Skip to content

Commit

Permalink
Merge branch 'main' into jof/public/config
Browse files Browse the repository at this point in the history
  • Loading branch information
arielkr256 authored Dec 1, 2023
2 parents 6800a1e + c25a5ab commit 63e69d1
Show file tree
Hide file tree
Showing 43 changed files with 427 additions and 106 deletions.
2 changes: 2 additions & 0 deletions .bandit
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
[bandit]
skips = B101
1 change: 1 addition & 0 deletions .github/workflows/sync-from-upstream.yml
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,7 @@ jobs:
uses: actions/checkout@v4
with:
ref: 'sync_upstream_${{steps.set_upstream.outputs.latest-release}}'
token: ${{ secrets.GITHUB_TOKEN }}
# Sync this branch with upstream
- name: Sync upstream changes into PR branch
id: sync
Expand Down
15 changes: 15 additions & 0 deletions .pylintrc
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
[MAIN]
disable=
missing-docstring,
duplicate-code,
import-error,
fixme,
consider-iterating-dictionary,
global-variable-not-assigned,
broad-exception-raised

load-plugins=
pylint.extensions.mccabe,
pylint_print

max-line-length=100
35 changes: 28 additions & 7 deletions .vscode/example_settings.json
Original file line number Diff line number Diff line change
@@ -1,8 +1,18 @@
{
"python.defaultInterpreterPath": "XXX_pipenv_py_output_XXX",
"yaml.schemas": {
"https://panther-community-us-east-1.s3.amazonaws.com/latest/logschema/schema.json": [ "schemas/*.yml", "schemas/*.yaml", "schemas/**/*yaml", "schemas/**/*.yaml"],
".vscode/rule_jsonschema.json": [ "rules/*.yml", "rules/*.yaml", "rules/**/*.yaml", "rules/**/*.yml"]
"https://panther-community-us-east-1.s3.amazonaws.com/latest/logschema/schema.json": [
"schemas/*.yml",
"schemas/*.yaml",
"schemas/**/*yaml",
"schemas/**/*.yaml"
],
".vscode/rule_jsonschema.json": [
"rules/*.yml",
"rules/*.yaml",
"rules/**/*.yaml",
"rules/**/*.yml"
]
},
"python.analysis.extraPaths": [
"global_helpers"
Expand All @@ -11,10 +21,21 @@
"**/__pycache": true,
"**/*pyc": true
},
//"python.analysis.logLevel": "Trace",
//"files.autoSave": "afterDelay",
//"makefile.extensionOutputFolder": "./.vscode",
"files.associations": {
"panther_analysis_tool": "python"
}
}
},
"[python]": {
"editor.defaultFormatter": "ms-python.black-formatter",
"editor.formatOnSave": true,
"editor.codeActionsOnSave": {
"source.organizeImports": true
},
},
// Add pylint.lintOnChange to your User (not Workspace) settings
// Cmd+Shift+P -> Preferences: Open Settings (JSON)
"pylint.lintOnChange": true,
"bandit.args": [
"-r",
"."
]
}
7 changes: 2 additions & 5 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -35,11 +35,8 @@ global-helpers-unit-test:
lint: lint-pylint lint-fmt

lint-pylint:
pipenv run bandit -r $(dirs) --skip B101 # allow assert statements in tests
pipenv run pylint $(dirs) \
--disable=missing-docstring,duplicate-code,import-error,fixme,consider-iterating-dictionary,global-variable-not-assigned,broad-exception-raised \
--load-plugins=pylint.extensions.mccabe,pylint_print \
--max-line-length=100
pipenv run bandit -r $(dirs)
pipenv run pylint $(dirs)

lint-fmt:
@echo Checking python file formatting with the black code style checker
Expand Down
9 changes: 8 additions & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -119,7 +119,10 @@ If you are comfortable using the Visual Studio Code IDE, the `make vscode-config
In addition to this command, you will need to install these vscode add-ons:
1. [Python](https://marketplace.visualstudio.com/items?itemName=ms-python.python)
2. [YAML](https://marketplace.visualstudio.com/items?itemName=redhat.vscode-yaml)
2. [Black Formatter](https://marketplace.visualstudio.com/items?itemName=ms-python.black-formatter)
3. [Pylint](https://marketplace.visualstudio.com/items?itemName=ms-python.pylint)
4 [Bandit](https://marketplace.visualstudio.com/items?itemName=nwgh.bandit)
5. [YAML](https://marketplace.visualstudio.com/items?itemName=redhat.vscode-yaml)
You will also need Visual Studio's [code](https://code.visualstudio.com/docs/setup/mac#_launching-from-the-command-line) configured to open Visual Studio from your CLI.
Expand All @@ -130,6 +133,10 @@ You will also need Visual Studio's [code](https://code.visualstudio.com/docs/set
1. Creates two debugging targets, which will give you single-button push support for running `panther_analysis_tool test` through the debugger.
1. Installs JSONSchema support for your custom panther-analysis schemas in the `schemas/` directory. This brings IDE hints about which fields are necessary for schemas/custom-schema.yml files.
1. Installs JSONSchema support for panther-analysis rules in the `rules/` directory. This brings IDE hints about which fields are necessary for rules/my-rule.yml files.
1. Configures `Black` and `isort` settings for auto-formatting on save (thus reducing the need to run `make fmt` on all files)
1. Configures `pylint` settings for linting when changes are made
- Ensure that `"pylint.lintOnChange": true` is present in the User-level VSCode settings (`Cmd+Shift+P` -> `Preferences: Open Settings (JSON)`)
1. Configures `Bandit` settings for linting when files are opened
```shell
user@computer:panther-analysis: make vscode-config
Expand Down
16 changes: 11 additions & 5 deletions data_models/github_data_model.py
Original file line number Diff line number Diff line change
@@ -1,14 +1,20 @@
import panther_event_type_helpers as event_type

ADMIN_EVENTS = {
"business.add_admin",
"business.invite_admin",
"team.promote_maintainer",
}

def get_admin_role(_):
# github doesn't record the admin role in the event
return "<UNKNOWN_ROLE>"

def get_admin_role(event):
action = event.get("action", "")
return action if action in ADMIN_EVENTS else "<UNKNOWN_ADMIN_ROLE>"


def get_event_type(event):
if event.get("action") == "team.promote_maintainer":
if event.get("action", "") in ADMIN_EVENTS:
return event_type.ADMIN_ROLE_ASSIGNED
if event.get("action") == "org.disable_two_factor_requirement":
if event.get("action", "") == "org.disable_two_factor_requirement":
return event_type.MFA_DISABLED
return None
Loading

0 comments on commit 63e69d1

Please sign in to comment.