Skip to content

Workflow updates#4085

Closed
pyth0n1c wants to merge 17 commits into
escu_6from
escu_6_workflow_updates
Closed

Workflow updates#4085
pyth0n1c wants to merge 17 commits into
escu_6from
escu_6_workflow_updates

Conversation

@pyth0n1c
Copy link
Copy Markdown
Collaborator

@pyth0n1c pyth0n1c commented May 18, 2026
edited
Loading

Includes code snippets for generating new content.
To use them:

  1. Create a new yml file in the relevant directory. For instances, create detections/endpoint/new_detection.yml

  2. Open the file.

  3. Start typing detection. It will autopopulate with the snippet detection_escu6 and hit ENTER to autopopulate the file with the contents of the Snippet.

This works for all types of content, including detections, baselines, stories, macros,lookups, dashboards, and data_sources. It does not work with schedules as those are not a commonly created type of content.

This also includes workflow updates to build, inspect, and unit test content. There are issues with these workflows at this time:

  1. unit-testing.yml is failing at the moment because it relies on testing workflows being present in the target branch (for installing contentctl-ng, which they are not yet).
  2. Build fails because there are still a large number of pieces of content which require MANUAL REVIEW updates
  3. Appinspect fail for the same reason as above - build is failing.

pyth0n1c added 5 commits May 18, 2026 15:20
@pyth0n1c
commit initial code snippets
1b0455b 
for faster new content generation
@pyth0n1c
commit new workflows for testing
a139f9a
@pyth0n1c
Fix syntax issue with appinspect workflow
88497f8
@pyth0n1c
Split the build and install action into
b31f1d8 
two different actions, build and install
separately.  This gives us better control
and more reusability over them.
Update the unit-testing workflow
@pyth0n1c
stage the most recent release to
d071304 
run appinspect metadata
validation against
@pyth0n1c pyth0n1c changed the base branch from escu_6 to escu6_manual_review May 19, 2026 18:49
@pyth0n1c pyth0n1c changed the base branch from escu6_manual_review to port_playbooks May 20, 2026 15:49
Base automatically changed from port_playbooks to escu6_manual_review May 20, 2026 16:35
Base automatically changed from escu6_manual_review to escu_6 May 21, 2026 15:09
@ljstella ljstella mentioned this pull request May 21, 2026
Merged
@pyth0n1c
Copy link
Copy Markdown
Collaborator Author

pyth0n1c commented May 21, 2026

Closing this PR out, as we are taking a different approach for this update.

@pyth0n1c pyth0n1c closed this May 21, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@pyth0n1c @ljstella