Skip to content

Improve lookup regex - Step 1 - ESCU 5.0 #2279

Improve lookup regex - Step 1 - ESCU 5.0

Improve lookup regex - Step 1 - ESCU 5.0 #2279

Workflow file for this run

name: testEndToEnd
on:
pull_request:
types: [opened, reopened, synchronize]
schedule:
- cron: "44 4 * * *"
jobs:
testEverything:
strategy:
fail-fast: false
matrix:
python_version: ["3.11", "3.12", "3.13"]
operating_system: ["ubuntu-24.04", "macos-15", "windows-2022"]
#operating_system: ["ubuntu-20.04", "ubuntu-22.04", "macos-latest"]
runs-on: ${{ matrix.operating_system }}
steps:
#- name: Install Docker for macOS
# run: |
# brew install docker
# # import magic fails on macos runner
# brew install libmagic colima
# colima start
# # Mapping below is required to get the Python docker library working
# sudo ln -sf $HOME/.colima/default/docker.sock /var/run/docker.sock
# if: matrix.operating_system == 'macos-latest'
#Checkout the current branch
- name: Checkout repo
uses: actions/checkout@v4
#Install the given version of Python we will test against
- name: Install Required Python Version
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python_version }}
architecture: "x64"
- name: Install Poetry
run:
python -m pip install poetry
- name: Install contentctl and activate the shell
run: |
poetry install --no-interaction
mkdir my_splunk_content_pack
- name: Run contentctl init
run: |
cd my_splunk_content_pack
poetry run contentctl init
- name: Clone the AtomicRedTeam Repo
run: |
cd my_splunk_content_pack
git clone --depth 1 https://github.com/redcanaryco/atomic-red-team
- name: Run contentctl validate
run: |
cd my_splunk_content_pack
poetry run contentctl validate
- name: Run contentctl build
run: |
cd my_splunk_content_pack
poetry run contentctl build
#Do not pause on a failed detection
- name: Run contentctl test
if: startsWith(matrix.operating_system, 'ubuntu')
run: |
cd my_splunk_content_pack
poetry run contentctl test --disable-tqdm --post-test-behavior never_pause
- uses: actions/upload-artifact@v4
with:
name: content_pack_${{ matrix.python_version }}_${{ matrix.operating_system }}
path: |
my_splunk_content_pack/dist/my_splunk_content_pack.tar.gz
my_splunk_content_pack/test_results/summary.yml