b3c334a1d9
* shell scripts for creating roles + users for testing * update readme's and updated privilege requirements based on testing with the users and inferring what the roles are supposed to do * update role privileges based on feedback meeting yesterday * updated scripts to accept filepath to role / user, added a test to ensure upload value list button is disabled * updated role scripts to be parameterized * adds login with role function and adds a sample test with a role to test that a t1 analyst user cannot upload a value list * add object with corresponding roles * fix spacing * parameterize urls for basic auth with roles + users * forgot to change the cy.visit string * add KIBANA_URL env var for cli runner * add env vars for curl script execution * second script * update readme's for each role and remove create_index from lists privilege for the soc manager role * remove 'manage' cluster privilege for rule author * remove 'create_index' privilege from soc_manager role since that is not parity with the security workflows spreadsheet * update the login function logic with glo's feedback * replace SIEM with Security Solution in markdown files * make role param optional not just undefined * remove unused file * add copyright to scripts files * update top-level README for roles scripts * remove reference to internal spreadsheet and reference readme for this pr * remove unnecessary -XPOST and remove verbose mode from post_detections_user script * adds utils for running integration tests with other users and adds two sample tests showing example usage * minor type updates and small refactor * fix x-pack/test types * use enum types instead of custom type * fix path to json Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: Xavier Mouligneau <189600+XavierM@users.noreply.github.com>
88 lines
3.6 KiB
TypeScript
88 lines
3.6 KiB
TypeScript
/*
|
|
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
|
|
* or more contributor license agreements. Licensed under the Elastic License;
|
|
* you may not use this file except in compliance with the Elastic License.
|
|
*/
|
|
|
|
import { resolve } from 'path';
|
|
import Url from 'url';
|
|
|
|
import { withProcRunner } from '@kbn/dev-utils';
|
|
|
|
import { FtrProviderContext } from './ftr_provider_context';
|
|
|
|
export async function SecuritySolutionCypressCliTestRunner({ getService }: FtrProviderContext) {
|
|
const log = getService('log');
|
|
const config = getService('config');
|
|
const esArchiver = getService('esArchiver');
|
|
|
|
await esArchiver.load('empty_kibana');
|
|
await esArchiver.load('auditbeat');
|
|
|
|
await withProcRunner(log, async (procs) => {
|
|
await procs.run('cypress', {
|
|
cmd: 'yarn',
|
|
args: ['cypress:run'],
|
|
cwd: resolve(__dirname, '../../plugins/security_solution'),
|
|
env: {
|
|
FORCE_COLOR: '1',
|
|
// eslint-disable-next-line @typescript-eslint/naming-convention
|
|
CYPRESS_baseUrl: Url.format(config.get('servers.kibana')),
|
|
// eslint-disable-next-line @typescript-eslint/naming-convention
|
|
CYPRESS_protocol: config.get('servers.kibana.protocol'),
|
|
// eslint-disable-next-line @typescript-eslint/naming-convention
|
|
CYPRESS_hostname: config.get('servers.kibana.hostname'),
|
|
// eslint-disable-next-line @typescript-eslint/naming-convention
|
|
CYPRESS_configport: config.get('servers.kibana.port'),
|
|
CYPRESS_ELASTICSEARCH_URL: Url.format(config.get('servers.elasticsearch')),
|
|
CYPRESS_ELASTICSEARCH_USERNAME: config.get('servers.elasticsearch.username'),
|
|
CYPRESS_ELASTICSEARCH_PASSWORD: config.get('servers.elasticsearch.password'),
|
|
CYPRESS_KIBANA_URL: Url.format({
|
|
protocol: config.get('servers.kibana.protocol'),
|
|
hostname: config.get('servers.kibana.hostname'),
|
|
port: config.get('servers.kibana.port'),
|
|
}),
|
|
...process.env,
|
|
},
|
|
wait: true,
|
|
});
|
|
});
|
|
}
|
|
|
|
export async function SecuritySolutionCypressVisualTestRunner({ getService }: FtrProviderContext) {
|
|
const log = getService('log');
|
|
const config = getService('config');
|
|
const esArchiver = getService('esArchiver');
|
|
|
|
await esArchiver.load('empty_kibana');
|
|
await esArchiver.load('auditbeat');
|
|
|
|
await withProcRunner(log, async (procs) => {
|
|
await procs.run('cypress', {
|
|
cmd: 'yarn',
|
|
args: ['cypress:open'],
|
|
cwd: resolve(__dirname, '../../plugins/security_solution'),
|
|
env: {
|
|
FORCE_COLOR: '1',
|
|
// eslint-disable-next-line @typescript-eslint/naming-convention
|
|
CYPRESS_baseUrl: Url.format(config.get('servers.kibana')),
|
|
// eslint-disable-next-line @typescript-eslint/naming-convention
|
|
CYPRESS_protocol: config.get('servers.kibana.protocol'),
|
|
// eslint-disable-next-line @typescript-eslint/naming-convention
|
|
CYPRESS_hostname: config.get('servers.kibana.hostname'),
|
|
// eslint-disable-next-line @typescript-eslint/naming-convention
|
|
CYPRESS_configport: config.get('servers.kibana.port'),
|
|
CYPRESS_ELASTICSEARCH_URL: Url.format(config.get('servers.elasticsearch')),
|
|
CYPRESS_ELASTICSEARCH_USERNAME: config.get('servers.elasticsearch.username'),
|
|
CYPRESS_ELASTICSEARCH_PASSWORD: config.get('servers.elasticsearch.password'),
|
|
CYPRESS_KIBANA_URL: Url.format({
|
|
protocol: config.get('servers.kibana.protocol'),
|
|
hostname: config.get('servers.kibana.hostname'),
|
|
port: config.get('servers.kibana.port'),
|
|
}),
|
|
...process.env,
|
|
},
|
|
wait: true,
|
|
});
|
|
});
|
|
}
|