From ad180777cf745f6e3a5873631000a44aec08c0aa Mon Sep 17 00:00:00 2001 From: Terrance DeJesus <99630311+terrancedejesus@users.noreply.github.com> Date: Thu, 9 Jan 2025 16:35:18 -0500 Subject: [PATCH] [Maintenance] Repository Config Update (#4359) * updating tokens * bumped patch * updated navigator gist ID * updated naming * Update .github/workflows/manual-backport.yml * updated navigator url * updated noreply email * updated naming * Update .github/workflows/manual-backport.yml Co-authored-by: Eric Forte <119343520+eric-forte-elastic@users.noreply.github.com> * updating README * updated gist token * replaced guidelines token with GITHUB_TOKEN --------- Co-authored-by: Eric Forte <119343520+eric-forte-elastic@users.noreply.github.com> --- .github/workflows/add-guidelines.yml | 2 +- .github/workflows/attack-coverage-update.yml | 2 +- .github/workflows/backport.yml | 4 ++-- .github/workflows/branch-status-checks.yml | 2 +- .github/workflows/community.yml | 2 +- .github/workflows/kibana-mitre-update.yml | 12 ++++++------ .github/workflows/manual-backport.yml | 4 ++-- .github/workflows/pythonpackage.yml | 6 +++--- .github/workflows/release-docs.yml | 4 ++-- .github/workflows/release-fleet.yml | 8 ++++---- README.md | 2 +- detection_rules/devtools.py | 4 ++-- pyproject.toml | 2 +- 13 files changed, 27 insertions(+), 27 deletions(-) diff --git a/.github/workflows/add-guidelines.yml b/.github/workflows/add-guidelines.yml index 9ade4f6d23d..44731881f4b 100644 --- a/.github/workflows/add-guidelines.yml +++ b/.github/workflows/add-guidelines.yml @@ -57,5 +57,5 @@ jobs: uses: mshick/add-pr-comment@v2 with: message-path: ${{ env.GUIDELINES_FILE }} - repo-token: ${{ secrets.PROTECTIONS_MACHINE_TOKEN }} + repo-token: ${{ secrets.GITHUB_TOKEN }} message-id: "guidelines-comment" diff --git a/.github/workflows/attack-coverage-update.yml b/.github/workflows/attack-coverage-update.yml index daf88995245..13ca7e9e8a6 100644 --- a/.github/workflows/attack-coverage-update.yml +++ b/.github/workflows/attack-coverage-update.yml @@ -39,7 +39,7 @@ jobs: - name: Update navigator gist files and docs/ATT&CK-coverage.md file. env: - GITHUB_TOKEN: "${{ secrets.NAVIGATOR_GIST_TOKEN }}" + GITHUB_TOKEN: "${{ secrets.WRITE_TRADEBOT_GIST_TOKEN }}" run: | python -m detection_rules dev update-navigator-gists "${{ github.event.inputs.update-coverage }}" git add docs/"ATT\&CK-coverage.md" diff --git a/.github/workflows/backport.yml b/.github/workflows/backport.yml index 72dcfcd6019..521a16d19dc 100644 --- a/.github/workflows/backport.yml +++ b/.github/workflows/backport.yml @@ -67,7 +67,7 @@ jobs: - name: Checkout repo uses: actions/checkout@v2 with: - token: ${{ secrets.PROTECTIONS_MACHINE_TOKEN }} + token: ${{ secrets.WRITE_DETECTION_RULES_PROTECTIONS_TOKEN }} ref: main fetch-depth: 100 @@ -161,6 +161,6 @@ jobs: - name: "Notify slack on failure" uses: craftech-io/slack-action@v1 with: - slack_webhook_url: ${{ secrets.SLACK_WEBHOOK_URL }} + slack_webhook_url: ${{ secrets.EXTERNAL_SLACK_DETECTION_RULES_URL }} status: failure if: failure() diff --git a/.github/workflows/branch-status-checks.yml b/.github/workflows/branch-status-checks.yml index 630dfe5e6c6..4c3490fe417 100644 --- a/.github/workflows/branch-status-checks.yml +++ b/.github/workflows/branch-status-checks.yml @@ -22,7 +22,7 @@ jobs: with: url: "https://api.github.com/repos/elastic/detection-rules/actions/workflows/pythonpackage.yml/runs?per_page=1&branch=${{matrix.target_branch}}" method: 'GET' - bearerToken: ${{ secrets.READ_ORG_TOKEN }} + bearerToken: ${{ secrets.READ_ELASTIC_DETECTION_RULES_ORG_TOKEN }} - name: Check Backport Status uses: actions/github-script@v6 diff --git a/.github/workflows/community.yml b/.github/workflows/community.yml index 83735dd6649..5869e7fbb6e 100644 --- a/.github/workflows/community.yml +++ b/.github/workflows/community.yml @@ -15,7 +15,7 @@ jobs: uses: actions/github-script@v6 id: membership with: - github-token: ${{ secrets.READ_ORG_TOKEN }} + github-token: ${{ secrets.READ_ELASTIC_DETECTION_RULES_ORG_TOKEN }} result-encoding: string script: | diff --git a/.github/workflows/kibana-mitre-update.yml b/.github/workflows/kibana-mitre-update.yml index ab2366504bc..5d7b7fe64ca 100644 --- a/.github/workflows/kibana-mitre-update.yml +++ b/.github/workflows/kibana-mitre-update.yml @@ -2,7 +2,7 @@ name: Check MITRE ATT&CK Version Updates Are Synced on: pull_request: - types: + types: - opened paths: - 'detection_rules/etc/attack-v*.json.gz' @@ -18,8 +18,8 @@ jobs: id: changed-attack-files uses: tj-actions/changed-files@v44 with: - files: detection_rules/etc/attack-v*.json.gz - + files: detection_rules/etc/attack-v*.json.gz + - name: Extract version from file name id: extract_version if: steps.changed-attack-files.outputs.any_changed == 'true' @@ -33,9 +33,9 @@ jobs: run: | ISSUE_TITLE="[Security Solution] Update MITRE ATT&CK to ${{ steps.extract_version.outputs.version }}" ISSUE_BODY="The detection rules MITRE ATT&CK version has been updated to ${{ steps.extract_version.outputs.version }} Please update the MITRE ATT&CK version in Kibana accordingly." - + curl -X POST \ - -H "Authorization: token ${{ secrets.READ_WRITE_KIBANA_TOKEN }}" \ + -H "Authorization: token ${{ secrets.WRITE_KIBANA_DETECTION_RULES_TOKEN }}" \ -H "Accept: application/vnd.github.v3+json" \ https://api.github.com/repos/elastic/kibana/issues \ -d '{ @@ -44,4 +44,4 @@ jobs: }' env: - GITHUB_TOKEN: ${{ secrets.READ_WRITE_KIBANA_TOKEN }} + GITHUB_TOKEN: ${{ secrets.WRITE_KIBANA_DETECTION_RULES_TOKEN }} diff --git a/.github/workflows/manual-backport.yml b/.github/workflows/manual-backport.yml index 965c64aca3a..69262512345 100644 --- a/.github/workflows/manual-backport.yml +++ b/.github/workflows/manual-backport.yml @@ -21,7 +21,7 @@ jobs: - name: Checkout detection-rules uses: actions/checkout@v3 with: - token: ${{ secrets.PROTECTIONS_MACHINE_TOKEN }} + token: ${{ secrets.WRITE_TRADEBOT_DETECTION_RULES_TOKEN }} fetch-depth: 0 - name: Set github config @@ -81,6 +81,6 @@ jobs: - name: "Notify slack on failure" uses: craftech-io/slack-action@v1 with: - slack_webhook_url: ${{ secrets.SLACK_WEBHOOK_URL }} + slack_webhook_url: ${{ secrets.READ_DETECTION_RULES_SLACK_WEBHOOK_TOKEN }} status: failure if: failure() diff --git a/.github/workflows/pythonpackage.yml b/.github/workflows/pythonpackage.yml index c46586f814a..a48dbe2d466 100644 --- a/.github/workflows/pythonpackage.yml +++ b/.github/workflows/pythonpackage.yml @@ -15,11 +15,11 @@ jobs: - uses: actions/checkout@v4 with: fetch-depth: 1 - + - name: Fetch main branch run: | git fetch origin main:refs/remotes/origin/main - + - name: Set up Python 3.12 uses: actions/setup-python@v5 with: @@ -64,6 +64,6 @@ jobs: - name: Update navigator gist files env: - GITHUB_TOKEN: "${{ secrets.NAVIGATOR_GIST_TOKEN }}" + GITHUB_TOKEN: "${{ secrets.WRITE_TRADEBOT_DETECTION_RULES_TOKEN }}" if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} run: python -m detection_rules dev update-navigator-gists diff --git a/.github/workflows/release-docs.yml b/.github/workflows/release-docs.yml index 9f16212ad8b..fb5f9e35a61 100644 --- a/.github/workflows/release-docs.yml +++ b/.github/workflows/release-docs.yml @@ -31,7 +31,7 @@ jobs: - name: Checkout elastic/security-docs uses: actions/checkout@v3 with: - token: ${{ secrets.READ_WRITE_RELEASE_FLEET }} + token: ${{ secrets.WRITE_INTEGRATIONS_DETECTION_RULES_TOKEN }} repository: "elastic/security-docs" path: security-docs fetch-depth: 0 @@ -79,7 +79,7 @@ jobs: - name: Create PR to elastic/security-docs env: - GITHUB_TOKEN: ${{ secrets.PROTECTIONS_MACHINE_TOKEN }} + GITHUB_TOKEN: ${{ secrets.WRITE_TRADEBOT_DETECTION_RULES_TOKEN }} POST_VERSION: "v${{ github.event.inputs.post_version }}" TARGET_BRANCH: "${{ github.event.inputs.target_branch }}" UPDATE_BRANCH: "update-security-docs-prebuilt-rules-${{github.event.inputs.post_version}}" diff --git a/.github/workflows/release-fleet.yml b/.github/workflows/release-fleet.yml index 83bdee697b8..5389cf80916 100644 --- a/.github/workflows/release-fleet.yml +++ b/.github/workflows/release-fleet.yml @@ -68,7 +68,7 @@ jobs: - name: Checkout elastic/integrations uses: actions/checkout@v3 with: - token: ${{ secrets.READ_WRITE_RELEASE_FLEET }} + token: ${{ secrets.WRITE_INTEGRATIONS_DETECTION_RULES_TOKEN }} repository: ${{github.event.inputs.target_repo}} path: integrations fetch-depth: 0 @@ -119,8 +119,8 @@ jobs: - name: Set github config run: | - git config --global user.email "72879786+protectionsmachine@users.noreply.github.com" - git config --global user.name "protectionsmachine" + git config --global user.email "178941316+tradebot-elastic@users.noreply.github.com" + git config --global user.name "tradebot-elastic" - name: Setup go uses: actions/setup-go@v3 @@ -138,7 +138,7 @@ jobs: TARGET_REPO: "${{github.event.inputs.target_repo}}" TARGET_BRANCH: "${{github.event.inputs.target_branch}}" LOCAL_REPO: "../integrations" - GITHUB_TOKEN: "${{ secrets.READ_WRITE_RELEASE_FLEET }}" + GITHUB_TOKEN: "${{ secrets.WRITE_INTEGRATIONS_DETECTION_RULES_TOKEN }}" run: | cd detection-rules python -m detection_rules dev integrations-pr \ diff --git a/README.md b/README.md index 4aad232705c..f03272a33ae 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ [![Supported Python versions](https://img.shields.io/badge/python-3.12+-yellow.svg)](https://www.python.org/downloads/) [![Unit Tests](https://github.com/elastic/detection-rules/workflows/Unit%20Tests/badge.svg)](https://github.com/elastic/detection-rules/actions) [![Chat](https://img.shields.io/badge/chat-%23security--detection--rules-blueviolet)](https://ela.st/slack) -[![ATT&CK navigator coverage](https://img.shields.io/badge/ATT&CK-Navigator-red.svg)](https://ela.st/detection-rules-navigator) +[![ATT&CK navigator coverage](https://img.shields.io/badge/ATT&CK-Navigator-red.svg)](https://ela.st/detection-rules-navigator-trade) # Detection Rules diff --git a/detection_rules/devtools.py b/detection_rules/devtools.py index 69377a884c5..94065f3eab6 100644 --- a/detection_rules/devtools.py +++ b/detection_rules/devtools.py @@ -57,8 +57,8 @@ from .version_lock import VersionLockFile, loaded_version_lock GH_CONFIG = Path.home() / ".config" / "gh" / "hosts.yml" -NAVIGATOR_GIST_ID = '1a3f65224822a30a8228a8ed20289a89' -NAVIGATOR_URL = 'https://ela.st/detection-rules-navigator' +NAVIGATOR_GIST_ID = '0443cfb5016bed103f1940b2f336e45a' +NAVIGATOR_URL = 'https://ela.st/detection-rules-navigator-trade' NAVIGATOR_BADGE = ( f'[![ATT&CK navigator coverage](https://img.shields.io/badge/ATT&CK-Navigator-red.svg)]({NAVIGATOR_URL})' ) diff --git a/pyproject.toml b/pyproject.toml index fb6af21ac97..3da5bef441d 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [project] name = "detection_rules" -version = "0.3.12" +version = "0.3.13" description = "Detection Rules is the home for rules used by Elastic Security. This repository is used for the development, maintenance, testing, validation, and release of rules for Elastic Security’s Detection Engine." readme = "README.md" requires-python = ">=3.12"