[7.x] [Endpoint] Adding Endpoint to 7.x (#57867)

* Add Endpoint plugin and Resolver embeddable (#51994)

* Add functional tests for plugins to x-pack (so we can do a functional test of the Resolver embeddable)
* Add Endpoint plugin
* Add Resolver embeddable
* Test that Resolver embeddable can be rendered

 Conflicts:
	x-pack/.i18nrc.json
	x-pack/test/api_integration/apis/index.js

* [Endpoint] Register endpoint app (#53527)

* register app, create functional test

* formatting

* update tests

* adjust test data for endpoint

* add endpoint tests for testing spaces, app enabled, disabled, etc

* linting

* add read privileges to endpoint

* rename variable since its used now

* remove deprecated context

* remove unused variable

* fix type check

* correct test suite message

Co-Authored-By: Larry Gregory <[email protected]>

Co-authored-by: Elastic Machine <[email protected]>
Co-authored-by: Larry Gregory <[email protected]>

* [Endpoint] add react router to endpoint app (#53808)

* add react router to endpoint app

* linting

* linting

* linting

* correct tests

* change history from hash to browser, add new test util

* remove default values in helper functions

* fix type check, use FunctionComponent as oppsed to FC

* use BrowserRouter component

* use BrowserRouter component lin

* add comments to test framework, change function name to include browserHistory

Co-authored-by: Elastic Machine <[email protected]>

* EMT-issue-65: add endpoint list api (#53861)

add endpoint list api

* EMT-65:always return accurate endpoint count (#54423)

EMT-65:always return accurate endpoint count, independent of paging properties

* Resolver component w/ sample data (#53619)

Resolver is a map. It shows processes that ran on a computer. The processes are drawn as nodes and lines connect processes with their parents.

Resolver is not yet implemented in Kibana. This PR adds a 'map' type UX. The user can click and drag to pan the map and zoom using trackpad pinching (or ctrl and mousewheel.)

There is no code providing actual data. Sample data is included. The sample data is used to draw a map. The fundamental info needed is:

process names
the parent of a process
With this info we can topologically lay out the processes. The sample data isn't yet in a realistic format. We'll be fixing that soon.

Related issue: elastic/endpoint-app-team#30

* Resolver test plugin not using mount context. (#54933)

Mount context was deprecated. Use core.getStartServices() instead.

* Resolver nonlinear zoom (#54936)

* [Endpoint] add Redux saga Middleware and app Store (#53906)

* Added saga library
* Initialize endpoint app redux store

* Resolver is overflow: hidden to prevent obscured elements from showing up (#55076)

* [Endpoint] Fix saga to start only after store is created and stopped on app unmount (#55245)

- added `stop()`/`start()` methods to the Saga Middleware creator factory
- adjust tests based on changes
- changed application `renderApp` to stop sagas when react app is unmounted

* Resolver zoom, pan, and center controls (#55221)

* Resolver zoom, pan, and center controls

* add tests, fix north panning

* fix type issue

* update west and east panning to behave like google maps

* [Endpoint] FIX: Increase tests `sleep` default duration back to 100ms (#55492)

Revert `sleep()` default duration, in the saga tests, back to 100ms in order to prevent intermittent failures during CI runs.

Fixes #55464
Fixes #55465

* [Endpoint] EMT-65: make endpoint data types common, restructure (#54772)

[Endpoint] EMT-65: make endpoint data types common, use schema changes

* Basic Functionality Alert List (#55800)

* sets up initial grid and data type

* data feeds in from backend but doesnt update

* sample data feeding in correctly

* Fix combineReducers issue by importing Redux type from 'redux' package

* Add usePageId hook that fires action when user navigates to page

* Strict typing for middleware

* addresses comments and uses better types

* move types to common/types.ts

* Move types to endpoint/types.ts, address PR comments

blah 2

Co-authored-by: Pedro Jaramillo <[email protected]>

* [Endpoint] Add Endpoint Details route (#55746)

* Add Endpoint Details route

* add Endpoint Details tests

* sacrifices to the Type gods

* update to latest endpoint schema

Co-authored-by: Elastic Machine <[email protected]>

* [Endpoint] EMT-67: add kql support for endpoint list (#56328)

[Endpoint] EMT-67: add kql support for endpoint list

* [Endpoint] ERT-82 ERT-83 ERT-84: Alert list API with pagination (#56538)

* ERT-82 ERT-83 ERT-84 (partial): Add Alert List API with pagination

* Better type safety for alert list API

* Add Test to Verify Endpoint App Landing Page (#57129)

 Conflicts:
	x-pack/test/functional/page_objects/index.ts

* fixes render bug in alert list (#57152)

Co-authored-by: Elastic Machine <[email protected]>

* Resolver: Animate camera, add sidebar (#55590)

This PR adds a sidebar navigation. clicking the icons in the nav will focus the camera on the different nodes. There is an animation effect when the camera moves.

 Conflicts:
	yarn.lock

* [Endpoint] Task/basic endpoint list (#55623)

* Adds host management list to endpoint security plugin

Co-authored-by: Elastic Machine <[email protected]>

* [Endpoint] Policy List UI route and initial view (#56918)

* Initial Policy List view

* Add `endpoint/policy` route and displays Policy List
* test cases (both unit and functional)

Does not yet interact with API (Ingest).

* Add ApplicationService app status management (#50223)

This was already backported, but changes to endpoint app could not be
backported, since endpoint app itself hadn't been backported. Now that
the endpoint app is backported, reapply the endpoint specific changes
from the original commit.

* Implements `getStartServices` on server-side (#55156)

This was already backported, but changes to endpoint app could not be
backported, since endpoint app itself hadn't been backported. Now that
the endpoint app is backported, reapply the endpoint specific changes
from the original commit.

* [ui/utils/query_string]: Remove unused methods & migrate apps to querystring lib (#56957)

This was already backported, but changes to endpoint app could not be
backported, since endpoint app itself hadn't been backported. Now that
the endpoint app is backported, reapply the endpoint specific changes
from the original commit.

Co-authored-by: Kevin Logan <[email protected]>
Co-authored-by: Elastic Machine <[email protected]>
Co-authored-by: Larry Gregory <[email protected]>
Co-authored-by: nnamdifrankie <[email protected]>
Co-authored-by: Davis Plumlee <[email protected]>
Co-authored-by: Paul Tavares <[email protected]>
Co-authored-by: Pedro Jaramillo <[email protected]>
Co-authored-by: Dan Panzarella <[email protected]>
Co-authored-by: Madison Caldwell <[email protected]>
Co-authored-by: Charlie Pichette <[email protected]>
Co-authored-by: Candace Park <[email protected]>
Co-authored-by: Pierre Gayvallet <[email protected]>
Co-authored-by: Alexey Antonov <[email protected]>

Author: 14 people

test/functional/page_objects/common_page.ts

@@ -39,6 +39,14 @@ export function CommonPageProvider({ getService, getPageObjects }: FtrProviderCo
   const defaultTryTimeout = config.get('timeouts.try');
   const defaultFindTimeout = config.get('timeouts.find');
 
+  interface NavigateProps {
+    appConfig: {};
+    ensureCurrentUrl: boolean;
+    shouldLoginIfPrompted: boolean;
+    shouldAcceptAlert: boolean;
+    useActualUrl: boolean;
+  }
+
   class CommonPage {
     /**
      * Navigates the browser window to provided URL
@@ -115,6 +123,34 @@ export function CommonPageProvider({ getService, getPageObjects }: FtrProviderCo
       return currentUrl;
     }
 
+    private async navigate(navigateProps: NavigateProps) {
+      const {
+        appConfig,
+        ensureCurrentUrl,
+        shouldLoginIfPrompted,
+        shouldAcceptAlert,
+        useActualUrl,
+      } = navigateProps;
+      const appUrl = getUrl.noAuth(config.get('servers.kibana'), appConfig);
+
+      await retry.try(async () => {
+        if (useActualUrl) {
+          log.debug(`navigateToActualUrl ${appUrl}`);
+          await browser.get(appUrl);
+        } else {
+          await CommonPage.navigateToUrlAndHandleAlert(appUrl, shouldAcceptAlert);
+        }
+
+        const currentUrl = shouldLoginIfPrompted
+          ? await this.loginIfPrompted(appUrl)
+          : await browser.getCurrentUrl();
+
+        if (ensureCurrentUrl && !currentUrl.includes(appUrl)) {
+          throw new Error(`expected ${currentUrl}.includes(${appUrl})`);
+        }
+      });
+    }
+
     /**
      * Navigates browser using the pathname from the appConfig and subUrl as the hash
      * @param appName As defined in the apps config, e.g. 'home'
@@ -137,23 +173,44 @@ export function CommonPageProvider({ getService, getPageObjects }: FtrProviderCo
         hash: useActualUrl ? subUrl : `/${appName}/${subUrl}`,
       };
 
-      const appUrl = getUrl.noAuth(config.get('servers.kibana'), appConfig);
-
-      await retry.try(async () => {
-        if (useActualUrl) {
-          log.debug(`navigateToActualUrl ${appUrl}`);
-          await browser.get(appUrl);
-        } else {
-          await CommonPage.navigateToUrlAndHandleAlert(appUrl, shouldAcceptAlert);
-        }
+      await this.navigate({
+        appConfig,
+        ensureCurrentUrl,
+        shouldLoginIfPrompted,
+        shouldAcceptAlert,
+        useActualUrl,
+      });
+    }
 
-        const currentUrl = shouldLoginIfPrompted
-          ? await this.loginIfPrompted(appUrl)
-          : await browser.getCurrentUrl();
+    /**
+     * Navigates browser using the pathname from the appConfig and subUrl as the extended path.
+     * This was added to be able to test an application that uses browser history over hash history.
+     * @param appName As defined in the apps config, e.g. 'home'
+     * @param subUrl The route after the appUrl, e.g. 'tutorial_directory/sampleData'
+     * @param args additional arguments
+     */
+    public async navigateToUrlWithBrowserHistory(
+      appName: string,
+      subUrl?: string,
+      {
+        basePath = '',
+        ensureCurrentUrl = true,
+        shouldLoginIfPrompted = true,
+        shouldAcceptAlert = true,
+        useActualUrl = true,
+      } = {}
+    ) {
+      const appConfig = {
+        // subUrl following the basePath, assumes no hashes.  Ex: 'app/endpoint/management'
+        pathname: `${basePath}${config.get(['apps', appName]).pathname}${subUrl}`,
+      };
 
-        if (ensureCurrentUrl && !currentUrl.includes(appUrl)) {
-          throw new Error(`expected ${currentUrl}.includes(${appUrl})`);
-        }
+      await this.navigate({
+        appConfig,
+        ensureCurrentUrl,
+        shouldLoginIfPrompted,
+        shouldAcceptAlert,
+        useActualUrl,
       });
     }
 

x-pack/.i18nrc.json

@@ -39,7 +39,8 @@
     "xpack.transform": "legacy/plugins/transform",
     "xpack.upgradeAssistant": "legacy/plugins/upgrade_assistant",
     "xpack.uptime": "legacy/plugins/uptime",
-    "xpack.watcher": "plugins/watcher"
+    "xpack.watcher": "plugins/watcher",
+    "xpack.endpoint": "plugins/endpoint"
   },
   "translations": [
     "plugins/translations/translations/zh-CN.json",

x-pack/plugins/endpoint/common/types.ts

@@ -0,0 +1,121 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+/**
+ * A deep readonly type that will make all children of a given object readonly recursively
+ */
+export type Immutable<T> = T extends undefined | null | boolean | string | number
+  ? T
+  : T extends Array<infer U>
+  ? ImmutableArray<U>
+  : T extends Map<infer K, infer V>
+  ? ImmutableMap<K, V>
+  : T extends Set<infer M>
+  ? ImmutableSet<M>
+  : ImmutableObject<T>;
+
+export type ImmutableArray<T> = ReadonlyArray<Immutable<T>>;
+export type ImmutableMap<K, V> = ReadonlyMap<Immutable<K>, Immutable<V>>;
+export type ImmutableSet<T> = ReadonlySet<Immutable<T>>;
+export type ImmutableObject<T> = { readonly [K in keyof T]: Immutable<T[K]> };
+
+export class EndpointAppConstants {
+  static ALERT_INDEX_NAME = 'my-index';
+  static ENDPOINT_INDEX_NAME = 'endpoint-agent*';
+}
+
+export interface AlertResultList {
+  /**
+   * The alerts restricted by page size.
+   */
+  alerts: AlertData[];
+
+  /**
+   * The total number of alerts on the page.
+   */
+  total: number;
+
+  /**
+   * The size of the requested page.
+   */
+  request_page_size: number;
+
+  /**
+   * The index of the requested page, starting at 0.
+   */
+  request_page_index: number;
+
+  /**
+   * The offset of the requested page, starting at 0.
+   */
+  result_from_index: number;
+}
+
+export interface EndpointResultList {
+  /* the endpoints restricted by the page size */
+  endpoints: EndpointMetadata[];
+  /* the total number of unique endpoints in the index */
+  total: number;
+  /* the page size requested */
+  request_page_size: number;
+  /* the page index requested */
+  request_page_index: number;
+}
+
+export interface AlertData {
+  '@timestamp': Date;
+  agent: {
+    id: string;
+    version: string;
+  };
+  event: {
+    action: string;
+  };
+  file_classification: {
+    malware_classification: {
+      score: number;
+    };
+  };
+  host: {
+    hostname: string;
+    ip: string;
+    os: {
+      name: string;
+    };
+  };
+  thread: {};
+}
+
+export interface EndpointMetadata {
+  event: {
+    created: Date;
+  };
+  endpoint: {
+    policy: {
+      id: string;
+    };
+  };
+  agent: {
+    version: string;
+    id: string;
+  };
+  host: {
+    id: string;
+    hostname: string;
+    ip: string[];
+    mac: string[];
+    os: {
+      name: string;
+      full: string;
+      version: string;
+    };
+  };
+}
+
+/**
+ * The PageId type is used for the payload when firing userNavigatedToPage actions
+ */
+export type PageId = 'alertsPage' | 'managementPage' | 'policyListPage';

x-pack/plugins/endpoint/kibana.json

@@ -0,0 +1,9 @@
+{
+  "id": "endpoint",
+  "version": "1.0.0",
+  "kibanaVersion": "kibana",
+  "configPath": ["xpack", "endpoint"],
+  "requiredPlugins": ["features", "embeddable"],
+  "server": true,
+  "ui": true
+}

x-pack/plugins/endpoint/package.json

@@ -0,0 +1,15 @@
+{
+  "author": "Elastic",
+  "name": "endpoint",
+  "version": "0.0.0",
+  "private": true,
+  "license": "Elastic-License",
+  "scripts": {},
+  "dependencies": {
+    "react-redux": "^7.1.0"
+  },
+  "devDependencies": {
+    "@types/react-redux": "^7.1.0",
+    "redux-devtools-extension": "^2.13.8"
+  }
+}

x-pack/plugins/endpoint/public/applications/endpoint/components/truncate_text.ts

@@ -0,0 +1,13 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+import styled from 'styled-components';
+
+export const TruncateText = styled.div`
+  overflow: hidden;
+  white-space: nowrap;
+  text-overflow: ellipsis;
+`;

x-pack/plugins/endpoint/public/applications/endpoint/index.tsx

@@ -0,0 +1,65 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+import * as React from 'react';
+import ReactDOM from 'react-dom';
+import { CoreStart, AppMountParameters } from 'kibana/public';
+import { I18nProvider, FormattedMessage } from '@kbn/i18n/react';
+import { Route, BrowserRouter, Switch } from 'react-router-dom';
+import { Provider } from 'react-redux';
+import { Store } from 'redux';
+import { appStoreFactory } from './store';
+import { AlertIndex } from './view/alerts';
+import { ManagementList } from './view/managing';
+import { PolicyList } from './view/policy';
+
+/**
+ * This module will be loaded asynchronously to reduce the bundle size of your plugin's main bundle.
+ */
+export function renderApp(coreStart: CoreStart, { appBasePath, element }: AppMountParameters) {
+  coreStart.http.get('/api/endpoint/hello-world');
+
+  const store = appStoreFactory(coreStart);
+
+  ReactDOM.render(<AppRoot basename={appBasePath} store={store} />, element);
+
+  return () => {
+    ReactDOM.unmountComponentAtNode(element);
+  };
+}
+
+interface RouterProps {
+  basename: string;
+  store: Store;
+}
+
+const AppRoot: React.FunctionComponent<RouterProps> = React.memo(({ basename, store }) => (
+  <Provider store={store}>
+    <I18nProvider>
+      <BrowserRouter basename={basename}>
+        <Switch>
+          <Route
+            exact
+            path="/"
+            render={() => (
+              <h1 data-test-subj="welcomeTitle">
+                <FormattedMessage id="xpack.endpoint.welcomeTitle" defaultMessage="Hello World" />
+              </h1>
+            )}
+          />
+          <Route path="/management" component={ManagementList} />
+          <Route path="/alerts" component={AlertIndex} />
+          <Route path="/policy" exact component={PolicyList} />
+          <Route
+            render={() => (
+              <FormattedMessage id="xpack.endpoint.notFound" defaultMessage="Page Not Found" />
+            )}
+          />
+        </Switch>
+      </BrowserRouter>
+    </I18nProvider>
+  </Provider>
+));

x-pack/plugins/endpoint/public/applications/endpoint/lib/index.ts

@@ -0,0 +1,7 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+export * from './saga';