Skip to content

Bring together the latest improvements #58

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 44 commits into from
Oct 9, 2023
Merged

Bring together the latest improvements #58

merged 44 commits into from
Oct 9, 2023

Conversation

P4T12ICK
Copy link
Contributor

Bring together the latest improvements into one branch
#57
#34

pyth0n1c and others added 30 commits July 28, 2023 13:29
@pyth0n1c
Create an Observable type instead
b81582a 
of having it be a dictionary.  This allows
for better validation and is more
Pythonic.  Also, validate that
only valid observables are used in
the message field of a detection and that
every observable declared is used in
the message field.
@pyth0n1c
Improve validation to check
db06257 
search as well for the
notables that we have called out.
A more thorough check will also
be done after the search runs
in contentctl test, but this static
check will likely catch most
simple issues.
@pyth0n1c
More enhancements to catch
7b3b5da 
when fields are missing after
running a search with real
data on a splunk instance.
This helps determine to
and even higher degree
if notables were declared
correctly and gives a high
degree of certainty that they
will be generated correctly
in ES.
@pyth0n1c
Fixing template detection which was
ea5c86f 
missing a notable field in the
underlying search
@pyth0n1c
Fix testEndToEndWorkflow
9e591a3 
by removing un-needed
libraries
@pyth0n1c
Fix and update poetry.lock
dc9fa25 
file
@pyth0n1c
Fix bug where lookup folder was not generated properly in app.
081fd7a
@pyth0n1c
Do not require validation between observable
3838937 
and message fields - these should be allowed
to be independent.  Still require that all
fields called out in the message or in the
observable are present in the search. This
commit adds in the static checks.
@pyth0n1c
Significantly improved validation
816f4f7 
for macros and lookups.  Now, if we
do not find a macro or a lookup
instead of just ignoring it we will
throw an error.
@pyth0n1c
Progress on implementing --mode changes
174a0c3
@pyth0n1c
Better support for getting modified content
06dd1a4
@pyth0n1c
Proper support for contentctl test checking
1c3a8a8 
detections which have been affected by updated
macros and/or lookups, to include lookup CSV
and/or YML files.
@pyth0n1c
Improve error message
c11bf16 
by removing quotes.
@pyth0n1c
Huge number of overhauls and updates in
e0d3b23 
a number of areas centered around the
contentctl_test.yml configuration file
and underlying object.  This will support
better for testing against multiple
targets.
@pyth0n1c
Fixes to incorrect fields called for objects
8bf2d47
@pyth0n1c
Clean up container when done.
29c1848 
Don't override default test options
unless CLI arguments are actually
passed.
@pyth0n1c
Fix typo in variable name
79b7fbd
@pyth0n1c
Fix missing sid when there is an error.
32bb047
Improve build command
5008a5c
contentctl config files
ecebb0e
@pyth0n1c
Better support for the --num_containers command line argument. Initia…
2ef4d89 
…l support for passing the address and credentials of servers on the command line.
@pyth0n1c
Should now accept command line
b770bb5 
or environment variable environments!
contentctl config files
9dc343c
@pyth0n1c
Fix so that notable validation
dba2ad8 
WORKS, but only produces
a warning message. It
is presently disabled due to
a large amount of nonconformant
content.
@pyth0n1c
Throw errors during build
90717ee 
process when an appinspect
throws any kind of
errors/warnings/failures/
manual checks.  All of these
can prevent automatic approval
in Splunkbase or deployment of
an app.
Updated .gitignore
aeb2841
Updated test parser
451c114
Updated test parser
21568f1
Merge branch 'improve_notable_validation' into merge_changes
5421566
merged multiple branches
f6d6541
Patrick and others added 14 commits September 15, 2023 10:38
merged branches
fe69f2d
@pyth0n1c
Make sure that testing with
11b434a 
mode all does not require a
git repo for testing. Make sure
that when ES is installed, the
proper roles are created.
improve report command
d23fed5
Merge branch 'merge_changes' of github.com:splunk/contentctl into mer…
d82df79 
…ge_changes
@pyth0n1c
Remove dependency on
b8648be 
version_control_config for testing
using --mode selected.
@pyth0n1c
Minor patch to flush stdout.
8ec13ab 
This helps track progress in
CI/CD testing.
@pyth0n1c
Support for skipping experimental
926c4c0 
and deprecated detections
Add convert command
8e7f646
improvments
ef75c23
improvements
be13985
improvements
8200682
added sonarqube
84dc835
remove sonarqube
b4914ba
@pyth0n1c
Improvements to make sure diffing changes
00f9219 
for non default branch works.
pyth0n1c
pyth0n1c approved these changes Oct 9, 2023
View reviewed changes
Copy link
Contributor

@pyth0n1c pyth0n1c left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There have been a huge number of changes that have been tested extensively with lots of internal feedback. Let's merge all these changes - we may need some additional PRs for cleanup.

@pyth0n1c pyth0n1c merged commit 5752f49 into main Oct 9, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pyth0n1c pyth0n1c pyth0n1c approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@P4T12ICK @pyth0n1c