Skip to content

Commit

Permalink
Merge remote-tracking branch 'upstream/main' into query-diff-algorithm
Browse files Browse the repository at this point in the history
  • Loading branch information
dplumlee committed Aug 27, 2024
2 parents 2ef6cb5 + 7d632c5 commit d5dadcd
Show file tree
Hide file tree
Showing 5,270 changed files with 167,417 additions and 139,659 deletions.
The diff you're trying to view is too large. We only load the first 3000 changed files.
2 changes: 1 addition & 1 deletion .buildkite/ftr_oblt_serverless_configs.yml
Original file line number Diff line number Diff line change
Expand Up @@ -27,4 +27,4 @@ enabled:
- x-pack/test_serverless/functional/test_suites/observability/common_configs/config.group6.ts
- x-pack/test_serverless/functional/test_suites/observability/config.screenshots.ts
# serverless config files that run deployment-agnostic tests
- x-pack/test/api_integration/deployment_agnostic/oblt.serverless.config.ts
- x-pack/test/api_integration/deployment_agnostic/configs/serverless/oblt.serverless.config.ts
3 changes: 3 additions & 0 deletions .buildkite/ftr_oblt_stateful_configs.yml
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ defaultQueue: 'n2-4-spot'
enabled:
- x-pack/test/alerting_api_integration/observability/config.ts
- x-pack/test/api_integration/apis/logs_ui/config.ts
- x-pack/test/api_integration/apis/logs_shared/config.ts
- x-pack/test/api_integration/apis/metrics_ui/config.ts
- x-pack/test/api_integration/apis/osquery/config.ts
- x-pack/test/api_integration/apis/synthetics/config.ts
Expand All @@ -49,3 +50,5 @@ enabled:
- x-pack/test/observability_ai_assistant_functional/enterprise/config.ts
- x-pack/test/profiling_api_integration/cloud/config.ts
- x-pack/test/functional/apps/apm/config.ts
# stateful configs that run deployment-agnostic tests
- x-pack/test/api_integration/deployment_agnostic/configs/stateful/oblt.stateful.config.ts
3 changes: 2 additions & 1 deletion .buildkite/ftr_platform_stateful_configs.yml
Original file line number Diff line number Diff line change
Expand Up @@ -272,6 +272,7 @@ enabled:
- x-pack/test/functional/config.firefox.js
- x-pack/test/functional/config.upgrade_assistant.ts
- x-pack/test/functional_cloud/config.ts
- x-pack/test/functional_solution_sidenav/config.ts
- x-pack/test/kubernetes_security/basic/config.ts
- x-pack/test/licensing_plugin/config.public.ts
- x-pack/test/licensing_plugin/config.ts
Expand Down Expand Up @@ -361,4 +362,4 @@ enabled:
- x-pack/performance/journeys_e2e/infra_hosts_view.ts
- x-pack/test/custom_branding/config.ts
# stateful config files that run deployment-agnostic tests
- x-pack/test/api_integration/deployment_agnostic/stateful.config.ts
- x-pack/test/api_integration/deployment_agnostic/configs/stateful/platform.stateful.config.ts
2 changes: 1 addition & 1 deletion .buildkite/ftr_search_serverless_configs.yml
Original file line number Diff line number Diff line change
Expand Up @@ -17,4 +17,4 @@ enabled:
- x-pack/test_serverless/functional/test_suites/search/common_configs/config.group5.ts
- x-pack/test_serverless/functional/test_suites/search/common_configs/config.group6.ts
# serverless config files that run deployment-agnostic tests
- x-pack/test/api_integration/deployment_agnostic/search.serverless.config.ts
- x-pack/test/api_integration/deployment_agnostic/configs/serverless/search.serverless.config.ts
3 changes: 2 additions & 1 deletion .buildkite/ftr_security_serverless_configs.yml
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,7 @@ enabled:
- x-pack/test_serverless/functional/test_suites/security/config.cloud_security_posture.basic.ts
- x-pack/test_serverless/functional/test_suites/security/config.cloud_security_posture.essentials.ts
- x-pack/test_serverless/functional/test_suites/security/config.cloud_security_posture.agentless.ts
- x-pack/test_serverless/functional/test_suites/security/config.cloud_security_posture.agentless_api.ts
- x-pack/test_serverless/functional/test_suites/security/config.saved_objects_management.ts
- x-pack/test_serverless/functional/test_suites/security/config.context_awareness.ts
- x-pack/test_serverless/functional/test_suites/security/common_configs/config.group1.ts
Expand Down Expand Up @@ -98,4 +99,4 @@ enabled:
- x-pack/test/security_solution_endpoint/configs/serverless.endpoint.config.ts
- x-pack/test/security_solution_endpoint/configs/serverless.integrations.config.ts
# serverless config files that run deployment-agnostic tests
- x-pack/test/api_integration/deployment_agnostic/security.serverless.config.ts
- x-pack/test/api_integration/deployment_agnostic/configs/serverless/security.serverless.config.ts
18 changes: 9 additions & 9 deletions .buildkite/package-lock.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion .buildkite/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@
},
"dependencies": {
"@octokit/rest": "^18.10.0",
"axios": "^1.6.3",
"axios": "^1.7.4",
"globby": "^11.1.0",
"js-yaml": "^4.1.0",
"minimatch": "^5.0.1",
Expand Down
34 changes: 34 additions & 0 deletions .buildkite/pipeline-resource-definitions/kibana-codeql.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
# yaml-language-server: $schema=https://gist.githubusercontent.com/elasticmachine/988b80dae436cafea07d9a4a460a011d/raw/rre.schema.json
apiVersion: backstage.io/v1alpha1
kind: Resource
metadata:
name: bk-kibana-codeql
description: Run CodeQL
links:
- title: Pipeline link
url: https://buildkite.com/elastic/kibana-codeql
spec:
type: buildkite-pipeline
owner: group:kibana-operations
system: buildkite
implementation:
apiVersion: buildkite.elastic.dev/v1
kind: Pipeline
metadata:
name: kibana / codeql
description: Run CodeQL
spec:
env:
SLACK_NOTIFICATIONS_CHANNEL: "#kibana-operations-alerts"
ELASTIC_SLACK_NOTIFICATIONS_ENABLED: "false"
repository: elastic/kibana
branch_configuration: main
default_branch: main
pipeline_file: ".buildkite/pipelines/codeql/codeql.yml"
provider_settings:
trigger_mode: none
teams:
kibana-operations:
access_level: MANAGE_BUILD_AND_READ
everyone:
access_level: READ_ONLY
1 change: 1 addition & 0 deletions .buildkite/pipeline-resource-definitions/locations.yml
Original file line number Diff line number Diff line change
Expand Up @@ -44,3 +44,4 @@ spec:
- https://github.com/elastic/kibana/blob/main/.buildkite/pipeline-resource-definitions/security-solution-quality-gate/kibana-serverless-security-solution-quality-gate-rule-management.yml
- https://github.com/elastic/kibana/blob/main/.buildkite/pipeline-resource-definitions/trigger-version-dependent-jobs.yml
- https://github.com/elastic/kibana/blob/main/.buildkite/pipeline-resource-definitions/kibana-pointer-compression.yml
- https://github.com/elastic/kibana/blob/main/.buildkite/pipeline-resource-definitions/kibana-codeql.yml
Original file line number Diff line number Diff line change
Expand Up @@ -36,13 +36,15 @@ async function main() {

const preamble = locationFileLines.slice(0, 1);

// eslint-disable-next-line @kbn/eslint/no_unsafe_js_yaml
const locationObj = jsYaml.load(
locationFileLines.slice(1).join('\n')
) as BackstageLocationResource;
locationObj.spec.targets = pipelines.map(
(fileName) => `${resourceDefinitionsBaseUrl}/${fileName}`
);

// eslint-disable-next-line @kbn/eslint/no_unsafe_js_yaml
const locationYaml = jsYaml.dump(locationObj, { lineWidth: 400 });

fs.writeFileSync(locationFile, `${preamble.join('\n')}\n${locationYaml}`);
Expand Down
1 change: 1 addition & 0 deletions .buildkite/pipeline-utils/agent_images.ts
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@
* Side Public License, v 1.
*/

// eslint-disable-next-line @kbn/eslint/no_unsafe_js_yaml
import { dump } from 'js-yaml';
import { BuildkiteClient, BuildkiteCommandStep } from './buildkite';

Expand Down
3 changes: 3 additions & 0 deletions .buildkite/pipeline-utils/buildkite/client.ts
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,10 @@

import axios, { AxiosInstance } from 'axios';
import { execSync, ExecSyncOptions } from 'child_process';

// eslint-disable-next-line @kbn/eslint/no_unsafe_js_yaml
import { dump } from 'js-yaml';

import { parseLinkHeader } from './parse_link_header';
import { Artifact } from './types/artifact';
import { Build, BuildStatus } from './types/build';
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,8 @@ import * as Fs from 'fs';

import * as globby from 'globby';
import minimatch from 'minimatch';

// eslint-disable-next-line @kbn/eslint/no_unsafe_js_yaml
import { load as loadYaml } from 'js-yaml';

import { BuildkiteClient, BuildkiteStep } from '../buildkite';
Expand Down
2 changes: 2 additions & 0 deletions .buildkite/pipelines/codeql/codeql.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
steps:
- command: echo "Placeholder"
7 changes: 6 additions & 1 deletion .buildkite/pipelines/on_merge.yml
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ steps:
image: family/kibana-ubuntu-2004
imageProject: elastic-images-prod
provider: gcp
machineType: n2-standard-2
machineType: n2-highcpu-8
preemptible: true
key: quick_checks
timeout_in_minutes: 60
Expand Down Expand Up @@ -589,6 +589,11 @@ steps:
preemptible: true
artifact_paths:
"target/plugin_so_types_snapshot.json"
timeout_in_minutes: 30
retry:
automatic:
- exit_status: '-1'
limit: 3

- wait: ~
continue_on_failure: true
Expand Down
2 changes: 1 addition & 1 deletion .buildkite/pipelines/pull_request/base.yml
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ steps:
- command: .buildkite/scripts/steps/quick_checks.sh
label: 'Quick Checks'
agents:
machineType: n2-standard-2
machineType: n2-highcpu-8
preemptible: true
key: quick_checks
timeout_in_minutes: 60
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ steps:
- group: "Cypress MKI - Defend Workflows"
key: cypress_test_defend_workflows
steps:
- label: "Running cypress:dw:qa:serverless:run"
- label: "Cypress - DW - Running cypress:dw:qa:serverless:run"
command: .buildkite/scripts/pipelines/security_solution_quality_gate/edr_workflows/mki_security_solution_defend_workflows.sh cypress:dw:qa:serverless:run
key: test_defend_workflows
agents:
Expand All @@ -14,7 +14,7 @@ steps:
localSsdInterface: nvme
machineType: n2-standard-4
timeout_in_minutes: 300
parallelism: 6
parallelism: 5
retry:
automatic:
- exit_status: "*"
Expand Down Expand Up @@ -91,7 +91,7 @@ steps:
# - exit_status: "1"
# limit: 1

- label: "Running edr_workflows:policy_response:qa:serverless"
- label: "API - DW - Running edr_workflows:policy_response:qa:serverless"
command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh edr_workflows:policy_response:qa:serverless
key: edr_workflows:policy_response:qa:serverless
agents:
Expand All @@ -108,7 +108,7 @@ steps:
- exit_status: "1"
limit: 1

- label: "Running edr_workflows:resolver:qa:serverless"
- label: "API - DW - Running edr_workflows:resolver:qa:serverless"
command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh edr_workflows:resolver:qa:serverless
key: edr_workflows:resolver:qa:serverless
agents:
Expand All @@ -125,7 +125,7 @@ steps:
- exit_status: "1"
limit: 1

- label: "Running edr_workflows:response_actions:qa:serverless"
- label: "API - DW - Running edr_workflows:response_actions:qa:serverless"
command: .buildkite/scripts/pipelines/security_solution_quality_gate/api_integration/api-integration-tests.sh edr_workflows:response_actions:qa:serverless
key: edr_workflows:response_actions:qa:serverless
agents:
Expand All @@ -141,3 +141,24 @@ steps:
automatic:
- exit_status: "1"
limit: 1

- group: "Osquery MKI - Defend Workflows"
key: cypress_test_osquery_defend_workflows
steps:
- label: "Osquery - Cypress - DW - Running cypress:qa:serverless:run"
command: .buildkite/scripts/pipelines/security_solution_quality_gate/edr_workflows/mki_security_solution_defend_workflows_osquery.sh cypress:qa:serverless:run
key: test_osquery_defend_workflows
agents:
image: family/kibana-ubuntu-2004
imageProject: elastic-images-prod
provider: gcp
enableNestedVirtualization: true
localSsds: 1
localSsdInterface: nvme
machineType: n2-standard-4
timeout_in_minutes: 300
parallelism: 3
retry:
automatic:
- exit_status: "*"
limit: 1
2 changes: 1 addition & 1 deletion .buildkite/scripts/common/util.sh
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ is_pr_with_label() {

IFS=',' read -ra labels <<< "${GITHUB_PR_LABELS:-}"

for label in "${labels[@]}"
for label in "${labels[@]:-}"
do
if [ "$label" == "$match" ]; then
return
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
#!/bin/bash

set -euo pipefail

if [ -z "$1" ]
then
echo "No target script from the package.json file, is supplied"
exit 1
fi


source .buildkite/scripts/common/util.sh
.buildkite/scripts/bootstrap.sh

export JOB=kibana-defend-workflows-osquery-serverless-cypress

buildkite-agent meta-data set "${BUILDKITE_JOB_ID}_is_test_execution_step" "true"

source .buildkite/scripts/pipelines/security_solution_quality_gate/prepare_vault_entries.sh

cd x-pack/plugins/osquery
set +e

export BK_ANALYTICS_API_KEY=$(vault_get security-solution-quality-gate serverless-cypress-defend-workflows)

echo "--- Running the tests for target $1"
BK_ANALYTICS_API_KEY=$BK_ANALYTICS_API_KEY yarn $1; status=$?; yarn junit:merge || :; exit $status
6 changes: 6 additions & 0 deletions .buildkite/scripts/steps/artifacts/docker_image.sh
Original file line number Diff line number Diff line change
Expand Up @@ -118,6 +118,12 @@ echo "--- Trigger image tag update"
if [[ "$BUILDKITE_BRANCH" == "$KIBANA_BASE_BRANCH" ]] && [[ "${BUILDKITE_PULL_REQUEST:-false}" == "false" ]]; then
cat << EOF | buildkite-agent pipeline upload
steps:
- label: "Trigger cve-slo-status pipeline for $KIBANA_IMAGE"
trigger: cve-slo-status
build:
env:
CONTAINER: "$KIBANA_IMAGE"
soft_fail: true
- label: ":argo: Update kibana image tag for kibana-controller using gpctl"
branches: main
trigger: gpctl-promote-with-e2e-tests
Expand Down
2 changes: 1 addition & 1 deletion .buildkite/scripts/steps/capture_oas_snapshot.sh
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ set -euo pipefail
source .buildkite/scripts/common/util.sh

echo --- Capture OAS snapshot
cmd="node scripts/capture_oas_snapshot --include-path /api/status"
cmd="node scripts/capture_oas_snapshot --include-path /api/status --include-path /api/alerting/rule/ --include-path /api/alerting/rules"
if is_pr && ! is_auto_commit_disabled; then
cmd="$cmd --update"
fi
Expand Down
20 changes: 19 additions & 1 deletion .buildkite/scripts/steps/checks/event_log.sh
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,25 @@ echo --- Check Event Log Schema

# event log schema is pinned to a specific version of ECS
ECS_STABLE_VERSION=1.8
git clone --depth 1 -b $ECS_STABLE_VERSION https://github.com/elastic/ecs.git ../ecs

# we can potentially skip this check on a local env, if ../ecs is present, and modified by the developer
if [[ "${CI:-false}" =~ ^(0|false)$ ]] && [[ -d '../ecs' ]]; then
LOCAL_ECS_BRANCH=$(git -C ../ecs branch --show-current)
if [[ "$LOCAL_ECS_BRANCH" != "$ECS_STABLE_VERSION" ]]; then
echo "Skipping event log schema check because ECS schema is not on $ECS_STABLE_VERSION."
exit 0
fi

TOUCHED_FILES=$(git -C ../ecs status --porcelain)
if [[ -n "$TOUCHED_FILES" ]]; then
echo "Skipping event log schema check because ECS schema files have been modified."
exit 0
fi

echo "../ecs is already cloned and @ $ECS_STABLE_VERSION"
else
git clone --depth 1 -b $ECS_STABLE_VERSION https://github.com/elastic/ecs.git ../ecs
fi

node x-pack/plugins/event_log/scripts/create_schemas.js

Expand Down
8 changes: 8 additions & 0 deletions .buildkite/scripts/steps/checks/native_modules.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
#!/usr/bin/env bash

set -euo pipefail

source .buildkite/scripts/common/util.sh

echo --- Check Production Native Node Modules
node scripts/check_prod_native_modules
Loading

0 comments on commit d5dadcd

Please sign in to comment.