* Drop Rule Support for Outdated Stack Versions Less Than 8.3
* changed version lock key assignment logic and updated version lock file
* added comment to stack-schema-map file
* changed version lock key assignment logic to use custom Version method)
* Update detection_rules/devtools.py
Co-authored-by: Mika Ayenson <Mikaayenson@users.noreply.github.com>
* reverting version lock file to original
* updated version lock from adjusted comparison logic of stack versions
* updated logic in devtools; removed < 8.3.0 in version lock file
* trimmed lock version before merge
---------
Co-authored-by: Mika Ayenson <Mikaayenson@users.noreply.github.com>
* updated version_lock to remove type restriction
* addressing flake errors
* reverting version lock and testing rule
* reverting spaces in testing rule
* adding solution for historical rules in release package
* addressing flake errors
* format changes
* REVERT CHANGES - testing release-fleet workflow
* REVERTING CHANGES
* added historical flag for packaging to account for older branches
* addressing flake errors
* updated build for CI
* REMOVE: This is temporary to run a workflow from this branch
* updates to address requirements for contents
* reverting packages.yml
* Update detection_rules/integrations.py
Co-authored-by: Mika Ayenson <Mikaayenson@users.noreply.github.com>
* Update detection_rules/integrations.py
Co-authored-by: Mika Ayenson <Mikaayenson@users.noreply.github.com>
* addressed feedback and added click echo comments
* addressed flake errors and added some comments
---------
Co-authored-by: Mika Ayenson <Mikaayenson@users.noreply.github.com>
* Updated for AND logic
* Added case for no package_intregrations
* Fixed linting
* Added unit test for new functionality
* Fixed linting
* Added valid query tests
* Add unit test for event.dataset
* Switched type calls to isinstance calls
* Removed unused stack validation call
* Added additional error type
* Fixed linting
* Cleaned up error handling
* fixed linting
* Added proper type hints
* Fixed typo in Unions
* Updated unit test with additional test cases
* Updated test_invalid_queries unit test
* Fixed linting
* Added kql to unit tests
* Updated tests
* Fixed error handling
* Fixed style issues
* updating integration manifests and schemas
---------
Co-authored-by: terrancedejesus <terrance.dejesus@elastic.co>
Co-authored-by: Terrance DeJesus <99630311+terrancedejesus@users.noreply.github.com>
* initial changes to release fleet workflow and CLI
* changed the default value of package version for 8.8
* changed how true/false is passed into CLI command
* reverted changes to packages.yml
* adding new rule 'Google Workspace New OAuth Login from Custom Application'
* changed name and 'custom' to 'third-party'
* Update rules/integrations/google_workspace/defense_evasion_google_workspace_new_oauth_login_from_third_party_application.toml
* Update rules/integrations/google_workspace/defense_evasion_google_workspace_new_oauth_login_from_third_party_application.toml
* updated non-ecs
* add promotion to rulemeta schema class and updated promotion rules
* add promotion to rulemeta schema class and updated promotion rules
* adjusted test_integration_tag and okta rule missing dataset
* fixed flake errors
* updated manifests and schemas to include cloud defend
* testing order of operations in workflow
* reverted testing order; adjusting secrets token
* adjusting secrets token
* changing checkout to v3
* removed token for testing workflow
* changed repo reference
* changing secret token
* reverting token changes
* removing master reference
* adjusted elastic-package installation
* changed path of integrations during install
* added integrations fetch run commands
* changed target branch to main, setup latest go
* changed token back to protections machine
* trying different secret for integrations PR creation
* created testing token for permission errors
* adjusted 'bump-pkg-versions' so minors are bumped if no previous pkg
* added bumping package versions as a step
* updated actions/upload-artifact to v3
* removed inaccurate comments; removed release-kibana workflow
* adjusted sequence of steps to bump packge version before build
* added a bump to major if it does not match packages.yml
* Locked versions for releases: 7.16,8.0,8.1,8.2,8.3,8.4,8.5,8.6,8.7
* newline in version lock file to start CI
* removed newline in version lock file
---------
Co-authored-by: terrancedejesus <terrancedejesus@users.noreply.github.com>
Co-authored-by: terrancedejesus <terrance.dejesus@elastic.co>
* adding preparations for 8.8 release
* addressed flake single new line error
* froze and updated API schemas
* updated get_intregration_manifests
* adjusted boolean in find_latest_integration_version
* removed custom semver and replaced with pypi
* updated beats.py version references
* updated bump-versions CLI command to use semver and change logic
* updated schemas __init__, test_version_lock and unstage incompatible rules CLI
* updated test_stack_schema_map in TestVersions unittest
* updated test_all_rules unit testing Version() references
* updated stack_compat.py for get_restricted_field references)
* updated version_lock.py Version() references
* updated docs.py Version() reference for parse_registry
* updated devtools.py Version() reference for trim-version-lock
* updated mixins.py Version() reference in validate_field_compatibility
* adjusted schemas.__init__ Version() reference in get_stack_schemas
* adjusted ecs.py Version() references
* adjusted integrations.py Version() references
* adjusted rule.py Version() references
* sorted imports
* replaced custom semver with pypi semver in unit test files
* addressed unit test and flake errors
* changed semver strings casted to version_lock.py
* fixed sorting in integrations.py
* updated bump-pkgs-versions CLI command
* adjusted semantic version in unstage-incompatible-rules command
* adjusted semver import to VersionInfo
* added semver 3 and adjusted import names
* added option_minor_and_patch parameter where version is major.minor
* updated bump-pkg-versions to always save to packages.yml
* removed leftover split call & updated find latest compatible version command
* updated integrations.py, version_lock.py and schemas.__init__.py
* changed fstring reference in downgrade function
* reverted formatting changes for detection_rules __init__.py
* added newline to detection_rules __init__.py
* adjusted finding latest_release for attack package logic
* adjusted unstage-incompatible-rules command logic comparing versions
* removing changes from misc.py related to auto-formatting
* adding newline to misc.py
* fixed bug in downgrade function calling decorators
* added semantic version validation on migrate decorator function
* added expected type returned from find_latest_integration_version in integrations.py
* add comment about stripped versions for version lock file
Co-authored-by: Mika Ayenson <Mikaayenson@users.noreply.github.com>
---------
Co-authored-by: Mika Ayenson <Mikaayenson@users.noreply.github.com>
eric-forte-elastic