phantinuss
2c24b24cf1
chore: update evtx-baseline to v0.8 chore: add file paths that impact the test chore: split goodlog and QA tests into two separate workflows fix: File or Folder Permissions Modifications - FPs with partial paths
49 lines
1.2 KiB
YAML
49 lines
1.2 KiB
YAML
name: Validate Sigma rules
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- "*"
|
|
paths:
|
|
- "deprecated/**.yml"
|
|
- "rules-compliance/**.yml"
|
|
- "rules-dfir/**.yml"
|
|
- "rules-emerging-threats/**.yml"
|
|
- "rules-placeholder/**.yml"
|
|
- "rules-threat-hunting/**.yml"
|
|
- "rules/**.yml"
|
|
- "tests/validate-sigma-schema/validate.sh"
|
|
- "unsupported/**.yml"
|
|
pull_request:
|
|
branches:
|
|
- master
|
|
paths:
|
|
- "deprecated/**.yml"
|
|
- "rules-compliance/**.yml"
|
|
- "rules-dfir/**.yml"
|
|
- "rules-emerging-threats/**.yml"
|
|
- "rules-placeholder/**.yml"
|
|
- "rules-threat-hunting/**.yml"
|
|
- "rules/**.yml"
|
|
- "tests/validate-sigma-schema/validate.sh"
|
|
- "unsupported/**.yml"
|
|
|
|
# Allows you to run this workflow manually from the Actions tab
|
|
workflow_dispatch:
|
|
|
|
jobs:
|
|
validate-sigma-rules:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
with:
|
|
fetch-depth: 0
|
|
- name: Set up Python 3.10
|
|
uses: actions/setup-python@v3
|
|
with:
|
|
python-version: "3.10"
|
|
- name: Install dependencies
|
|
run: pip install check-jsonschema
|
|
- name: Validate Sigma rules
|
|
run: tests/validate-sigma-schema/validate.sh
|