security-tools/sigma-rules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[CI] Publish to integrations from on-demand job (#1340)

Browse Source 
* Add command to publish integrations PR
* Add workflow_dispatch job to publish package
* Get working directory dynamically
* Fix the repo settings
* Get the absolute path for local-repo
* Filter out 'main' branch
* Update the description for target_branch
* Fix workflow definition
* Move 'if' into job
* Update ref format
* Remove unnecessary E501 suppression
* Add a link to the full commit hash
* s/partial_args/prefix_args
This commit is contained in:
Ross Wolf
2021-07-14 16:19:41 -06:00
committed by GitHub
parent 7ec97e622f
commit 77c23da1db
5 changed files with 316 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.github/workflows/release-fleet.yml
+89
View File
@@ -0,0 +1,89 @@
name: release-fleet
on:
workflow_dispatch:
inputs:
target_repo:
description: 'Target repository to build a PR against'
required: true
default: 'elastic/integrations'
target_branch:
description: 'Target branch for PR base'
required: true
default: 'master'
draft:
description: 'Create a PR as draft (y/n)'
required: false
jobs:
fleet-pr:
runs-on: ubuntu-latest
steps:
- name: Validate the source branch
uses: actions/github-script@v3
with:
script: |
if ('refs/heads/main' === '${{github.event.ref}}') {
core.setFailed('Forbidden branch')
}
- name: Checkout elastic/integrations
uses: actions/checkout@v2
with:
token: ${{ secrets.PROTECTIONS_MACHINE_TOKEN }}
ref: ${{github.event.inputs.target_branch}}
repository: ${{github.event.inputs.target_repo}}
path: integrations
- name: Set up Python 3.8
uses: actions/setup-python@v2
with:
python-version: 3.8
- name: Install Python dependencies
run: |
cd detection-rules
python -m pip install --upgrade pip
pip install -r requirements.txt -r requirements-dev.txt
- name: Build release package
run: |
cd detection-rules
python -m detection_rules dev build-release
- name: Set github config
run: |
git config --global user.email "72879786+protectionsmachine@users.noreply.github.com"
git config --global user.name "protectionsmachine"
- name: Setup go
uses: actions/setup-go@v2
with:
go-version: '^1.16.0'
- name: Build elastic-package
run: |
go get github.com/elastic/elastic-package
- name: Create the PR to Integrations
env:
DRAFT_ARGS: "${{startsWith(github.event.inputs.draft,'y') && '--draft' || ' '}}"
TARGET_REPO: "${{github.event.inputs.target_repo}}"
TARGET_BRANCH: "${{github.event.inputs.target_branch}}"
LOCAL_REPO: "../integrations"
GITHUB_TOKEN: "${{ secrets.PROTECTIONS_MACHINE_TOKEN }}"
run: |
cd detection-rules
python -m detection_rules dev integrations-pr \
$LOCAL_REPO \
--github-repo $TARGET_REPO \
--base-branch $TARGET_BRANCH \
--assign ${{github.actor}} \
$DRAFT_ARGS
- name: Archive production artifacts
uses: actions/upload-artifact@v2
with:
name: release-files
path: |
detection-rules/releases
.github/workflows/release-kibana.yml
+11 -6
View File
@@ -32,6 +32,11 @@ jobs:
repository: elastic/kibana
path: kibana
- name: Set up Python 3.8
uses: actions/setup-python@v2
with:
python-version: 3.8
- name: Install dependencies
run: |
cd detection-rules
@@ -58,9 +63,9 @@ jobs:
cd detection-rules
python -m detection_rules dev kibana-pr --assign ${{github.actor}} $LABEL_ARGS $DRAFT_ARGS $BRANCH_ARGS
- name: Archive production artifacts for branch builds
uses: actions/upload-artifact@v2
with:
name: release-files
path: |
detection-rules/releases
- name: Archive production artifacts for branch builds
uses: actions/upload-artifact@v2
with:
name: release-files
path: |
detection-rules/releases