security-tools/atomic-red-team
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
284886292b38db132e53d9e8af022b579df894c8
atomic-red-team/bin/validate/atomic-red-team.schema.yaml
T
Josh Rickard 284886292b Atomic Red Team - JSON Schema Validation CI (#2303) 
* feat: Adding atomic-red-team JSON Schema defintions

* feat: Adding validate.py script to validate all atomics against the defined schema

* feat: Adding validate-schema GitHub Workflow action to validate on every push to the repo

* ci: Updated the validate-schema workflow to support and use Ruby instead of python

* fix: Updated schema to remove schema draft version (not necessarily needed) and update to remove elevation_required as a required defined property

* fix: Removed the yaml schema version

* docs: Adding start of README

* fix: Adding an updated/better version of the python validation but may ultimately be removed

* feat: Adding Ruby version of validate.rb script

* fix: Removing files not needed since we are changing to github action and using the new validation code

* fix: Adding the yaml schema file back and removed the json version

* docs: Updated README with documentation

* fix: Updating schema to use new format validator

* fix: Updated validate.rb to verify that the Technique IDs are in the correct format.

* fix: Upating validate.rb to raise execptions so that failures flow up to the GitHub Action workflow

* fix: Updated all tests that have input_arguments not conformaing to schema defintion for type value of path

* fix: Updating the Validaton README for typos

* fixL: Minor updates to the schema

* minor schema changes

* github actions fix

* schema changes

---------

Co-authored-by: MSAdministrator <MSAdministrator@users.noreply.github.com>
Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
Co-authored-by: Hare Sudhan <code@0x6c.dev>
2023-05-12 15:33:47 -06:00

152 lines
3.7 KiB
YAML
Raw Blame History

$id: https://json-schema.org/draft/2020-12/schema
title: Atomic Schema
description: A schema for atomics within the atomic-red-team project
type: object
properties:
attack_technique:
description: A MITRE ATT&CK Technique ID with a capital T
type: string
format: technique_id
pattern: T[\.\d]{4,8}
display_name:
description: Name of the technique as defined by ATT&CK.
type: string
atomic_tests:
description: One or more Atomic tests for a technique
type: array
items:
$ref: "#/$defs/test"
minItems: 1
uniqueItems: true
$defs:
test:
type: object
required:
- name
- description
- supported_platforms
- executor
properties:
name:
type: string
description: The name of the test.
auto_generated_guid:
type: string
description: A unique test GUID
description:
type: string
description: A description about the test
supported_platforms:
type: array
description: One or more supported operating system platforms for this test
uniqueItems: true
items:
type: string
enum:
- windows
- macos
- linux
- office-365
- azure-ad
- google-workspace
- saas
- iaas
- containers
- iaas:gcp
- iaas:azure
- iaas:aws
input_arguments:
type: object
additionalProperties: false
properties:
"/": {}
patternProperties:
"^[\\w-]+$":
type: integer
type: object
required:
- description
properties:
description:
type: string
anyOf:
- required:
- type
properties:
type:
type: string
enum:
- integer
- float
default:
type:
- number
- "null"
- required:
- type
properties:
type:
type: string
enum:
- path
- url
- string
default:
type:
- string
- "null"
dependency_executor_name:
type: string
enum:
- command_prompt
- powershell
- sh
- bash
- manual
dependencies:
type: array
unique: true
items:
type: object
properties:
description:
type: string
prereq_command:
type: string
get_prereq_command:
type: string
required:
- description
- prereq_command
- get_prereq_command
executor:
type: object
required:
- name
properties:
name:
type: string
enum:
- command_prompt
- powershell
- sh
- bash
- manual
oneOf:
- required:
- command
properties:
elevation_required:
type: boolean
command:
type: string
cleanup_command:
type:
- string
- "null"
- required:
- steps
properties:
steps:
type: string
Reference in New Issue View Git Blame Copy Permalink