[Maintenance] Repository Config Update (#4359)

* updating tokens

* bumped patch

* updated navigator gist ID

* updated naming

* Update .github/workflows/manual-backport.yml

* updated navigator url

* updated noreply email

* updated naming

* Update .github/workflows/manual-backport.yml

Co-authored-by: Eric Forte <[email protected]>

* updating README

* updated gist token

* replaced guidelines token with GITHUB_TOKEN

---------

Co-authored-by: Eric Forte <[email protected]>

.github/workflows/add-guidelines.yml

@@ -57,5 +57,5 @@ jobs:
         uses: mshick/add-pr-comment@v2
         with:
           message-path: ${{ env.GUIDELINES_FILE }}
-          repo-token: ${{ secrets.PROTECTIONS_MACHINE_TOKEN }}
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
           message-id: "guidelines-comment"

.github/workflows/attack-coverage-update.yml

@@ -39,7 +39,7 @@ jobs:
 
       - name: Update navigator gist files and docs/ATT&CK-coverage.md file.
         env:
-          GITHUB_TOKEN: "${{ secrets.NAVIGATOR_GIST_TOKEN }}"
+          GITHUB_TOKEN: "${{ secrets.WRITE_TRADEBOT_GIST_TOKEN }}"
         run: |
          python -m detection_rules dev update-navigator-gists "${{ github.event.inputs.update-coverage }}"
          git add docs/"ATT\&CK-coverage.md"

.github/workflows/backport.yml

@@ -67,7 +67,7 @@ jobs:
       - name: Checkout repo
         uses: actions/checkout@v2
         with:
-          token: ${{ secrets.PROTECTIONS_MACHINE_TOKEN }}
+          token: ${{ secrets.WRITE_DETECTION_RULES_PROTECTIONS_TOKEN }}
           ref: main
           fetch-depth: 100
 
@@ -161,6 +161,6 @@ jobs:
       - name: "Notify slack on failure"
         uses: craftech-io/slack-action@v1
         with:
-          slack_webhook_url: ${{ secrets.SLACK_WEBHOOK_URL }}
+          slack_webhook_url: ${{ secrets.EXTERNAL_SLACK_DETECTION_RULES_URL }}
           status: failure
         if: failure()

.github/workflows/branch-status-checks.yml

@@ -22,7 +22,7 @@ jobs:
       with:
         url: "https://api.github.com/repos/elastic/detection-rules/actions/workflows/pythonpackage.yml/runs?per_page=1&branch=${{matrix.target_branch}}"
         method: 'GET'
-        bearerToken: ${{ secrets.READ_ORG_TOKEN }}
+        bearerToken: ${{ secrets.READ_ELASTIC_DETECTION_RULES_ORG_TOKEN }}
 
     - name: Check Backport Status
       uses: actions/github-script@v6

.github/workflows/community.yml

@@ -15,7 +15,7 @@ jobs:
         uses: actions/github-script@v6
         id: membership
         with:
-          github-token: ${{ secrets.READ_ORG_TOKEN }}
+          github-token: ${{ secrets.READ_ELASTIC_DETECTION_RULES_ORG_TOKEN }}
           result-encoding: string
           script: |
 

.github/workflows/kibana-mitre-update.yml

@@ -2,7 +2,7 @@ name: Check MITRE ATT&CK Version Updates Are Synced
 
 on:
   pull_request:
-    types: 
+    types:
       - opened
     paths:
       - 'detection_rules/etc/attack-v*.json.gz'
@@ -18,8 +18,8 @@ jobs:
         id: changed-attack-files
         uses: tj-actions/changed-files@v44
         with:
-          files: detection_rules/etc/attack-v*.json.gz 
- 
+          files: detection_rules/etc/attack-v*.json.gz
+
       - name: Extract version from file name
         id: extract_version
         if: steps.changed-attack-files.outputs.any_changed == 'true'
@@ -33,9 +33,9 @@ jobs:
         run: |
           ISSUE_TITLE="[Security Solution] Update MITRE ATT&CK to ${{ steps.extract_version.outputs.version }}"
           ISSUE_BODY="The detection rules MITRE ATT&CK version has been updated to ${{ steps.extract_version.outputs.version }} Please update the MITRE ATT&CK version in Kibana accordingly."
-          
+
           curl -X POST \
-            -H "Authorization: token ${{ secrets.READ_WRITE_KIBANA_TOKEN }}" \
+            -H "Authorization: token ${{ secrets.WRITE_KIBANA_DETECTION_RULES_TOKEN }}" \
             -H "Accept: application/vnd.github.v3+json" \
             https://api.github.com/repos/elastic/kibana/issues \
             -d '{
@@ -44,4 +44,4 @@ jobs:
             }'
 
         env:
-          GITHUB_TOKEN: ${{ secrets.READ_WRITE_KIBANA_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.WRITE_KIBANA_DETECTION_RULES_TOKEN }}

.github/workflows/manual-backport.yml

@@ -21,7 +21,7 @@ jobs:
       - name: Checkout detection-rules
         uses: actions/checkout@v3
         with:
-          token: ${{ secrets.PROTECTIONS_MACHINE_TOKEN }}
+          token: ${{ secrets.WRITE_TRADEBOT_DETECTION_RULES_TOKEN }}
           fetch-depth: 0
 
       - name: Set github config
@@ -81,6 +81,6 @@ jobs:
       - name: "Notify slack on failure"
         uses: craftech-io/slack-action@v1
         with:
-          slack_webhook_url: ${{ secrets.SLACK_WEBHOOK_URL }}
+          slack_webhook_url: ${{ secrets.READ_DETECTION_RULES_SLACK_WEBHOOK_TOKEN }}
           status: failure
         if: failure()

.github/workflows/pythonpackage.yml

@@ -15,11 +15,11 @@ jobs:
     - uses: actions/checkout@v4
       with:
         fetch-depth: 1
-    
+
     - name: Fetch main branch
       run: |
         git fetch origin main:refs/remotes/origin/main
- 
+
     - name: Set up Python 3.12
       uses: actions/setup-python@v5
       with:
@@ -64,6 +64,6 @@ jobs:
 
     - name: Update navigator gist files
       env:
-        GITHUB_TOKEN: "${{ secrets.NAVIGATOR_GIST_TOKEN }}"
+        GITHUB_TOKEN: "${{ secrets.WRITE_TRADEBOT_DETECTION_RULES_TOKEN }}"
       if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }}
       run: python -m detection_rules dev update-navigator-gists

.github/workflows/release-docs.yml

@@ -31,7 +31,7 @@ jobs:
       - name: Checkout elastic/security-docs
         uses: actions/checkout@v3
         with:
-          token: ${{ secrets.READ_WRITE_RELEASE_FLEET }}
+          token: ${{ secrets.WRITE_INTEGRATIONS_DETECTION_RULES_TOKEN }}
           repository: "elastic/security-docs"
           path: security-docs
           fetch-depth: 0
@@ -79,7 +79,7 @@ jobs:
 
       - name: Create PR to elastic/security-docs
         env:
-          GITHUB_TOKEN: ${{ secrets.PROTECTIONS_MACHINE_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.WRITE_TRADEBOT_DETECTION_RULES_TOKEN }}
           POST_VERSION: "v${{ github.event.inputs.post_version }}"
           TARGET_BRANCH: "${{ github.event.inputs.target_branch }}"
           UPDATE_BRANCH: "update-security-docs-prebuilt-rules-${{github.event.inputs.post_version}}"

.github/workflows/release-fleet.yml

@@ -68,7 +68,7 @@ jobs:
         - name: Checkout elastic/integrations
           uses: actions/checkout@v3
           with:
-            token: ${{ secrets.READ_WRITE_RELEASE_FLEET }}
+            token: ${{ secrets.WRITE_INTEGRATIONS_DETECTION_RULES_TOKEN }}
             repository: ${{github.event.inputs.target_repo}}
             path: integrations
             fetch-depth: 0
@@ -119,8 +119,8 @@ jobs:
 
         - name: Set github config
           run: |
-            git config --global user.email "72879786+protectionsmachine@users.noreply.github.com"
-            git config --global user.name "protectionsmachine"
+            git config --global user.email "178941316+tradebot-elastic@users.noreply.github.com"
+            git config --global user.name "tradebot-elastic"
 
         - name: Setup go
           uses: actions/setup-go@v3
@@ -138,7 +138,7 @@ jobs:
             TARGET_REPO: "${{github.event.inputs.target_repo}}"
             TARGET_BRANCH: "${{github.event.inputs.target_branch}}"
             LOCAL_REPO: "../integrations"
-            GITHUB_TOKEN: "${{ secrets.READ_WRITE_RELEASE_FLEET }}"
+            GITHUB_TOKEN: "${{ secrets.WRITE_INTEGRATIONS_DETECTION_RULES_TOKEN }}"
           run: |
             cd detection-rules
             python -m detection_rules dev integrations-pr \

README.md

@@ -1,7 +1,7 @@
 [![Supported Python versions](https://img.shields.io/badge/python-3.12+-yellow.svg)](https://www.python.org/downloads/)
 [![Unit Tests](https://github.com/elastic/detection-rules/workflows/Unit%20Tests/badge.svg)](https://github.com/elastic/detection-rules/actions)
 [![Chat](https://img.shields.io/badge/chat-%23security--detection--rules-blueviolet)](https://ela.st/slack)
-[![ATT&CK navigator coverage](https://img.shields.io/badge/ATT&CK-Navigator-red.svg)](https://ela.st/detection-rules-navigator)
+[![ATT&CK navigator coverage](https://img.shields.io/badge/ATT&CK-Navigator-red.svg)](https://ela.st/detection-rules-navigator-trade)
 
 # Detection Rules
 

detection_rules/devtools.py

@@ -57,8 +57,8 @@
 from .version_lock import VersionLockFile, loaded_version_lock
 
 GH_CONFIG = Path.home() / ".config" / "gh" / "hosts.yml"
-NAVIGATOR_GIST_ID = '1a3f65224822a30a8228a8ed20289a89'
-NAVIGATOR_URL = 'https://ela.st/detection-rules-navigator'
+NAVIGATOR_GIST_ID = '0443cfb5016bed103f1940b2f336e45a'
+NAVIGATOR_URL = 'https://ela.st/detection-rules-navigator-trade'
 NAVIGATOR_BADGE = (
     f'[![ATT&CK navigator coverage](https://img.shields.io/badge/ATT&CK-Navigator-red.svg)]({NAVIGATOR_URL})'
 )

pyproject.toml

@@ -1,6 +1,6 @@
 [project]
 name = "detection_rules"
-version = "0.3.12"
+version = "0.3.13"
 description = "Detection Rules is the home for rules used by Elastic Security. This repository is used for the development, maintenance, testing, validation, and release of rules for Elastic Security’s Detection Engine."
 readme = "README.md"
 requires-python = ">=3.12"