Branch was auto-updated.

splunk · Nov 7, 2024 · 4f2d5f3 · 4f2d5f3
2 parents ad93e8b + b4f48c1
commit 4f2d5f3
Show file tree

Hide file tree

Showing 2 changed files with 72 additions and 35 deletions.
diff --git a/.github/workflows/update_data_sources_ta.py b/.github/workflows/update_data_sources_ta.py
@@ -27,36 +27,72 @@ def dict_representer(dumper, data):
 # Define the paths
 log_file_path = 'data_source_validation.log'
 data_sources_dir = 'data_sources'
+contentctl_file_path = 'contentctl.yml'
 
-# Read the log file to find version mismatches
-with open(log_file_path, 'r') as log_file:
-    log_lines = log_file.readlines()
-
-# Parse the log file to find the TA name and the latest version
-for i, line in enumerate(log_lines):
-    if 'Version mismatch' in line:
-        ta_name = log_lines[i].split("'")[3].strip()
-        latest_version = log_lines[i + 1].split(':')[1].strip()
-        print(f"Found version mismatch for TA: {ta_name}, updating to version: {latest_version}")
-
-        # Update the YAML files in the data sources directory
-        for filename in os.listdir(data_sources_dir):
-            if filename.endswith('.yml'):
-                file_path = os.path.join(data_sources_dir, filename)
-                with open(file_path, 'r') as yml_file:
-                    data = yaml.load(yml_file, Loader=OrderedLoader)
-
-                # Check if the TA name matches and update the version
-                updated = False
-                for ta in data.get('supported_TA', []):
-                    if ta['name'] == ta_name:
-                        if ta['version'] != latest_version:
-                            ta['version'] = latest_version
-                            updated = True
-
-                # Write the updated data back to the YAML file
-                if updated:
-                    with open(file_path, 'w') as yml_file:
-                        yaml.dump(data, yml_file, Dumper=OrderedDumper)
-
-print("Version updates completed.")
+def update_data_sources(ta_name, latest_version):
+    # Update the YAML files in the data sources directory
+    for filename in os.listdir(data_sources_dir):
+        if filename.endswith('.yml'):
+            file_path = os.path.join(data_sources_dir, filename)
+            with open(file_path, 'r') as yml_file:
+                data = yaml.load(yml_file, Loader=OrderedLoader)
+
+            # Check if the TA name matches and update the version
+            updated = False
+            for ta in data.get('supported_TA', []):
+                if ta['name'] == ta_name:
+                    if ta['version'] != latest_version:
+                        ta['version'] = latest_version
+                        updated = True
+
+            # Write the updated data back to the YAML file
+            if updated:
+                with open(file_path, 'w') as yml_file:
+                    yaml.dump(data, yml_file, Dumper=OrderedDumper)
+
+def update_contentctl_yml(title, new_version):
+    # Load the existing YAML file
+    with open(contentctl_file_path, 'r') as file:
+        content = yaml.load(file, Loader=OrderedLoader)
+
+    # Iterate over the apps to find the title and update the version and hardcoded_path
+    updated = False
+    for app in content.get('apps', []):
+        if app.get('title') == title:
+            if app.get('version') != new_version:
+                app['version'] = new_version
+                updated = True
+                print(f"Updated {title} in contentctl.yml to version {new_version}")
+
+            # Update the hardcoded_path if it exists
+            if 'hardcoded_path' in app:
+                base_url, current_version = app['hardcoded_path'].rsplit('_', 1)
+                new_hardcoded_path = f"{base_url}_{new_version.replace('.', '')}.tgz"
+                app['hardcoded_path'] = new_hardcoded_path
+                print(f"Updated hardcoded_path for {title} to {new_hardcoded_path}")
+
+    # Write the updated content back to the YAML file if changes were made
+    if updated:
+        with open(contentctl_file_path, 'w') as file:
+            yaml.dump(content, file, Dumper=OrderedDumper, default_flow_style=False)
+
+def main():
+    # Read the log file to find version mismatches
+    with open(log_file_path, 'r') as log_file:
+        log_lines = log_file.readlines()
+
+    # Parse the log file to find the TA name and the latest version
+    for i, line in enumerate(log_lines):
+        if 'Version mismatch' in line:
+            ta_name = log_lines[i].split("'")[3].strip()
+            latest_version = log_lines[i + 1].split(':')[1].strip()
+            print(f"Found version mismatch for TA: {ta_name}, updating to version: {latest_version}")
+
+            # Update data sources and contentctl.yml
+            update_data_sources(ta_name, latest_version)
+            update_contentctl_yml(ta_name, latest_version)
+
+    print("Version updates completed.")
+
+if __name__ == "__main__":
+    main()
diff --git a/contentctl.yml b/contentctl.yml
@@ -167,9 +167,9 @@ apps:
 - uid: 4055
   title: Splunk Add-on for Microsoft Office 365
   appid: SPLUNK_ADD_ON_FOR_MICROSOFT_OFFICE_365
-  version: 4.5.2
+  version: 4.6.0
   description: description of app
-  hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/splunk-add-on-for-microsoft-office-365_452.tgz
+  hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/splunk-add-on-for-microsoft-office-365_460.tgz
 - uid: 2890
   title: Splunk Machine Learning Toolkit
   appid: SPLUNK_MACHINE_LEARNING_TOOLKIT
@@ -206,4 +206,5 @@ apps:
   version: 3.2.1
   description: description of app
   hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/crowdstrike-falcon-event-streams-technical-add-on_321.tgz
-githash: d6fac80e6d50ae06b40f91519a98489d4ce3a3fd
+
+