Skip to content

Improve system test coverage - 1 #15923

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 5 commits into
base: main
Choose a base branch
from
Open

Improve system test coverage - 1 #15923

wants to merge 5 commits into from
+5,697 −1,378

Conversation

@moxarth-rathod
Copy link
Contributor

@moxarth-rathod moxarth-rathod commented Nov 10, 2025
edited
Loading

Proposed commit message

improve system test coverage in the following integrations:

add GCS system test:
- akmai
- panw_cortex_xdr

add AWS system test:
- carbon_black_cloud
- f5_bigip
- servicenow
- sublime_security
- tanium
- jamf_protect

add CEL system test:
- cloudflare

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.
  • I have verified that any added dashboard complies with Kibana's Dashboard good practices

Related issues

@moxarth-rathod moxarth-rathod self-assigned this Nov 10, 2025
@moxarth-rathod moxarth-rathod requested a review from a team as a code owner November 10, 2025 15:31
@moxarth-rathod moxarth-rathod added enhancement New feature or request Integration:panw_cortex_xdr Palo Alto Cortex XDR Integration:cloudflare Cloudflare (Community supported) Integration:carbon_black_cloud VMware Carbon Black Cloud Integration:akamai Akamai (Community supported) Integration:tanium Tanium Integration:f5_bigip F5 BIG-IP Team:Security-Service Integrations Security Service Integrations team [elastic/security-service-integrations] Integration:jamf_protect Jamf Protect (Partner supported) Integration:sublime_security Sublime Security Integration:servicenow ServiceNow Team:Sit-Crest Crest developers on the Security Integrations team [elastic/sit-crest-contractors] labels Nov 10, 2025
@elasticmachine
Copy link

elasticmachine commented Nov 10, 2025

Pinging @elastic/security-service-integrations (Team:Security-Service Integrations)

@elastic-vault-github-plugin-prod
Copy link

elastic-vault-github-plugin-prod bot commented Nov 10, 2025
edited
Loading

🚀 Benchmarks report

Package carbon_black_cloud 👍(3) 💚(1) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
asset_vulnerability_summary 14705.88 10526.32 -4179.56 (-28.42%) 💔

Package cloudflare 👍(1) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
audit 3759.4 3105.59 -653.81 (-17.39%) 💔

Package sublime_security 👍(1) 💚(1) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
email_message 901.71 764.53 -137.18 (-15.21%) 💔

Package tanium 👍(1) 💚(2) 💔(3)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
client_status 9345.79 7092.2 -2253.59 (-24.11%) 💔
discover 4484.3 3412.97 -1071.33 (-23.89%) 💔
reporting 21739.13 17543.86 -4195.27 (-19.3%) 💔

To see the full report comment with /test benchmark fullreport

@andrewkroh andrewkroh added documentation Improvements or additions to documentation. Applied to PRs that modify *.md files. and removed Integration:tanium Tanium Integration:jamf_protect Jamf Protect (Partner supported) labels Nov 10, 2025
efd6
efd6 reviewed Nov 11, 2025
View reviewed changes
Copy link
Contributor

@efd6 efd6 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The commit message should explain what the improvements are, and given that there are a number of packages affected, this would likely either be sections in the commit message or splitting the PR into distinct PRs for each package (I don't really think this is necessary since the logic of the integrations does not appear to be changed here, but it is an option).

packages/carbon_black_cloud/data_stream/alert_v7/fields/beats.yml Outdated
fields:
- name: key
type: keyword
description: The AWS S3 Object key. No newline at end of file
Copy link
Contributor

@efd6 efd6 Nov 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Final new line (there are others below).

@moxarth-rathod
Copy link
Contributor Author

moxarth-rathod commented Nov 11, 2025

The commit message should explain what the improvements are, and given that there are a number of packages affected, this would likely either be sections in the commit message or splitting the PR into distinct PRs for each package (I don't really think this is necessary since the logic of the integrations does not appear to be changed here, but it is an option).

Yes, i can update the commit message but since there are total 30 integrations so i have planned to raise 3 PRs with 9-10 integrations each.

@andrewkroh andrewkroh added Integration:jamf_protect Jamf Protect (Partner supported) Integration:tanium Tanium labels Nov 11, 2025
@moxarth-rathod moxarth-rathod changed the title Improve system test coverage Improve system test coverage - 1 Nov 12, 2025
@moxarth-rathod moxarth-rathod requested a review from efd6 November 12, 2025 08:19
@moxarth-rathod
Copy link
Contributor Author

moxarth-rathod commented Nov 12, 2025

/test

@efd6
Copy link
Contributor

efd6 commented Nov 12, 2025

/test

@elasticmachine
Copy link

elasticmachine commented Nov 12, 2025
edited
Loading

💔 Build Failed

Failed CI Steps

History

cc @moxarth-rathod

kcreddy
kcreddy reviewed Nov 13, 2025
View reviewed changes
Copy link
Contributor

@kcreddy kcreddy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looking at the issue's parent, here we are covering all inputs using multiple service deployers which was not possible earlier.
Adding onto @efd6 point, please update the title and commit message to reflect this.
Also spell check on akamai instead of akmai in commit message.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kcreddy kcreddy kcreddy left review comments

@efd6 efd6 Awaiting requested review from efd6

At least 1 approving review is required to merge this pull request.

Assignees

@moxarth-rathod moxarth-rathod

Labels

documentation Improvements or additions to documentation. Applied to PRs that modify *.md files. enhancement New feature or request Integration:akamai Akamai (Community supported) Integration:carbon_black_cloud VMware Carbon Black Cloud Integration:cloudflare Cloudflare (Community supported) Integration:f5_bigip F5 BIG-IP Integration:jamf_protect Jamf Protect (Partner supported) Integration:panw_cortex_xdr Palo Alto Cortex XDR Integration:servicenow ServiceNow Integration:sublime_security Sublime Security Integration:tanium Tanium Team:Security-Service Integrations Security Service Integrations team [elastic/security-service-integrations] Team:Sit-Crest Crest developers on the Security Integrations team [elastic/sit-crest-contractors]

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@moxarth-rathod @elasticmachine @efd6 @kcreddy @andrewkroh