name: attack-coverage-update on: workflow_dispatch: inputs: update-coverage: description: 'Update the docs-dev/ATT&CK-coverage.md file' required: true default: '--update-coverage' jobs: pr: runs-on: ubuntu-latest steps: - name: Checkout detection-rules uses: actions/checkout@v4 with: fetch-depth: 0 - name: Set up Python 3.12 uses: actions/setup-python@v5 with: python-version: '3.12' - name: Install dependencies run: | python -m pip install --upgrade pip pip cache purge pip install .[dev] - name: Build release package with navigator files run: | python -m detection_rules dev build-release --generate-navigator - name: Set github config run: | git config --global user.email "72879786+protectionsmachine@users.noreply.github.com" git config --global user.name "protectionsmachine" - name: Update navigator gist files and docs-dev/ATT&CK-coverage.md file. env: GITHUB_TOKEN: "${{ secrets.WRITE_TRADEBOT_GIST_TOKEN }}" run: | python -m detection_rules dev update-navigator-gists "${{ github.event.inputs.update-coverage }}" git add docs-dev/"ATT\&CK-coverage.md" - name: Create Pull Request uses: peter-evans/create-pull-request@6cd32fd93684475c31847837f87bb135d40a2b79 # v7.0.3 with: assignees: '${{github.actor}}' delete-branch: true branch: "update-attack-coverage" commit-message: "Update ATT&CK coverage URL(s) in docs-dev/ATT&CK-coverage.md" branch-suffix: "short-commit-hash" base: main title: 'Update ATT&CK coverage URL(s) in docs-dev/ATT&CK-coverage.md' body: | Update ATT&CK coverage URL(s) in docs-dev/ATT&CK-coverage.md - Autogenerated from job `attack-coverage-update: pr`. labels: "backport: auto" - name: Archive production artifacts uses: actions/upload-artifact@v4 with: name: release-files path: | releases