Skip to content

[Security Solution] Integration tests for data_source field diff algorithm#189744

Merged
dplumlee merged 8 commits intoelastic:mainfrom
dplumlee:data-source-field-diff-integration-tests
Aug 9, 2024
Merged

[Security Solution] Integration tests for data_source field diff algorithm#189744
dplumlee merged 8 commits intoelastic:mainfrom
dplumlee:data-source-field-diff-integration-tests

Conversation

@dplumlee
Copy link
Copy Markdown
Contributor

@dplumlee dplumlee commented Aug 1, 2024
edited
Loading

Summary

Completes #187659

Switches data_source fields to use the implemented diff algorithm assigned to them in #188874

Adds integration tests in accordance to #189669 for the upgrade/_review API endpoint for the data_source field diff algorithm.

Checklist

Delete any items that are not applicable to this PR.

For maintainers

@dplumlee dplumlee added test release_note:skip Skip the PR/issue when compiling release notes Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:Detection Rule Management Security Detection Rule Management Team Feature:Prebuilt Detection Rules Security Solution Prebuilt Detection Rules area v8.16.0 labels Aug 1, 2024
@dplumlee dplumlee self-assigned this Aug 1, 2024
@dplumlee dplumlee requested a review from a team as a code owner August 1, 2024 18:23
@dplumlee dplumlee requested a review from maximpn August 1, 2024 18:23
@elasticmachine
Copy link
Copy Markdown
Contributor

elasticmachine commented Aug 1, 2024

Pinging @elastic/security-detections-response (Team:Detections and Resp)

@elasticmachine
Copy link
Copy Markdown
Contributor

elasticmachine commented Aug 1, 2024

Pinging @elastic/security-solution (Team: SecuritySolution)

@elasticmachine
Copy link
Copy Markdown
Contributor

elasticmachine commented Aug 1, 2024

Pinging @elastic/security-detection-rule-management (Team:Detection Rule Management)

@dplumlee dplumlee requested review from jpdjere and removed request for maximpn August 1, 2024 18:23
@dplumlee dplumlee mentioned this pull request Aug 1, 2024
Closed
8 tasks
@kibanamachine
Copy link
Copy Markdown
Contributor

kibanamachine commented Aug 1, 2024

Flaky Test Runner Stats

🎉 All tests passed! - kibana-flaky-test-suite-runner#6670

[✅] x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/management/trial_license_complete_tier/configs/ess.config.ts: 100/100 tests passed.
[✅] x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/management/trial_license_complete_tier/configs/serverless.config.ts: 100/100 tests passed.

see run history

@dplumlee dplumlee requested a review from jpdjere August 7, 2024 18:42
@jpdjere
Copy link
Copy Markdown
Contributor

jpdjere commented Aug 8, 2024
edited
Loading

@dplumlee

I'm OK with leaving data_source as optional in the diffable rules, but then let's do the following:

  1. Add a JSDoc to the dataSourceDiffAlgorithm function explaining why the type of its version parameter is ThreeVersionsOf<RuleDataSource | undefined> instead of ThreeVersionsOf<RuleDataSource>. This will otherwise lead to confusion in the future. Let's just clearly explain that Data Source can either be an index pattern, or a data view id, or neither, and that's why the versions are optionally undefined.
  2. Add both some unit and integrations tests for the scenario in which the current version of the rule is undefined. Almost 100% sure that it doesn't make sense to test cases in which base or target versions are undefined, since the TRADE team won't distribute rules with no data source. But let's do add some tests for current being undefined in the different scenarios where possible: ABA, ABC, -AB

jpdjere
jpdjere approved these changes Aug 9, 2024
View reviewed changes
Copy link
Copy Markdown
Contributor

@jpdjere jpdjere left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for addressing all comments. LGTM ✅

@dplumlee dplumlee enabled auto-merge (squash) August 9, 2024 17:11
@kibana-ci
Copy link
Copy Markdown

kibana-ci commented Aug 9, 2024

💛 Build succeeded, but was flaky

Failed CI Steps

Metrics [docs]

✅ unchanged

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @dplumlee

@dplumlee dplumlee merged commit b1a2922 into elastic:main Aug 9, 2024
@kibanamachine kibanamachine added the backport:skip This PR does not require backporting label Aug 9, 2024
@dplumlee dplumlee deleted the data-source-field-diff-integration-tests branch August 9, 2024 20:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@e40pud e40pud e40pud left review comments

@banderror banderror banderror left review comments

+1 more reviewer

@jpdjere jpdjere jpdjere approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@dplumlee dplumlee

Labels

backport:skip This PR does not require backporting Feature:Prebuilt Detection Rules Security Solution Prebuilt Detection Rules area release_note:skip Skip the PR/issue when compiling release notes Team:Detection Rule Management Security Detection Rule Management Team Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. test v8.16.0

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

7 participants

@dplumlee @elasticmachine @kibanamachine @jpdjere @kibana-ci @e40pud @banderror