security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c19e9cb2a4bd23c1bfbc85c398e6c7cbfd4eb016
blue-team-tools/.github/workflows/sigma-test.yml
T
phantinuss a38664c771 Merge PR #5443 from @phantinuss - Pin Sigma Validator package to minor version only 
chore: Pin Sigma Validator package to minor version only
2025-06-04 14:58:58 +02:00

90 lines
2.4 KiB
YAML
Raw Blame History

# This workflow will install Python dependencies, run tests and lint with a single version of Python
# For more information see: https://help.github.com/actions/language-and-framework-guides/using-python-with-github-actions
name: Sigma Rule Tests
on:
push:
branches:
- "*"
paths:
- ".github/workflows/sigma-test.yml"
- "deprecated/**.yml"
- "rules-compliance/**.yml"
- "rules-dfir/**.yml"
- "rules-emerging-threats/**.yml"
- "rules-placeholder/**.yml"
- "rules-threat-hunting/**.yml"
- "rules/**.yml"
- "tests/sigma_cli_conf.yml"
- "tests/test_logsource.py"
- "tests/test_rules.py"
- "unsupported/**.yml"
pull_request:
branches:
- master
paths:
- ".github/workflows/sigma-test.yml"
- "deprecated/**.yml"
- "rules-compliance/**.yml"
- "rules-dfir/**.yml"
- "rules-emerging-threats/**.yml"
- "rules-placeholder/**.yml"
- "rules-threat-hunting/**.yml"
- "rules/**.yml"
- "tests/sigma_cli_conf.yml"
- "tests/test_logsource.py"
- "tests/test_rules.py"
- "unsupported/**.yml"
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
jobs:
yamllint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: yaml-lint
uses: ibiqlik/action-yamllint@v3
test-sigma-logsource:
runs-on: ubuntu-latest
needs: yamllint
steps:
- uses: actions/checkout@v4
with:
submodules: true
- name: Set up Python 3.11
uses: actions/setup-python@v5
with:
python-version: 3.11
- name: Test Sigma logsource
run: |
pip install PyYAML colorama
python tests/test_logsource.py
test-sigma:
runs-on: ubuntu-latest
needs: test-sigma-logsource
steps:
- uses: actions/checkout@v4
with:
submodules: true
- name: Set up Python 3.11
uses: actions/setup-python@v5
with:
python-version: 3.11
- name: Install dependencies
run: |
pip install pysigma
pip install sigma-cli
pip install pySigma-validators-sigmahq==0.9.*
- name: Test Sigma Rule Syntax
run: |
sigma check --fail-on-error --fail-on-issues --validation-config tests/sigma_cli_conf.yml rules*
- name: Test Sigma Rules
run: |
pip install PyYAML colorama
python tests/test_rules.py
Reference in New Issue View Git Blame Copy Permalink