Merge pull request #2004 from splunk/develop

BRING MAIN UP TO DATE

.github/auto_assign.yml

@@ -7,7 +7,8 @@ addAssignees: false
 # A list of reviewers to be added to pull requests (GitHub user name)
 reviewers:
   - d1vious
-  - rvaldez617
+  - mhaggis
+  - rosplk
   - patel-bhavin
   - P4T12ICK
 
@@ -17,18 +18,19 @@ numberOfReviewers: 1
 
 assignees:
   - d1vious
-  - rvaldez617
+  - mhaggis
   - patel-bhavin
-  - rsfl
-  - jcbrewer5D6400
-  - philroyer-phantom
+  - rosplk
+  - P4T12ICK
 
 # A number of assignees to add to the pull request
 # Set to 0 to add all of the assignees.
 # Uses numberOfReviewers if unset.
 numberOfAssignees: 1
 
 # A list of keywords to be skipped the process that add reviewers if pull requests include it
-# skipKeywords:
-#   - wip
+skipKeywords:
+  - wip
+  - dependabot
+  - dependencies
 #

.github/dependabot.yml

@@ -0,0 +1,7 @@
+version: 2
+updates:
+- package-ecosystem: pip
+  directory: "/"
+  schedule:
+    interval: monthly
+  open-pull-requests-limit: 6

.github/pull_request_template.md

@@ -0,0 +1,10 @@
+# PR Template for new Detections
+
+For Authors:
+1. Make sure that CI/CD [detection-testing and build-and-validate](https://github.com/splunk/security_content/actions) jobs passed ✔️. 
+
+For Reviewers:
+- [ ] Verify CI/CD jobs have passed without errors.
+- [ ] Validate SPL logic.
+- [ ] Validate tags, description, and how to implement.
+- [ ] Validate name patches `<platform>_<mitre att&ck technique>_<short description>`

.github/workflows/auto-approve.yml

@@ -1,11 +1,15 @@
-name: Auto approve
-on: pull_request
+name: Auto approve PRs by dependabot
+
+# Trigger the workflow on pull request
+on: pull_request_target
 
 jobs:
-  build:
+  autoapprove:
+    name: Auto-Approve a PR by dependabot
     runs-on: ubuntu-latest
     steps:
-    - uses: hmarr/[email protected]
-      if: github.actor == 'dependabot[bot]' || github.actor == 'dependabot-preview[bot]'
-      with:
-        github-token: "${{ secrets.GITHUB_TOKEN }}"
+      - name: Auto approve
+        uses: cognitedata/[email protected]
+        if: github.actor == 'dependabot[bot]' || github.actor == 'dependabot-preview[bot]'
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/auto-merge.yml

@@ -0,0 +1,13 @@
+name: auto-merge
+on:
+  pull_request_target:
+
+jobs:
+  auto-merge:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - uses: ahmadnassri/action-dependabot-auto-merge@v2
+        with:
+          target: minor
+          github-token: ${{ secrets.AUTOMERGE }}

.github/workflows/auto-update.yml

@@ -0,0 +1,37 @@
+name: auto-update
+on:
+  push: {}
+jobs:
+
+  validate-tag-if-present:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: TAGGED, Validate that the tag is in the correct format
+
+        run: |
+          echo "The GITHUB_REF: $GITHUB_REF"
+          #First check to see if the release is a tag
+          if [[ $GITHUB_REF =~ refs/tags/* ]]; then
+            #Yes, this is a tag, so we need to test to make sure that the tag
+            #is in the correct format (like v1.10.20)
+            if [[ $GITHUB_REF =~ refs/tags/v[0-9]+.[0-9]+.[0-9]+ ]]; then
+              echo "PASS: Tagged release with good format"
+              exit 0
+            else
+              echo "FAIL: Tagged release with bad format"
+              exit 1
+            fi
+          else
+          echo "PASS: Not a tagged release"
+          exit 0
+          fi                          
+  autoupdate:
+    name: autoupdate
+    runs-on: ubuntu-latest
+    steps:
+      - uses: docker://chinthakagodawita/autoupdate-action:v1
+        env:
+          GITHUB_TOKEN: "${{ secrets.PROTECTED_BRANCH_PUSH_TOKEN }}"
+          DRY_RUN: "false"
+          MERGE_MSG: "Branch was auto-updated."