elastic · maximpn · Sep 27, 2024 · Sep 22, 2024 · Sep 23, 2024 · Sep 23, 2024
diff --git a/...tections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/index.ts b/...tections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/index.ts
@@ -13,5 +13,6 @@ export default function ({ loadTestFile }: FtrProviderContext) {
     loadTestFile(require.resolve('./perform_bulk_action_dry_run_ess'));
     loadTestFile(require.resolve('./perform_bulk_action'));
     loadTestFile(require.resolve('./perform_bulk_action_ess'));
+    loadTestFile(require.resolve('./perform_bulk_enable_disable.ts'));
   });
 }
diff --git a/...nse/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action.ts b/...nse/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action.ts
@@ -273,42 +273,6 @@ export default ({ getService }: FtrProviderContext): void => {
       await fetchRule(ruleId).expect(404);
     });
 
-    it('should enable rules', async () => {
-      const ruleId = 'ruleId';
-      await createRule(supertest, log, getSimpleRule(ruleId));
-
-      const { body } = await postBulkAction()
-        .send({ query: '', action: BulkActionTypeEnum.enable })
-        .expect(200);
-
-      expect(body.attributes.summary).toEqual({ failed: 0, skipped: 0, succeeded: 1, total: 1 });
-
-      // Check that the updated rule is returned with the response
-      expect(body.attributes.results.updated[0].enabled).toEqual(true);
-
-      // Check that the updates have been persisted
-      const { body: ruleBody } = await fetchRule(ruleId).expect(200);
-      expect(ruleBody.enabled).toEqual(true);
-    });
-
-    it('should disable rules', async () => {
-      const ruleId = 'ruleId';
-      await createRule(supertest, log, getSimpleRule(ruleId, true));
-
-      const { body } = await postBulkAction()
-        .send({ query: '', action: BulkActionTypeEnum.disable })
-        .expect(200);
-
-      expect(body.attributes.summary).toEqual({ failed: 0, skipped: 0, succeeded: 1, total: 1 });
-
-      // Check that the updated rule is returned with the response
-      expect(body.attributes.results.updated[0].enabled).toEqual(false);
-
-      // Check that the updates have been persisted
-      const { body: ruleBody } = await fetchRule(ruleId).expect(200);
-      expect(ruleBody.enabled).toEqual(false);
-    });
-
     it('should duplicate rules', async () => {
       const ruleId = 'ruleId';
       const ruleToDuplicate = getCustomQueryRuleParams({

diff --git a/...s_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_enable_disable.ts b/...s_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_enable_disable.ts
@@ -0,0 +1,70 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import expect from 'expect';
+import { BulkActionTypeEnum } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management';
+import { getCustomQueryRuleParams, fetchRule } from '../../../utils';
+import { createRule, deleteAllRules } from '../../../../../../common/utils/security_solution';
+import { FtrProviderContext } from '../../../../../ftr_provider_context';
+
+export default ({ getService }: FtrProviderContext): void => {
+  const supertest = getService('supertest');
+  const securitySolutionApi = getService('securitySolutionApi');
+  const log = getService('log');
+
+  describe('@ess @serverless @serverlessQA Bulk enable/disable', () => {
+    beforeEach(async () => {
+      await deleteAllRules(supertest, log);
+    });
+
+    it('should enable rules', async () => {
+      const ruleId = 'ruleId';
+      await createRule(
+        supertest,
+        log,
+        getCustomQueryRuleParams({ rule_id: ruleId, enabled: false })
+      );
+
+      const { body } = await securitySolutionApi.performRulesBulkAction({
+        query: {},
+        body: { action: BulkActionTypeEnum.enable },
+      });
+
+      expect(body.attributes.summary).toEqual({ failed: 0, skipped: 0, succeeded: 1, total: 1 });
+
+      // Check that the updated rule is returned with the response
+      expect(body.attributes.results.updated[0].enabled).toEqual(true);
+
+      // Check that the updates have been persisted
+      const ruleBody = await fetchRule(supertest, { ruleId });
+      expect(ruleBody.enabled).toEqual(true);
+    });
+
+    it('should disable rules', async () => {
+      const ruleId = 'ruleId';
+      await createRule(
+        supertest,
+        log,
+        getCustomQueryRuleParams({ rule_id: ruleId, enabled: true })
+      );
+
+      const { body } = await securitySolutionApi.performRulesBulkAction({
+        query: {},
+        body: { action: BulkActionTypeEnum.disable },
+      });
+
+      expect(body.attributes.summary).toEqual({ failed: 0, skipped: 0, succeeded: 1, total: 1 });
+
+      // Check that the updated rule is returned with the response
+      expect(body.attributes.results.updated[0].enabled).toEqual(false);
+
+      // Check that the updates have been persisted
+      const ruleBody = await fetchRule(supertest, { ruleId });
+      expect(ruleBody.enabled).toEqual(false);
+    });
+  });
+};
diff --git a/...ules_management/rule_creation/basic_license_essentials_tier/create_ml_rules_privileges.ts b/...ules_management/rule_creation/basic_license_essentials_tier/create_ml_rules_privileges.ts
@@ -68,7 +68,7 @@ export default ({ getService }: FtrProviderContext) => {
         });
       });
 
-      it('@serverless should give a 200 when trying to create a single Machine Learning rule since the license is essentials', async () => {
+      it('@serverless @serverlessQA should give a 200 when trying to create a single Machine Learning rule since the license is essentials', async () => {
         const { body } = await supertest
           .post(DETECTION_ENGINE_RULES_URL)
           .set('kbn-xsrf', 'true')

diff --git a/...ons_response/rules_management/rule_creation/basic_license_essentials_tier/create_rules.ts b/...ons_response/rules_management/rule_creation/basic_license_essentials_tier/create_rules.ts
@@ -39,7 +39,7 @@ export default ({ getService }: FtrProviderContext) => {
   const dataPathBuilder = new EsArchivePathBuilder(isServerless);
   const auditbeatPath = dataPathBuilder.getPath('auditbeat/hosts');
 
-  describe('@ess @serverless create_rules', () => {
+  describe('@ess @serverless @serverlessQA create_rules', () => {
     describe('creating rules', () => {
       before(async () => {
         await esArchiver.load(auditbeatPath);

diff --git a/...esponse/rules_management/rule_creation/basic_license_essentials_tier/create_rules_bulk.ts b/...esponse/rules_management/rule_creation/basic_license_essentials_tier/create_rules_bulk.ts
@@ -38,7 +38,7 @@ export default ({ getService }: FtrProviderContext): void => {
   const auditbeatPath = dataPathBuilder.getPath('auditbeat/hosts');
   const utils = getService('securitySolutionUtils');
 
-  describe('@ess @serverless create_rules_bulk', () => {
+  describe('@ess @serverless @skipInServerlessMKI create_rules_bulk', () => {
     describe('creating rules in bulk', () => {
       before(async () => {
         await esArchiver.load(auditbeatPath);

diff --git a/...s_response/rules_management/rule_creation/trial_license_complete_tier/create_new_terms.ts b/...s_response/rules_management/rule_creation/trial_license_complete_tier/create_new_terms.ts
@@ -20,7 +20,7 @@ export default ({ getService }: FtrProviderContext) => {
   /**
    * Specific api integration tests for new terms rule type
    */
-  describe('@serverless @ess create_new_terms', () => {
+  describe('@serverless @ess @serverlessQA create_new_terms', () => {
     beforeEach(async () => {
       await deleteAllRules(supertest, log);
     });

diff --git a/...tions_response/rules_management/rule_creation/trial_license_complete_tier/create_rules.ts b/...tions_response/rules_management/rule_creation/trial_license_complete_tier/create_rules.ts
@@ -50,7 +50,7 @@ export default ({ getService }: FtrProviderContext) => {
   const es = getService('es');
   const utils = getService('securitySolutionUtils');
 
-  describe('@serverless @ess create_rules', () => {
+  describe('@serverless @ess @serverlessQA create_rules', () => {
     describe('rule creation', () => {
       before(async () => {
         await es.indices.delete({ index: 'logs-test', ignore_unavailable: true });

diff --git a/...ions_response/rules_management/rule_creation/trial_license_complete_tier/preview_rules.ts b/...ions_response/rules_management/rule_creation/trial_license_complete_tier/preview_rules.ts
@@ -31,7 +31,7 @@ export default ({ getService }: FtrProviderContext) => {
   const dataPathBuilder = new EsArchivePathBuilder(isServerless);
   const path = dataPathBuilder.getPath('auditbeat/hosts');
 
-  describe('@serverless @ess preview_rules', () => {
+  describe('@serverless @ess @serverlessQA preview_rules', () => {
     describe('previewing rules', () => {
       before(async () => {
         await esArchiver.load(path);

diff --git a/...tions_response/rules_management/rule_delete/basic_license_essentials_tier/delete_rules.ts b/...tions_response/rules_management/rule_delete/basic_license_essentials_tier/delete_rules.ts
@@ -31,7 +31,7 @@ export default ({ getService }: FtrProviderContext): void => {
   const es = getService('es');
   const utils = getService('securitySolutionUtils');
 
-  describe('@ess @serverless delete_rules', () => {
+  describe('@ess @serverless @skipInServerlessMKI delete_rules', () => {
     describe('deleting rules', () => {
       beforeEach(async () => {
         await createAlertsIndex(supertest, log);

diff --git a/..._response/rules_management/rule_delete/basic_license_essentials_tier/delete_rules_bulk.ts b/..._response/rules_management/rule_delete/basic_license_essentials_tier/delete_rules_bulk.ts
@@ -32,7 +32,7 @@ export default ({ getService }: FtrProviderContext): void => {
   const es = getService('es');
   const utils = getService('securitySolutionUtils');
 
-  describe('@ess @serverless delete_rules_bulk', () => {
+  describe('@ess @serverless @skipInServerlessMKI delete_rules_bulk', () => {
     describe('deleting rules bulk using DELETE', () => {
       beforeEach(async () => {
         await createAlertsIndex(supertest, log);

diff --git a/...ections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules.ts b/...ections_response/rules_management/rule_delete/trial_license_complete_tier/delete_rules.ts
@@ -31,7 +31,7 @@ export default ({ getService }: FtrProviderContext): void => {
   const es = getService('es');
   const utils = getService('securitySolutionUtils');
 
-  describe('@ess @serverless delete_rules', () => {
+  describe('@ess @serverless @skipInServerlessMKI delete_rules', () => {
     describe('deleting rules', () => {
       beforeEach(async () => {
         await createAlertsIndex(supertest, log);

diff --git a/...esponse/rules_management/rule_import_export/basic_license_essentials_tier/export_rules.ts b/...esponse/rules_management/rule_import_export/basic_license_essentials_tier/export_rules.ts
@@ -16,7 +16,7 @@ export default ({ getService }: FtrProviderContext): void => {
   const log = getService('log');
   const securitySolutionApi = getService('securitySolutionApi');
 
-  describe('@ess @serverless export_rules', () => {
+  describe('@ess @serverless @serverlessQA export_rules', () => {
     describe('exporting rules', () => {
       afterEach(async () => {
         await deleteAllRules(supertest, log);

diff --git a/...esponse/rules_management/rule_import_export/basic_license_essentials_tier/import_rules.ts b/...esponse/rules_management/rule_import_export/basic_license_essentials_tier/import_rules.ts
@@ -17,7 +17,7 @@ export default ({ getService }: FtrProviderContext): void => {
   const securitySolutionApi = getService('securitySolutionApi');
   const log = getService('log');
 
-  describe('@ess @serverless import_rules', () => {
+  describe('@ess @serverless @serverlessQA import_rules', () => {
     describe('importing rules with an index', () => {
       afterEach(async () => {
         await deleteAllRules(supertest, log);

diff --git a/...ponse/rules_management/rule_management/basic_license_essentials_tier/coverage_overview.ts b/...ponse/rules_management/rule_management/basic_license_essentials_tier/coverage_overview.ts
@@ -66,7 +66,7 @@ export default ({ getService }: FtrProviderContext): void => {
     });
 
     // Both serverless and ESS
-    describe('@serverless @ess tests', () => {
+    describe('@ess @serverless @skipInServerlessMKI tests', () => {
       describe('base cases', () => {
         it('returns an empty response if there are no rules', async () => {
           const body = await getCoverageOverview(supertest);

diff --git a/...les_management/rule_management/trial_license_complete_tier/get_rule_management_filters.ts b/...les_management/rule_management/trial_license_complete_tier/get_rule_management_filters.ts
@@ -23,7 +23,7 @@ export default ({ getService }: FtrProviderContext): void => {
   const es = getService('es');
   const log = getService('log');
 
-  describe('@ess @serverless get_rule_management_filters', () => {
+  describe('@ess @serverless @serverlessQA get_rule_management_filters', () => {
     beforeEach(async () => {
       await deleteAllRules(supertest, log);
     });

diff --git a/...ections_response/rules_management/rule_patch/basic_license_essentials_tier/patch_rules.ts b/...ections_response/rules_management/rule_patch/basic_license_essentials_tier/patch_rules.ts
@@ -31,7 +31,7 @@ export default ({ getService }: FtrProviderContext) => {
   const es = getService('es');
   const utils = getService('securitySolutionUtils');
 
-  describe('@ess @serverless patch_rules', () => {
+  describe('@ess @serverless @serverlessQA patch_rules', () => {
     describe('patch rules', () => {
       beforeEach(async () => {
         await createAlertsIndex(supertest, log);

diff --git a/...ns_response/rules_management/rule_patch/basic_license_essentials_tier/patch_rules_bulk.ts b/...ns_response/rules_management/rule_patch/basic_license_essentials_tier/patch_rules_bulk.ts
@@ -31,7 +31,7 @@ export default ({ getService }: FtrProviderContext) => {
   const es = getService('es');
   const utils = getService('securitySolutionUtils');
 
-  describe('@ess @serverless patch_rules_bulk', () => {
+  describe('@ess @serverless @skipInServerlessMKI patch_rules_bulk', () => {
     describe('patch rules bulk', () => {
       beforeEach(async () => {
         await createAlertsIndex(supertest, log);

diff --git a/...etections_response/rules_management/rule_read/basic_license_essentials_tier/find_rules.ts b/...etections_response/rules_management/rule_read/basic_license_essentials_tier/find_rules.ts
@@ -24,7 +24,7 @@ export default ({ getService }: FtrProviderContext): void => {
   const log = getService('log');
   const utils = getService('securitySolutionUtils');
 
-  describe('@ess @serverless find_rules', () => {
+  describe('@ess @serverless @serverlessQA find_rules', () => {
     beforeEach(async () => {
       await deleteAllRules(supertest, log);
     });

diff --git a/...etections_response/rules_management/rule_read/basic_license_essentials_tier/read_rules.ts b/...etections_response/rules_management/rule_read/basic_license_essentials_tier/read_rules.ts
@@ -31,7 +31,7 @@ export default ({ getService }: FtrProviderContext) => {
   const es = getService('es');
   const utils = getService('securitySolutionUtils');
 
-  describe('@ess @serverless read_rules', () => {
+  describe('@ess @serverless @serverlessQA read_rules', () => {
     describe('reading rules', () => {
       beforeEach(async () => {
         await createAlertsIndex(supertest, log);

diff --git a/.../detections_response/rules_management/rule_read/trial_license_complete_tier/find_rules.ts b/.../detections_response/rules_management/rule_read/trial_license_complete_tier/find_rules.ts
@@ -25,7 +25,7 @@ export default ({ getService }: FtrProviderContext): void => {
   const log = getService('log');
   const utils = getService('securitySolutionUtils');
 
-  describe('@ess @serverless find_rules', () => {
+  describe('@ess @serverless @skipInServerlessMKI find_rules', () => {
     beforeEach(async () => {
       await deleteAllRules(supertest, log);
     });

diff --git a/.../detections_response/rules_management/rule_read/trial_license_complete_tier/read_rules.ts b/.../detections_response/rules_management/rule_read/trial_license_complete_tier/read_rules.ts
@@ -31,7 +31,7 @@ export default ({ getService }: FtrProviderContext) => {
   const es = getService('es');
   const utils = getService('securitySolutionUtils');
 
-  describe('@ess @serverless read_rules', () => {
+  describe('@ess @serverless @skipInServerlessMKI read_rules', () => {
     describe('reading rules', () => {
       beforeEach(async () => {
         await createAlertsIndex(supertest, log);

diff --git a/...tions_response/rules_management/rule_update/basic_license_essentials_tier/update_rules.ts b/...tions_response/rules_management/rule_update/basic_license_essentials_tier/update_rules.ts
@@ -33,7 +33,7 @@ export default ({ getService }: FtrProviderContext) => {
   const es = getService('es');
   const utils = getService('securitySolutionUtils');
 
-  describe('@ess @serverless update_rules', () => {
+  describe('@ess @serverless @serverlessQA update_rules', () => {
     describe('update rules', () => {
       beforeEach(async () => {
         await createAlertsIndex(supertest, log);

diff --git a/..._response/rules_management/rule_update/basic_license_essentials_tier/update_rules_bulk.ts b/..._response/rules_management/rule_update/basic_license_essentials_tier/update_rules_bulk.ts
@@ -32,7 +32,7 @@ export default ({ getService }: FtrProviderContext) => {
   const es = getService('es');
   const utils = getService('securitySolutionUtils');
 
-  describe('@ess @serverless update_rules_bulk', () => {
+  describe('@ess @serverless @skipInServerlessMKI update_rules_bulk', () => {
     describe('update rules bulk', () => {
       beforeEach(async () => {
         await createAlertsIndex(supertest, log);

diff --git a/...cypress/cypress/e2e/detection_response/rule_management/prebuilt_rules/notifications.cy.ts b/...cypress/cypress/e2e/detection_response/rule_management/prebuilt_rules/notifications.cy.ts
@@ -32,7 +32,7 @@ const RULE_1 = createRuleAssetSavedObject({
 
 describe(
   'Detection rules, Prebuilt Rules Installation and Update Notifications',
-  { tags: ['@ess', '@serverless'] },
+  { tags: ['@ess', '@serverless', '@skipInServerlessMKI'] },
   () => {
     beforeEach(() => {
       login();
@@ -72,7 +72,7 @@ describe(
     });
 
     // https://github.com/elastic/kibana/issues/179968
-    describe('Notifications', { tags: ['@skipInServerlessMKI'] }, () => {
+    describe('Notifications', () => {
       beforeEach(() => {
         installPrebuiltRuleAssets([RULE_1]);
       });

diff --git a/...ypress/e2e/detection_response/rule_management/prebuilt_rules/prebuilt_rules_preview.cy.ts b/...ypress/e2e/detection_response/rule_management/prebuilt_rules/prebuilt_rules_preview.cy.ts
@@ -77,7 +77,7 @@ const PREVIEW_TABS = {
 
 describe(
   'Detection rules, Prebuilt Rules Installation and Update workflow',
-  { tags: ['@ess', '@serverless'] },
+  { tags: ['@ess', '@serverless', '@skipInServerlessMKI'] },
   () => {
     const commonProperties: Partial<PrebuiltRuleAsset> = {
       author: ['Elastic', 'Another author'],

diff --git a/...press/cypress/e2e/detection_response/rule_management/prebuilt_rules/update_workflow.cy.ts b/...press/cypress/e2e/detection_response/rule_management/prebuilt_rules/update_workflow.cy.ts
@@ -32,7 +32,7 @@ import { visitRulesManagementTable } from '../../../../tasks/rules_management';
 
 describe(
   'Detection rules, Prebuilt Rules Installation and Update workflow',
-  { tags: ['@ess', '@serverless'] },
+  { tags: ['@ess', '@serverless', '@skipInServerlessMKI'] },
   () => {
     describe('Upgrade of prebuilt rules', () => {
       const RULE_1_ID = 'rule_1';