Skip to content

[Rule Tuning] Ignore "Not Available" in o365.audit.UserId for Micro… #29855

[Rule Tuning] Ignore "Not Available" in o365.audit.UserId for Micro…

[Rule Tuning] Ignore "Not Available" in o365.audit.UserId for Micro… #29855

Workflow file for this run

name: Unit Tests
on:
push:
branches: [ "main", "7.*", "8.*" ]
pull_request:
branches: [ "*" ]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 1
- name: Fetch main branch
run: |
git fetch origin main:refs/remotes/origin/main
- name: Set up Python 3.12
uses: actions/setup-python@v5
with:
python-version: '3.12'
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip cache purge
pip install .[dev]
- name: Python Lint
run: |
python -m flake8 tests detection_rules --ignore D203,N815 --max-line-length 120
- name: Python License Check
run: |
python -m detection_rules dev license-check
- name: Unit tests
env:
# only run the test test_rule_change_has_updated_date on pull request events to main
GITHUB_EVENT_NAME: "${{ github.event_name}}"
run: |
python -m detection_rules test
- name: Build release package
env:
# only generate the navigator files on push events to main
GENERATE_NAVIGATOR_FILES: "${{ github.event_name == 'push' && github.ref == 'refs/heads/main' && '--generate-navigator' || ' ' }}"
run: |
python -m detection_rules dev build-release $GENERATE_NAVIGATOR_FILES
- name: Archive production artifacts for branch builds
uses: actions/upload-artifact@v4
if: |
github.event_name == 'push'
with:
name: release-files
path: |
releases
- name: Update navigator gist files
env:
GITHUB_TOKEN: "${{ secrets.NAVIGATOR_GIST_TOKEN }}"
if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }}
run: python -m detection_rules dev update-navigator-gists