Merge branch 'main' into rule-tuning-shared-object-creation

Author: eric-forte-elastic

.github/workflows/attack-coverage-update.yml

@@ -45,7 +45,7 @@ jobs:
          git add docs-dev/"ATT\&CK-coverage.md"
 
       - name: Create Pull Request
-        uses: peter-evans/[email protected]
+        uses: peter-evans/create-pull-request@6cd32fd93684475c31847837f87bb135d40a2b79 # v7.0.3
         with:
           assignees: '${{github.actor}}'
           delete-branch: true

.github/workflows/docs-build.yml

@@ -0,0 +1,23 @@
+name: docs-build
+
+on:
+  push:
+    branches:
+      - main
+  pull_request_target: ~
+
+jobs:
+  preview:
+    uses: elastic/docs-builder/.github/workflows/preview-build.yml@main
+    with:
+      continue-on-error: false
+      strict: true
+      path-pattern: |
+        docs/**
+        rules/**
+        rules_building_block/**
+    permissions:
+      deployments: write
+      id-token: write
+      contents: read
+      pull-requests: read

.github/workflows/docs-cleanup.yml

@@ -0,0 +1,14 @@
+name: docs-cleanup
+
+on:
+  pull_request_target:
+    types:
+      - closed
+
+jobs:
+  preview:
+    uses: elastic/docs-builder/.github/workflows/preview-cleanup.yml@main
+    permissions:
+      contents: none
+      id-token: write
+      deployments: write

.github/workflows/kibana-mitre-update.yml

@@ -15,9 +15,8 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Get MITRE Attack changed files
-        if: false
         id: changed-attack-files
-        uses: tj-actions/changed-files@v44
+        uses: tj-actions/changed-files@v46
         with:
           files: detection_rules/etc/attack-v*.json.gz
 

.github/workflows/lock-versions.yml

@@ -6,7 +6,7 @@ on:
           description: 'List of branches to lock versions (ordered, comma separated)'
           required: true
           # 7.17 was intentionally skipped because it was added late and was bug fix only
-          default: '8.12,8.13,8.14,8.15,8.16,8.17'
+          default: '8.14,8.15,8.16,8.17,8.18,9.0'
 
 jobs:
   pr:

.github/workflows/pythonpackage.yml

@@ -2,7 +2,7 @@ name: Unit Tests
 
 on:
   push:
-    branches: [ "main", "7.*", "8.*" ]
+    branches: [ "main", "7.*", "8.*", "9.*" ]
   pull_request:
     branches: [ "*" ]
 

.github/workflows/react-tests-dispatcher.yml

@@ -22,6 +22,7 @@ on:
       - '!rules/integrations/o365/*.toml'
       - '!rules/integrations/okta/*.toml'
       - '!rules/integrations/problemchild/*.toml'
+      - '!rules/integrations/pad/*.toml'
 
 jobs:
   dispatch:

.github/workflows/version-code-and-release.yml

@@ -92,7 +92,7 @@ jobs:
           git push origin "dev-v$version"
 
       - name: Run Release Drafter
-        uses: release-drafter/release-drafter@v6
+        uses: release-drafter/release-drafter@b1476f6e6eb133afa41ed8589daba6dc69b4d3f5 # v6.1.0
         with:
           config-name: release-drafter.yml
         env:

CLI.md

@@ -481,7 +481,7 @@ Options:
 
 ### Exporting rules
 
-This command should be run with the `CUSTOM_RULES_DIR` envvar set, that way proper validation is applied to versioning when the rules are downloaded. See the [custom rules docs](docs-dev/custom-rules.md) for more information.
+This command should be run with the `CUSTOM_RULES_DIR` envvar set, that way proper validation is applied to versioning when the rules are downloaded. See the [custom rules docs](docs-dev/custom-rules-management.md) for more information.
 
 ```
 python -m detection_rules kibana export-rules -h

detection_rules/custom_rules.py

@@ -15,7 +15,7 @@
 from .utils import ROOT_DIR, get_etc_path, load_etc_dump
 
 DEFAULT_CONFIG_PATH = Path(get_etc_path('_config.yaml'))
-CUSTOM_RULES_DOC_PATH = Path(ROOT_DIR).joinpath(REPO_DOCS_DIR, 'custom-rules.md')
+CUSTOM_RULES_DOC_PATH = Path(ROOT_DIR).joinpath(REPO_DOCS_DIR, 'custom-rules-management.md')
 
 
 @root.group('custom-rules')