Add functional test

x-pack/test/alerting_api_integration/common/config.ts

@@ -17,6 +17,7 @@ interface CreateTestConfigOptions {
   disabledPlugins?: string[];
   ssl?: boolean;
   enableActionsProxy: boolean;
+  rejectUnauthorized?: boolean;
 }
 
 // test.not-enabled is specifically not enabled
@@ -39,7 +40,12 @@ const enabledActionTypes = [
 ];
 
 export function createTestConfig(name: string, options: CreateTestConfigOptions) {
-  const { license = 'trial', disabledPlugins = [], ssl = false } = options;
+  const {
+    license = 'trial',
+    disabledPlugins = [],
+    ssl = false,
+    rejectUnauthorized = true,
+  } = options;
 
   return async ({ readConfigFile }: FtrConfigProviderContext) => {
     const xPackApiIntegrationTestsConfig = await readConfigFile(
@@ -95,6 +101,7 @@ export function createTestConfig(name: string, options: CreateTestConfigOptions)
           '--xpack.encryptedSavedObjects.encryptionKey="wuGNaIhoMpk5sO4UBxgr3NyW1sFcLgIf"',
           '--xpack.alerts.invalidateApiKeysTask.interval="15s"',
           `--xpack.actions.enabledActionTypes=${JSON.stringify(enabledActionTypes)}`,
+          `--xpack.actions.rejectUnauthorized=${rejectUnauthorized}`,
           ...actionsProxyUrl,
 
           '--xpack.eventLog.logEntries=true',

x-pack/test/alerting_api_integration/common/fixtures/plugins/actions_simulators/server/plugin.ts

@@ -5,6 +5,7 @@
  */
 
 import http from 'http';
+import https from 'https';
 import { Plugin, CoreSetup, IRouter } from 'kibana/server';
 import { EncryptedSavedObjectsPluginStart } from '../../../../../../../plugins/encrypted_saved_objects/server';
 import { PluginSetupContract as FeaturesPluginSetup } from '../../../../../../../plugins/features/server';
@@ -47,7 +48,13 @@ export function getAllExternalServiceSimulatorPaths(): string[] {
 }
 
 export async function getWebhookServer(): Promise<http.Server> {
-  return await initWebhook();
+  const { httpServer } = await initWebhook();
+  return httpServer;
+}
+
+export async function getHttpsWebhookServer(): Promise<https.Server> {
+  const { httpsServer } = await initWebhook();
+  return httpsServer;
 }
 
 export async function getSlackServer(): Promise<http.Server> {

x-pack/test/alerting_api_integration/common/fixtures/plugins/actions_simulators/server/webhook_simulation.ts

@@ -3,16 +3,35 @@
  * or more contributor license agreements. Licensed under the Elastic License;
  * you may not use this file except in compliance with the Elastic License.
  */
+import fs from 'fs';
 import expect from '@kbn/expect';
 import http from 'http';
+import https from 'https';
+import { promisify } from 'util';
 import { fromNullable, map, filter, getOrElse } from 'fp-ts/lib/Option';
 import { pipe } from 'fp-ts/lib/pipeable';
 import { constant } from 'fp-ts/lib/function';
+import { KBN_KEY_PATH, KBN_CERT_PATH } from '@kbn/dev-utils';
 
 export async function initPlugin() {
-  const payloads: string[] = [];
+  const httpsServerKey = await promisify(fs.readFile)(KBN_KEY_PATH, 'utf8');
+  const httpsServerCert = await promisify(fs.readFile)(KBN_CERT_PATH, 'utf8');
+
+  return {
+    httpServer: http.createServer(createServerCallback()),
+    httpsServer: https.createServer(
+      {
+        key: httpsServerKey,
+        cert: httpsServerCert,
+      },
+      createServerCallback()
+    ),
+  };
+}
 
-  return http.createServer((request, response) => {
+function createServerCallback() {
+  const payloads: string[] = [];
+  return (request: http.IncomingMessage, response: http.ServerResponse) => {
     const credentials = pipe(
       fromNullable(request.headers.authorization),
       map((authorization) => authorization.split(/\s+/)),
@@ -77,7 +96,7 @@ export async function initPlugin() {
         return;
       });
     }
-  });
+  };
 }
 
 function validateAuthentication(credentials: any, res: any) {

x-pack/test/alerting_api_integration/spaces_only/config.ts

@@ -11,4 +11,5 @@ export default createTestConfig('spaces_only', {
   disabledPlugins: ['security'],
   license: 'trial',
   enableActionsProxy: false,
+  rejectUnauthorized: false,
 });

x-pack/test/alerting_api_integration/spaces_only/tests/actions/builtin_action_types/webhook.ts

@@ -5,11 +5,15 @@
  */
 
 import http from 'http';
+import https from 'https';
 import getPort from 'get-port';
 import expect from '@kbn/expect';
 import { URL, format as formatUrl } from 'url';
 import { FtrProviderContext } from '../../../../common/ftr_provider_context';
-import { getWebhookServer } from '../../../../common/fixtures/plugins/actions_simulators/server/plugin';
+import {
+  getWebhookServer,
+  getHttpsWebhookServer,
+} from '../../../../common/fixtures/plugins/actions_simulators/server/plugin';
 
 // eslint-disable-next-line import/no-default-export
 export default function webhookTest({ getService }: FtrProviderContext) {
@@ -43,32 +47,62 @@ export default function webhookTest({ getService }: FtrProviderContext) {
   }
 
   describe('webhook action', () => {
-    let webhookSimulatorURL: string = '';
-    let webhookServer: http.Server;
-    before(async () => {
-      webhookServer = await getWebhookServer();
-      const availablePort = await getPort({ port: 9000 });
-      webhookServer.listen(availablePort);
-      webhookSimulatorURL = `http://localhost:${availablePort}`;
-    });
+    describe('with http endpoint', () => {
+      let webhookSimulatorURL: string = '';
+      let webhookServer: http.Server;
+      before(async () => {
+        webhookServer = await getWebhookServer();
+        const availablePort = await getPort({ port: 9000 });
+        webhookServer.listen(availablePort);
+        webhookSimulatorURL = `http://localhost:${availablePort}`;
+      });
+
+      it('webhook can be executed without username and password', async () => {
+        const webhookActionId = await createWebhookAction(webhookSimulatorURL);
+        const { body: result } = await supertest
+          .post(`/api/actions/action/${webhookActionId}/_execute`)
+          .set('kbn-xsrf', 'test')
+          .send({
+            params: {
+              body: 'success',
+            },
+          })
+          .expect(200);
 
-    it('webhook can be executed without username and password', async () => {
-      const webhookActionId = await createWebhookAction(webhookSimulatorURL);
-      const { body: result } = await supertest
-        .post(`/api/actions/action/${webhookActionId}/_execute`)
-        .set('kbn-xsrf', 'test')
-        .send({
-          params: {
-            body: 'success',
-          },
-        })
-        .expect(200);
+        expect(result.status).to.eql('ok');
+      });
 
-      expect(result.status).to.eql('ok');
+      after(() => {
+        webhookServer.close();
+      });
     });
 
-    after(() => {
-      webhookServer.close();
+    describe('with https endpoint and rejectUnauthorized=false', () => {
+      let webhookSimulatorURL: string = '';
+      let webhookServer: https.Server;
+
+      // need to wait for kibanaServer to settle ...
+      before(async () => {
+        webhookServer = await getHttpsWebhookServer();
+        const availablePort = await getPort({ port: getPort.makeRange(9000, 9100) });
+        webhookServer.listen(availablePort);
+        webhookSimulatorURL = `https://localhost:${availablePort}`;
+      });
+
+      it('should support the POST method against webhook target', async () => {
+        const webhookActionId = await createWebhookAction(webhookSimulatorURL, { method: 'post' });
+        const { body: result } = await supertest
+          .post(`/api/actions/action/${webhookActionId}/_execute`)
+          .set('kbn-xsrf', 'test')
+          .send({
+            params: {
+              body: 'success_post_method',
+            },
+          })
+          .expect(200);
+
+        expect(result.status).to.eql('ok');
+      });
     });
   });
 }