[Security Solution] Tests for prebuilt rule upgrade workflow

[banderror]

Epics: https://github.com/elastic/security-team/issues/1974 (internal), #174168

Summary

Write test plans (one or a few) and create a comprehensive suite of automated tests for the workflow of upgrading prebuilt rules.

Features to cover:

• API: upgrade/_review and upgrade/_perform endpoints
• Upgrading prebuilt rules one-by-one with preview (Rule Upgrade flyout)
  • Non-conflicts, solvable conflicts, non-solvable conflicts
  • Diffs and diff options
  • Suggesting merged versions
  • Editing and accepting changes to the Final version
  • Callouts
  • Validation
  • State persistence
  • Upgrading and saving changes
  • Anything else?
• Upgrading prebuilt rules one-by-one without preview (Rule Updates table)
• Upgrading prebuilt rules in bulk (Rule Updates table)
• Upgrading rule fields - per each rule field - via API and UI
  • name
  • description
  • etc - I feel that we need to cover literally every rule field
• Specific and edge cases
  • Type changes on upgrade
  • Missing base versions
  • Race conditions and Optimistic Concurrency Control

Please cover both the features under the feature flag turned ON and OFF.

Related tickets

Related functional tickets to cover with tests:

• API
  • [Security Solution] Extend the POST /upgrade/_review API endpoint's contract and functionality #180153
  • [Security Solution] Handle specific fields in /upgrade/_review upgrade workflow #180393
  • [Security Solution] Extend the POST /upgrade/_perform API endpoint's contract and functionality #166376
  • [Security Solution] Handle specific fields in /upgrade/_perform endpoint upgrade workflow #186544
  • [Security Solution] Add InvestigationFields and AlertSuppression fields to the upgrade workflow #190597
  • [Security Solution] Remove exceptions_list, author and license from Diffable Rule #196213
• UI
  • [Security Solution] Handle conflicting rules in the Rule Upgrade table #180589
  • [Security Solution] Rework Update flyout to display all field updates and build Three-Way-Diff field component #171520
  • [Security Solution] Handle specific fields in the upgrade workflow's UI #188065
  • [Security Solution] Implement UI for updating prebuilt rule to a new rule type (MVP) #180395

Related bugs to cover with tests:

• [Security Solution] Replace PATCH logic with PUT when upgrading rules #180195
• [Security Solution] Unable to upgrade rules with missing base version #200904
• [Security Solution] Prebuilt rule customization is lost on upgrade when Base version is missing #201500
• [Security Solution] Inconsistent conflict state messaging in Rule Upgrade flyout #200811
• [Security Solution] Incorrect field count in Rule Upgrade flyout #200286
• [Security Solution] Implement rule upgrade concurrency control #200134
• Anything else from Milestone 3 bugs under the corresponding section

TODO

• Come up with a plan for working on this ticket and share with the team
• Test plans
  • PR link
• Test coverage
  • PR link

[elasticmachine]

Pinging @elastic/security-solution (Team: SecuritySolution)

[elasticmachine]

Pinging @elastic/security-detections-response (Team:Detections and Resp)

[elasticmachine]

Pinging @elastic/security-detection-rule-management (Team:Detection Rule Management)

[banderror]

@jpdjere @maximpn @nikitaindik

I'd suggest us to split the work on the upgrade test coverage between @maximpn and @jpdjere. Considering the fact that @maximpn and @nikitaindik are busy with finalizing the ThreeWayDiff UI and fixing bugs in it, maybe @jpdjere could address most of this ticket, especially because he is very familiar with the requirements.

Let's sync up on it when @jpdjere is back next week.

[banderror]

cc @pborgonovi