[Bug] Adjust build-release CLI and fix links when generating security docs (#3434)
* removed historical argument; added setup string; fixed links
* fixing flake errors
* added types for command arguments
* adjusted get_release_diff to append strings for release tags
* set fetch-depth to 0 for integrations checkout in workflow
* changed the name of the workflow
* removed TODOs
* adjusted release docs workflow to remove prefix for release tags
* adjusted URL replacement only if pointed to docs site
* added elastic website to regex pattern
* add docstrings; adjusted regex; add note for stopgap
* added a note about the regex pattern for elastic URLs
(cherry picked from commit 06b97ec79b)
This commit is contained in:
Terrance DeJesus
committed by
github-actions[bot]
github-actions[bot]
parent
934edfd618
commit
00fe4c8283
+18
-2
@@ -531,6 +531,11 @@ class IntegrationRuleDetail:
|
||||
self.package = package_str
|
||||
self.rule_title = f'prebuilt-rule-{self.package}-{name_to_title(self.rule["name"])}'
|
||||
|
||||
# NOTE: This pattern is used to replace markdown links with asciidoc compatible links
|
||||
# upstream in security-docs repo where CI checks fail if markdown links are used
|
||||
self.elastic_hyperlink_pattern = \
|
||||
r'\[.*?\]\(((?:https://(?:www\.)?elastic\.co|https://docs\.elastic\.co)/.*?)\)'
|
||||
|
||||
# set some defaults
|
||||
self.rule.setdefault('max_signals', 100)
|
||||
self.rule.setdefault('interval', '5m')
|
||||
@@ -549,6 +554,8 @@ class IntegrationRuleDetail:
|
||||
]
|
||||
if 'note' in self.rule:
|
||||
page.extend([self.guide_str(), ''])
|
||||
if 'setup' in self.rule:
|
||||
page.extend([self.setup_str(), ''])
|
||||
if 'query' in self.rule:
|
||||
page.extend([self.query_str(), ''])
|
||||
if 'threat' in self.rule:
|
||||
@@ -557,6 +564,7 @@ class IntegrationRuleDetail:
|
||||
return '\n'.join(page)
|
||||
|
||||
def metadata_str(self) -> str:
|
||||
"""Add the metadata section to the rule detail page."""
|
||||
fields = {
|
||||
'type': 'Rule type',
|
||||
'index': 'Rule indices',
|
||||
@@ -589,13 +597,21 @@ class IntegrationRuleDetail:
|
||||
return '\n'.join(values)
|
||||
|
||||
def guide_str(self) -> str:
|
||||
return f'{AsciiDoc.title(4, "Investigation guide")}\n\n\n{AsciiDoc.code(self.rule["note"], code="markdown")}'
|
||||
"""Add the guide section to the rule detail page."""
|
||||
guide = re.sub(self.elastic_hyperlink_pattern, r'\1', self.rule['note'])
|
||||
return f'{AsciiDoc.title(4, "Investigation guide")}\n\n\n{AsciiDoc.code(guide, code="markdown")}'
|
||||
|
||||
def setup_str(self) -> str:
|
||||
"""Add the setup section to the rule detail page."""
|
||||
setup = re.sub(self.elastic_hyperlink_pattern, r'\1', self.rule['setup'])
|
||||
return f'{AsciiDoc.title(4, "Setup")}\n\n\n{AsciiDoc.code(setup, code="markdown")}'
|
||||
|
||||
def query_str(self) -> str:
|
||||
# TODO: code=sql - would require updating existing
|
||||
"""Add the query section to the rule detail page."""
|
||||
return f'{AsciiDoc.title(4, "Rule query")}\n\n\n{AsciiDoc.code(self.rule["query"])}'
|
||||
|
||||
def threat_mapping_str(self) -> str:
|
||||
"""Add the threat mapping section to the rule detail page."""
|
||||
values = [AsciiDoc.bold_kv('Framework', 'MITRE ATT&CK^TM^'), '']
|
||||
|
||||
for entry in self.rule['threat']:
|
||||
|
||||
Reference in New Issue
Block a user