Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Security Solution] Swap rule unions out for discriminated unions to improve validation error messages #171452

Merged
merged 14 commits into from
Nov 29, 2023
Merged

[Security Solution] Swap rule unions out for discriminated unions to improve validation error messages #171452

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
14 commits
Select commit Hold shift + click to select a range
43b5a53
Swap rule unions out for discriminated unions
marshallmain Oct 26, 2023
0c0181b
Update tests
marshallmain Nov 17, 2023
a101ae0
Fix more tests
marshallmain Nov 17, 2023
6abde76
Flatten schema dependencies to fix 'Type instantiation is excessively…
marshallmain Nov 17, 2023
b4735c2
Fix more test
marshallmain Nov 17, 2023
bc95708
Fix formatting in zod_schema_item.handlebars
marshallmain Nov 17, 2023
8f6de42
Fix bad import
marshallmain Nov 17, 2023
bbac159
Fix test
marshallmain Nov 17, 2023
d615f62
Remove unneeded import
marshallmain Nov 20, 2023
aef13a2
Merge branch 'main' into rule-schema-discriminated-union
marshallmain Nov 20, 2023
c217f51
Switch RequiredOptional back to non-recursive
marshallmain Nov 27, 2023
f980f45
Merge branch 'main' into rule-schema-discriminated-union
marshallmain Nov 27, 2023
fd64136
Merge branch 'main' into rule-schema-discriminated-union
marshallmain Nov 27, 2023
94e98fa
Merge branch 'main' into rule-schema-discriminated-union
kibanamachine Nov 29, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 15 additions & 9 deletions packages/kbn-openapi-generator/src/template_service/templates/zod_schema_item.handlebars
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,34 +12,41 @@
{{~#if (defined default)}}.default({{{toJSON default}}}){{/if~}}
{{~#if (eq x-modify "partial")}}.partial(){{/if~}}
{{~#if (eq x-modify "required")}}.required(){{/if~}}
{{~#if (eq x-modify "requiredOptional")}}.transform(requiredOptional){{/if~}}
{{~/if~}}

{{~#if allOf~}}
{{~#each allOf~}}
{{~#if @first~}}
{{> zod_schema_item }}
{{~else~}}
.and({{> zod_schema_item }})
.merge({{> zod_schema_item }})
{{~/if~}}
{{~/each~}}
{{~/if~}}

{{~#if anyOf~}}
z.union([
{{~#each anyOf~}}
{{#if discriminator}}
z.discriminatedUnion('{{discriminator.propertyName}}', [
{{else}}
z.union([
{{/if}}
{{~#each anyOf~}}
{{~> zod_schema_item ~}},
{{~/each~}}
{{~/each~}}
])
{{~#if nullable}}.nullable(){{/if~}}
{{~#if (eq requiredBool false)}}.optional(){{/if~}}
{{~/if~}}

{{~#if oneOf~}}
z.union([
{{~#each oneOf~}}
{{#if discriminator}}
z.discriminatedUnion('{{discriminator.propertyName}}', [
{{else}}
z.union([
{{/if}}
{{~#each oneOf~}}
{{~> zod_schema_item ~}},
{{~/each~}}
{{~/each~}}
])
{{~#if nullable}}.nullable(){{/if~}}
{{~#if (eq requiredBool false)}}.optional(){{/if~}}
Expand Down Expand Up @@ -97,7 +104,6 @@ z.unknown()
{{~/if~}}
{{~#if (eq x-modify "partial")}}.partial(){{/if~}}
{{~#if (eq x-modify "required")}}.required(){{/if~}}
{{~#if (eq x-modify "requiredOptional")}}.transform(requiredOptional){{/if~}}
{{~/inline~}}

{{~#*inline "type_string"~}}
Expand Down
81 changes: 36 additions & 45 deletions ..._solution/common/api/detection_engine/model/rule_response_actions/response_actions.gen.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@
*/

import { z } from 'zod';
import { requiredOptional } from '@kbn/zod-helpers';

/*
* NOTICE: Do not edit this file manually.
Expand All @@ -27,48 +26,42 @@ export const EcsMapping = z.object({}).catchall(
);

export type OsqueryQuery = z.infer<typeof OsqueryQuery>;
export const OsqueryQuery = z
.object({
/**
* Query ID
*/
id: z.string(),
/**
* Query to execute
*/
query: z.string(),
ecs_mapping: EcsMapping.optional(),
/**
* Query version
*/
version: z.string().optional(),
platform: z.string().optional(),
removed: z.boolean().optional(),
snapshot: z.boolean().optional(),
})
.transform(requiredOptional);
export const OsqueryQuery = z.object({
/**
* Query ID
*/
id: z.string(),
/**
* Query to execute
*/
query: z.string(),
ecs_mapping: EcsMapping.optional(),
/**
* Query version
*/
version: z.string().optional(),
platform: z.string().optional(),
removed: z.boolean().optional(),
snapshot: z.boolean().optional(),
});

export type OsqueryParams = z.infer<typeof OsqueryParams>;
export const OsqueryParams = z
.object({
query: z.string().optional(),
ecs_mapping: EcsMapping.optional(),
queries: z.array(OsqueryQuery).optional(),
pack_id: z.string().optional(),
saved_query_id: z.string().optional(),
})
.transform(requiredOptional);
export const OsqueryParams = z.object({
query: z.string().optional(),
ecs_mapping: EcsMapping.optional(),
queries: z.array(OsqueryQuery).optional(),
pack_id: z.string().optional(),
saved_query_id: z.string().optional(),
});

export type OsqueryParamsCamelCase = z.infer<typeof OsqueryParamsCamelCase>;
export const OsqueryParamsCamelCase = z
.object({
query: z.string().optional(),
ecsMapping: EcsMapping.optional(),
queries: z.array(OsqueryQuery).optional(),
packId: z.string().optional(),
savedQueryId: z.string().optional(),
})
.transform(requiredOptional);
export const OsqueryParamsCamelCase = z.object({
query: z.string().optional(),
ecsMapping: EcsMapping.optional(),
queries: z.array(OsqueryQuery).optional(),
packId: z.string().optional(),
savedQueryId: z.string().optional(),
});

export type OsqueryResponseAction = z.infer<typeof OsqueryResponseAction>;
export const OsqueryResponseAction = z.object({
Expand All @@ -83,12 +76,10 @@ export const RuleResponseOsqueryAction = z.object({
});

export type EndpointParams = z.infer<typeof EndpointParams>;
export const EndpointParams = z
.object({
command: z.literal('isolate'),
comment: z.string().optional(),
})
.transform(requiredOptional);
export const EndpointParams = z.object({
command: z.literal('isolate'),
comment: z.string().optional(),
});

export type EndpointResponseAction = z.infer<typeof EndpointResponseAction>;
export const EndpointResponseAction = z.object({
Expand Down
4 changes: 0 additions & 4 deletions ...tion/common/api/detection_engine/model/rule_response_actions/response_actions.schema.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,6 @@ components:
required:
- id
- query
x-modify: requiredOptional
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for finally removing requiredOptional from the schema 👍


OsqueryParams:
type: object
Expand All @@ -66,7 +65,6 @@ components:
type: string
saved_query_id:
type: string
x-modify: requiredOptional

OsqueryParamsCamelCase:
type: object
Expand All @@ -83,7 +81,6 @@ components:
type: string
savedQueryId:
type: string
x-modify: requiredOptional

OsqueryResponseAction:
type: object
Expand Down Expand Up @@ -123,7 +120,6 @@ components:
type: string
required:
- command
x-modify: requiredOptional

EndpointResponseAction:
type: object
Expand Down
16 changes: 7 additions & 9 deletions .../security_solution/common/api/detection_engine/model/rule_schema/common_attributes.gen.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
*/

import { z } from 'zod';
import { requiredOptional, isValidDateMath } from '@kbn/zod-helpers';
import { isValidDateMath } from '@kbn/zod-helpers';

/*
* NOTICE: Do not edit this file manually.
Expand Down Expand Up @@ -94,14 +94,12 @@ export const RiskScore = z.number().int().min(0).max(100);
*/
export type RiskScoreMapping = z.infer<typeof RiskScoreMapping>;
export const RiskScoreMapping = z.array(
z
.object({
field: z.string(),
operator: z.literal('equals'),
value: z.string(),
risk_score: RiskScore.optional(),
})
.transform(requiredOptional)
z.object({
field: z.string(),
operator: z.literal('equals'),
value: z.string(),
risk_score: RiskScore.optional(),
})
);

/**
Expand Down
1 change: 0 additions & 1 deletion ...rity_solution/common/api/detection_engine/model/rule_schema/common_attributes.schema.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -95,7 +95,6 @@ components:
- field
- operator
- value
x-modify: requiredOptional
description: Overrides generated alerts' risk_score with a value from the source event

Severity:
Expand Down
Loading
Loading