e5944a3646
## Summary We have a few bugs where when the source index for detections is not `"strict_date_optional_time"` it is possible that we will misinterpret the format to be epoch milliseconds when it could be epoch seconds or another ambiguous format or blow up when trying to write out the signals index. This fixes it to where we query for the source index format as an ISO8601 and when we copy the date time format we copy it back out as ISO8601 and insert it into the signal index as ISO8601. See this [gist](https://gist.github.com/FrankHassanabad/f614ec9762d59cd1129b3269f5bae41c) for more details of how this was accidentally introduced when we added support for runtime fields and the general idea of the fix. * Removes `docvalue_field` and we now only use `fields` in detection engine search requests * Splits out the timestamp e2e tests into their own file for `timestamps` file * Adds more tests to ensure we copy what we expect and we are converting to ISO8601 in the signals * Removes `ts-expect-error` in a lot of areas including tests and then I fix the types and issues once it is removed. ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios |
||
|---|---|---|
| .. | ||
| .storybook | ||
| common | ||
| cypress | ||
| public | ||
| scripts | ||
| server | ||
| jest.config.js | ||
| kibana.json | ||
| package.json | ||
| README.md | ||
| tsconfig.json | ||
Security Solution
Welcome to the Kibana Security Solution plugin! This README will go over getting started with development and testing.
Development
Tests
The endpoint specific tests leverage the ingest manager to install the endpoint package. Before the api integration and functional tests are run the ingest manager is initialized. This initialization process includes reaching out to a package registry service to install the endpoint package. The endpoint tests support three different ways to run the tests given the constraint on an available package registry.
- Using Docker
- Running your own local package registry
- Using the default external package registry
These scenarios will be outlined the sections below.
Endpoint API Integration Tests Location
The endpoint api integration tests are located here
Endpoint Functional Tests Location
The endpoint functional tests are located here
Using Docker
To run the tests using the recommended docker image version you must have docker installed. The testing infrastructure
will stand up a docker container using the image defined here
Make sure you're in the Kibana root directory.
Endpoint API Integration Tests
In one terminal, run:
FLEET_PACKAGE_REGISTRY_PORT=12345 yarn test:ftr:server --config x-pack/test/security_solution_endpoint_api_int/config.ts
In another terminal, run:
FLEET_PACKAGE_REGISTRY_PORT=12345 yarn test:ftr:runner --config x-pack/test/security_solution_endpoint_api_int/config.ts
Endpoint Functional Tests
In one terminal, run:
FLEET_PACKAGE_REGISTRY_PORT=12345 yarn test:ftr:server --config x-pack/test/security_solution_endpoint/config.ts
In another terminal, run:
FLEET_PACKAGE_REGISTRY_PORT=12345 yarn test:ftr:runner --config x-pack/test/security_solution_endpoint/config.ts
Running your own package registry
If you are doing endpoint package development it will be useful to run your own package registry to serve the latest package you're building. To do this use the following commands:
Make sure you're in the Kibana root directory.
Endpoint API Integration Tests
In one terminal, run:
PACKAGE_REGISTRY_URL_OVERRIDE=<url to your package registry like http://localhost:8080> yarn test:ftr:server --config x-pack/test/security_solution_endpoint_api_int/config.ts
In another terminal, run:
PACKAGE_REGISTRY_URL_OVERRIDE=<url to your package registry like http://localhost:8080> yarn test:ftr:runner --config x-pack/test/security_solution_endpoint_api_int/config.ts
Endpoint Functional Tests
In one terminal, run:
PACKAGE_REGISTRY_URL_OVERRIDE=<url to your package registry like http://localhost:8080> yarn test:ftr:server --config x-pack/test/security_solution_endpoint/config.ts
In another terminal, run:
PACKAGE_REGISTRY_URL_OVERRIDE=<url to your package registry like http://localhost:8080> yarn test:ftr:runner --config x-pack/test/security_solution_endpoint/config.ts
Using the default public registry
If you don't have docker installed and don't want to run your own registry, you can run the tests using the ingest manager's default public package registry. The actual package registry used is here
Make sure you're in the Kibana root directory.
Endpoint API Integration Tests
In one terminal, run:
yarn test:ftr:server --config x-pack/test/security_solution_endpoint_api_int/config.ts
In another terminal, run:
yarn test:ftr:runner --config x-pack/test/security_solution_endpoint_api_int/config.ts
Endpoint Functional Tests
In one terminal, run:
yarn test:ftr:server --config x-pack/test/security_solution_endpoint/config.ts
In another terminal, run:
yarn test:ftr:runner --config x-pack/test/security_solution_endpoint/config.ts