Skip to content

[Security Solution] Migrate rules management endpoints to OpenAPI and code generation#165091

Merged
xcrzx merged 1 commit intoelastic:mainfrom
xcrzx:zod-migration
Oct 2, 2023
Merged

[Security Solution] Migrate rules management endpoints to OpenAPI and code generation#165091
xcrzx merged 1 commit intoelastic:mainfrom
xcrzx:zod-migration

Conversation

@xcrzx
Copy link
Copy Markdown
Contributor

@xcrzx xcrzx commented Aug 29, 2023
edited
Loading

Part of: https://github.com/elastic/security-team/issues/7491

Summary

Migrated Detection Engine APIs to OpenAPI schema and code generation:

  • PUT /api/detection_engine/rules/prepackaged
  • POST /api/detection_engine/rules/_export
  • POST /api/detection_engine/rules/_import
  • GET /api/detection_engine/tags
  • GET /internal/detection_engine/rules/{ruleId}/execution/results

@xcrzx xcrzx added release_note:skip Skip the PR/issue when compiling release notes Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:Detection Rule Management Security Detection Rule Management Team v8.11.0 labels Aug 29, 2023
@xcrzx xcrzx self-assigned this Aug 29, 2023
@xcrzx xcrzx marked this pull request as ready for review September 26, 2023 13:23
@xcrzx xcrzx requested review from a team as code owners September 26, 2023 13:23
@xcrzx xcrzx requested a review from banderror September 26, 2023 13:23
@elasticmachine
Copy link
Copy Markdown
Contributor

elasticmachine commented Sep 26, 2023

Pinging @elastic/security-detections-response (Team:Detections and Resp)

@elasticmachine
Copy link
Copy Markdown
Contributor

elasticmachine commented Sep 26, 2023

Pinging @elastic/security-solution (Team: SecuritySolution)

@spong spong requested review from spong and removed request for banderror September 27, 2023 14:06
spong
spong reviewed Sep 27, 2023
View reviewed changes
...ns/security_solution/server/lib/detection_engine/rule_management/api/tags/read_tags/route.ts Outdated
Copy link
Copy Markdown
Member

@spong spong Sep 27, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I didn't know about this, thanks! 🙂

spong
spong reviewed Sep 27, 2023
View reviewed changes
.../plugins/security_solution/common/api/detection_engine/model/rule_schema/rule_schemas.gen.ts Outdated
Comment on lines 56 to 57
Copy link
Copy Markdown
Member

@spong spong Sep 27, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Rule Schemas, completely generated. This is beautiful @xcrzx... 🥹

spong
spong approved these changes Sep 27, 2023
View reviewed changes
Copy link
Copy Markdown
Member

@spong spong left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Checked out, code reviewed, and smoke tested the updated endpoints locally. Seeing an error WRT the page/per_page params on the GET /internal/detection_engine/rules/{ruleId}/execution/results route, but other than that everything LGTM! 👍

Will want to get that route fixed before merging, but approving for now. Great work @xcrzx, everything is coming together quite nicely! 🙌 🙂

logeekal
logeekal approved these changes Sep 29, 2023
View reviewed changes
Copy link
Copy Markdown
Contributor

@logeekal logeekal left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Investigation changes look good. LGTM 🚀

dhurley14
dhurley14 approved these changes Sep 29, 2023
View reviewed changes
Copy link
Copy Markdown
Contributor

@dhurley14 dhurley14 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

detection engine area code lgtm

@kibana-ci
Copy link
Copy Markdown

kibana-ci commented Oct 2, 2023

💛 Build succeeded, but was flaky

Failed CI Steps

Test Failures

  • [job] [logs] FTR Configs #28 / core plugins rendering service exposes plugin config settings to authenticated users
  • [job] [logs] Investigations - Security Solution Cypress Tests #1 / Discover State "before each" hook for "should remember filters when navigating away and back to discover " "before each" hook for "should remember filters when navigating away and back to discover "
  • [job] [logs] Security Solution Cypress Tests #9 / Ransomware Detection Alerts Ransomware in Timelines Renders ransomware entries in timelines table Renders ransomware entries in timelines table
  • [job] [logs] FTR Configs #46 / serverless observability UI landing page "after all" hook for "stream log files onboarding"

Metrics [docs]

Module Count

Fewer modules leads to a faster build time

id before after diff
securitySolution 4604 4609 +5

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
securitySolution 13.0MB 13.0MB +10.2KB

History

  • 💔 Build #164445 failed 1a22d7a2fefd89ff45d473eee444658798465493
  • 💔 Build #164307 failed 926af5174f0d49b284c1944670e84298d77b1d3a
  • 💛 Build #163852 was flaky ecb4de3f36f2932b6b347f9ab998f68af152e031
  • 💔 Build #163629 failed c2d913a8b78ac1e37692c7cbf1b6824cf9371c58
  • 💔 Build #162890 failed f17dc8a1da48935cbd9c13d46680504b5b2f8c70

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @xcrzx

@xcrzx xcrzx merged commit 06502b9 into elastic:main Oct 2, 2023
@kibanamachine kibanamachine added the backport:skip This PR does not require backporting label Oct 2, 2023
@xcrzx xcrzx deleted the zod-migration branch October 2, 2023 14:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dhurley14 dhurley14 dhurley14 approved these changes

@spong spong spong approved these changes

@logeekal logeekal logeekal approved these changes

Assignees

@xcrzx xcrzx

Labels

backport:skip This PR does not require backporting release_note:skip Skip the PR/issue when compiling release notes Team:Detection Rule Management Security Detection Rule Management Team Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. v8.11.0

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

7 participants

@xcrzx @elasticmachine @kibana-ci @dhurley14 @spong @logeekal @kibanamachine