#78183) [CSM] Fix core vital legend background (elastic#78273) [Usage Collection] [schema] Support spreads + `canvas` definition (elastic#78481) fix lodash imports (elastic#78456) [Maps] Add layer type preview icons (elastic#78650) [APM] Use transaction metrics for distribution charts (elastic#78484) [Uptime] Ml anomaly alert edit (elastic#76909) [ML] Limit exposing shared static code through ml/public/index.ts. (elastic#77745) making expression debug info serializable (elastic#78727) fix lodahs imports in app-arch code (elastic#78582) Make Field a React.lazy export (elastic#78483) [Security Solution] Improves detections tests (elastic#77295) [TSVB] Different field format on different series is ignored (elastic#78138) RFC: Improve saved object migrations (elastic#66056) ...
MindyRS
added
the
Team: SecuritySolution
|
Pinging @elastic/security-solution (Team: SecuritySolution) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
In this PR we are improving some of the the detections Cypress following tests with the following changes:
For
Creates and activates a new ruletest:For
Creates and activates a new custom rule with override option:For
Creates and activates a new threshold rule:The rule populates alerts
We assert that the rule is generating alerts
We assert that the values of the generated alert are the expected ones
Also in general we are trying to improve the readability.