From 1108a1e60474bca57f165b3eb63a09f1ef804878 Mon Sep 17 00:00:00 2001 From: Eric Forte Date: Thu, 11 Sep 2025 17:47:26 +0000 Subject: [PATCH 1/2] Bootstrap repository --- .buildkite/default-pipeline.yml | 14 +++++++++++++ .buildkite/diff | 20 +++++++++++++++++++ .buildkite/pipeline.yml | 35 ++++++++++++++++++++++----------- catalog-info.yaml | 2 +- renovate.json | 6 ++++++ 5 files changed, 65 insertions(+), 12 deletions(-) create mode 100644 .buildkite/default-pipeline.yml create mode 100755 .buildkite/diff create mode 100644 renovate.json diff --git a/.buildkite/default-pipeline.yml b/.buildkite/default-pipeline.yml new file mode 100644 index 0000000..477c433 --- /dev/null +++ b/.buildkite/default-pipeline.yml @@ -0,0 +1,14 @@ +--- +# $yaml-language-server: $schema=https://raw.githubusercontent.com/buildkite/pipeline-schema/main/schema.json +steps: + - label: "Build" + command: "true" + + - label: "Test" + command: "true" + + - label: "Deploy" + command: "true" + + - label: "Publish" + command: "true" diff --git a/.buildkite/diff b/.buildkite/diff new file mode 100755 index 0000000..7384b2e --- /dev/null +++ b/.buildkite/diff @@ -0,0 +1,20 @@ +#!/bin/bash +# Produces a list of changed files between two commits (works for merges and +# regular commits). +# Used in conjunction with the monorepo-diff-buildkite-plugin to determine +# which pipelines to upload/trigger based on the files changed. + +[ $# -lt 1 ] && { echo "argument is missing."; exit 1; } + +COMMIT=$1 + +HEAD_BRANCH=$(git remote show origin | awk '/HEAD branch/ {print $NF}') +BRANCH_POINT_COMMIT=$(git merge-base "$HEAD_BRANCH" "$COMMIT") + +if [ "$BUILDKITE_BRANCH" == "$HEAD_BRANCH" ]; then + echo "diff between $COMMIT and HEAD~1" + git diff --raw HEAD~1 | awk '{print $6; if($7) {print $7}}' +else + echo "diff between $COMMIT and $BRANCH_POINT_COMMIT" + git diff --raw "$COMMIT".."$BRANCH_POINT_COMMIT" | awk '{print $6; if($7) {print $7}}' +fi diff --git a/.buildkite/pipeline.yml b/.buildkite/pipeline.yml index 477c433..d111410 100644 --- a/.buildkite/pipeline.yml +++ b/.buildkite/pipeline.yml @@ -1,14 +1,27 @@ --- # $yaml-language-server: $schema=https://raw.githubusercontent.com/buildkite/pipeline-schema/main/schema.json steps: - - label: "Build" - command: "true" - - - label: "Test" - command: "true" - - - label: "Deploy" - command: "true" - - - label: "Publish" - command: "true" + - label: "Triggering pipelines" + plugins: + monorepo-diff#v1.5.1: + diff: ".buildkite/diff ${BUILDKITE_COMMIT}" + wait: true + watch: + # if our Renovate configuration is amended, then make sure we have well-formed config + # for more info, see https://docs.elastic.dev/plat-prod-team/service-catalogue/renovate/testing-renovate-changes + - path: "renovate.json" + config: + label: "Verify Renovate configuration" + command: "renovate-config-validator" + agents: + image: "docker.elastic.co/ci-agent-images/pipelib:0.18.0@sha256:bbc09a43a69177c244ed0c5436c35f5788c228e74ea56f7bd895eb6218243910" + # if our catalog-info.yaml is changed, make sure it's well-formed according to our internal standards as well as Backstage's validation + - path: "catalog-info.yaml" + config: + command: "/agent/check-catalog-info.sh" + agents: + image: "docker.elastic.co/ci-agent-images/pipelib:0.18.0@sha256:bbc09a43a69177c244ed0c5436c35f5788c228e74ea56f7bd895eb6218243910" + - default: + config: + label: ":pipeline: Upload default Pipeline" + command: "buildkite-agent pipeline upload .buildkite/default-pipeline.yml" diff --git a/catalog-info.yaml b/catalog-info.yaml index 28f341a..3b09b7f 100644 --- a/catalog-info.yaml +++ b/catalog-info.yaml @@ -19,7 +19,7 @@ spec: kind: Pipeline metadata: name: DaC-Reference - description: Detections as Code Reference + description: spec: repository: elastic/DaC-Reference pipeline_file: ".buildkite/pipeline.yml" diff --git a/renovate.json b/renovate.json new file mode 100644 index 0000000..591ec64 --- /dev/null +++ b/renovate.json @@ -0,0 +1,6 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "extends": [ + "local>elastic/renovate-config" + ] +} From a31cba819d08df79138adfac345fd7b5fae3eec1 Mon Sep 17 00:00:00 2001 From: eric-forte-elastic Date: Thu, 11 Sep 2025 13:55:53 -0400 Subject: [PATCH 2/2] Update catalog info --- .buildkite/default-pipeline.yml | 14 -------------- .buildkite/diff | 20 -------------------- .buildkite/pipeline.yml | 27 --------------------------- catalog-info.yaml | 33 ++++++++++++--------------------- 4 files changed, 12 insertions(+), 82 deletions(-) delete mode 100644 .buildkite/default-pipeline.yml delete mode 100755 .buildkite/diff delete mode 100644 .buildkite/pipeline.yml diff --git a/.buildkite/default-pipeline.yml b/.buildkite/default-pipeline.yml deleted file mode 100644 index 477c433..0000000 --- a/.buildkite/default-pipeline.yml +++ /dev/null @@ -1,14 +0,0 @@ ---- -# $yaml-language-server: $schema=https://raw.githubusercontent.com/buildkite/pipeline-schema/main/schema.json -steps: - - label: "Build" - command: "true" - - - label: "Test" - command: "true" - - - label: "Deploy" - command: "true" - - - label: "Publish" - command: "true" diff --git a/.buildkite/diff b/.buildkite/diff deleted file mode 100755 index 7384b2e..0000000 --- a/.buildkite/diff +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash -# Produces a list of changed files between two commits (works for merges and -# regular commits). -# Used in conjunction with the monorepo-diff-buildkite-plugin to determine -# which pipelines to upload/trigger based on the files changed. - -[ $# -lt 1 ] && { echo "argument is missing."; exit 1; } - -COMMIT=$1 - -HEAD_BRANCH=$(git remote show origin | awk '/HEAD branch/ {print $NF}') -BRANCH_POINT_COMMIT=$(git merge-base "$HEAD_BRANCH" "$COMMIT") - -if [ "$BUILDKITE_BRANCH" == "$HEAD_BRANCH" ]; then - echo "diff between $COMMIT and HEAD~1" - git diff --raw HEAD~1 | awk '{print $6; if($7) {print $7}}' -else - echo "diff between $COMMIT and $BRANCH_POINT_COMMIT" - git diff --raw "$COMMIT".."$BRANCH_POINT_COMMIT" | awk '{print $6; if($7) {print $7}}' -fi diff --git a/.buildkite/pipeline.yml b/.buildkite/pipeline.yml deleted file mode 100644 index d111410..0000000 --- a/.buildkite/pipeline.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -# $yaml-language-server: $schema=https://raw.githubusercontent.com/buildkite/pipeline-schema/main/schema.json -steps: - - label: "Triggering pipelines" - plugins: - monorepo-diff#v1.5.1: - diff: ".buildkite/diff ${BUILDKITE_COMMIT}" - wait: true - watch: - # if our Renovate configuration is amended, then make sure we have well-formed config - # for more info, see https://docs.elastic.dev/plat-prod-team/service-catalogue/renovate/testing-renovate-changes - - path: "renovate.json" - config: - label: "Verify Renovate configuration" - command: "renovate-config-validator" - agents: - image: "docker.elastic.co/ci-agent-images/pipelib:0.18.0@sha256:bbc09a43a69177c244ed0c5436c35f5788c228e74ea56f7bd895eb6218243910" - # if our catalog-info.yaml is changed, make sure it's well-formed according to our internal standards as well as Backstage's validation - - path: "catalog-info.yaml" - config: - command: "/agent/check-catalog-info.sh" - agents: - image: "docker.elastic.co/ci-agent-images/pipelib:0.18.0@sha256:bbc09a43a69177c244ed0c5436c35f5788c228e74ea56f7bd895eb6218243910" - - default: - config: - label: ":pipeline: Upload default Pipeline" - command: "buildkite-agent pipeline upload .buildkite/default-pipeline.yml" diff --git a/catalog-info.yaml b/catalog-info.yaml index 3b09b7f..950eee4 100644 --- a/catalog-info.yaml +++ b/catalog-info.yaml @@ -1,30 +1,21 @@ -# Declare your Buildkite pipelines below +# Declare a Backstage Component that represents your application. --- -# yaml-language-server: $schema=https://gist.githubusercontent.com/elasticmachine/988b80dae436cafea07d9a4a460a011d/raw/rre.schema.json +# yaml-language-server: $schema=https://json.schemastore.org/catalog-info.json apiVersion: backstage.io/v1alpha1 -kind: Resource +kind: Component metadata: - name: buildkite-pipeline-DaC-Reference - description: Buildkite Pipeline for DaC-Reference + name: DaC-Reference + description: DaC Repo to store the reference documentation and detection-rules management with Elastic rules links: - title: Pipeline url: https://buildkite.com/elastic/DaC-Reference + annotations: + backstage.io/source-location: "url:https://github.com/elastic/DaC-Reference/" + github.com/project-slug: "elastic/DaC-Reference" + github.com/team-slug: "elastic/threat-research-and-detection-engineering" + buildkite.com/project-slug: "elastic/DaC-Reference" spec: - type: buildkite-pipeline + type: service owner: group:threat-research-and-detection-engineering - system: buildkite - implementation: - apiVersion: buildkite.elastic.dev/v1 - kind: Pipeline - metadata: - name: DaC-Reference - description: - spec: - repository: elastic/DaC-Reference - pipeline_file: ".buildkite/pipeline.yml" - teams: - threat-research-and-detection-engineering: - access_level: MANAGE_BUILD_AND_READ - everyone: - access_level: READ_ONLY + lifecycle: production