-
Notifications
You must be signed in to change notification settings - Fork 23
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feature: Adding version enforcement #280
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Feel free to close out any comments as resolved if you feel that's appropriate.
If you agree that suggestions should be future enhancements, then let me know and I will create the issue(s).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Most of the comments are resolved, but still one or two more open.
I think these will be a very small change.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We had some extended discussions in the comments, but I wanted to add the functional testing I performed on this build. I have tested the following which worked as anticipated:
- Checking for changes with the newest version of security_content against the latest version of ESCU in Splunkbase. All anticipated changes were found.
- Check for changes against two local builds of security_content. The first with security_content exactly as it appears in main and the second with the following changes:
a. No changes.
b. One detection updated
c. several detections updated
d. The name/filename of a detection changes (this gives a different error, as it should)
e. Detection has the same name, but a different UUID. This also gives a different error, as it should.
f. Detection removed from newer version of a package. This also throws an error as it should. - Created a NEW app using contentctl init with some content. Built it, then made some changes (as you see above) and re-inspected. It picked up all changes between this new local app and the older local app correctly as well.
Great job by @cmcginley-splunk , I approve. Thank you!
Context
Code changes
SplunkApp
extended to be able to download an app directly from Splunkbaseinspect
action extended to perform checks against a current build's detections against a prior build's detectionsprevious_build
config option; if unspecified, latest release from Splunkbase is downloaded to use for detection comparison as previous buildDetectionStanza
class added to model an individual stanza representing a detection insavedsearches.conf
SavedsearchesConf
class added to model and parse asavedsearches.conf
fileTesting
TODO
security_content
addingdownloads/
to.gitignore
and adding--enable-metadata-validation
to CLI invocation ORcontentctl.yml
in CI/CDsecurity_content
addingdownloads/
to.gitignore
and adding--enable-metadata-validation
to CLI invocation ORcontentctl.yml
in CI/CD