elastic-renovate-prod[bot]
44 lines
1.7 KiB
YAML
44 lines
1.7 KiB
YAML
name: Check MITRE ATT&CK Version Updates Are Synced
|
|
|
|
on:
|
|
pull_request:
|
|
types:
|
|
- opened
|
|
paths:
|
|
- 'detection_rules/etc/attack-v*.json.gz'
|
|
|
|
jobs:
|
|
create_issue:
|
|
runs-on: ubuntu-latest
|
|
env:
|
|
KIBANA_ISSUE_NUMBER: 166152 # Define the Kibana issue number as a variable
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
|
|
|
|
- name: Get MITRE Attack changed files
|
|
id: changed-attack-files
|
|
uses: tj-actions/changed-files@ed68ef82c095e0d48ec87eccea555d944a631a4c # v46.0.5
|
|
with:
|
|
files: detection_rules/etc/attack-v*.json.gz
|
|
|
|
- name: Extract version from file name
|
|
id: extract_version
|
|
if: steps.changed-attack-files.outputs.any_changed == 'true'
|
|
env:
|
|
ADDED_FILE: ${{ steps.changed-attack-files.outputs.added_files }}
|
|
run: |
|
|
VERSION=$(echo $ADDED_FILE[0] | grep -o 'v[^json]*')
|
|
echo "::set-output name=version::$VERSION"
|
|
|
|
- name: Add Kibana Issue Comment
|
|
run: |
|
|
echo "Adding comment to Kibana issue #${KIBANA_ISSUE_NUMBER}"
|
|
curl -L \
|
|
-X POST \
|
|
-H "Accept: application/vnd.github.v3+json" \
|
|
-H "Authorization: token ${{ secrets.WRITE_KIBANA_DETECTION_RULES_TOKEN }}" \
|
|
https://api.github.com/repos/elastic/kibana/issues/${KIBANA_ISSUE_NUMBER}/comments \
|
|
-d '{"body":"The detection rules MITRE ATT&CK version has been updated to ${{ steps.extract_version.outputs.version }} Please help in scheduling the MITRE ATT&CK version upgrade in Kibana accordingly @banderror @approksiu. cc @elastic/threat-research-and-detection-engineering"}'
|
|
exit $?
|