[Security Solution] Integrate Prebuilt Rules Customization UI with the _perform upgrade API

[maximpn]

Partially addresses: #171520

Summary

This PR integrates Prebuilt Rules Customization UI functionality with the /internal/detection_engine/prebuilt_rules/upgrade/_perform Prebuilt Rules Customization upgrade API.

Caution

This PR doesn't handle rule type changes. Prebuilt rule updates with rule type change consider having a NON SOLVABLE conflict and won't be upgraded neither individually nor in bulk. Addressing that task requires UI and functional changes and will be addressed in a separate PR.

Details

How to test

• Clear Elasticsearch data
• Run Elasticsearch and Kibana locally (do not open Kibana in a web browser)
• Install an outdated version of the security_detection_engine Fleet package

curl -X POST --user elastic:changeme -H 'Content-Type: application/json' -H 'kbn-xsrf: 123' -H "elastic-api-version: 2023-10-31" -d '{"force":true}' http://localhost:5601/kbn/api/fleet/epm/packages/security_detection_engine/8.14.1

- Install prebuilt rules
```bash
curl -X POST --user elastic:changeme  -H 'Content-Type: application/json' -H 'kbn-xsrf: 123' -H "elastic-api-version: 1" -d '{"mode":"ALL_RULES"}' http://localhost:5601/kbn/internal/detection_engine/prebuilt_rules/installation/_perform

• Open Detection Rules (SIEM) Page -> Rule Updates
• Check update functionality in a flyout
  • Pick a rule
  • Click on rule's name
  • Make changes to fields in incoming rule updates updates
  • Save field(s) changes
  • Press the Update button
• Check table row rule update
  • Pick a rule
  • Click on rule's name
  • Make changes to fields in incoming rule updates updates
  • Save field(s) changes
  • Close the flyout
  • Press the Update rule button in the rule's table row
• Check bulk rule update
  • Pick a few rules and for each of them do the next steps
  • Click on rule's name
  • Make changes to fields in incoming rule updates updates
  • Save field(s) changes
  • Close the flyout
  • After press the Update All button on the page
• Check selected rules bulk update
  • Pick a few rules and for each of them do the next steps
  • Click on rule's name
  • Make changes to fields in incoming rule updates updates
  • Save field(s) changes
  • Close the flyout
  • After select the modified rule updates
  • Press the Update N selected rule(s) button on the page

[elasticmachine]

Pinging @elastic/security-detections-response (Team:Detections and Resp)

[elasticmachine]

Pinging @elastic/security-solution (Team: SecuritySolution)

[elasticmachine]

Pinging @elastic/security-detection-rule-management (Team:Detection Rule Management)

[elasticmachine]

💔 Build Failed

• Buildkite Build
• Commit: 2c6f94f

Failed CI Steps

History

• 💔 Build #250326 failed 2c6f94f

cc @maximpn