sigma icon indicating copy to clipboard operation
sigma copied to clipboard

Published 20 hours ago verified publisher icon SigmaHQ

[WIP] Update validate script

Open mostafa opened this issue 4 months ago • 0 comments

Summary of the Pull Request

Based on the suggestion by @nasbench I updated the validation bash script to be portable across this project and the GitHub action I created:

  • https://github.com/SigmaHQ/sigma/discussions/4723
  • https://github.com/marketplace/actions/validate-sigma-rules
  • https://github.com/mostafa/validate-sigma-rules
  • https://github.com/mostafa/validate-sigma-rules-example

After merging this PR, I'll update the action to download the script before running it, so that the action is just a downloader for the script and the schema. The script behaves the same as before, as in it enumerates all the rules from all the directories that are now explicitly set in the environment variables instead of the script and validates whether they conform to the existing Sigma JSON schema or not.

Note: I can update the CI workflow to use the action instead. WDYT?

Changelog

update: Use latest version of validate script to pull it for the action update: Update CI workflow to include paths

Example Log Event

N/A

Fixed Issues

N/A

SigmaHQ Rule Creation Conventions

  • If your PR adds new rules, please consider following and applying these conventions

mostafa avatar Feb 16 '24 16:02 mostafa