[8.11] [EDR Workflows] Verify flaky osquery tests (#169749) (#170930)

elastic · Nov 14, 2023 · b8d0002 · b8d0002
1 parent e7b8a0c
commit b8d0002
Show file tree

Hide file tree

Showing 62 changed files with 1,287 additions and 1,197 deletions.
diff --git a/.buildkite/scripts/lifecycle/post_command.sh b/.buildkite/scripts/lifecycle/post_command.sh
@@ -14,6 +14,8 @@ if [[ "$IS_TEST_EXECUTION_STEP" == "true" ]]; then
   buildkite-agent artifact upload 'target/kibana-coverage/functional/**/*'
   buildkite-agent artifact upload 'target/kibana-*'
   buildkite-agent artifact upload 'target/kibana-security-solution/**/*.png'
+  buildkite-agent artifact upload 'target/kibana-osquery/**/*.png'
+  buildkite-agent artifact upload 'target/kibana-osquery/**/*.mp4'
   buildkite-agent artifact upload 'target/kibana-fleet/**/*.png'
   buildkite-agent artifact upload 'target/test-metrics/*'
   buildkite-agent artifact upload 'target/test-suites-ci-plan.json'

diff --git a/x-pack/plugins/osquery/cypress/cypress.config.ts b/x-pack/plugins/osquery/cypress/cypress.config.ts
@@ -11,6 +11,7 @@ import path from 'path';
 import { safeLoad as loadYaml } from 'js-yaml';
 import { readFileSync } from 'fs';
 
+import { getFailedSpecVideos } from './support/filter_videos';
 import type { YamlRoleDefinitions } from '../../../test_serverless/shared/lib';
 import { setupUserDataLoader } from '../../../test_serverless/functional/test_suites/security/cypress/support/setup_data_loader_tasks';
 const ROLES_YAML_FILE_PATH = path.join(
@@ -20,6 +21,11 @@ const ROLES_YAML_FILE_PATH = path.join(
 const roleDefinitions = loadYaml(readFileSync(ROLES_YAML_FILE_PATH, 'utf8')) as YamlRoleDefinitions;
 
 export default defineCypressConfig({
+  reporter: '../../../node_modules/cypress-multi-reporters',
+  reporterOptions: {
+    configFile: './cypress/reporter_config.json',
+  },
+
   defaultCommandTimeout: 60000,
   execTimeout: 120000,
   pageLoadTimeout: 12000,
@@ -31,16 +37,14 @@ export default defineCypressConfig({
 
   screenshotsFolder: '../../../target/kibana-osquery/cypress/screenshots',
   trashAssetsBeforeRuns: false,
-  video: false,
+  video: true,
   videosFolder: '../../../target/kibana-osquery/cypress/videos',
+  videoCompression: 15,
   viewportHeight: 900,
   viewportWidth: 1440,
   experimentalStudio: true,
 
   env: {
-    'cypress-react-selector': {
-      root: '#osquery-app',
-    },
     grepFilterSpecs: true,
     grepTags: '@ess',
     grepOmitFiltered: true,
@@ -54,6 +58,7 @@ export default defineCypressConfig({
     numTestsKeptInMemory: 3,
     setupNodeEvents(on, config) {
       setupUserDataLoader(on, config, { roleDefinitions, additionalRoleName: 'viewer' });
+      on('after:spec', getFailedSpecVideos);
 
       return config;
     },

diff --git a/x-pack/plugins/osquery/cypress/e2e/all/add_integration.cy.ts b/x-pack/plugins/osquery/cypress/e2e/all/add_integration.cy.ts
@@ -5,6 +5,12 @@
  * 2.0.
  */
 
+import {
+  ADD_PACK_HEADER_BUTTON,
+  ADD_QUERY_BUTTON,
+  formFieldInputSelector,
+  TABLE_ROWS,
+} from '../../screens/packs';
 import {
   cleanupPack,
   cleanupAgentPolicy,
@@ -28,7 +34,7 @@ import {
   interceptAgentPolicyId,
   policyContainsIntegration,
 } from '../../tasks/integrations';
-import { findAndClickButton, findFormFieldByRowsLabelAndType } from '../../tasks/live_query';
+import { ServerlessRoleName } from '../../support/roles';
 
 describe('ALL - Add Integration', { tags: ['@ess', '@serverless'] }, () => {
   let savedQueryId: string;
@@ -40,7 +46,7 @@ describe('ALL - Add Integration', { tags: ['@ess', '@serverless'] }, () => {
   });
 
   beforeEach(() => {
-    cy.login('elastic');
+    cy.login(ServerlessRoleName.PLATFORM_ENGINEER);
   });
 
   after(() => {
@@ -118,12 +124,13 @@ describe('ALL - Add Integration', { tags: ['@ess', '@serverless'] }, () => {
       cy.getBySel('epmList.searchBar').type('osquery');
       cy.getBySel('integration-card:epr:osquery_manager').click();
       cy.getBySel('addIntegrationPolicyButton').click();
+      cy.getBySel('globalLoadingIndicator').should('not.exist');
+
       cy.getBySel('agentPolicySelect').within(() => {
         cy.contains(policyName);
       });
-      cy.getBySel('packagePolicyNameInput')
-        .wait(500)
-        .type(`{selectall}{backspace}${integrationName}`);
+      cy.getBySel('packagePolicyNameInput').clear().wait(500);
+      cy.getBySel('packagePolicyNameInput').type(`${integrationName}`);
       cy.getBySel(CREATE_PACKAGE_POLICY_SAVE_BTN).click();
       cy.getBySel('confirmModalCancelButton').click();
       cy.get(`[title="${integrationName}"]`).should('exist');
@@ -170,13 +177,11 @@ describe('ALL - Add Integration', { tags: ['@ess', '@serverless'] }, () => {
       cy.getBySel('euiFlyoutCloseButton').click();
 
       navigateTo('app/osquery/packs');
-      findAndClickButton('Add pack');
-      findFormFieldByRowsLabelAndType('Name', packName);
-      findFormFieldByRowsLabelAndType(
-        'Scheduled agent policies (optional)',
-        `${policyName} {downArrow}{enter}{esc}`
-      );
-      findAndClickButton('Add query');
+      cy.getBySel(ADD_PACK_HEADER_BUTTON).click();
+      cy.get(formFieldInputSelector('name')).type(`${packName}{downArrow}{enter}`);
+      cy.getBySel('policyIdsComboBox').type(`${policyName} {downArrow}{enter}`);
+
+      cy.getBySel(ADD_QUERY_BUTTON).click();
       cy.getBySel('savedQuerySelect').click().type('{downArrow}{enter}');
       cy.contains(/^Save$/).click();
       cy.contains(/^Save pack$/).click();
@@ -202,7 +207,7 @@ describe('ALL - Add Integration', { tags: ['@ess', '@serverless'] }, () => {
 
       // test list of prebuilt queries
       navigateTo('/app/osquery/saved_queries');
-      cy.react('EuiTableRow').should('have.length.above', 5);
+      cy.get(TABLE_ROWS).should('have.length.above', 5);
     });
   });
 });
diff --git a/x-pack/plugins/osquery/cypress/e2e/all/alerts_automated_action_results.cy.ts b/x-pack/plugins/osquery/cypress/e2e/all/alerts_automated_action_results.cy.ts
@@ -5,115 +5,114 @@
  * 2.0.
  */
 
+import { initializeDataViews } from '../../tasks/login';
 import { cleanupRule, loadRule } from '../../tasks/api_fixtures';
 import { checkActionItemsInResults, loadRuleAlerts } from '../../tasks/live_query';
 
 const UUID_REGEX = '[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[0-9A-Fa-f]{4}-[0-9A-Fa-f]{4}-[0-9A-Fa-f]{12}';
 
-describe(
-  'Alert Flyout Automated Action Results',
-  {
-    tags: ['@ess', '@serverless'],
-  },
-  () => {
-    let ruleId: string;
+describe('Alert Flyout Automated Action Results', () => {
+  let ruleId: string;
 
-    beforeEach(() => {
-      loadRule(true).then((data) => {
-        ruleId = data.id;
-        loadRuleAlerts(data.name);
-      });
-    });
+  before(() => {
+    initializeDataViews();
+  });
 
-    afterEach(() => {
-      cleanupRule(ruleId);
+  beforeEach(() => {
+    loadRule(true).then((data) => {
+      ruleId = data.id;
+      loadRuleAlerts(data.name);
     });
+  });
 
-    it('can visit discover from response action results', () => {
-      const discoverRegex = new RegExp(`action_id: ${UUID_REGEX}`);
-      cy.getBySel('expand-event').first().click();
-      cy.getBySel('securitySolutionFlyoutResponseSectionHeader').click();
-      cy.getBySel('securitySolutionFlyoutResponseButton').click();
-      cy.getBySel('responseActionsViewWrapper').should('exist');
-      checkActionItemsInResults({
-        lens: true,
-        discover: true,
-        cases: true,
-        timeline: true,
-      });
-      cy.contains('View in Discover')
-        .should('exist')
-        .should('have.attr', 'href')
-        .then(($href) => {
-          // @ts-expect-error-next-line href string - check types
-          cy.visit($href);
-          cy.getBySel('discoverDocTable', { timeout: 60000 }).within(() => {
-            cy.contains('action_data{ "query":');
-          });
-          cy.contains(discoverRegex);
-        });
-    });
+  afterEach(() => {
+    cleanupRule(ruleId);
+  });
 
-    it('can visit lens from response action results', () => {
-      const lensRegex = new RegExp(`Action ${UUID_REGEX} results`);
-      cy.getBySel('expand-event').first().click();
-      cy.getBySel('securitySolutionFlyoutResponseSectionHeader').click();
-      cy.getBySel('securitySolutionFlyoutResponseButton').click();
-      cy.getBySel('responseActionsViewWrapper').should('exist');
-      checkActionItemsInResults({
-        lens: true,
-        discover: true,
-        cases: true,
-        timeline: true,
-      });
-      cy.getBySel('osquery-results-comment')
-        .first()
-        .within(() => {
-          let lensUrl = '';
-          cy.window().then((win) => {
-            cy.stub(win, 'open')
-              .as('windowOpen')
-              .callsFake((url) => {
-                lensUrl = url;
-              });
-          });
-          cy.get(`[aria-label="View in Lens"]`).click();
-          cy.window()
-            .its('open')
-            .then(() => {
-              cy.visit(lensUrl);
-            });
-        });
-      cy.getBySel('lnsWorkspace').should('exist');
-      cy.getBySel('breadcrumbs').contains(lensRegex);
+  it('can visit discover from response action results', { tags: ['@ess'] }, () => {
+    const discoverRegex = new RegExp(`action_id: ${UUID_REGEX}`);
+    cy.getBySel('expand-event').first().click();
+    cy.getBySel('securitySolutionFlyoutResponseSectionHeader').click();
+    cy.getBySel('securitySolutionFlyoutResponseButton').click();
+    cy.getBySel('responseActionsViewWrapper').should('exist');
+    checkActionItemsInResults({
+      lens: true,
+      discover: true,
+      cases: true,
+      timeline: true,
     });
-
-    it('can add to timeline from response action results', () => {
-      const timelineRegex = new RegExp(`Added ${UUID_REGEX} to timeline`);
-      const filterRegex = new RegExp(`action_id: "${UUID_REGEX}"`);
-      cy.getBySel('expand-event').first().click();
-      cy.getBySel('securitySolutionFlyoutResponseSectionHeader').click();
-      cy.getBySel('securitySolutionFlyoutResponseButton').click();
-      cy.getBySel('responseActionsViewWrapper').should('exist');
-      checkActionItemsInResults({
-        lens: true,
-        discover: true,
-        cases: true,
-        timeline: true,
+    cy.contains('View in Discover')
+      .should('exist')
+      .should('have.attr', 'href')
+      .then(($href) => {
+        // @ts-expect-error-next-line href string - check types
+        cy.visit($href);
+        cy.getBySel('discoverDocTable', { timeout: 60000 }).within(() => {
+          cy.contains('action_data{ "query":');
+        });
+        cy.contains(discoverRegex);
       });
-      cy.getBySel('osquery-results-comment')
-        .first()
-        .within(() => {
-          cy.get('.euiTableRow')
-            .first()
-            .within(() => {
-              cy.getBySel('add-to-timeline').click();
+  });
+
+  it('can visit lens from response action results', { tags: ['@ess'] }, () => {
+    const lensRegex = new RegExp(`Action ${UUID_REGEX} results`);
+    cy.getBySel('expand-event').first().click();
+    cy.getBySel('securitySolutionFlyoutResponseSectionHeader').click();
+    cy.getBySel('securitySolutionFlyoutResponseButton').click();
+    cy.getBySel('responseActionsViewWrapper').should('exist');
+    checkActionItemsInResults({
+      lens: true,
+      discover: true,
+      cases: true,
+      timeline: true,
+    });
+    cy.getBySel('osquery-results-comment')
+      .first()
+      .within(() => {
+        let lensUrl = '';
+        cy.window().then((win) => {
+          cy.stub(win, 'open')
+            .as('windowOpen')
+            .callsFake((url) => {
+              lensUrl = url;
             });
         });
-      cy.contains(timelineRegex);
-      cy.getBySel('securitySolutionFlyoutHeaderCollapseDetailButton').click();
-      cy.getBySel('flyoutBottomBar').contains('Untitled timeline').click();
-      cy.contains(filterRegex);
+        cy.get(`[aria-label="View in Lens"]`).click();
+        cy.window()
+          .its('open')
+          .then(() => {
+            cy.visit(lensUrl);
+          });
+      });
+    cy.getBySel('lnsWorkspace').should('exist');
+    cy.getBySel('breadcrumbs').contains(lensRegex);
+  });
+
+  it('can add to timeline from response action results', { tags: ['@ess', '@serverless'] }, () => {
+    const timelineRegex = new RegExp(`Added ${UUID_REGEX} to timeline`);
+    const filterRegex = new RegExp(`action_id: "${UUID_REGEX}"`);
+    cy.getBySel('expand-event').first().click();
+    cy.getBySel('securitySolutionFlyoutResponseSectionHeader').click();
+    cy.getBySel('securitySolutionFlyoutResponseButton').click();
+    cy.getBySel('responseActionsViewWrapper').should('exist');
+    checkActionItemsInResults({
+      lens: true,
+      discover: true,
+      cases: true,
+      timeline: true,
     });
-  }
-);
+    cy.getBySel('osquery-results-comment')
+      .first()
+      .within(() => {
+        cy.get('.euiTableRow')
+          .first()
+          .within(() => {
+            cy.getBySel('add-to-timeline').click();
+          });
+      });
+    cy.contains(timelineRegex);
+    cy.getBySel('securitySolutionFlyoutHeaderCollapseDetailButton').click();
+    cy.getBySel('flyoutBottomBar').contains('Untitled timeline').click();
+    cy.contains(filterRegex);
+  });
+});
diff --git a/x-pack/plugins/osquery/cypress/e2e/all/alerts_cases.cy.ts b/x-pack/plugins/osquery/cypress/e2e/all/alerts_cases.cy.ts
@@ -5,6 +5,7 @@
  * 2.0.
  */
 
+import { initializeDataViews } from '../../tasks/login';
 import { OSQUERY_FLYOUT_BODY_EDITOR } from '../../screens/live_query';
 import {
   cleanupCase,
@@ -29,6 +30,9 @@ describe('Alert Event Details - Cases', { tags: ['@ess', '@serverless'] }, () =>
   let packId: string;
   let packName: string;
   const packData = packFixture();
+  before(() => {
+    initializeDataViews();
+  });
 
   beforeEach(() => {
     loadPack(packData).then((data) => {