[Security Solution] Tests for prebuilt rule import/export workflow #202079
Assignees
Labels
8.18 candidate
Feature:Prebuilt Detection Rules
Security Solution Prebuilt Detection Rules area
Team:Detection Rule Management
Security Detection Rule Management Team
Team:Detections and Resp
Security Detection Response Team
Team: SecuritySolution
Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
test
test-coverage
issues & PRs for improving code test coverage
test-plan
v8.18.0
Comments
banderror
added
8.18 candidate
Feature:Prebuilt Detection Rules
|
Pinging @elastic/security-solution (Team: SecuritySolution) |
|
Pinging @elastic/security-detection-rule-management (Team:Detection Rule Management) |
|
Pinging @elastic/security-detections-response (Team:Detections and Resp) |
banderror
changed the title
|
cc @pborgonovi |
|
@banderror, can you please clarify this one? "Converting custom rules to prebuilt rules on upgrade (edge case)" |
|
@nikitaindik It's about the edge case when the user might import a rule with a It could happen:
Related bug is mentioned in the description: #180198 |
|
@banderror What should happen if a user has a custom rule with a specific As I understand, if we forbid it at this stage then there can't be a situation where we try to upgrade such rule. And if such situation can occur somehow, then what would be the best way to handle it? |
|
@approksiu Can you please answer Nikita's question?
@nikitaindik We should double-check the implementation of the upgrade/_review endpoint. Originally, there was an idea that the only two things that matter for the upgrade workflow is the
If we say that it shouldn't work like that, then how it should work? If this can't be answered quickly, I'd suggest us to postpone the discussion until we take #180198 into work. |
|
Discussed with @nikitaindik. I have the same expectations of the behavior in this situation, as @banderror describes above. There is one caveat. We can expect with high probability, that the new prebuilt rule will have version 1. And there is a high chance the custom rule has version >=1, as user might have modified it a few times. In that case we will compare the versions, and rule update will not be shown. However, the custom rule will be shown as Elastic Modified rule. @nikitaindik will confirm both behaviors. We should document the manual workaround for the user in this kind of situation. The user should duplicate the custom rule (this will create a new rule_id) and delete the old custom rule. The new prebuilt rule will appear on the "Add Elastic rules" page, and the expected behavior will be restored. Would be nice to know via telemetry any time this kind of situation happens. We can open a ticket for our backlog to provide better UX for rule_id collisions. Both will have low priority as this should be a rare occasion. |
@approksiu Custom rules always have a constant Docs: 
|
|
Thank you for looking into this, @approksiu and @banderror. I've just realized that even if the package isn't initially installed, it will automatically be installed as soon as a user attempts to import a rule via the API or views any of our pages in the UI. This makes the edge case we're discussing quite rare. I think we can add a test plan scenario that goes something like: "If a user imports a custom rule with a specific |
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this issue
Jan 20, 2025
…ebuilt rules (elastic#204889) ## Summary Addresses elastic#202079 Updates the existing import and export rule test plans to include front end tests as well as more exhaustive coverage of the prebuilt rule customization milestone 3 epic (cherry picked from commit 4b5f466)
cqliu1
pushed a commit
to cqliu1/kibana
that referenced
this issue
Jan 21, 2025
…ebuilt rules (elastic#204889) ## Summary Addresses elastic#202079 Updates the existing import and export rule test plans to include front end tests as well as more exhaustive coverage of the prebuilt rule customization milestone 3 epic
viduni94
pushed a commit
to viduni94/kibana
that referenced
this issue
Jan 23, 2025
…ebuilt rules (elastic#204889) ## Summary Addresses elastic#202079 Updates the existing import and export rule test plans to include front end tests as well as more exhaustive coverage of the prebuilt rule customization milestone 3 epic
2 tasks
banderror
added a commit
that referenced
this issue
Feb 14, 2025
…part 1 (#211300) **Epic:** #174168 **Partially addresses:** #202068, #202078, #202079 ## Summary We're cleaning up and refactoring our existing test plans for prebuilt rule customization, upgrade, and export/import workflows. Specifically, in this PR we're consistently: - Changing the file names and test plan titles. - Adding or expanding test plan summaries. - Regenerating tables of contents using the [Markdown All in One](https://marketplace.visualstudio.com/items?itemName=yzhang.markdown-all-in-one) VS Code extension. No "functional" changes have been made to any test plans, such as adding, removing, or updating any scenarios. This refactoring prepares the test plans for being "functionally" changed and improved in follow-up PRs. For example, we're going to cover the logic described in #210358 and address any other gaps in coverage.
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this issue
Feb 14, 2025
…part 1 (elastic#211300) **Epic:** elastic#174168 **Partially addresses:** elastic#202068, elastic#202078, elastic#202079 ## Summary We're cleaning up and refactoring our existing test plans for prebuilt rule customization, upgrade, and export/import workflows. Specifically, in this PR we're consistently: - Changing the file names and test plan titles. - Adding or expanding test plan summaries. - Regenerating tables of contents using the [Markdown All in One](https://marketplace.visualstudio.com/items?itemName=yzhang.markdown-all-in-one) VS Code extension. No "functional" changes have been made to any test plans, such as adding, removing, or updating any scenarios. This refactoring prepares the test plans for being "functionally" changed and improved in follow-up PRs. For example, we're going to cover the logic described in elastic#210358 and address any other gaps in coverage. (cherry picked from commit 9600de4)
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this issue
Feb 14, 2025
…part 1 (elastic#211300) **Epic:** elastic#174168 **Partially addresses:** elastic#202068, elastic#202078, elastic#202079 ## Summary We're cleaning up and refactoring our existing test plans for prebuilt rule customization, upgrade, and export/import workflows. Specifically, in this PR we're consistently: - Changing the file names and test plan titles. - Adding or expanding test plan summaries. - Regenerating tables of contents using the [Markdown All in One](https://marketplace.visualstudio.com/items?itemName=yzhang.markdown-all-in-one) VS Code extension. No "functional" changes have been made to any test plans, such as adding, removing, or updating any scenarios. This refactoring prepares the test plans for being "functionally" changed and improved in follow-up PRs. For example, we're going to cover the logic described in elastic#210358 and address any other gaps in coverage. (cherry picked from commit 9600de4)
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this issue
Feb 14, 2025
…part 1 (elastic#211300) **Epic:** elastic#174168 **Partially addresses:** elastic#202068, elastic#202078, elastic#202079 ## Summary We're cleaning up and refactoring our existing test plans for prebuilt rule customization, upgrade, and export/import workflows. Specifically, in this PR we're consistently: - Changing the file names and test plan titles. - Adding or expanding test plan summaries. - Regenerating tables of contents using the [Markdown All in One](https://marketplace.visualstudio.com/items?itemName=yzhang.markdown-all-in-one) VS Code extension. No "functional" changes have been made to any test plans, such as adding, removing, or updating any scenarios. This refactoring prepares the test plans for being "functionally" changed and improved in follow-up PRs. For example, we're going to cover the logic described in elastic#210358 and address any other gaps in coverage. (cherry picked from commit 9600de4)
kibanamachine
added a commit
that referenced
this issue
Feb 14, 2025
…lans, part 1 (#211300) (#211307) # Backport This will backport the following commits from `main` to `8.x`: - [[Security Solution] Refactor prebuilt rule customization test plans, part 1 (#211300)](#211300) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Georgii Gorbachev","email":"[email protected]"},"sourceCommit":{"committedDate":"2025-02-14T18:22:45Z","message":"[Security Solution] Refactor prebuilt rule customization test plans, part 1 (#211300)\n\n**Epic:** https://github.com/elastic/kibana/issues/174168\r\n**Partially addresses:**\r\nhttps://github.com//issues/202068,\r\nhttps://github.com//issues/202078,\r\nhttps://github.com//issues/202079\r\n\r\n## Summary\r\n\r\nWe're cleaning up and refactoring our existing test plans for prebuilt\r\nrule customization, upgrade, and export/import workflows.\r\n\r\nSpecifically, in this PR we're consistently:\r\n\r\n- Changing the file names and test plan titles.\r\n- Adding or expanding test plan summaries.\r\n- Regenerating tables of contents using the [Markdown All in\r\nOne](https://marketplace.visualstudio.com/items?itemName=yzhang.markdown-all-in-one)\r\nVS Code extension.\r\n\r\nNo \"functional\" changes have been made to any test plans, such as\r\nadding, removing, or updating any scenarios.\r\n\r\nThis refactoring prepares the test plans for being \"functionally\"\r\nchanged and improved in follow-up PRs. For example, we're going to cover\r\nthe logic described in https://github.com/elastic/kibana/issues/210358\r\nand address any other gaps in coverage.","sha":"9600de4338edc123dbac7c2cb3403ede2f016752","branchLabelMapping":{"^v9.1.0$":"main","^v8.19.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","test-plan","v9.0.0","Team:Detections and Resp","Team: SecuritySolution","Team:Detection Rule Management","Feature:Prebuilt Detection Rules","backport:version","v8.18.0","v9.1.0","v8.19.0"],"title":"[Security Solution] Refactor prebuilt rule customization test plans, part 1","number":211300,"url":"https://github.com/elastic/kibana/pull/211300","mergeCommit":{"message":"[Security Solution] Refactor prebuilt rule customization test plans, part 1 (#211300)\n\n**Epic:** https://github.com/elastic/kibana/issues/174168\r\n**Partially addresses:**\r\nhttps://github.com//issues/202068,\r\nhttps://github.com//issues/202078,\r\nhttps://github.com//issues/202079\r\n\r\n## Summary\r\n\r\nWe're cleaning up and refactoring our existing test plans for prebuilt\r\nrule customization, upgrade, and export/import workflows.\r\n\r\nSpecifically, in this PR we're consistently:\r\n\r\n- Changing the file names and test plan titles.\r\n- Adding or expanding test plan summaries.\r\n- Regenerating tables of contents using the [Markdown All in\r\nOne](https://marketplace.visualstudio.com/items?itemName=yzhang.markdown-all-in-one)\r\nVS Code extension.\r\n\r\nNo \"functional\" changes have been made to any test plans, such as\r\nadding, removing, or updating any scenarios.\r\n\r\nThis refactoring prepares the test plans for being \"functionally\"\r\nchanged and improved in follow-up PRs. For example, we're going to cover\r\nthe logic described in https://github.com/elastic/kibana/issues/210358\r\nand address any other gaps in coverage.","sha":"9600de4338edc123dbac7c2cb3403ede2f016752"}},"sourceBranch":"main","suggestedTargetBranches":["9.0","8.18","8.x"],"targetPullRequestStates":[{"branch":"9.0","label":"v9.0.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.18","label":"v8.18.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.1.0","branchLabelMappingKey":"^v9.1.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/211300","number":211300,"mergeCommit":{"message":"[Security Solution] Refactor prebuilt rule customization test plans, part 1 (#211300)\n\n**Epic:** https://github.com/elastic/kibana/issues/174168\r\n**Partially addresses:**\r\nhttps://github.com//issues/202068,\r\nhttps://github.com//issues/202078,\r\nhttps://github.com//issues/202079\r\n\r\n## Summary\r\n\r\nWe're cleaning up and refactoring our existing test plans for prebuilt\r\nrule customization, upgrade, and export/import workflows.\r\n\r\nSpecifically, in this PR we're consistently:\r\n\r\n- Changing the file names and test plan titles.\r\n- Adding or expanding test plan summaries.\r\n- Regenerating tables of contents using the [Markdown All in\r\nOne](https://marketplace.visualstudio.com/items?itemName=yzhang.markdown-all-in-one)\r\nVS Code extension.\r\n\r\nNo \"functional\" changes have been made to any test plans, such as\r\nadding, removing, or updating any scenarios.\r\n\r\nThis refactoring prepares the test plans for being \"functionally\"\r\nchanged and improved in follow-up PRs. For example, we're going to cover\r\nthe logic described in https://github.com/elastic/kibana/issues/210358\r\nand address any other gaps in coverage.","sha":"9600de4338edc123dbac7c2cb3403ede2f016752"}},{"branch":"8.x","label":"v8.19.0","branchLabelMappingKey":"^v8.19.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Georgii Gorbachev <[email protected]>
kibanamachine
added a commit
that referenced
this issue
Feb 14, 2025
…lans, part 1 (#211300) (#211308) # Backport This will backport the following commits from `main` to `9.0`: - [[Security Solution] Refactor prebuilt rule customization test plans, part 1 (#211300)](#211300) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Georgii Gorbachev","email":"[email protected]"},"sourceCommit":{"committedDate":"2025-02-14T18:22:45Z","message":"[Security Solution] Refactor prebuilt rule customization test plans, part 1 (#211300)\n\n**Epic:** https://github.com/elastic/kibana/issues/174168\r\n**Partially addresses:**\r\nhttps://github.com//issues/202068,\r\nhttps://github.com//issues/202078,\r\nhttps://github.com//issues/202079\r\n\r\n## Summary\r\n\r\nWe're cleaning up and refactoring our existing test plans for prebuilt\r\nrule customization, upgrade, and export/import workflows.\r\n\r\nSpecifically, in this PR we're consistently:\r\n\r\n- Changing the file names and test plan titles.\r\n- Adding or expanding test plan summaries.\r\n- Regenerating tables of contents using the [Markdown All in\r\nOne](https://marketplace.visualstudio.com/items?itemName=yzhang.markdown-all-in-one)\r\nVS Code extension.\r\n\r\nNo \"functional\" changes have been made to any test plans, such as\r\nadding, removing, or updating any scenarios.\r\n\r\nThis refactoring prepares the test plans for being \"functionally\"\r\nchanged and improved in follow-up PRs. For example, we're going to cover\r\nthe logic described in https://github.com/elastic/kibana/issues/210358\r\nand address any other gaps in coverage.","sha":"9600de4338edc123dbac7c2cb3403ede2f016752","branchLabelMapping":{"^v9.1.0$":"main","^v8.19.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","test-plan","v9.0.0","Team:Detections and Resp","Team: SecuritySolution","Team:Detection Rule Management","Feature:Prebuilt Detection Rules","backport:version","v8.18.0","v9.1.0","v8.19.0"],"title":"[Security Solution] Refactor prebuilt rule customization test plans, part 1","number":211300,"url":"https://github.com/elastic/kibana/pull/211300","mergeCommit":{"message":"[Security Solution] Refactor prebuilt rule customization test plans, part 1 (#211300)\n\n**Epic:** https://github.com/elastic/kibana/issues/174168\r\n**Partially addresses:**\r\nhttps://github.com//issues/202068,\r\nhttps://github.com//issues/202078,\r\nhttps://github.com//issues/202079\r\n\r\n## Summary\r\n\r\nWe're cleaning up and refactoring our existing test plans for prebuilt\r\nrule customization, upgrade, and export/import workflows.\r\n\r\nSpecifically, in this PR we're consistently:\r\n\r\n- Changing the file names and test plan titles.\r\n- Adding or expanding test plan summaries.\r\n- Regenerating tables of contents using the [Markdown All in\r\nOne](https://marketplace.visualstudio.com/items?itemName=yzhang.markdown-all-in-one)\r\nVS Code extension.\r\n\r\nNo \"functional\" changes have been made to any test plans, such as\r\nadding, removing, or updating any scenarios.\r\n\r\nThis refactoring prepares the test plans for being \"functionally\"\r\nchanged and improved in follow-up PRs. For example, we're going to cover\r\nthe logic described in https://github.com/elastic/kibana/issues/210358\r\nand address any other gaps in coverage.","sha":"9600de4338edc123dbac7c2cb3403ede2f016752"}},"sourceBranch":"main","suggestedTargetBranches":["9.0","8.18","8.x"],"targetPullRequestStates":[{"branch":"9.0","label":"v9.0.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.18","label":"v8.18.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.1.0","branchLabelMappingKey":"^v9.1.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/211300","number":211300,"mergeCommit":{"message":"[Security Solution] Refactor prebuilt rule customization test plans, part 1 (#211300)\n\n**Epic:** https://github.com/elastic/kibana/issues/174168\r\n**Partially addresses:**\r\nhttps://github.com//issues/202068,\r\nhttps://github.com//issues/202078,\r\nhttps://github.com//issues/202079\r\n\r\n## Summary\r\n\r\nWe're cleaning up and refactoring our existing test plans for prebuilt\r\nrule customization, upgrade, and export/import workflows.\r\n\r\nSpecifically, in this PR we're consistently:\r\n\r\n- Changing the file names and test plan titles.\r\n- Adding or expanding test plan summaries.\r\n- Regenerating tables of contents using the [Markdown All in\r\nOne](https://marketplace.visualstudio.com/items?itemName=yzhang.markdown-all-in-one)\r\nVS Code extension.\r\n\r\nNo \"functional\" changes have been made to any test plans, such as\r\nadding, removing, or updating any scenarios.\r\n\r\nThis refactoring prepares the test plans for being \"functionally\"\r\nchanged and improved in follow-up PRs. For example, we're going to cover\r\nthe logic described in https://github.com/elastic/kibana/issues/210358\r\nand address any other gaps in coverage.","sha":"9600de4338edc123dbac7c2cb3403ede2f016752"}},{"branch":"8.x","label":"v8.19.0","branchLabelMappingKey":"^v8.19.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Georgii Gorbachev <[email protected]>
kibanamachine
added a commit
that referenced
this issue
Feb 14, 2025
…plans, part 1 (#211300) (#211306) # Backport This will backport the following commits from `main` to `8.18`: - [[Security Solution] Refactor prebuilt rule customization test plans, part 1 (#211300)](#211300) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Georgii Gorbachev","email":"[email protected]"},"sourceCommit":{"committedDate":"2025-02-14T18:22:45Z","message":"[Security Solution] Refactor prebuilt rule customization test plans, part 1 (#211300)\n\n**Epic:** https://github.com/elastic/kibana/issues/174168\r\n**Partially addresses:**\r\nhttps://github.com//issues/202068,\r\nhttps://github.com//issues/202078,\r\nhttps://github.com//issues/202079\r\n\r\n## Summary\r\n\r\nWe're cleaning up and refactoring our existing test plans for prebuilt\r\nrule customization, upgrade, and export/import workflows.\r\n\r\nSpecifically, in this PR we're consistently:\r\n\r\n- Changing the file names and test plan titles.\r\n- Adding or expanding test plan summaries.\r\n- Regenerating tables of contents using the [Markdown All in\r\nOne](https://marketplace.visualstudio.com/items?itemName=yzhang.markdown-all-in-one)\r\nVS Code extension.\r\n\r\nNo \"functional\" changes have been made to any test plans, such as\r\nadding, removing, or updating any scenarios.\r\n\r\nThis refactoring prepares the test plans for being \"functionally\"\r\nchanged and improved in follow-up PRs. For example, we're going to cover\r\nthe logic described in https://github.com/elastic/kibana/issues/210358\r\nand address any other gaps in coverage.","sha":"9600de4338edc123dbac7c2cb3403ede2f016752","branchLabelMapping":{"^v9.1.0$":"main","^v8.19.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","test-plan","v9.0.0","Team:Detections and Resp","Team: SecuritySolution","Team:Detection Rule Management","Feature:Prebuilt Detection Rules","backport:version","v8.18.0","v9.1.0","v8.19.0"],"title":"[Security Solution] Refactor prebuilt rule customization test plans, part 1","number":211300,"url":"https://github.com/elastic/kibana/pull/211300","mergeCommit":{"message":"[Security Solution] Refactor prebuilt rule customization test plans, part 1 (#211300)\n\n**Epic:** https://github.com/elastic/kibana/issues/174168\r\n**Partially addresses:**\r\nhttps://github.com//issues/202068,\r\nhttps://github.com//issues/202078,\r\nhttps://github.com//issues/202079\r\n\r\n## Summary\r\n\r\nWe're cleaning up and refactoring our existing test plans for prebuilt\r\nrule customization, upgrade, and export/import workflows.\r\n\r\nSpecifically, in this PR we're consistently:\r\n\r\n- Changing the file names and test plan titles.\r\n- Adding or expanding test plan summaries.\r\n- Regenerating tables of contents using the [Markdown All in\r\nOne](https://marketplace.visualstudio.com/items?itemName=yzhang.markdown-all-in-one)\r\nVS Code extension.\r\n\r\nNo \"functional\" changes have been made to any test plans, such as\r\nadding, removing, or updating any scenarios.\r\n\r\nThis refactoring prepares the test plans for being \"functionally\"\r\nchanged and improved in follow-up PRs. For example, we're going to cover\r\nthe logic described in https://github.com/elastic/kibana/issues/210358\r\nand address any other gaps in coverage.","sha":"9600de4338edc123dbac7c2cb3403ede2f016752"}},"sourceBranch":"main","suggestedTargetBranches":["9.0","8.18","8.x"],"targetPullRequestStates":[{"branch":"9.0","label":"v9.0.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.18","label":"v8.18.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.1.0","branchLabelMappingKey":"^v9.1.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/211300","number":211300,"mergeCommit":{"message":"[Security Solution] Refactor prebuilt rule customization test plans, part 1 (#211300)\n\n**Epic:** https://github.com/elastic/kibana/issues/174168\r\n**Partially addresses:**\r\nhttps://github.com//issues/202068,\r\nhttps://github.com//issues/202078,\r\nhttps://github.com//issues/202079\r\n\r\n## Summary\r\n\r\nWe're cleaning up and refactoring our existing test plans for prebuilt\r\nrule customization, upgrade, and export/import workflows.\r\n\r\nSpecifically, in this PR we're consistently:\r\n\r\n- Changing the file names and test plan titles.\r\n- Adding or expanding test plan summaries.\r\n- Regenerating tables of contents using the [Markdown All in\r\nOne](https://marketplace.visualstudio.com/items?itemName=yzhang.markdown-all-in-one)\r\nVS Code extension.\r\n\r\nNo \"functional\" changes have been made to any test plans, such as\r\nadding, removing, or updating any scenarios.\r\n\r\nThis refactoring prepares the test plans for being \"functionally\"\r\nchanged and improved in follow-up PRs. For example, we're going to cover\r\nthe logic described in https://github.com/elastic/kibana/issues/210358\r\nand address any other gaps in coverage.","sha":"9600de4338edc123dbac7c2cb3403ede2f016752"}},{"branch":"8.x","label":"v8.19.0","branchLabelMappingKey":"^v8.19.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Georgii Gorbachev <[email protected]>
banderror
added a commit
that referenced
this issue
Feb 18, 2025
…part 2 (#211472) **Epic:** #174168 **Partially addresses:** #202068, #202078, #202079 **Follow-up to:** #211300 ## Summary We're cleaning up and refactoring our existing test plans for prebuilt rule customization, upgrade, and export/import workflows. Specifically, this PR: - Creates an "entrypoint" file that should help navigate all the test plans for prebuilt rules. - Creates a file for keeping common information about prebuilt rules that can be shared between the test plans. - Extracts duplicated terminology to the file with common information. - Extracts duplicated assumptions to the file with common information. - Extracts duplicated non-functional requirements to the file with common information. - Adds user stories to each test plan. - Updates links to tickets in every test plan. No "functional" changes have been made to any test plans, such as adding, removing, or updating any scenarios. This refactoring prepares the test plans for being "functionally" changed and improved in follow-up PRs. For example, we're going to cover the logic described in #210358 and address any other gaps in coverage. ## Review tip It might be easier to review this PR commit-by-commit as each of them contains logically cohesive changes.
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this issue
Feb 18, 2025
…part 2 (elastic#211472) **Epic:** elastic#174168 **Partially addresses:** elastic#202068, elastic#202078, elastic#202079 **Follow-up to:** elastic#211300 ## Summary We're cleaning up and refactoring our existing test plans for prebuilt rule customization, upgrade, and export/import workflows. Specifically, this PR: - Creates an "entrypoint" file that should help navigate all the test plans for prebuilt rules. - Creates a file for keeping common information about prebuilt rules that can be shared between the test plans. - Extracts duplicated terminology to the file with common information. - Extracts duplicated assumptions to the file with common information. - Extracts duplicated non-functional requirements to the file with common information. - Adds user stories to each test plan. - Updates links to tickets in every test plan. No "functional" changes have been made to any test plans, such as adding, removing, or updating any scenarios. This refactoring prepares the test plans for being "functionally" changed and improved in follow-up PRs. For example, we're going to cover the logic described in elastic#210358 and address any other gaps in coverage. ## Review tip It might be easier to review this PR commit-by-commit as each of them contains logically cohesive changes. (cherry picked from commit 786df79)
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this issue
Feb 18, 2025
…part 2 (elastic#211472) **Epic:** elastic#174168 **Partially addresses:** elastic#202068, elastic#202078, elastic#202079 **Follow-up to:** elastic#211300 ## Summary We're cleaning up and refactoring our existing test plans for prebuilt rule customization, upgrade, and export/import workflows. Specifically, this PR: - Creates an "entrypoint" file that should help navigate all the test plans for prebuilt rules. - Creates a file for keeping common information about prebuilt rules that can be shared between the test plans. - Extracts duplicated terminology to the file with common information. - Extracts duplicated assumptions to the file with common information. - Extracts duplicated non-functional requirements to the file with common information. - Adds user stories to each test plan. - Updates links to tickets in every test plan. No "functional" changes have been made to any test plans, such as adding, removing, or updating any scenarios. This refactoring prepares the test plans for being "functionally" changed and improved in follow-up PRs. For example, we're going to cover the logic described in elastic#210358 and address any other gaps in coverage. ## Review tip It might be easier to review this PR commit-by-commit as each of them contains logically cohesive changes. (cherry picked from commit 786df79)
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this issue
Feb 18, 2025
…part 2 (elastic#211472) **Epic:** elastic#174168 **Partially addresses:** elastic#202068, elastic#202078, elastic#202079 **Follow-up to:** elastic#211300 ## Summary We're cleaning up and refactoring our existing test plans for prebuilt rule customization, upgrade, and export/import workflows. Specifically, this PR: - Creates an "entrypoint" file that should help navigate all the test plans for prebuilt rules. - Creates a file for keeping common information about prebuilt rules that can be shared between the test plans. - Extracts duplicated terminology to the file with common information. - Extracts duplicated assumptions to the file with common information. - Extracts duplicated non-functional requirements to the file with common information. - Adds user stories to each test plan. - Updates links to tickets in every test plan. No "functional" changes have been made to any test plans, such as adding, removing, or updating any scenarios. This refactoring prepares the test plans for being "functionally" changed and improved in follow-up PRs. For example, we're going to cover the logic described in elastic#210358 and address any other gaps in coverage. ## Review tip It might be easier to review this PR commit-by-commit as each of them contains logically cohesive changes. (cherry picked from commit 786df79)
kibanamachine
added a commit
that referenced
this issue
Feb 18, 2025
…plans, part 2 (#211472) (#211649) # Backport This will backport the following commits from `main` to `8.18`: - [[Security Solution] Refactor prebuilt rule customization test plans, part 2 (#211472)](#211472) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Georgii Gorbachev","email":"[email protected]"},"sourceCommit":{"committedDate":"2025-02-18T20:34:15Z","message":"[Security Solution] Refactor prebuilt rule customization test plans, part 2 (#211472)\n\n**Epic:** https://github.com/elastic/kibana/issues/174168\r\n**Partially addresses:**\r\nhttps://github.com//issues/202068,\r\nhttps://github.com//issues/202078,\r\nhttps://github.com//issues/202079\r\n**Follow-up to:** https://github.com/elastic/kibana/pull/211300\r\n\r\n## Summary\r\n\r\nWe're cleaning up and refactoring our existing test plans for prebuilt\r\nrule customization, upgrade, and export/import workflows.\r\n\r\nSpecifically, this PR:\r\n\r\n- Creates an \"entrypoint\" file that should help navigate all the test\r\nplans for prebuilt rules.\r\n- Creates a file for keeping common information about prebuilt rules\r\nthat can be shared between the test plans.\r\n- Extracts duplicated terminology to the file with common information.\r\n- Extracts duplicated assumptions to the file with common information.\r\n- Extracts duplicated non-functional requirements to the file with\r\ncommon information.\r\n- Adds user stories to each test plan.\r\n- Updates links to tickets in every test plan.\r\n\r\nNo \"functional\" changes have been made to any test plans, such as\r\nadding, removing, or updating any scenarios.\r\n\r\nThis refactoring prepares the test plans for being \"functionally\"\r\nchanged and improved in follow-up PRs. For example, we're going to cover\r\nthe logic described in https://github.com/elastic/kibana/issues/210358\r\nand address any other gaps in coverage.\r\n\r\n## Review tip\r\n\r\nIt might be easier to review this PR commit-by-commit as each of them\r\ncontains logically cohesive changes.","sha":"786df79f37642b8ddf214e086a3375204ec63a3b","branchLabelMapping":{"^v9.1.0$":"main","^v8.19.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","test-plan","v9.0.0","Team:Detections and Resp","Team: SecuritySolution","Team:Detection Rule Management","Feature:Prebuilt Detection Rules","backport:version","v8.18.0","v9.1.0","v8.19.0"],"title":"[Security Solution] Refactor prebuilt rule customization test plans, part 2","number":211472,"url":"https://github.com/elastic/kibana/pull/211472","mergeCommit":{"message":"[Security Solution] Refactor prebuilt rule customization test plans, part 2 (#211472)\n\n**Epic:** https://github.com/elastic/kibana/issues/174168\r\n**Partially addresses:**\r\nhttps://github.com//issues/202068,\r\nhttps://github.com//issues/202078,\r\nhttps://github.com//issues/202079\r\n**Follow-up to:** https://github.com/elastic/kibana/pull/211300\r\n\r\n## Summary\r\n\r\nWe're cleaning up and refactoring our existing test plans for prebuilt\r\nrule customization, upgrade, and export/import workflows.\r\n\r\nSpecifically, this PR:\r\n\r\n- Creates an \"entrypoint\" file that should help navigate all the test\r\nplans for prebuilt rules.\r\n- Creates a file for keeping common information about prebuilt rules\r\nthat can be shared between the test plans.\r\n- Extracts duplicated terminology to the file with common information.\r\n- Extracts duplicated assumptions to the file with common information.\r\n- Extracts duplicated non-functional requirements to the file with\r\ncommon information.\r\n- Adds user stories to each test plan.\r\n- Updates links to tickets in every test plan.\r\n\r\nNo \"functional\" changes have been made to any test plans, such as\r\nadding, removing, or updating any scenarios.\r\n\r\nThis refactoring prepares the test plans for being \"functionally\"\r\nchanged and improved in follow-up PRs. For example, we're going to cover\r\nthe logic described in https://github.com/elastic/kibana/issues/210358\r\nand address any other gaps in coverage.\r\n\r\n## Review tip\r\n\r\nIt might be easier to review this PR commit-by-commit as each of them\r\ncontains logically cohesive changes.","sha":"786df79f37642b8ddf214e086a3375204ec63a3b"}},"sourceBranch":"main","suggestedTargetBranches":["9.0","8.18","8.x"],"targetPullRequestStates":[{"branch":"9.0","label":"v9.0.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.18","label":"v8.18.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.1.0","branchLabelMappingKey":"^v9.1.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/211472","number":211472,"mergeCommit":{"message":"[Security Solution] Refactor prebuilt rule customization test plans, part 2 (#211472)\n\n**Epic:** https://github.com/elastic/kibana/issues/174168\r\n**Partially addresses:**\r\nhttps://github.com//issues/202068,\r\nhttps://github.com//issues/202078,\r\nhttps://github.com//issues/202079\r\n**Follow-up to:** https://github.com/elastic/kibana/pull/211300\r\n\r\n## Summary\r\n\r\nWe're cleaning up and refactoring our existing test plans for prebuilt\r\nrule customization, upgrade, and export/import workflows.\r\n\r\nSpecifically, this PR:\r\n\r\n- Creates an \"entrypoint\" file that should help navigate all the test\r\nplans for prebuilt rules.\r\n- Creates a file for keeping common information about prebuilt rules\r\nthat can be shared between the test plans.\r\n- Extracts duplicated terminology to the file with common information.\r\n- Extracts duplicated assumptions to the file with common information.\r\n- Extracts duplicated non-functional requirements to the file with\r\ncommon information.\r\n- Adds user stories to each test plan.\r\n- Updates links to tickets in every test plan.\r\n\r\nNo \"functional\" changes have been made to any test plans, such as\r\nadding, removing, or updating any scenarios.\r\n\r\nThis refactoring prepares the test plans for being \"functionally\"\r\nchanged and improved in follow-up PRs. For example, we're going to cover\r\nthe logic described in https://github.com/elastic/kibana/issues/210358\r\nand address any other gaps in coverage.\r\n\r\n## Review tip\r\n\r\nIt might be easier to review this PR commit-by-commit as each of them\r\ncontains logically cohesive changes.","sha":"786df79f37642b8ddf214e086a3375204ec63a3b"}},{"branch":"8.x","label":"v8.19.0","branchLabelMappingKey":"^v8.19.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Georgii Gorbachev <[email protected]>
kibanamachine
added a commit
that referenced
this issue
Feb 18, 2025
…lans, part 2 (#211472) (#211651) # Backport This will backport the following commits from `main` to `9.0`: - [[Security Solution] Refactor prebuilt rule customization test plans, part 2 (#211472)](#211472) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Georgii Gorbachev","email":"[email protected]"},"sourceCommit":{"committedDate":"2025-02-18T20:34:15Z","message":"[Security Solution] Refactor prebuilt rule customization test plans, part 2 (#211472)\n\n**Epic:** https://github.com/elastic/kibana/issues/174168\r\n**Partially addresses:**\r\nhttps://github.com//issues/202068,\r\nhttps://github.com//issues/202078,\r\nhttps://github.com//issues/202079\r\n**Follow-up to:** https://github.com/elastic/kibana/pull/211300\r\n\r\n## Summary\r\n\r\nWe're cleaning up and refactoring our existing test plans for prebuilt\r\nrule customization, upgrade, and export/import workflows.\r\n\r\nSpecifically, this PR:\r\n\r\n- Creates an \"entrypoint\" file that should help navigate all the test\r\nplans for prebuilt rules.\r\n- Creates a file for keeping common information about prebuilt rules\r\nthat can be shared between the test plans.\r\n- Extracts duplicated terminology to the file with common information.\r\n- Extracts duplicated assumptions to the file with common information.\r\n- Extracts duplicated non-functional requirements to the file with\r\ncommon information.\r\n- Adds user stories to each test plan.\r\n- Updates links to tickets in every test plan.\r\n\r\nNo \"functional\" changes have been made to any test plans, such as\r\nadding, removing, or updating any scenarios.\r\n\r\nThis refactoring prepares the test plans for being \"functionally\"\r\nchanged and improved in follow-up PRs. For example, we're going to cover\r\nthe logic described in https://github.com/elastic/kibana/issues/210358\r\nand address any other gaps in coverage.\r\n\r\n## Review tip\r\n\r\nIt might be easier to review this PR commit-by-commit as each of them\r\ncontains logically cohesive changes.","sha":"786df79f37642b8ddf214e086a3375204ec63a3b","branchLabelMapping":{"^v9.1.0$":"main","^v8.19.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","test-plan","v9.0.0","Team:Detections and Resp","Team: SecuritySolution","Team:Detection Rule Management","Feature:Prebuilt Detection Rules","backport:version","v8.18.0","v9.1.0","v8.19.0"],"title":"[Security Solution] Refactor prebuilt rule customization test plans, part 2","number":211472,"url":"https://github.com/elastic/kibana/pull/211472","mergeCommit":{"message":"[Security Solution] Refactor prebuilt rule customization test plans, part 2 (#211472)\n\n**Epic:** https://github.com/elastic/kibana/issues/174168\r\n**Partially addresses:**\r\nhttps://github.com//issues/202068,\r\nhttps://github.com//issues/202078,\r\nhttps://github.com//issues/202079\r\n**Follow-up to:** https://github.com/elastic/kibana/pull/211300\r\n\r\n## Summary\r\n\r\nWe're cleaning up and refactoring our existing test plans for prebuilt\r\nrule customization, upgrade, and export/import workflows.\r\n\r\nSpecifically, this PR:\r\n\r\n- Creates an \"entrypoint\" file that should help navigate all the test\r\nplans for prebuilt rules.\r\n- Creates a file for keeping common information about prebuilt rules\r\nthat can be shared between the test plans.\r\n- Extracts duplicated terminology to the file with common information.\r\n- Extracts duplicated assumptions to the file with common information.\r\n- Extracts duplicated non-functional requirements to the file with\r\ncommon information.\r\n- Adds user stories to each test plan.\r\n- Updates links to tickets in every test plan.\r\n\r\nNo \"functional\" changes have been made to any test plans, such as\r\nadding, removing, or updating any scenarios.\r\n\r\nThis refactoring prepares the test plans for being \"functionally\"\r\nchanged and improved in follow-up PRs. For example, we're going to cover\r\nthe logic described in https://github.com/elastic/kibana/issues/210358\r\nand address any other gaps in coverage.\r\n\r\n## Review tip\r\n\r\nIt might be easier to review this PR commit-by-commit as each of them\r\ncontains logically cohesive changes.","sha":"786df79f37642b8ddf214e086a3375204ec63a3b"}},"sourceBranch":"main","suggestedTargetBranches":["9.0","8.18","8.x"],"targetPullRequestStates":[{"branch":"9.0","label":"v9.0.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.18","label":"v8.18.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.1.0","branchLabelMappingKey":"^v9.1.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/211472","number":211472,"mergeCommit":{"message":"[Security Solution] Refactor prebuilt rule customization test plans, part 2 (#211472)\n\n**Epic:** https://github.com/elastic/kibana/issues/174168\r\n**Partially addresses:**\r\nhttps://github.com//issues/202068,\r\nhttps://github.com//issues/202078,\r\nhttps://github.com//issues/202079\r\n**Follow-up to:** https://github.com/elastic/kibana/pull/211300\r\n\r\n## Summary\r\n\r\nWe're cleaning up and refactoring our existing test plans for prebuilt\r\nrule customization, upgrade, and export/import workflows.\r\n\r\nSpecifically, this PR:\r\n\r\n- Creates an \"entrypoint\" file that should help navigate all the test\r\nplans for prebuilt rules.\r\n- Creates a file for keeping common information about prebuilt rules\r\nthat can be shared between the test plans.\r\n- Extracts duplicated terminology to the file with common information.\r\n- Extracts duplicated assumptions to the file with common information.\r\n- Extracts duplicated non-functional requirements to the file with\r\ncommon information.\r\n- Adds user stories to each test plan.\r\n- Updates links to tickets in every test plan.\r\n\r\nNo \"functional\" changes have been made to any test plans, such as\r\nadding, removing, or updating any scenarios.\r\n\r\nThis refactoring prepares the test plans for being \"functionally\"\r\nchanged and improved in follow-up PRs. For example, we're going to cover\r\nthe logic described in https://github.com/elastic/kibana/issues/210358\r\nand address any other gaps in coverage.\r\n\r\n## Review tip\r\n\r\nIt might be easier to review this PR commit-by-commit as each of them\r\ncontains logically cohesive changes.","sha":"786df79f37642b8ddf214e086a3375204ec63a3b"}},{"branch":"8.x","label":"v8.19.0","branchLabelMappingKey":"^v8.19.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Georgii Gorbachev <[email protected]>
kibanamachine
added a commit
that referenced
this issue
Feb 18, 2025
…lans, part 2 (#211472) (#211650) # Backport This will backport the following commits from `main` to `8.x`: - [[Security Solution] Refactor prebuilt rule customization test plans, part 2 (#211472)](#211472) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Georgii Gorbachev","email":"[email protected]"},"sourceCommit":{"committedDate":"2025-02-18T20:34:15Z","message":"[Security Solution] Refactor prebuilt rule customization test plans, part 2 (#211472)\n\n**Epic:** https://github.com/elastic/kibana/issues/174168\r\n**Partially addresses:**\r\nhttps://github.com//issues/202068,\r\nhttps://github.com//issues/202078,\r\nhttps://github.com//issues/202079\r\n**Follow-up to:** https://github.com/elastic/kibana/pull/211300\r\n\r\n## Summary\r\n\r\nWe're cleaning up and refactoring our existing test plans for prebuilt\r\nrule customization, upgrade, and export/import workflows.\r\n\r\nSpecifically, this PR:\r\n\r\n- Creates an \"entrypoint\" file that should help navigate all the test\r\nplans for prebuilt rules.\r\n- Creates a file for keeping common information about prebuilt rules\r\nthat can be shared between the test plans.\r\n- Extracts duplicated terminology to the file with common information.\r\n- Extracts duplicated assumptions to the file with common information.\r\n- Extracts duplicated non-functional requirements to the file with\r\ncommon information.\r\n- Adds user stories to each test plan.\r\n- Updates links to tickets in every test plan.\r\n\r\nNo \"functional\" changes have been made to any test plans, such as\r\nadding, removing, or updating any scenarios.\r\n\r\nThis refactoring prepares the test plans for being \"functionally\"\r\nchanged and improved in follow-up PRs. For example, we're going to cover\r\nthe logic described in https://github.com/elastic/kibana/issues/210358\r\nand address any other gaps in coverage.\r\n\r\n## Review tip\r\n\r\nIt might be easier to review this PR commit-by-commit as each of them\r\ncontains logically cohesive changes.","sha":"786df79f37642b8ddf214e086a3375204ec63a3b","branchLabelMapping":{"^v9.1.0$":"main","^v8.19.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","test-plan","v9.0.0","Team:Detections and Resp","Team: SecuritySolution","Team:Detection Rule Management","Feature:Prebuilt Detection Rules","backport:version","v8.18.0","v9.1.0","v8.19.0"],"title":"[Security Solution] Refactor prebuilt rule customization test plans, part 2","number":211472,"url":"https://github.com/elastic/kibana/pull/211472","mergeCommit":{"message":"[Security Solution] Refactor prebuilt rule customization test plans, part 2 (#211472)\n\n**Epic:** https://github.com/elastic/kibana/issues/174168\r\n**Partially addresses:**\r\nhttps://github.com//issues/202068,\r\nhttps://github.com//issues/202078,\r\nhttps://github.com//issues/202079\r\n**Follow-up to:** https://github.com/elastic/kibana/pull/211300\r\n\r\n## Summary\r\n\r\nWe're cleaning up and refactoring our existing test plans for prebuilt\r\nrule customization, upgrade, and export/import workflows.\r\n\r\nSpecifically, this PR:\r\n\r\n- Creates an \"entrypoint\" file that should help navigate all the test\r\nplans for prebuilt rules.\r\n- Creates a file for keeping common information about prebuilt rules\r\nthat can be shared between the test plans.\r\n- Extracts duplicated terminology to the file with common information.\r\n- Extracts duplicated assumptions to the file with common information.\r\n- Extracts duplicated non-functional requirements to the file with\r\ncommon information.\r\n- Adds user stories to each test plan.\r\n- Updates links to tickets in every test plan.\r\n\r\nNo \"functional\" changes have been made to any test plans, such as\r\nadding, removing, or updating any scenarios.\r\n\r\nThis refactoring prepares the test plans for being \"functionally\"\r\nchanged and improved in follow-up PRs. For example, we're going to cover\r\nthe logic described in https://github.com/elastic/kibana/issues/210358\r\nand address any other gaps in coverage.\r\n\r\n## Review tip\r\n\r\nIt might be easier to review this PR commit-by-commit as each of them\r\ncontains logically cohesive changes.","sha":"786df79f37642b8ddf214e086a3375204ec63a3b"}},"sourceBranch":"main","suggestedTargetBranches":["9.0","8.18","8.x"],"targetPullRequestStates":[{"branch":"9.0","label":"v9.0.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.18","label":"v8.18.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.1.0","branchLabelMappingKey":"^v9.1.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/211472","number":211472,"mergeCommit":{"message":"[Security Solution] Refactor prebuilt rule customization test plans, part 2 (#211472)\n\n**Epic:** https://github.com/elastic/kibana/issues/174168\r\n**Partially addresses:**\r\nhttps://github.com//issues/202068,\r\nhttps://github.com//issues/202078,\r\nhttps://github.com//issues/202079\r\n**Follow-up to:** https://github.com/elastic/kibana/pull/211300\r\n\r\n## Summary\r\n\r\nWe're cleaning up and refactoring our existing test plans for prebuilt\r\nrule customization, upgrade, and export/import workflows.\r\n\r\nSpecifically, this PR:\r\n\r\n- Creates an \"entrypoint\" file that should help navigate all the test\r\nplans for prebuilt rules.\r\n- Creates a file for keeping common information about prebuilt rules\r\nthat can be shared between the test plans.\r\n- Extracts duplicated terminology to the file with common information.\r\n- Extracts duplicated assumptions to the file with common information.\r\n- Extracts duplicated non-functional requirements to the file with\r\ncommon information.\r\n- Adds user stories to each test plan.\r\n- Updates links to tickets in every test plan.\r\n\r\nNo \"functional\" changes have been made to any test plans, such as\r\nadding, removing, or updating any scenarios.\r\n\r\nThis refactoring prepares the test plans for being \"functionally\"\r\nchanged and improved in follow-up PRs. For example, we're going to cover\r\nthe logic described in https://github.com/elastic/kibana/issues/210358\r\nand address any other gaps in coverage.\r\n\r\n## Review tip\r\n\r\nIt might be easier to review this PR commit-by-commit as each of them\r\ncontains logically cohesive changes.","sha":"786df79f37642b8ddf214e086a3375204ec63a3b"}},{"branch":"8.x","label":"v8.19.0","branchLabelMappingKey":"^v8.19.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Georgii Gorbachev <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Epics: https://github.com/elastic/security-team/issues/1974 (internal), #174168
Summary
Write test plans (one or a few) and create a comprehensive suite of automated tests for the workflow of exporting and importing prebuilt rules.
Please note that test plans for prebuilt rule export and import have been already written in #191116, and there is already test coverage for that. What I would like us to do is to review the existing plans, the tests, compare them with the cases described in the RFC, think about any other edge cases, audit the existing plans and coverage, and add anything that's missing.
Features to cover:
rule_id's (edge cases)Please cover both the features under the feature flag turned ON and OFF.
Related tickets
Related functional tickets to cover with tests:
Related bugs to cover with tests:
rule_idequal to that of a not-installed prebuilt rule #180198Related PRs
Test plans for diff algorithms
data_sourcefield diff algorithm test plan #189669queryfields diff algorithm #192529typefield diff algorithm #193372Test plans for prebuilt rule import/export workflow
Test coverage for prebuilt rule import/export workflow
The text was updated successfully, but these errors were encountered: