[Security Solution][Threat Intelligence] - fix Cypress tests #209195
+30
−33
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
PhilippeOberti
added
release_note:skip
|
Pinging @elastic/security-threat-hunting-investigations (Team:Threat Hunting:Investigations) |
💔 Build Failed
Failed CI StepsMetrics [docs]
History |
MadameSheema
approved these changes
Feb 3, 2025
There was a problem hiding this comment.
security-engineering-productivity LGTM!
Qq @PhilippeOberti is there any reason why these tests are executed in ESS and not in serverless? Thanks! :)
|
@PhilippeOberti Given that Edit: I had a quick look at the changes that were merged to ES |
janmonschke
approved these changes
Feb 3, 2025
|
@elasticmachine merge upstream |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
This PR fixes the few Threat Intelligence Cypress tests which started failing recently.
This PR (commit on
main) which was a basic bump PR started had to skip a few Threat Intelligence Cypress tests that started failing.I tried to understand what happened but did not find the origin of the issue. The indicators table was previously showing data sorted from oldest to newest (but only on Cypress, not when running the application locally, really weird). After the commit mentioned above, the Cypress tests are now sorting the data from newest to oldest.
Looking at the code, nothing mentions sorting, the
threatIntelligenceSearchStrategyis identical between the application running locally and the Cypress tests.Payload
Result
The results are different, one sorted ascending, the other descending.
No code changes have been done to the Threat Intelligence plugin in many months. Fetching the data is done using
useQuery(see here) and the logic to fetch the actual data is here. Both haven't been touched in months...Nothing in the commit mentioned above seems to give any details on why these tests just started failing. Resetting to the commit right before makes the tests pass...
The solution to fix the tests was to ensure that the data_archive files had the correct timestamps, to know exactly which ones we select in the Cypress tests to test against...
#209050
#209039
#209051