[Cloud Security] Misconfiguration preview & Refactor CSP Plugin to include new package PHASE 4#191677
Merged
animehart merged 24 commits intoelastic:mainfrom Sep 4, 2024
Conversation
Contributor
|
Pinging @elastic/kibana-cloud-security-posture (Team:Cloud Security) |
animehart
added
the
release_note:skip
elastic-vault-github-plugin-prod
Bot
requested a review
from a team
as a code owner
tiansivive
approved these changes
Aug 29, 2024
Contributor
tiansivive
left a comment
tiansivive
left a comment
There was a problem hiding this comment.
LGTM from Entity Analytics
opauloh
reviewed
Aug 30, 2024
elastic-vault-github-plugin-prod
Bot
requested a review
from a team
as a code owner
maxcold
added
the
ci:project-deploy-security
Contributor
|
/ci |
maxcold
reviewed
Aug 30, 2024
…n' of github.com:animehart/kibana into misconfiguration-preview-refactor-phase-4-implementation
Contributor
|
From Cypress perspective there is work pending to be done to merge this PR. As it is, this test is not going to be executed in any of our existing pipelines:
Please feel free to setup a meeting with @elastic/security-engineering-productivity to let you know which are the correct steps to make this happen. |
| createMockFinding(); | ||
| expandFirstAlertHostFlyout(); | ||
| cy.log('check if Misconfiguration preview section rendered'); | ||
| cy.get(HOST_INSIGHT_MISCONFIGURATION).should('exist'); |
Contributor
There was a problem hiding this comment.
For robustness, is better to check that the element is visible, since the element can exist on the dom but can be not visible for the end user.
| cy.get(HOST_INSIGHT_MISCONFIGURATION).should('exist'); | ||
|
|
||
| cy.log('check if Misconfiguration preview title shown'); | ||
| cy.get(HOST_INSIGHT_MISCONFIGURATION_TITLE).should('exist'); |
Contributor
There was a problem hiding this comment.
Contributor
Author
|
I will move the cypress test in separate ticket/PR then as it seems that there's quite a lot of stuff to do (too much for this 1 PR) |
…eeds to be done before we are able to run cypress on ci, will do this on separate PR later on
…n' of github.com:animehart/kibana into misconfiguration-preview-refactor-phase-4-implementation
opauloh
reviewed
Sep 4, 2024
Contributor
opauloh
left a comment
opauloh
left a comment
There was a problem hiding this comment.
just a few more comments
| ) => { | ||
| const passed = buckets.find((bucket) => bucket?.key === 'passed'); | ||
| const failed = buckets.find((bucket) => bucket?.key === 'failed'); | ||
| const noStatus = buckets.find((bucket) => bucket?.key === 'unknown'); |
Contributor
There was a problem hiding this comment.
it seems inconsistent to use noStatus pointing to unknown, I think it could be unknown instead.
Comment on lines
+52
to
+64
| passed: { match: { 'result.evaluation': 'passed' } }, | ||
| failed: { match: { 'result.evaluation': 'failed' } }, | ||
| }, | ||
| }, | ||
| }, | ||
| }); | ||
|
|
||
| export const getMisconfigurationAggregationCount = ( | ||
| buckets: Array<estypes.AggregationsStringRareTermsBucketKeys | undefined> | ||
| ) => { | ||
| const passed = buckets.find((bucket) => bucket?.key === 'passed'); | ||
| const failed = buckets.find((bucket) => bucket?.key === 'failed'); | ||
| const noStatus = buckets.find((bucket) => bucket?.key === 'unknown'); |
Contributor
There was a problem hiding this comment.
better to avoid those magic strings to avoid potential typos and improve maintainability, what about defining those status in a constant:
const RESULT_EVALUATION = {
PASSED: 'passed',
FAILED: 'failed',
UNKNOWN: 'unknown',
};
export const getFindingsCountAggQueryMisconfigurationPreview = () => ({
count: {
filters: {
other_bucket_key: RESULT_EVALUATION.UNKNOWN,
filters: {
[RESULT_EVALUATION.PASSED]: { match: { 'result.evaluation': RESULT_EVALUATION.PASSED } },
[RESULT_EVALUATION.FAILED]: { match: { 'result.evaluation': RESULT_EVALUATION.FAILED } },
},
},
},
});
Contributor
There was a problem hiding this comment.
nit: maybe this can be improved to use a single .reducer function instead of 3 .find functions.
| <EuiTitle | ||
| size="s" | ||
| css={css` | ||
| font-weight: ${euiTheme.font.weight.bold}; |
Comment on lines
+132
to
+137
| count: getMisconfigurationAggregationCount( | ||
| Object.entries(aggregations.count.buckets).map(([key, value]) => ({ | ||
| key, | ||
| doc_count: value.doc_count || 0, | ||
| })) | ||
| ), |
Contributor
There was a problem hiding this comment.
since we already have a getMisconfigurationAggregationCount function, it's better to have it handle the object parsing so the function is easier to consume:
return {
count: getMisconfigurationAggregationCount(aggregations.count.buckets)
};
Comment on lines
+26
to
+29
| id="observedEntity-accordion" | ||
| data-test-subj="entityInsightTestSubj" | ||
| buttonProps={{ | ||
| 'data-test-subj': 'observedEntity-accordion-button', |
Contributor
There was a problem hiding this comment.
better avoid using existing identifiers:
Suggested change
| id="observedEntity-accordion" | |
| data-test-subj="entityInsightTestSubj" | |
| buttonProps={{ | |
| 'data-test-subj': 'observedEntity-accordion-button', | |
| id="entityInsight-accordion" | |
| data-test-subj="entityInsightTestSubj" | |
| buttonProps={{ | |
| 'data-test-subj': 'entityInsight-accordion-button', |
Comment on lines
+53
to
+55
| css={css` | ||
| font-weight: ${euiTheme.font.weight.bold}; | ||
| `} |
Contributor
There was a problem hiding this comment.
same question about the EuiTitle
…n' of github.com:animehart/kibana into misconfiguration-preview-refactor-phase-4-implementation
💛 Build succeeded, but was flaky
Failed CI StepsTest FailuresMetrics [docs]Module Count
Public APIs missing comments
Async chunks
History
To update your PR or re-run it, just comment with: |
maxcold
approved these changes
Sep 4, 2024
Contributor
maxcold
left a comment
maxcold
left a comment
There was a problem hiding this comment.
Small visual bug, otherwise looks good. Please don't forget to add a work item of adding e2e cypress tests in case you don't plan to do it right away in the follow up PR
animehart
added a commit
that referenced
this pull request
Sep 6, 2024
…lugin PHASE 1 (#192114) ## Summary In an attempt to make Reviewing easier and more accurate, the implementation of Misconfiguration Data grid on Host.name flyout in Alerts Page will be split into 2 Phases Phase 1: Move Functions, Utils or Helpers, Hooks, constants to Package Phase 2: Implementing the feature This is Phase 1 of the process This PR also include a small bug fix mentioned here #191677 (review) --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
8 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
The previous #190105 was way too big and made it hard to review without missing any bugs or potential bugs, Thus we decided we are going to make series of smaller PR to make things more manageable
We will be splitting it into 4 PR
Phase 1: Creating empty packages for csp and csp-common
Phase 2: Move Types from CSP plugin to the Package + Deleting duplicates in the CSP plugin where possible
Phase 3: Move Functions, Utils or Helpers, Hooks to Package
Phase 4: Misconfiguration Preview feature (with Cypress test and other required test)
This is Phase 4 of the Process,