diff --git a/.github/workflows/sigma-validation.yml b/.github/workflows/sigma-validation.yml index 2c962c56b..471bf98b0 100644 --- a/.github/workflows/sigma-validation.yml +++ b/.github/workflows/sigma-validation.yml @@ -35,19 +35,8 @@ jobs: validate-sigma-rules: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - name: Set up Python 3.10 - uses: actions/setup-python@v5 - with: - python-version: "3.10" - - name: Install dependencies - run: pip install requests check-jsonschema - name: Validate Sigma rules - run: | - echo "Validating Sigma rules against sigma-schema.json" - check-jsonschema --schemafile $(python tests/validate-sigma-schema/validate.py schema) $(python tests/validate-sigma-schema/validate.py rules) + uses: SigmaHQ/validate-sigma-rules@v0 env: SIGMA_RULES_PATH: |- ./rules diff --git a/tests/validate-sigma-schema/validate.py b/tests/validate-sigma-schema/validate.py index 5428ee15e..359b405e3 100644 --- a/tests/validate-sigma-schema/validate.py +++ b/tests/validate-sigma-schema/validate.py @@ -73,7 +73,16 @@ def generate_all_files( """ for path in root.rglob("*"): - if not path.is_file() or any([path.match(ex) for ex in excludes]): + # NOTE: path.is_file() is used to skip directories, however it will also + # skip symlinks to files and these symlinked files might reside in inaccessible + # directories, hence it'll raise a PermissionError. This is why it is run + # using sudo in the action.yml file. If running as sudo is not an option, + # the code can be modified to catch the PermissionError and skip the file. + try: + if not path.is_file() or any([path.match(ex) for ex in excludes]): + continue + except PermissionError: + warnings.warn(f"PermissionError: Could not access {path}, skipping file") continue if path.suffix in extensions: