Merge PR #4769 from @mostafa - Update sigma validation workflow

chore: Add comment to the code
chore: Ignore inaccessible file
chore: Switch to using the action for validating Sigma rules

Thanks: @mostafa

.github/workflows/sigma-validation.yml

@@ -35,19 +35,8 @@ jobs:
   validate-sigma-rules:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-      - name: Set up Python 3.10
-        uses: actions/setup-python@v5
-        with:
-          python-version: "3.10"
-      - name: Install dependencies
-        run: pip install requests check-jsonschema
       - name: Validate Sigma rules
-        run: |
-          echo "Validating Sigma rules against sigma-schema.json"
-          check-jsonschema --schemafile $(python tests/validate-sigma-schema/validate.py schema) $(python tests/validate-sigma-schema/validate.py rules)
+        uses: SigmaHQ/validate-sigma-rules@v0
         env:
           SIGMA_RULES_PATH: |-
             ./rules

tests/validate-sigma-schema/validate.py

@@ -73,7 +73,16 @@ def generate_all_files(
     """
 
     for path in root.rglob("*"):
-        if not path.is_file() or any([path.match(ex) for ex in excludes]):
+        # NOTE: path.is_file() is used to skip directories, however it will also
+        # skip symlinks to files and these symlinked files might reside in inaccessible
+        # directories, hence it'll raise a PermissionError. This is why it is run
+        # using sudo in the action.yml file. If running as sudo is not an option,
+        # the code can be modified to catch the PermissionError and skip the file.
+        try:
+            if not path.is_file() or any([path.match(ex) for ex in excludes]):
+                continue
+        except PermissionError:
+            warnings.warn(f"PermissionError: Could not access {path}, skipping file")
             continue
 
         if path.suffix in extensions: