Skip to content

Splunk TA Update

Splunk TA Update #126

name: Splunk TA Update
on:
workflow_dispatch: # Manually trigger the workflow
schedule:
- cron: '55 06 * * *' # Runs daily at midnight
jobs:
modify-code:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
ref: 'develop'
token: ${{ secrets.GH_PAT }} # Add this line to use the PAT for checkout
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: '3.10' # or the version your script requires
- uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: eu-central-1
- name: Install Dependencies using Poetry
run: |
pip3 install poetry
poetry install
poetry add GitPython
- name: Run Python Splunk TA checker
env:
SPLUNK_BASE_USERNAME: ${{ secrets.SPLUNK_BASE_USERNAME }}
SPLUNK_BASE_PASSWORD: ${{ secrets.SPLUNK_BASE_PASSWORD }}
run: |
poetry run python scripts/attack_range_ta_update.py
- name: Check for changes
id: changes
run: |
git fetch origin develop
if git diff --exit-code origin/develop -- configs/attack_range_default.yml; then
echo "No changes detected in configs/attack_range_default.yml compared to develop branch"
echo "changes_detected=false" >> $GITHUB_ENV
else
echo "Changes detected in configs/attack_range_default.yml compared to develop branch"
echo "changes_detected=true" >> $GITHUB_ENV
fi
- name: Create Pull Request
if: env.changes_detected == 'true'
uses: peter-evans/create-pull-request@v7
with:
token: ${{ secrets.GH_PAT }}
commit-message: Updated TAs
branch: auto-ta-update-${{ github.run_number }}
base: develop
title: Automated Splunk TA Update ${{ github.run_number }}
body: "This PR contains updates to Splunk TAs made by GitHub Actions workflow."