[Cloud Security] updates to move from doc_root.vulnerability.package …

…-> doc_root.package (ECS) (#164651) ## Summary Issue: #157674 This updates all instances of vulnerability.package to the ECS standard package fieldset. The new field has been populated by cloudbeat since 8.8 ### Checklist Delete any items that are not applicable to this PR. - [x] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --------- Co-authored-by: kibanamachine <[email protected]>
elastic · Aug 24, 2023 · fda98b0 · fda98b0
1 parent ec1b885
commit fda98b0
Show file tree

Hide file tree

Showing 13 changed files with 53 additions and 66 deletions.
diff --git a/x-pack/plugins/cloud_security_posture/common/schemas/csp_vulnerability_finding.ts b/x-pack/plugins/cloud_security_posture/common/schemas/csp_vulnerability_finding.ts
@@ -70,6 +70,11 @@ export interface CspVulnerabilityFinding {
     commit_sha: string;
     commit_time: string;
   };
+  package: {
+    version: string;
+    name: string;
+    fixed_version?: string;
+  };
 }
 
 export interface Vulnerability {
@@ -99,11 +104,6 @@ export interface Vulnerability {
   scanner: {
     vendor: string;
   };
-  package: {
-    version: string;
-    name: string;
-    fixed_version?: string;
-  };
 }
 
 export interface VectorScoreBase {

diff --git a/...plugins/cloud_security_posture/public/pages/vulnerabilities/_mocks_/vulnerability.mock.ts b/...plugins/cloud_security_posture/public/pages/vulnerabilities/_mocks_/vulnerability.mock.ts
@@ -27,14 +27,14 @@ export const mockVulnerabilityHit: CspVulnerabilityFinding = {
     machine: { type: 'c6g.medium' },
     region: 'eu-west-1',
   },
+  package: { fixed_version: '0.4.0', version: 'v0.2.0', name: 'golang.org/x/net' },
   vulnerability: {
     published_date: '2022-08-10T00:00:00.000Z',
     data_source: {
       ID: 'go-vulndb',
       Name: 'The Go Vulnerability Database',
       URL: 'https://github.com/golang/vulndb',
     },
-    package: { fixed_version: '0.4.0', version: 'v0.2.0', name: 'golang.org/x/net' },
     enumeration: 'CVE',
     description:
       'An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.',

diff --git a/...posture/public/pages/vulnerabilities/utils/get_vulnerabilities_grid_cell_actions.test.tsx b/...posture/public/pages/vulnerabilities/utils/get_vulnerabilities_grid_cell_actions.test.tsx
@@ -127,12 +127,10 @@ describe('getRowValueByColumnId', () => {
 
   it('should return package fields', () => {
     const vulnerabilityRow = {
-      vulnerability: {
-        package: {
-          name: 'test',
-          version: '1.0.0',
-          fixed_version: '1.0.1',
-        },
+      package: {
+        name: 'test',
+        version: '1.0.0',
+        fixed_version: '1.0.1',
       },
     };
     const columns1 = vulnerabilitiesColumns;

diff --git a/...rity_posture/public/pages/vulnerabilities/utils/get_vulnerabilities_grid_cell_actions.tsx b/...rity_posture/public/pages/vulnerabilities/utils/get_vulnerabilities_grid_cell_actions.tsx
@@ -32,13 +32,13 @@ export const getRowValueByColumnId = (
     return vulnerabilityRow.vulnerability?.severity;
   }
   if (columnId === columns.package) {
-    return vulnerabilityRow.vulnerability?.package?.name;
+    return vulnerabilityRow.package?.name;
   }
   if (columnId === columns.version) {
-    return vulnerabilityRow.vulnerability?.package?.version;
+    return vulnerabilityRow.package?.version;
   }
   if (columnId === columns.fixedVersion) {
-    return vulnerabilityRow.vulnerability?.package?.fixed_version;
+    return vulnerabilityRow.package?.fixed_version;
   }
   if (columnId === columns.region) {
     return vulnerabilityRow.cloud?.region;

diff --git a/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilities.tsx b/x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilities.tsx
@@ -165,10 +165,8 @@ const VulnerabilitiesDataGrid = ({
         (vulnerabilityRecord: VulnerabilitiesQueryData['page'][number]) =>
           vulnerabilityRecord.vulnerability?.id === vulnerabilityRow.vulnerability?.id &&
           vulnerabilityRecord.resource?.id === vulnerabilityRow.resource?.id &&
-          vulnerabilityRecord.vulnerability.package.name ===
-            vulnerabilityRow.vulnerability.package.name &&
-          vulnerabilityRecord.vulnerability.package.version ===
-            vulnerabilityRow.vulnerability.package.version
+          vulnerabilityRecord.package.name === vulnerabilityRow.package.name &&
+          vulnerabilityRecord.package.version === vulnerabilityRow.package.version
       );
       setUrlQuery({
         vulnerabilityIndex,
@@ -268,13 +266,13 @@ const VulnerabilitiesDataGrid = ({
       }
 
       if (columnId === vulnerabilitiesColumns.package) {
-        return <>{vulnerabilityRow.vulnerability?.package?.name}</>;
+        return <>{vulnerabilityRow?.package?.name}</>;
       }
       if (columnId === vulnerabilitiesColumns.version) {
-        return <>{vulnerabilityRow.vulnerability?.package?.version}</>;
+        return <>{vulnerabilityRow?.package?.version}</>;
       }
       if (columnId === vulnerabilitiesColumns.fixedVersion) {
-        return <>{vulnerabilityRow.vulnerability?.package?.fixed_version}</>;
+        return <>{vulnerabilityRow?.package?.fixed_version}</>;
       }
 
       return null;

diff --git a/...ilities/vulnerabilities_by_resource/resource_vulnerabilities/resource_vulnerabilities.tsx b/...ilities/vulnerabilities_by_resource/resource_vulnerabilities/resource_vulnerabilities.tsx
@@ -124,10 +124,8 @@ const ResourceVulnerabilitiesDataGrid = ({
         (vulnerabilityRecord: VulnerabilitiesQueryData['page'][number]) =>
           vulnerabilityRecord.vulnerability?.id === vulnerabilityRow.vulnerability?.id &&
           vulnerabilityRecord.resource?.id === vulnerabilityRow.resource?.id &&
-          vulnerabilityRecord.vulnerability.package.name ===
-            vulnerabilityRow.vulnerability.package.name &&
-          vulnerabilityRecord.vulnerability.package.version ===
-            vulnerabilityRow.vulnerability.package.version
+          vulnerabilityRecord.package.name === vulnerabilityRow.package.name &&
+          vulnerabilityRecord.package.version === vulnerabilityRow.package.version
       );
       setUrlQuery({
         vulnerabilityIndex,
@@ -232,13 +230,13 @@ const ResourceVulnerabilitiesDataGrid = ({
       }
 
       if (columnId === vulnerabilitiesColumns.package) {
-        return <>{vulnerabilityRow.vulnerability?.package?.name}</>;
+        return <>{vulnerabilityRow?.package?.name}</>;
       }
       if (columnId === vulnerabilitiesColumns.version) {
-        return <>{vulnerabilityRow.vulnerability?.package?.version}</>;
+        return <>{vulnerabilityRow?.package?.version}</>;
       }
       if (columnId === vulnerabilitiesColumns.fixedVersion) {
-        return <>{vulnerabilityRow.vulnerability?.package?.fixed_version}</>;
+        return <>{vulnerabilityRow?.package?.fixed_version}</>;
       }
 
       return null;

diff --git a/...ages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_finding_flyout.test.tsx b/...ages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_finding_flyout.test.tsx
@@ -39,7 +39,7 @@ describe('<VulnerabilityFindingFlyout/>', () => {
       getByText(mockVulnerabilityHit.vulnerability.description);
       const descriptionList = getByTestId(FINDINGS_VULNERABILITY_FLYOUT_DESCRIPTION_LIST);
       expect(descriptionList.textContent).toEqual(
-        `Resource ID:${mockVulnerabilityHit.resource?.id}Resource Name:${mockVulnerabilityHit.resource?.name}Package:${mockVulnerabilityHit.vulnerability.package.name}Version:${mockVulnerabilityHit.vulnerability.package.version}`
+        `Resource ID:${mockVulnerabilityHit.resource?.id}Resource Name:${mockVulnerabilityHit.resource?.name}Package:${mockVulnerabilityHit.package.name}Version:${mockVulnerabilityHit.package.version}`
       );
       getByText(mockVulnerabilityHit.vulnerability.severity);
     });
@@ -59,7 +59,7 @@ describe('<VulnerabilityFindingFlyout/>', () => {
     it('show display Vulnerability details in a Overview Tab', () => {
       const { getByText, getAllByText } = render(
         <TestProvider>
-          <VulnerabilityOverviewTab vulnerability={mockVulnerabilityHit.vulnerability} />
+          <VulnerabilityOverviewTab vulnerabilityRecord={mockVulnerabilityHit} />
         </TestProvider>
       );
       getByText(mockVulnerabilityHit.vulnerability.data_source.ID);
@@ -72,17 +72,17 @@ describe('<VulnerabilityFindingFlyout/>', () => {
       getAllByText(mockVulnerabilityHit.vulnerability?.cvss?.ghsa?.V3Vector?.toString() as string);
       getAllByText(mockVulnerabilityHit.vulnerability?.cvss?.ghsa?.V3Score?.toString() as string);
       getByText(
-        `${mockVulnerabilityHit.vulnerability.package.name} ${mockVulnerabilityHit.vulnerability.package.fixed_version}`
+        `${mockVulnerabilityHit.package.name} ${mockVulnerabilityHit.package.fixed_version}`
       );
     });
 
     it('show empty state for no fixes', () => {
       const { getByText } = render(
         <TestProvider>
           <VulnerabilityOverviewTab
-            vulnerability={{
-              ...mockVulnerabilityHit.vulnerability,
-              package: { ...mockVulnerabilityHit.vulnerability.package, fixed_version: undefined },
+            vulnerabilityRecord={{
+              ...mockVulnerabilityHit,
+              package: { ...mockVulnerabilityHit.package, fixed_version: undefined },
             }}
           />
         </TestProvider>

diff --git a/...lic/pages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_finding_flyout.tsx b/...lic/pages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_finding_flyout.tsx
@@ -69,14 +69,14 @@ const getFlyoutDescriptionList = (
         'xpack.csp.vulnerabilities.vulnerabilitiesFindingFlyout.flyoutDescriptionList.packageTitle',
         { defaultMessage: 'Package' }
       ),
-      description: vulnerabilityRecord.vulnerability.package.name,
+      description: vulnerabilityRecord.package.name,
     },
     {
       title: i18n.translate(
         'xpack.csp.vulnerabilities.vulnerabilitiesFindingFlyout.flyoutDescriptionList.versionTitle',
         { defaultMessage: 'Version' }
       ),
-      description: vulnerabilityRecord.vulnerability.package.version,
+      description: vulnerabilityRecord.package.version,
     },
   ].filter(truthy);
 
@@ -108,7 +108,7 @@ export const VulnerabilityFindingFlyout = ({
             defaultMessage="Overview"
           />
         ),
-        content: <VulnerabilityOverviewTab vulnerability={vulnerability} />,
+        content: <VulnerabilityOverviewTab vulnerabilityRecord={vulnerabilityRecord} />,
       },
       {
         id: tableTabId,
@@ -131,7 +131,7 @@ export const VulnerabilityFindingFlyout = ({
         content: <VulnerabilityJsonTab vulnerabilityRecord={vulnerabilityRecord} />,
       },
     ],
-    [vulnerability, vulnerabilityRecord]
+    [vulnerabilityRecord]
   );
 
   const onSelectedTabChanged = (id: string) => setSelectedTabId(id);

diff --git a/...ublic/pages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_overview_tab.tsx b/...ublic/pages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_overview_tab.tsx
@@ -19,7 +19,7 @@ import moment from 'moment';
 import React from 'react';
 import { euiThemeVars } from '@kbn/ui-theme';
 import { i18n } from '@kbn/i18n';
-import { VectorScoreBase, Vulnerability } from '../../../../common/schemas';
+import { VectorScoreBase, CspVulnerabilityFinding } from '../../../../common/schemas';
 import { CspFlyoutMarkdown } from '../../configurations/findings_flyout/findings_flyout';
 import { NvdLogo } from '../../../assets/icons/nvd_logo_svg';
 import { CVSScoreBadge } from '../../../components/vulnerability_badges';
@@ -41,7 +41,7 @@ const vendorIcons: Record<string, string> = {
 };
 
 interface VulnerabilityTabProps {
-  vulnerability: Vulnerability;
+  vulnerabilityRecord: CspVulnerabilityFinding;
 }
 
 const CVSScore = ({ vectorBaseScore, vendor }: CVSScoreProps) => {
@@ -135,7 +135,8 @@ const VectorScore = ({
   );
 };
 
-const VulnerabilityOverviewTiles = ({ vulnerability }: VulnerabilityTabProps) => {
+const VulnerabilityOverviewTiles = ({ vulnerabilityRecord }: VulnerabilityTabProps) => {
+  const { vulnerability } = vulnerabilityRecord;
   const tileStyle = css`
     padding: ${euiThemeVars.euiFontSizeM};
     background: ${euiThemeVars.euiColorLightestShade};
@@ -198,16 +199,17 @@ const VulnerabilityOverviewTiles = ({ vulnerability }: VulnerabilityTabProps) =>
   );
 };
 
-export const VulnerabilityOverviewTab = ({ vulnerability }: VulnerabilityTabProps) => {
+export const VulnerabilityOverviewTab = ({ vulnerabilityRecord }: VulnerabilityTabProps) => {
+  const { vulnerability } = vulnerabilityRecord;
   const emptyFixesMessageState = i18n.translate(
     'xpack.csp.vulnerabilities.vulnerabilityOverviewTab.emptyFixesMessage',
     {
       defaultMessage: 'No available fixes yet.',
     }
   );
 
-  const fixesDisplayText = vulnerability?.package?.fixed_version
-    ? `${vulnerability?.package?.name} ${vulnerability?.package?.fixed_version}`
+  const fixesDisplayText = vulnerabilityRecord?.package?.fixed_version
+    ? `${vulnerabilityRecord?.package?.name} ${vulnerabilityRecord?.package?.fixed_version}`
     : emptyFixesMessageState;
 
   const cvssScores: JSX.Element[] = vulnerability?.cvss
@@ -236,7 +238,7 @@ export const VulnerabilityOverviewTab = ({ vulnerability }: VulnerabilityTabProp
   return (
     <EuiFlexGroup direction="column">
       <EuiFlexItem>
-        <VulnerabilityOverviewTiles vulnerability={vulnerability} />
+        <VulnerabilityOverviewTiles vulnerabilityRecord={vulnerabilityRecord} />
       </EuiFlexItem>
 
       <EuiHorizontalRule css={horizontalStyle} />

diff --git a/...gins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilities_table_columns.ts b/...gins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilities_table_columns.ts
@@ -16,9 +16,9 @@ export const vulnerabilitiesColumns = {
   resourceName: 'resource.name',
   resourceId: 'resource.id',
   severity: 'vulnerability.severity',
-  package: 'vulnerability.package.name',
-  version: 'vulnerability.package.version',
-  fixedVersion: 'vulnerability.package.fixed_version',
+  package: 'package.name',
+  version: 'package.version',
+  fixedVersion: 'package.fixed_version',
 };
 
 const defaultColumnProps = () => ({

diff --git a/...curity_posture/public/pages/vulnerability_dashboard/vulnerability_table_panel_section.tsx b/...curity_posture/public/pages/vulnerability_dashboard/vulnerability_table_panel_section.tsx
@@ -184,9 +184,7 @@ export const VulnerabilityTablePanelSection = () => {
           ),
           render: (packageFixVersion: string) => (
             <EuiLink
-              onClick={() =>
-                onCellClick({ 'vulnerability.package.fixed_version': packageFixVersion })
-              }
+              onClick={() => onCellClick({ 'package.fixed_version': packageFixVersion })}
               className="eui-textTruncate"
               color="text"
             >
@@ -276,7 +274,7 @@ export const VulnerabilityTablePanelSection = () => {
         ),
         render: (packageName: string) => (
           <EuiLink
-            onClick={() => onCellClick({ 'vulnerability.package.name': packageName })}
+            onClick={() => onCellClick({ 'package.name': packageName })}
             className="eui-textTruncate"
             color="text"
           >
@@ -295,7 +293,7 @@ export const VulnerabilityTablePanelSection = () => {
         ),
         render: (packageVersion: string) => (
           <EuiLink
-            onClick={() => onCellClick({ 'vulnerability.package.version': packageVersion })}
+            onClick={() => onCellClick({ 'package.version': packageVersion })}
             className="eui-textTruncate"
             color="text"
           >
@@ -314,9 +312,7 @@ export const VulnerabilityTablePanelSection = () => {
         ),
         render: (packageFixVersion: string) => (
           <EuiLink
-            onClick={() =>
-              onCellClick({ 'vulnerability.package.fixed_version': packageFixVersion })
-            }
+            onClick={() => onCellClick({ 'package.fixed_version': packageFixVersion })}
             className="eui-textTruncate"
             color="text"
           >

diff --git a/...gins/cloud_security_posture/server/create_transforms/latest_vulnerabilities_transforms.ts b/...gins/cloud_security_posture/server/create_transforms/latest_vulnerabilities_transforms.ts
@@ -38,12 +38,7 @@ export const latestVulnerabilitiesTransform: TransformPutTransformRequest = {
   },
   latest: {
     sort: '@timestamp',
-    unique_key: [
-      'vulnerability.id',
-      'resource.id',
-      'vulnerability.package.name',
-      'vulnerability.package.version',
-    ],
+    unique_key: ['vulnerability.id', 'resource.id', 'package.name', 'package.version'],
   },
   _meta: {
     package: {

diff --git a/...cloud_security_posture/server/routes/vulnerabilities_dashboard/get_top_vulnerabilities.ts b/...cloud_security_posture/server/routes/vulnerabilities_dashboard/get_top_vulnerabilities.ts
@@ -104,19 +104,19 @@ const getVulnerabilitiesQuery = (query: QueryDslQueryContainer): SearchRequest =
         },
         packageFixVersion: {
           terms: {
-            field: 'vulnerability.package.fixed_version',
+            field: 'package.fixed_version',
             size: 1,
           },
         },
         packageName: {
           terms: {
-            field: 'vulnerability.package.name',
+            field: 'package.name',
             size: 1,
           },
         },
         packageVersion: {
           terms: {
-            field: 'vulnerability.package.version',
+            field: 'package.version',
             size: 1,
           },
         },