From ca0c01b63beb40fb19188deae2257d89d8b3ba90 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gerg=C5=91=20=C3=81brah=C3=A1m?= Date: Thu, 30 Jan 2025 15:48:06 +0100 Subject: [PATCH 1/6] update `meta` type to force type safety --- .../src/common/meta/index.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/x-pack/solutions/security/packages/kbn-securitysolution-io-ts-list-types/src/common/meta/index.ts b/x-pack/solutions/security/packages/kbn-securitysolution-io-ts-list-types/src/common/meta/index.ts index 547b45969be71..b4a2e3d44ef06 100644 --- a/x-pack/solutions/security/packages/kbn-securitysolution-io-ts-list-types/src/common/meta/index.ts +++ b/x-pack/solutions/security/packages/kbn-securitysolution-io-ts-list-types/src/common/meta/index.ts @@ -7,7 +7,7 @@ import * as t from 'io-ts'; -export const meta = t.object; +export const meta = t.UnknownRecord; export type Meta = t.TypeOf; export const metaOrUndefined = t.union([meta, t.undefined]); export type MetaOrUndefined = t.TypeOf; From ce69aa704edb9c1b58272ea2541587877bcde7ab Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gerg=C5=91=20=C3=81brah=C3=A1m?= Date: Thu, 30 Jan 2025 15:48:34 +0100 Subject: [PATCH 2/6] fix type issue --- .../server/fleet_integration/handlers/create_event_filters.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/x-pack/solutions/security/plugins/security_solution/server/fleet_integration/handlers/create_event_filters.ts b/x-pack/solutions/security/plugins/security_solution/server/fleet_integration/handlers/create_event_filters.ts index 5e5cefd5d2a90..9d79bd0407c12 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/fleet_integration/handlers/create_event_filters.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/fleet_integration/handlers/create_event_filters.ts @@ -95,7 +95,7 @@ export const createNonInteractiveSessionEventFilter = async ( }, ], itemId: uuidv4(), - meta: [], + meta: undefined, comments: [], expireTime: undefined, }); From e001f239214bbc2b48b9cdcfc29ab7a6c5212d27 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gerg=C5=91=20=C3=81brah=C3=A1m?= Date: Thu, 30 Jan 2025 15:51:06 +0100 Subject: [PATCH 3/6] remove unnecessary export --- .../server/fleet_integration/handlers/create_event_filters.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/x-pack/solutions/security/plugins/security_solution/server/fleet_integration/handlers/create_event_filters.ts b/x-pack/solutions/security/plugins/security_solution/server/fleet_integration/handlers/create_event_filters.ts index 9d79bd0407c12..b8ed3a14d3e41 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/fleet_integration/handlers/create_event_filters.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/fleet_integration/handlers/create_event_filters.ts @@ -61,7 +61,7 @@ export const createEventFilters = async ( /** * Create an Event Filter for non-interactive sessions and attach it to the policy */ -export const createNonInteractiveSessionEventFilter = async ( +const createNonInteractiveSessionEventFilter = async ( logger: Logger, exceptionsClient: ExceptionListClient, packagePolicy: PackagePolicy From 39212042013ba486938a6caf61530209d74ea048 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gerg=C5=91=20=C3=81brah=C3=A1m?= Date: Thu, 30 Jan 2025 15:51:28 +0100 Subject: [PATCH 4/6] remove usage of deprecated constants --- .../handlers/create_event_filters.ts | 14 +++++--------- 1 file changed, 5 insertions(+), 9 deletions(-) diff --git a/x-pack/solutions/security/plugins/security_solution/server/fleet_integration/handlers/create_event_filters.ts b/x-pack/solutions/security/plugins/security_solution/server/fleet_integration/handlers/create_event_filters.ts index b8ed3a14d3e41..bd9aa21045d17 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/fleet_integration/handlers/create_event_filters.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/fleet_integration/handlers/create_event_filters.ts @@ -6,11 +6,7 @@ */ import { v4 as uuidv4 } from 'uuid'; import { i18n } from '@kbn/i18n'; -import { - ENDPOINT_EVENT_FILTERS_LIST_ID, - ENDPOINT_EVENT_FILTERS_LIST_NAME, - ENDPOINT_EVENT_FILTERS_LIST_DESCRIPTION, -} from '@kbn/securitysolution-list-constants'; +import { ENDPOINT_ARTIFACT_LISTS } from '@kbn/securitysolution-list-constants'; import { ExceptionListTypeEnum } from '@kbn/securitysolution-io-ts-list-types'; import { SavedObjectsErrorHelpers } from '@kbn/core/server'; import type { Logger } from '@kbn/core/server'; @@ -37,10 +33,10 @@ export const createEventFilters = async ( // Attempt to Create the Event Filter List. It won't create the list if it already exists. // So we can skip the validation and ignore the conflict error await exceptionsClient.createExceptionList({ - name: ENDPOINT_EVENT_FILTERS_LIST_NAME, + name: ENDPOINT_ARTIFACT_LISTS.eventFilters.name, namespaceType: 'agnostic', - description: ENDPOINT_EVENT_FILTERS_LIST_DESCRIPTION, - listId: ENDPOINT_EVENT_FILTERS_LIST_ID, + description: ENDPOINT_ARTIFACT_LISTS.eventFilters.description, + listId: ENDPOINT_ARTIFACT_LISTS.eventFilters.id, type: ExceptionListTypeEnum.ENDPOINT_EVENTS, immutable: false, meta: undefined, @@ -68,7 +64,7 @@ const createNonInteractiveSessionEventFilter = async ( ): Promise => { try { await exceptionsClient.createExceptionListItem({ - listId: ENDPOINT_EVENT_FILTERS_LIST_ID, + listId: ENDPOINT_ARTIFACT_LISTS.eventFilters.id, description: i18n.translate( 'xpack.securitySolution.fleetIntegration.elasticDefend.eventFilter.nonInteractiveSessions.description', { From 516bf0ecf21d9ffcea597133f1a3c59d7efef15f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gerg=C5=91=20=C3=81brah=C3=A1m?= Date: Thu, 30 Jan 2025 16:06:57 +0100 Subject: [PATCH 5/6] cover with unit test --- .../server/fleet_integration/fleet_integration.test.ts | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/x-pack/solutions/security/plugins/security_solution/server/fleet_integration/fleet_integration.test.ts b/x-pack/solutions/security/plugins/security_solution/server/fleet_integration/fleet_integration.test.ts index 4aa13036c3c88..07d3352f301b3 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/fleet_integration/fleet_integration.test.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/fleet_integration/fleet_integration.test.ts @@ -421,7 +421,7 @@ describe('Fleet integrations', () => { ); expect(exceptionListClient.createExceptionList).toHaveBeenCalledWith( - expect.objectContaining({ listId: ENDPOINT_EVENT_FILTERS_LIST_ID }) + expect.objectContaining({ listId: ENDPOINT_EVENT_FILTERS_LIST_ID, meta: undefined }) ); expect(exceptionListClient.createExceptionListItem).toHaveBeenCalledWith( @@ -439,6 +439,7 @@ describe('Fleet integrations', () => { ], itemId: 'NEW_UUID', namespaceType: 'agnostic', + meta: undefined, }) ); }); From 092969f63965585181d650c05786065ce2286fc9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gerg=C5=91=20=C3=81brah=C3=A1m?= Date: Thu, 30 Jan 2025 16:07:59 +0100 Subject: [PATCH 6/6] remove deprecated constants from tests as well --- .../server/fleet_integration/fleet_integration.test.ts | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/x-pack/solutions/security/plugins/security_solution/server/fleet_integration/fleet_integration.test.ts b/x-pack/solutions/security/plugins/security_solution/server/fleet_integration/fleet_integration.test.ts index 07d3352f301b3..496056f6878d6 100644 --- a/x-pack/solutions/security/plugins/security_solution/server/fleet_integration/fleet_integration.test.ts +++ b/x-pack/solutions/security/plugins/security_solution/server/fleet_integration/fleet_integration.test.ts @@ -69,7 +69,7 @@ import type { } from '@kbn/fleet-plugin/common'; import { createMockPolicyData } from '../endpoint/services/feature_usage/mocks'; import { ALL_ENDPOINT_ARTIFACT_LIST_IDS } from '../../common/endpoint/service/artifacts/constants'; -import { ENDPOINT_EVENT_FILTERS_LIST_ID } from '@kbn/securitysolution-list-constants'; +import { ENDPOINT_ARTIFACT_LISTS } from '@kbn/securitysolution-list-constants'; import * as PolicyConfigHelpers from '../../common/endpoint/models/policy_config_helpers'; import { disableProtections } from '../../common/endpoint/models/policy_config_helpers'; import type { ProductFeaturesService } from '../lib/product_features_service/product_features_service'; @@ -421,12 +421,15 @@ describe('Fleet integrations', () => { ); expect(exceptionListClient.createExceptionList).toHaveBeenCalledWith( - expect.objectContaining({ listId: ENDPOINT_EVENT_FILTERS_LIST_ID, meta: undefined }) + expect.objectContaining({ + listId: ENDPOINT_ARTIFACT_LISTS.eventFilters.id, + meta: undefined, + }) ); expect(exceptionListClient.createExceptionListItem).toHaveBeenCalledWith( expect.objectContaining({ - listId: ENDPOINT_EVENT_FILTERS_LIST_ID, + listId: ENDPOINT_ARTIFACT_LISTS.eventFilters.id, tags: [`policy:${postCreatedPolicyConfig.id}`], osTypes: ['linux'], entries: [