Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Forbid extra fields in YMLs #208

Closed
wants to merge 114 commits into from
Closed

Forbid extra fields in YMLs #208

wants to merge 114 commits into from

Conversation

pyth0n1c
Copy link
Contributor

@pyth0n1c pyth0n1c commented Jul 27, 2024
edited
Loading

Add an extra, missing field to the lookup.py model called max_matches that was accidentally dropped. set extra='forbid' for SecurityContentObject

This PR is on hold pending significant, structural changes to Detection YMLs with respect to Risk Based Alterting (RBA) content:
#263

pyth0n1c and others added 6 commits May 15, 2024 14:59
@pyth0n1c
Code which still needs testing
6f982e7 
to enable ACS deployment.
reduce non-blocking warnings
thrown by appinspect api by
updating some automatically
generated app files.
@pyth0n1c
add proper access for sc_admin
1f7afd7 
to default.meta
@josehelps
renamed acs_deploy to deploy_acs
9caf4f0
@pyth0n1c
Merge branch 'main' into enable_acs_deploy
1c2ef2f
@pyth0n1c
Re-enable acs deployment
d5b08d4 
in contentctl.py.
Print out what is returned from
ACS, even on success.
@pyth0n1c
Add an extra, missing field to the lookup.py model called max_matches…
60b6e1b 
… that was accidentally dropped. set extra='forbid' for SecurityContentObject
@pyth0n1c pyth0n1c mentioned this pull request Jul 27, 2024
Open
@pyth0n1c
Copy link
Contributor Author

pyth0n1c commented Jul 27, 2024
edited
Loading

Note that the groups and context fields were temporarily added to the detection_tags object and will require some discussion. We may also need to update the contentctl new command to make sure no erroneous fields are written, like risk_score.

pyth0n1c and others added 4 commits September 17, 2024 16:30
@pyth0n1c
Merge branch 'main' into add_drilldown_support
72e3354
@ryanplasma
Merge branch 'main' into add_explanation
34d0ff6
@pyth0n1c
Add the possibility
9ba9300 
to automatically create
drilldowns. We will
likely remove this, but let's
keep it now for purposes
of discussion.
@pyth0n1c
Merge branch 'main' into add_explanation
3c5f9f0
pyth0n1c and others added 28 commits October 22, 2024 16:04
@pyth0n1c
forgot to save before
c9dfa84 
committing. see
previous commit message.
@pyth0n1c
Merge pull request #316 from splunk/fix_savedsearches_path
f9bcd7e 
Fix savedsearches path issue
@pyth0n1c
Merge branch 'main' into fix_security_domain
98f9921
@pyth0n1c
Merge pull request #314 from splunk/fix_security_domain
35d8b82 
remove "cloud" from the security_domain enum
@ljstella
Merge branch 'main' into test_on_app_change
825d854
@pyth0n1c
Update pyproject.toml
81fa46e 
just bumping version for release
@pyth0n1c
Update pyproject.toml
7f5319e
@ljstella
Merge branch 'main' into test_on_app_change
89b8ad3
@ljstella
Ensure we print the right field
34ae585
@pyth0n1c
Merge branch 'main' into enable_acs_deploy
dd77dc6
@pyth0n1c
Merge pull request #146 from splunk/enable_acs_deploy
59a3d1c 
Enable acs deploy + appinspect warnings
@pyth0n1c
Update pyproject.toml
81db497 
bump version in prep for release
@ljstella
Merge branch 'main' into data_sources_clarification
45b3a87
@pyth0n1c
Merge pull request #324 from splunk/data_sources_clarification
3c733f1 
Ensure we print the right field for data_source
@ljstella
Merge branch 'main' into test_on_app_change
af0ff41
@pyth0n1c
Merge branch 'main' into exception_on_extra_fields
bbe5da8
@ljstella
Typing
4d9a831
@ljstella
Version bump
3c9395c
@pyth0n1c
Merge pull request #301 from splunk/test_on_app_change
b8b5c2d 
Testing on Datasource changes
@pyth0n1c
Merge branch 'main' into exception_on_extra_fields
b4a9217
@pyth0n1c
Move Baseline datamodel from YML field
ef7784d 
to computed_field
@pyth0n1c
make datamodel a computed
a27f790 
field for investigation
@ljstella
don't declare py3.13 compat
60737bc
@pyth0n1c
Removal of required_fields from
9a546c8 
pydantic object definitions.
@pyth0n1c
Remove context from detection_tags
73ef9e3
@ljstella
version bump
1903d06
@pyth0n1c
Merge pull request #329 from splunk/version-limit
bc2baac 
don't declare py3.13 compat
@ljstella
Merge branch 'main' into exception_on_extra_fields
a00958c
@pyth0n1c
Copy link
Contributor Author

This PR has been open for a long time and, as such, has been deprecated in favor of the following PR with similar changes:
#325

This PR is being closed out.

@pyth0n1c pyth0n1c closed this Nov 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
PENDING OTHER CHANGES
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
8 participants
@pyth0n1c @josehelps @mathieugonzales @ljstella @ryanplasma @ax-hsmith @cmcginley-splunk @patel-bhavin