From ad180777cf745f6e3a5873631000a44aec08c0aa Mon Sep 17 00:00:00 2001 From: Terrance DeJesus <99630311+terrancedejesus@users.noreply.github.com> Date: Thu, 9 Jan 2025 16:35:18 -0500 Subject: [PATCH] [Maintenance] Repository Config Update (#4359) * updating tokens * bumped patch * updated navigator gist ID * updated naming * Update .github/workflows/manual-backport.yml * updated navigator url * updated noreply email * updated naming * Update .github/workflows/manual-backport.yml Co-authored-by: Eric Forte <119343520+eric-forte-elastic@users.noreply.github.com> * updating README * updated gist token * replaced guidelines token with GITHUB_TOKEN --------- Co-authored-by: Eric Forte <119343520+eric-forte-elastic@users.noreply.github.com> --- .github/workflows/add-guidelines.yml | 2 +- .github/workflows/attack-coverage-update.yml | 2 +- .github/workflows/backport.yml | 4 ++-- .github/workflows/branch-status-checks.yml | 2 +- .github/workflows/community.yml | 2 +- .github/workflows/kibana-mitre-update.yml | 12 ++++++------ .github/workflows/manual-backport.yml | 4 ++-- .github/workflows/pythonpackage.yml | 6 +++--- .github/workflows/release-docs.yml | 4 ++-- .github/workflows/release-fleet.yml | 8 ++++---- README.md | 2 +- detection_rules/devtools.py | 4 ++-- pyproject.toml | 2 +- 13 files changed, 27 insertions(+), 27 deletions(-) diff --git a/.github/workflows/add-guidelines.yml b/.github/workflows/add-guidelines.yml index 9ade4f6d2..44731881f 100644 --- a/.github/workflows/add-guidelines.yml +++ b/.github/workflows/add-guidelines.yml @@ -57,5 +57,5 @@ jobs: uses: mshick/add-pr-comment@v2 with: message-path: ${{ env.GUIDELINES_FILE }} - repo-token: ${{ secrets.PROTECTIONS_MACHINE_TOKEN }} + repo-token: ${{ secrets.GITHUB_TOKEN }} message-id: "guidelines-comment" diff --git a/.github/workflows/attack-coverage-update.yml b/.github/workflows/attack-coverage-update.yml index daf889952..13ca7e9e8 100644 --- a/.github/workflows/attack-coverage-update.yml +++ b/.github/workflows/attack-coverage-update.yml @@ -39,7 +39,7 @@ jobs: - name: Update navigator gist files and docs/ATT&CK-coverage.md file. env: - GITHUB_TOKEN: "${{ secrets.NAVIGATOR_GIST_TOKEN }}" + GITHUB_TOKEN: "${{ secrets.WRITE_TRADEBOT_GIST_TOKEN }}" run: | python -m detection_rules dev update-navigator-gists "${{ github.event.inputs.update-coverage }}" git add docs/"ATT\&CK-coverage.md" diff --git a/.github/workflows/backport.yml b/.github/workflows/backport.yml index 72dcfcd60..521a16d19 100644 --- a/.github/workflows/backport.yml +++ b/.github/workflows/backport.yml @@ -67,7 +67,7 @@ jobs: - name: Checkout repo uses: actions/checkout@v2 with: - token: ${{ secrets.PROTECTIONS_MACHINE_TOKEN }} + token: ${{ secrets.WRITE_DETECTION_RULES_PROTECTIONS_TOKEN }} ref: main fetch-depth: 100 @@ -161,6 +161,6 @@ jobs: - name: "Notify slack on failure" uses: craftech-io/slack-action@v1 with: - slack_webhook_url: ${{ secrets.SLACK_WEBHOOK_URL }} + slack_webhook_url: ${{ secrets.EXTERNAL_SLACK_DETECTION_RULES_URL }} status: failure if: failure() diff --git a/.github/workflows/branch-status-checks.yml b/.github/workflows/branch-status-checks.yml index 630dfe5e6..4c3490fe4 100644 --- a/.github/workflows/branch-status-checks.yml +++ b/.github/workflows/branch-status-checks.yml @@ -22,7 +22,7 @@ jobs: with: url: "https://api.github.com/repos/elastic/detection-rules/actions/workflows/pythonpackage.yml/runs?per_page=1&branch=${{matrix.target_branch}}" method: 'GET' - bearerToken: ${{ secrets.READ_ORG_TOKEN }} + bearerToken: ${{ secrets.READ_ELASTIC_DETECTION_RULES_ORG_TOKEN }} - name: Check Backport Status uses: actions/github-script@v6 diff --git a/.github/workflows/community.yml b/.github/workflows/community.yml index 83735dd66..5869e7fbb 100644 --- a/.github/workflows/community.yml +++ b/.github/workflows/community.yml @@ -15,7 +15,7 @@ jobs: uses: actions/github-script@v6 id: membership with: - github-token: ${{ secrets.READ_ORG_TOKEN }} + github-token: ${{ secrets.READ_ELASTIC_DETECTION_RULES_ORG_TOKEN }} result-encoding: string script: | diff --git a/.github/workflows/kibana-mitre-update.yml b/.github/workflows/kibana-mitre-update.yml index ab2366504..5d7b7fe64 100644 --- a/.github/workflows/kibana-mitre-update.yml +++ b/.github/workflows/kibana-mitre-update.yml @@ -2,7 +2,7 @@ name: Check MITRE ATT&CK Version Updates Are Synced on: pull_request: - types: + types: - opened paths: - 'detection_rules/etc/attack-v*.json.gz' @@ -18,8 +18,8 @@ jobs: id: changed-attack-files uses: tj-actions/changed-files@v44 with: - files: detection_rules/etc/attack-v*.json.gz - + files: detection_rules/etc/attack-v*.json.gz + - name: Extract version from file name id: extract_version if: steps.changed-attack-files.outputs.any_changed == 'true' @@ -33,9 +33,9 @@ jobs: run: | ISSUE_TITLE="[Security Solution] Update MITRE ATT&CK to ${{ steps.extract_version.outputs.version }}" ISSUE_BODY="The detection rules MITRE ATT&CK version has been updated to ${{ steps.extract_version.outputs.version }} Please update the MITRE ATT&CK version in Kibana accordingly." - + curl -X POST \ - -H "Authorization: token ${{ secrets.READ_WRITE_KIBANA_TOKEN }}" \ + -H "Authorization: token ${{ secrets.WRITE_KIBANA_DETECTION_RULES_TOKEN }}" \ -H "Accept: application/vnd.github.v3+json" \ https://api.github.com/repos/elastic/kibana/issues \ -d '{ @@ -44,4 +44,4 @@ jobs: }' env: - GITHUB_TOKEN: ${{ secrets.READ_WRITE_KIBANA_TOKEN }} + GITHUB_TOKEN: ${{ secrets.WRITE_KIBANA_DETECTION_RULES_TOKEN }} diff --git a/.github/workflows/manual-backport.yml b/.github/workflows/manual-backport.yml index 965c64aca..692625123 100644 --- a/.github/workflows/manual-backport.yml +++ b/.github/workflows/manual-backport.yml @@ -21,7 +21,7 @@ jobs: - name: Checkout detection-rules uses: actions/checkout@v3 with: - token: ${{ secrets.PROTECTIONS_MACHINE_TOKEN }} + token: ${{ secrets.WRITE_TRADEBOT_DETECTION_RULES_TOKEN }} fetch-depth: 0 - name: Set github config @@ -81,6 +81,6 @@ jobs: - name: "Notify slack on failure" uses: craftech-io/slack-action@v1 with: - slack_webhook_url: ${{ secrets.SLACK_WEBHOOK_URL }} + slack_webhook_url: ${{ secrets.READ_DETECTION_RULES_SLACK_WEBHOOK_TOKEN }} status: failure if: failure() diff --git a/.github/workflows/pythonpackage.yml b/.github/workflows/pythonpackage.yml index c46586f81..a48dbe2d4 100644 --- a/.github/workflows/pythonpackage.yml +++ b/.github/workflows/pythonpackage.yml @@ -15,11 +15,11 @@ jobs: - uses: actions/checkout@v4 with: fetch-depth: 1 - + - name: Fetch main branch run: | git fetch origin main:refs/remotes/origin/main - + - name: Set up Python 3.12 uses: actions/setup-python@v5 with: @@ -64,6 +64,6 @@ jobs: - name: Update navigator gist files env: - GITHUB_TOKEN: "${{ secrets.NAVIGATOR_GIST_TOKEN }}" + GITHUB_TOKEN: "${{ secrets.WRITE_TRADEBOT_DETECTION_RULES_TOKEN }}" if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} run: python -m detection_rules dev update-navigator-gists diff --git a/.github/workflows/release-docs.yml b/.github/workflows/release-docs.yml index 9f16212ad..fb5f9e35a 100644 --- a/.github/workflows/release-docs.yml +++ b/.github/workflows/release-docs.yml @@ -31,7 +31,7 @@ jobs: - name: Checkout elastic/security-docs uses: actions/checkout@v3 with: - token: ${{ secrets.READ_WRITE_RELEASE_FLEET }} + token: ${{ secrets.WRITE_INTEGRATIONS_DETECTION_RULES_TOKEN }} repository: "elastic/security-docs" path: security-docs fetch-depth: 0 @@ -79,7 +79,7 @@ jobs: - name: Create PR to elastic/security-docs env: - GITHUB_TOKEN: ${{ secrets.PROTECTIONS_MACHINE_TOKEN }} + GITHUB_TOKEN: ${{ secrets.WRITE_TRADEBOT_DETECTION_RULES_TOKEN }} POST_VERSION: "v${{ github.event.inputs.post_version }}" TARGET_BRANCH: "${{ github.event.inputs.target_branch }}" UPDATE_BRANCH: "update-security-docs-prebuilt-rules-${{github.event.inputs.post_version}}" diff --git a/.github/workflows/release-fleet.yml b/.github/workflows/release-fleet.yml index 83bdee697..5389cf809 100644 --- a/.github/workflows/release-fleet.yml +++ b/.github/workflows/release-fleet.yml @@ -68,7 +68,7 @@ jobs: - name: Checkout elastic/integrations uses: actions/checkout@v3 with: - token: ${{ secrets.READ_WRITE_RELEASE_FLEET }} + token: ${{ secrets.WRITE_INTEGRATIONS_DETECTION_RULES_TOKEN }} repository: ${{github.event.inputs.target_repo}} path: integrations fetch-depth: 0 @@ -119,8 +119,8 @@ jobs: - name: Set github config run: | - git config --global user.email "72879786+protectionsmachine@users.noreply.github.com" - git config --global user.name "protectionsmachine" + git config --global user.email "178941316+tradebot-elastic@users.noreply.github.com" + git config --global user.name "tradebot-elastic" - name: Setup go uses: actions/setup-go@v3 @@ -138,7 +138,7 @@ jobs: TARGET_REPO: "${{github.event.inputs.target_repo}}" TARGET_BRANCH: "${{github.event.inputs.target_branch}}" LOCAL_REPO: "../integrations" - GITHUB_TOKEN: "${{ secrets.READ_WRITE_RELEASE_FLEET }}" + GITHUB_TOKEN: "${{ secrets.WRITE_INTEGRATIONS_DETECTION_RULES_TOKEN }}" run: | cd detection-rules python -m detection_rules dev integrations-pr \ diff --git a/README.md b/README.md index 4aad23270..f03272a33 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ [![Supported Python versions](https://img.shields.io/badge/python-3.12+-yellow.svg)](https://www.python.org/downloads/) [![Unit Tests](https://github.com/elastic/detection-rules/workflows/Unit%20Tests/badge.svg)](https://github.com/elastic/detection-rules/actions) [![Chat](https://img.shields.io/badge/chat-%23security--detection--rules-blueviolet)](https://ela.st/slack) -[![ATT&CK navigator coverage](https://img.shields.io/badge/ATT&CK-Navigator-red.svg)](https://ela.st/detection-rules-navigator) +[![ATT&CK navigator coverage](https://img.shields.io/badge/ATT&CK-Navigator-red.svg)](https://ela.st/detection-rules-navigator-trade) # Detection Rules diff --git a/detection_rules/devtools.py b/detection_rules/devtools.py index 69377a884..94065f3ea 100644 --- a/detection_rules/devtools.py +++ b/detection_rules/devtools.py @@ -57,8 +57,8 @@ from .utils import dict_hash, get_etc_path, get_path, load_dump from .version_lock import VersionLockFile, loaded_version_lock GH_CONFIG = Path.home() / ".config" / "gh" / "hosts.yml" -NAVIGATOR_GIST_ID = '1a3f65224822a30a8228a8ed20289a89' -NAVIGATOR_URL = 'https://ela.st/detection-rules-navigator' +NAVIGATOR_GIST_ID = '0443cfb5016bed103f1940b2f336e45a' +NAVIGATOR_URL = 'https://ela.st/detection-rules-navigator-trade' NAVIGATOR_BADGE = ( f'[![ATT&CK navigator coverage](https://img.shields.io/badge/ATT&CK-Navigator-red.svg)]({NAVIGATOR_URL})' ) diff --git a/pyproject.toml b/pyproject.toml index fb6af21ac..3da5bef44 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [project] name = "detection_rules" -version = "0.3.12" +version = "0.3.13" description = "Detection Rules is the home for rules used by Elastic Security. This repository is used for the development, maintenance, testing, validation, and release of rules for Elastic Security’s Detection Engine." readme = "README.md" requires-python = ">=3.12"