Skip to content

Add test that newly introduced build-time fields for a min_stack for … #2262

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Aug 26, 2022
Merged

Add test that newly introduced build-time fields for a min_stack for … #2262

merged 4 commits into from
Aug 26, 2022

Conversation

@brokensound77
Copy link
Contributor

@brokensound77 brokensound77 commented Aug 24, 2022

Issues

related to #2251

Summary

Build-time fields create changes to rule hashes without being accounted for explicitly within the version lock (essentially creating a "soft" lock). This is problematic because it creates a buggy situation where non-latest rules version bump every time due to the delta hash resulting from the differences from the build time fields. To address this, build time field introduction requires that all fields.

This adds a test to enforce that on any defined build time rule

@botelastic botelastic bot added the python Internal python for the repository label Aug 24, 2022
@Mikaayenson Mikaayenson linked an issue Aug 24, 2022 that may be closed by this pull request
[Bug] Pre-Built Detection Rules Package Versioning #2251
Closed
5 tasks
Mikaayenson
Mikaayenson approved these changes Aug 24, 2022
View reviewed changes
Copy link
Contributor

@Mikaayenson Mikaayenson left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Small suggestion

  • Account for new rules that don't add min_stack_version in toml

terrancedejesus
terrancedejesus reviewed Aug 24, 2022
View reviewed changes
tests/test_all_rules.py
invalids = []

for rule in self.production_rules:
min_stack = rule.contents.metadata.min_stack_version
Copy link
Contributor

@terrancedejesus terrancedejesus Aug 24, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Will we never use soft-forking then, only hard-forking from the metadata field??

Copy link
Contributor Author

@brokensound77 brokensound77 Aug 25, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

based on our last discussions, I don't think it is supportable (or advisable)

@terrancedejesus terrancedejesus mentioned this pull request Aug 24, 2022
Closed
5 tasks
@brokensound77
Copy link
Contributor Author

brokensound77 commented Aug 26, 2022

I realized this would fail when backported to <8.3 branches and in general for branches <= build enforcement, so I added a constraint to check the current version for each build field in b2bec63

@brokensound77 brokensound77 merged commit d37eac8 into elastic:main Aug 26, 2022
protectionsmachine pushed a commit that referenced this pull request Aug 26, 2022
@brokensound77 @github-actions
Add test that newly introduced build-time fields for a min_stack for … (
fff6b51 
#2262)

* add test that newly introduced build-time fields for a min_stack for applicable rules.

* account for rules without min_stack_version

* limit test to >= stack ver

(cherry picked from commit d37eac8)
protectionsmachine pushed a commit that referenced this pull request Aug 26, 2022
@brokensound77 @github-actions
Add test that newly introduced build-time fields for a min_stack for … (
c2284a3 
#2262)

* add test that newly introduced build-time fields for a min_stack for applicable rules.

* account for rules without min_stack_version

* limit test to >= stack ver

(cherry picked from commit d37eac8)
protectionsmachine pushed a commit that referenced this pull request Aug 26, 2022
@brokensound77 @github-actions
Add test that newly introduced build-time fields for a min_stack for … (
2738fb4 
#2262)

* add test that newly introduced build-time fields for a min_stack for applicable rules.

* account for rules without min_stack_version

* limit test to >= stack ver

(cherry picked from commit d37eac8)
protectionsmachine pushed a commit that referenced this pull request Aug 26, 2022
@brokensound77 @github-actions
Add test that newly introduced build-time fields for a min_stack for … (
ab6129c 
#2262)

* add test that newly introduced build-time fields for a min_stack for applicable rules.

* account for rules without min_stack_version

* limit test to >= stack ver

(cherry picked from commit d37eac8)
protectionsmachine pushed a commit that referenced this pull request Aug 26, 2022
@brokensound77 @github-actions
Add test that newly introduced build-time fields for a min_stack for … (
ea338d3 
#2262)

* add test that newly introduced build-time fields for a min_stack for applicable rules.

* account for rules without min_stack_version

* limit test to >= stack ver

(cherry picked from commit d37eac8)
protectionsmachine pushed a commit that referenced this pull request Aug 26, 2022
@brokensound77 @github-actions
Add test that newly introduced build-time fields for a min_stack for … (
26c543c 
#2262)

* add test that newly introduced build-time fields for a min_stack for applicable rules.

* account for rules without min_stack_version

* limit test to >= stack ver

(cherry picked from commit d37eac8)
@shashank-elastic shashank-elastic mentioned this pull request May 21, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@terrancedejesus terrancedejesus terrancedejesus approved these changes

@Mikaayenson Mikaayenson Mikaayenson approved these changes

Assignees

No one assigned

Labels

backport: auto python Internal python for the repository

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[Bug] Pre-Built Detection Rules Package Versioning

3 participants

@brokensound77 @Mikaayenson @terrancedejesus