[Security Solution] Added the rule_source field to the rule schemas (e…

…lastic#181581)

**Resolves: elastic#180121
**Resolves: elastic#180122
**Resolves: elastic#180124

## Summary

As part of the preparatory changes for the work in Milestone 3, we want
to add the new `rule_source` field to the API schema.

- Added `rule_source` as an **optional** property to `RuleResponse`, by
introducing it as an optional property in the `ResponseFields` schema.
- For now, all endpoints should return `undefined` for the `rule_source`
field.
- Added `rule_source` as an **optional** property to `RuleToImport`,
which defines the schema of required and accepted fields when importing
a rule.
- For now, the new `rule_source` field should be ignored in the endpoint
logic.
- Added the `ruleSource` field to the `BaseRuleParams` schema, as an
optional field.
- Implemented a Zod transformation from `snake_case` to `camelCase` for
object keys to reduce code duplication.

package.json

@@ -958,6 +958,7 @@
  "brace": "0.11.1",
  "brok": "^5.0.2",
  "byte-size": "^8.1.0",
+ "camelcase-keys": "7.0.2",
  "canvg": "^3.0.9",
  "cbor-x": "^1.3.3",
  "chalk": "^4.1.0",
@@ -1139,6 +1140,7 @@
  "seedrandom": "^3.0.5",
  "semver": "^7.5.4",
  "set-value": "^4.1.0",
+ "snakecase-keys": "^8.0.0",
  "source-map-support": "^0.5.19",
  "stats-lite": "^2.2.0",
  "strip-ansi": "^6.0.0",
@@ -1153,6 +1155,7 @@
  "ts-easing": "^0.2.0",
  "tslib": "^2.0.0",
  "type-detect": "^4.0.8",
+ "type-fest": "^4.17.0",
  "typescript-fsa": "^3.0.0",
  "typescript-fsa-reducers": "^1.2.2",
  "unidiff": "^1.0.4",

packages/kbn-openapi-generator/src/template_service/templates/zod_operation_schema.handlebars

@@ -17,11 +17,14 @@ import {
 {{/each}}
 
 {{#each components.schemas}}
-{{#description}}
+{{#if description}}
 /**
- * {{{.}}}
+ * {{{description}}}
+ {{#if deprecated}}
+ * @deprecated
+ {{/if}}
  */
-{{/description}}
+{{/if}}
 export type {{@key}} = z.infer<typeof {{@key}}>;
 export const {{@key}} = {{> zod_schema_item}};
 {{#if enum}}

x-pack/plugins/security_solution/common/api/detection_engine/model/rule_schema/common_attributes.gen.ts

@@ -50,9 +50,42 @@ export const KqlQueryLanguage = z.enum(['kuery', 'lucene']);
 export type KqlQueryLanguageEnum = typeof KqlQueryLanguage.enum;
 export const KqlQueryLanguageEnum = KqlQueryLanguage.enum;
 
+/**
+ * This field determines whether the rule is a prebuilt Elastic rule. It will be replaced with the `rule_source` field.
+ * @deprecated
+ */
 export type IsRuleImmutable = z.infer<typeof IsRuleImmutable>;
 export const IsRuleImmutable = z.boolean();
 
+/**
+ * Determines whether an external/prebuilt rule has been customized by the user (i.e. any of its fields have been modified and diverged from the base value).
+ */
+export type IsExternalRuleCustomized = z.infer<typeof IsExternalRuleCustomized>;
+export const IsExternalRuleCustomized = z.boolean();
+
+/**
+ * Type of rule source for internally sourced rules, i.e. created within the Kibana apps.
+ */
+export type InternalRuleSource = z.infer<typeof InternalRuleSource>;
+export const InternalRuleSource = z.object({
+ type: z.literal('internal'),
+});
+
+/**
+ * Type of rule source for externally sourced rules, i.e. rules that have an external source, such as the Elastic Prebuilt rules repo.
+ */
+export type ExternalRuleSource = z.infer<typeof ExternalRuleSource>;
+export const ExternalRuleSource = z.object({
+ type: z.literal('external'),
+ is_customized: IsExternalRuleCustomized,
+});
+
+/**
+ * Discriminated union that determines whether the rule is internally sourced (created within the Kibana app) or has an external source, such as the Elastic Prebuilt rules repo.
+ */
+export type RuleSource = z.infer<typeof RuleSource>;
+export const RuleSource = z.discriminatedUnion('type', [ExternalRuleSource, InternalRuleSource]);
+
 /**
  * Determines whether the rule is enabled.
  */
@@ -155,6 +188,7 @@ export const BuildingBlockType = z.string();
 
 /**
  * (deprecated) Has no effect.
+ * @deprecated
  */
 export type AlertsIndex = z.infer<typeof AlertsIndex>;
 export const AlertsIndex = z.string();