Skip to content

Commit d3ddef7

Browse files
terrancedejesusterrancedejesus
authored
Merge branch 'main' into 2700-bug-missing-spaces-between-logic-operators-does-not-raise-error
2 parents 9921f82 + 40a97f7 commit d3ddef7

File tree

2,032 files changed

+50021
-36609
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

2,032 files changed

+50021
-36609
lines changed

.github/CODEOWNERS

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,6 @@ tests/**/*.py @mikaayenson @eric-forte-elastic @terrancedejesus
55
detection_rules/ @mikaayenson @eric-forte-elastic @terrancedejesus
66
tests/ @mikaayenson @eric-forte-elastic @terrancedejesus
77
lib/ @mikaayenson @eric-forte-elastic @terrancedejesus
8-
rta/ @mikaayenson @eric-forte-elastic @terrancedejesus
98
hunting/ @mikaayenson @eric-forte-elastic @terrancedejesus
109

1110
# skip rta-mapping to avoid the spam

.github/paths-labeller.yml

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -12,8 +12,6 @@
1212
- "detection_rules/**/*.py"
1313
- "kibana/**/*.py"
1414
- "kql/**/*.py"
15-
- "RTA":
16-
- "rta/**/*"
1715
- "Hunting":
1816
- "hunting/**/*"
1917

.github/workflows/add-guidelines.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@ jobs:
99
runs-on: ubuntu-latest
1010
steps:
1111
- name: Check out the repository
12-
uses: actions/checkout@v2
12+
uses: actions/checkout@v4
1313

1414
- name: Set environment variable for early exit control
1515
id: check_label
@@ -57,5 +57,5 @@ jobs:
5757
uses: mshick/add-pr-comment@v2
5858
with:
5959
message-path: ${{ env.GUIDELINES_FILE }}
60-
repo-token: ${{ secrets.PROTECTIONS_MACHINE_TOKEN }}
60+
repo-token: ${{ secrets.GITHUB_TOKEN }}
6161
message-id: "guidelines-comment"

.github/workflows/attack-coverage-update.yml

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@ on:
33
workflow_dispatch:
44
inputs:
55
update-coverage:
6-
description: 'Update the docs/ATT&CK-coverage.md file'
6+
description: 'Update the docs-dev/ATT&CK-coverage.md file'
77
required: true
88
default: '--update-coverage'
99

@@ -37,25 +37,25 @@ jobs:
3737
git config --global user.email "[email protected]"
3838
git config --global user.name "protectionsmachine"
3939
40-
- name: Update navigator gist files and docs/ATT&CK-coverage.md file.
40+
- name: Update navigator gist files and docs-dev/ATT&CK-coverage.md file.
4141
env:
42-
GITHUB_TOKEN: "${{ secrets.NAVIGATOR_GIST_TOKEN }}"
42+
GITHUB_TOKEN: "${{ secrets.WRITE_TRADEBOT_GIST_TOKEN }}"
4343
run: |
4444
python -m detection_rules dev update-navigator-gists "${{ github.event.inputs.update-coverage }}"
45-
git add docs/"ATT\&CK-coverage.md"
45+
git add docs-dev/"ATT\&CK-coverage.md"
4646
4747
- name: Create Pull Request
4848
uses: peter-evans/[email protected]
4949
with:
5050
assignees: '${{github.actor}}'
5151
delete-branch: true
5252
branch: "update-attack-coverage"
53-
commit-message: "Update ATT&CK coverage URL(s) in docs/ATT&CK-coverage.md"
53+
commit-message: "Update ATT&CK coverage URL(s) in docs-dev/ATT&CK-coverage.md"
5454
branch-suffix: "short-commit-hash"
5555
base: main
56-
title: 'Update ATT&CK coverage URL(s) in docs/ATT&CK-coverage.md'
56+
title: 'Update ATT&CK coverage URL(s) in docs-dev/ATT&CK-coverage.md'
5757
body: |
58-
Update ATT&CK coverage URL(s) in docs/ATT&CK-coverage.md
58+
Update ATT&CK coverage URL(s) in docs-dev/ATT&CK-coverage.md
5959
6060
- Autogenerated from job `attack-coverage-update: pr`.
6161
labels: "backport: auto"

.github/workflows/backport.yml

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -65,16 +65,16 @@ jobs:
6565

6666
steps:
6767
- name: Checkout repo
68-
uses: actions/checkout@v2
68+
uses: actions/checkout@v4
6969
with:
70-
token: ${{ secrets.PROTECTIONS_MACHINE_TOKEN }}
70+
token: ${{ secrets.WRITE_TRADEBOT_DETECTION_RULES_TOKEN }}
7171
ref: main
7272
fetch-depth: 100
7373

7474
- name: Set github config
7575
run: |
76-
git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com"
77-
git config --global user.name "github-actions[bot]"
76+
git config --global user.email "178941316+tradebot-elastic@users.noreply.github.com"
77+
git config --global user.name "tradebot-elastic"
7878
7979
- name: Get branch histories
8080
run: |
@@ -161,6 +161,6 @@ jobs:
161161
- name: "Notify slack on failure"
162162
uses: craftech-io/slack-action@v1
163163
with:
164-
slack_webhook_url: ${{ secrets.SLACK_WEBHOOK_URL }}
164+
slack_webhook_url: ${{ secrets.EXTERNAL_SLACK_DETECTION_RULES_URL }}
165165
status: failure
166166
if: failure()

.github/workflows/branch-status-checks.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,7 @@ jobs:
2222
with:
2323
url: "https://api.github.com/repos/elastic/detection-rules/actions/workflows/pythonpackage.yml/runs?per_page=1&branch=${{matrix.target_branch}}"
2424
method: 'GET'
25-
bearerToken: ${{ secrets.READ_ORG_TOKEN }}
25+
bearerToken: ${{ secrets.READ_ELASTIC_DETECTION_RULES_ORG_TOKEN }}
2626

2727
- name: Check Backport Status
2828
uses: actions/github-script@v6

.github/workflows/community.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@ jobs:
1515
uses: actions/github-script@v6
1616
id: membership
1717
with:
18-
github-token: ${{ secrets.READ_ORG_TOKEN }}
18+
github-token: ${{ secrets.READ_ELASTIC_DETECTION_RULES_ORG_TOKEN }}
1919
result-encoding: string
2020
script: |
2121

.github/workflows/get-target-branches.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@ jobs:
1414
outputs:
1515
matrix: ${{ steps.get-branch-list.outputs.matrix }}
1616
steps:
17-
- uses: actions/checkout@v2
17+
- uses: actions/checkout@v4
1818

1919
- name: Set up Python 3.12
2020
uses: actions/setup-python@v5

.github/workflows/kibana-mitre-update.yml

Lines changed: 7 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@ name: Check MITRE ATT&CK Version Updates Are Synced
22

33
on:
44
pull_request:
5-
types:
5+
types:
66
- opened
77
paths:
88
- 'detection_rules/etc/attack-v*.json.gz'
@@ -15,11 +15,12 @@ jobs:
1515
uses: actions/checkout@v4
1616

1717
- name: Get MITRE Attack changed files
18+
if: false
1819
id: changed-attack-files
1920
uses: tj-actions/changed-files@v44
2021
with:
21-
files: detection_rules/etc/attack-v*.json.gz
22-
22+
files: detection_rules/etc/attack-v*.json.gz
23+
2324
- name: Extract version from file name
2425
id: extract_version
2526
if: steps.changed-attack-files.outputs.any_changed == 'true'
@@ -33,9 +34,9 @@ jobs:
3334
run: |
3435
ISSUE_TITLE="[Security Solution] Update MITRE ATT&CK to ${{ steps.extract_version.outputs.version }}"
3536
ISSUE_BODY="The detection rules MITRE ATT&CK version has been updated to ${{ steps.extract_version.outputs.version }} Please update the MITRE ATT&CK version in Kibana accordingly."
36-
37+
3738
curl -X POST \
38-
-H "Authorization: token ${{ secrets.READ_WRITE_KIBANA_TOKEN }}" \
39+
-H "Authorization: token ${{ secrets.WRITE_KIBANA_DETECTION_RULES_TOKEN }}" \
3940
-H "Accept: application/vnd.github.v3+json" \
4041
https://api.github.com/repos/elastic/kibana/issues \
4142
-d '{
@@ -44,4 +45,4 @@ jobs:
4445
}'
4546
4647
env:
47-
GITHUB_TOKEN: ${{ secrets.READ_WRITE_KIBANA_TOKEN }}
48+
GITHUB_TOKEN: ${{ secrets.WRITE_KIBANA_DETECTION_RULES_TOKEN }}

.github/workflows/lock-versions.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,7 @@ jobs:
2222
}
2323
2424
- name: Checkout detection-rules
25-
uses: actions/checkout@v2
25+
uses: actions/checkout@v4
2626
with:
2727
fetch-depth: 0
2828

0 commit comments

Comments
 (0)