Splunk TA Update #1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Splunk TA Update | |
on: | |
workflow_dispatch: # Manually trigger the workflow | |
schedule: | |
- cron: '55 06 * * *' # Runs daily at midnight | |
jobs: | |
modify-code: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
with: | |
ref: 'develop' | |
token: ${{ secrets.GH_PAT }} # Add this line to use the PAT for checkout | |
- name: Set up Python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: '3.10' # or the version your script requires | |
- uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws-region: eu-central-1 | |
- name: Install Dependencies using Poetry | |
run: | | |
pip3 install poetry | |
poetry install | |
poetry add GitPython | |
- name: Run Python Splunk TA checker | |
env: | |
SPLUNK_BASE_USERNAME: ${{ secrets.SPLUNK_BASE_USERNAME }} | |
SPLUNK_BASE_PASSWORD: ${{ secrets.SPLUNK_BASE_PASSWORD }} | |
run: | | |
poetry run python scripts/attack_range_ta_update.py | |
- name: Check for changes | |
id: changes | |
run: | | |
git fetch origin develop | |
if git diff --exit-code origin/develop -- configs/attack_range_default.yml; then | |
echo "No changes detected in configs/attack_range_default.yml compared to develop branch" | |
echo "changes_detected=false" >> $GITHUB_ENV | |
else | |
echo "Changes detected in configs/attack_range_default.yml compared to develop branch" | |
echo "changes_detected=true" >> $GITHUB_ENV | |
fi | |
- name: Create Pull Request | |
if: env.changes_detected == 'true' | |
uses: peter-evans/create-pull-request@v6 | |
with: | |
token: ${{ secrets.GH_PAT }} | |
commit-message: Updated TAs | |
branch: auto-ta-update-${{ github.run_number }} | |
base: develop | |
title: Automated Splunk TA Update ${{ github.run_number }} | |
body: "This PR contains updates to Splunk TAs made by GitHub Actions workflow." |