Skip to content

[SIEM] Unskips and fixes 'Detection rules, custom' test#70693

Merged
MadameSheema merged 5 commits intoelastic:masterfrom
MadameSheema:fixes-alerts-test
Jul 6, 2020
Merged

[SIEM] Unskips and fixes 'Detection rules, custom' test#70693
MadameSheema merged 5 commits intoelastic:masterfrom
MadameSheema:fixes-alerts-test

Conversation

@MadameSheema
Copy link
Copy Markdown
Contributor

@MadameSheema MadameSheema commented Jul 3, 2020

Summary

In this PR we are unskiping and fixing "Detection rules, custom" test.

@MadameSheema MadameSheema added Team:SIEM v8.0.0 release_note:skip Skip the PR/issue when compiling release notes v7.9.0 labels Jul 3, 2020
@MadameSheema MadameSheema requested review from a team as code owners July 3, 2020 09:15
@MadameSheema MadameSheema self-assigned this Jul 3, 2020
@MadameSheema
Copy link
Copy Markdown
Contributor Author

MadameSheema commented Jul 3, 2020

@elasticmachine merge upstream

@MadameSheema
Copy link
Copy Markdown
Contributor Author

MadameSheema commented Jul 6, 2020

@elasticmachine merge upstream

@MadameSheema
Copy link
Copy Markdown
Contributor Author

MadameSheema commented Jul 6, 2020

@elasticmachine merge upstream

@kibanamachine
Copy link
Copy Markdown
Contributor

kibanamachine commented Jul 6, 2020

💛 Build succeeded, but was flaky

Test Failures

Kibana Pipeline / kibana-xpack-agent / X-Pack Detection Engine API Integration Tests.x-pack/test/detection_engine_api_integration/basic/tests/find_statuses·ts.detection engine api security and spaces enabled find_statuses "after each" hook for "should return a single rule status when a single rule is loaded from a find status with defaults added"

Link to Jenkins

Standard Out

Failed Tests Reporter:
  - Test has failed 12 times on tracked branches: https://github.com/elastic/kibana/issues/69632

[00:00:00]       │
[00:00:00]         └-: detection engine api security and spaces enabled
[00:00:00]           └-> "before all" hook
[00:01:59]           └-: find_statuses
[00:01:59]             └-> "before all" hook
[00:01:59]             └-> should return an empty find statuses body correctly if no statuses are loaded
[00:01:59]               └-> "before each" hook: global before each
[00:01:59]               └-> "before each" hook
[00:01:59]                 │ info [o.e.x.i.a.TransportPutLifecycleAction] [kibana-ci-immutable-ubuntu-16-tests-xl-1594027073191206327] adding index lifecycle policy [.siem-signals-default]
[00:01:59]                 │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-ubuntu-16-tests-xl-1594027073191206327] adding template [.siem-signals-default] for index patterns [.siem-signals-default-*]
[00:01:59]                 │ info [o.e.c.m.MetadataCreateIndexService] [kibana-ci-immutable-ubuntu-16-tests-xl-1594027073191206327] [.siem-signals-default-000001] creating index, cause [api], templates [.siem-signals-default], shards [1]/[1]
[00:01:59]                 │ info [o.e.x.i.IndexLifecycleTransition] [kibana-ci-immutable-ubuntu-16-tests-xl-1594027073191206327] moving index [.siem-signals-default-000001] from [null] to [{"phase":"new","action":"complete","name":"complete"}] in policy [.siem-signals-default]
[00:01:59]                 │ info [o.e.x.i.IndexLifecycleTransition] [kibana-ci-immutable-ubuntu-16-tests-xl-1594027073191206327] moving index [.siem-signals-default-000001] from [{"phase":"new","action":"complete","name":"complete"}] to [{"phase":"hot","action":"unfollow","name":"wait-for-indexing-complete"}] in policy [.siem-signals-default]
[00:01:59]               └- ✓ pass  (13ms) "detection engine api security and spaces enabled find_statuses should return an empty find statuses body correctly if no statuses are loaded"
[00:01:59]             └-> "after each" hook
[00:01:59]               │ info [o.e.x.i.IndexLifecycleTransition] [kibana-ci-immutable-ubuntu-16-tests-xl-1594027073191206327] moving index [.siem-signals-default-000001] from [{"phase":"hot","action":"unfollow","name":"wait-for-indexing-complete"}] to [{"phase":"hot","action":"unfollow","name":"wait-for-follow-shard-tasks"}] in policy [.siem-signals-default]
[00:01:59]               │ info [o.e.c.m.MetadataDeleteIndexService] [kibana-ci-immutable-ubuntu-16-tests-xl-1594027073191206327] [.siem-signals-default-000001/oRreVNcjQN2xpdAgAjx38Q] deleting index
[00:01:59]               │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-ubuntu-16-tests-xl-1594027073191206327] removing template [.siem-signals-default]
[00:01:59]             └-> should return a single rule status when a single rule is loaded from a find status with defaults added
[00:01:59]               └-> "before each" hook: global before each
[00:01:59]               └-> "before each" hook
[00:01:59]                 │ info [o.e.x.i.a.TransportPutLifecycleAction] [kibana-ci-immutable-ubuntu-16-tests-xl-1594027073191206327] adding index lifecycle policy [.siem-signals-default]
[00:01:59]                 │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-ubuntu-16-tests-xl-1594027073191206327] adding template [.siem-signals-default] for index patterns [.siem-signals-default-*]
[00:01:59]                 │ info [o.e.c.m.MetadataCreateIndexService] [kibana-ci-immutable-ubuntu-16-tests-xl-1594027073191206327] [.siem-signals-default-000001] creating index, cause [api], templates [.siem-signals-default], shards [1]/[1]
[00:01:59]                 │ info [o.e.x.i.IndexLifecycleTransition] [kibana-ci-immutable-ubuntu-16-tests-xl-1594027073191206327] moving index [.siem-signals-default-000001] from [null] to [{"phase":"new","action":"complete","name":"complete"}] in policy [.siem-signals-default]
[00:01:59]                 │ info [o.e.x.i.IndexLifecycleTransition] [kibana-ci-immutable-ubuntu-16-tests-xl-1594027073191206327] moving index [.siem-signals-default-000001] from [{"phase":"new","action":"complete","name":"complete"}] to [{"phase":"hot","action":"unfollow","name":"wait-for-indexing-complete"}] in policy [.siem-signals-default]
[00:01:59]               │ info [o.e.x.i.IndexLifecycleTransition] [kibana-ci-immutable-ubuntu-16-tests-xl-1594027073191206327] moving index [.siem-signals-default-000001] from [{"phase":"hot","action":"unfollow","name":"wait-for-indexing-complete"}] to [{"phase":"hot","action":"unfollow","name":"wait-for-follow-shard-tasks"}] in policy [.siem-signals-default]
[00:02:03]               └- ✓ pass  (3.5s) "detection engine api security and spaces enabled find_statuses should return a single rule status when a single rule is loaded from a find status with defaults added"
[00:02:03]             └-> "after each" hook
[00:02:03]               │ info [o.e.c.m.MetadataDeleteIndexService] [kibana-ci-immutable-ubuntu-16-tests-xl-1594027073191206327] [.siem-signals-default-000001/kYpzcwDHQ4miO6ZpARe0Pw] deleting index
[00:02:03]               │ info [o.e.c.m.MetadataIndexTemplateService] [kibana-ci-immutable-ubuntu-16-tests-xl-1594027073191206327] removing template [.siem-signals-default]
[00:02:03]               └- ✖ fail: "detection engine api security and spaces enabled find_statuses "after each" hook for "should return a single rule status when a single rule is loaded from a find status with defaults added""
[00:02:03]               │

Stack Trace

{ ResponseError: Response Error
    at IncomingMessage.response.on (/dev/shm/workspace/kibana/node_modules/@elastic/elasticsearch/lib/Transport.js:287:25)
    at endReadableNT (_stream_readable.js:1145:12)
    at process._tickCallback (internal/process/next_tick.js:63:19)
  name: 'ResponseError',
  meta:
   { body:
      { took: 6,
        timed_out: false,
        total: 1,
        deleted: 0,
        batches: 1,
        version_conflicts: 1,
        noops: 0,
        retries: [Object],
        throttled_millis: 0,
        requests_per_second: -1,
        throttled_until_millis: 0,
        failures: [Array] },
     statusCode: 409,
     headers:
      { 'content-type': 'application/json; charset=UTF-8',
        'content-length': '649' },
     warnings: null,
     meta:
      { context: null,
        request: [Object],
        name: 'elasticsearch-js',
        connection: [Object],
        attempts: 0,
        aborted: false } } }

Build metrics

✅ unchanged

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

rylnd
rylnd reviewed Jul 6, 2020
View reviewed changes
Comment thread x-pack/plugins/security_solution/cypress/objects/rule.ts

export const totalNumberOfPrebuiltRulesInEsArchive = 127;

export const totalNumberOfPrebuiltRulesInEsArchiveCustomRule = 145;
Copy link
Copy Markdown
Contributor

@rylnd rylnd Jul 6, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe I'm dense, but the link between this name and the archive isn't super clear, here. Not a blocker, but perhaps we should qualify it with ...InCustomRuleWithTimelineArchive or something like that.

Copy link
Copy Markdown
Contributor

@rylnd rylnd Jul 6, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Similarly, totalNumberofPrebuildRulesInEsArchive is also unclear now for a similar reason: which archives does that number pertain to?

rylnd
rylnd approved these changes Jul 6, 2020
View reviewed changes
Copy link
Copy Markdown
Contributor

@rylnd rylnd left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The naming issues I mentioned aren't a blocker, but they should definitely be kept in mind for the future so as not to discourage contributions in this area of the codebase. That being said, thank you for fixing these!

@MadameSheema MadameSheema merged commit 7b0e9df into elastic:master Jul 6, 2020
@MadameSheema MadameSheema deleted the fixes-alerts-test branch July 6, 2020 19:26
@MadameSheema MadameSheema mentioned this pull request Jul 7, 2020
Closed
MadameSheema added a commit to MadameSheema/kibana that referenced this pull request Jul 7, 2020
@MadameSheema @elasticmachine
[SIEM] Unskips and fixes 'Detection rules, custom' test (elastic#70693)
e82ac68 
* unskips and fixes 'Detection rules, custom' test

* deletes comment

Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
@kibanamachine kibanamachine added the backport missing Added to PRs automatically when the are determined to be missing a backport. label Jul 8, 2020
@kibanamachine
Copy link
Copy Markdown
Contributor

kibanamachine commented Jul 8, 2020

Looks like this PR has a backport PR but it still hasn't been merged. Please merge it ASAP to keep the branches relatively in sync.

2 similar comments
@kibanamachine
Copy link
Copy Markdown
Contributor

kibanamachine commented Jul 9, 2020

Looks like this PR has a backport PR but it still hasn't been merged. Please merge it ASAP to keep the branches relatively in sync.

@kibanamachine
Copy link
Copy Markdown
Contributor

kibanamachine commented Jul 10, 2020

Looks like this PR has a backport PR but it still hasn't been merged. Please merge it ASAP to keep the branches relatively in sync.

@kibanamachine
Copy link
Copy Markdown
Contributor

kibanamachine commented Jul 13, 2020

Friendly reminder: Looks like this PR hasn’t been backported yet.
To create backports run node scripts/backport --pr 70693 or prevent reminders by adding the backport:skip label.

3 similar comments
@kibanamachine
Copy link
Copy Markdown
Contributor

kibanamachine commented Jul 14, 2020

Friendly reminder: Looks like this PR hasn’t been backported yet.
To create backports run node scripts/backport --pr 70693 or prevent reminders by adding the backport:skip label.

@kibanamachine
Copy link
Copy Markdown
Contributor

kibanamachine commented Jul 15, 2020

Friendly reminder: Looks like this PR hasn’t been backported yet.
To create backports run node scripts/backport --pr 70693 or prevent reminders by adding the backport:skip label.

@kibanamachine
Copy link
Copy Markdown
Contributor

kibanamachine commented Jul 16, 2020

Friendly reminder: Looks like this PR hasn’t been backported yet.
To create backports run node scripts/backport --pr 70693 or prevent reminders by adding the backport:skip label.

@kibanamachine
Copy link
Copy Markdown
Contributor

kibanamachine commented Jul 17, 2020

Friendly reminder: Looks like this PR hasn’t been backported yet.
To create backports run node scripts/backport --pr 70693 or prevent reminders by adding the backport:skip label.

6 similar comments
@kibanamachine
Copy link
Copy Markdown
Contributor

kibanamachine commented Jul 20, 2020

Friendly reminder: Looks like this PR hasn’t been backported yet.
To create backports run node scripts/backport --pr 70693 or prevent reminders by adding the backport:skip label.

@kibanamachine
Copy link
Copy Markdown
Contributor

kibanamachine commented Jul 21, 2020

Friendly reminder: Looks like this PR hasn’t been backported yet.
To create backports run node scripts/backport --pr 70693 or prevent reminders by adding the backport:skip label.

@kibanamachine
Copy link
Copy Markdown
Contributor

kibanamachine commented Jul 22, 2020

Friendly reminder: Looks like this PR hasn’t been backported yet.
To create backports run node scripts/backport --pr 70693 or prevent reminders by adding the backport:skip label.

@kibanamachine
Copy link
Copy Markdown
Contributor

kibanamachine commented Jul 23, 2020

Friendly reminder: Looks like this PR hasn’t been backported yet.
To create backports run node scripts/backport --pr 70693 or prevent reminders by adding the backport:skip label.

@kibanamachine
Copy link
Copy Markdown
Contributor

kibanamachine commented Jul 24, 2020

Friendly reminder: Looks like this PR hasn’t been backported yet.
To create backports run node scripts/backport --pr 70693 or prevent reminders by adding the backport:skip label.

@kibanamachine
Copy link
Copy Markdown
Contributor

kibanamachine commented Jul 27, 2020

Friendly reminder: Looks like this PR hasn’t been backported yet.
To create backports run node scripts/backport --pr 70693 or prevent reminders by adding the backport:skip label.

@patrykkopycinski patrykkopycinski added backport:skip This PR does not require backporting and removed backport missing Added to PRs automatically when the are determined to be missing a backport. labels Jul 27, 2020
@MindyRS MindyRS added the Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. label Sep 23, 2021
@elasticmachine
Copy link
Copy Markdown
Contributor

elasticmachine commented Sep 23, 2021

Pinging @elastic/security-solution (Team: SecuritySolution)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rylnd rylnd rylnd approved these changes

Assignees

@MadameSheema MadameSheema

Labels

backport:skip This PR does not require backporting release_note:skip Skip the PR/issue when compiling release notes Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:SIEM v7.9.0 v8.0.0

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@MadameSheema @kibanamachine @elasticmachine @rylnd @MindyRS @patrykkopycinski