Skip to content

Commit

Permalink
Add validations and update node version
Browse files Browse the repository at this point in the history
  • Loading branch information
Geovanni Pacheco committed Jan 31, 2024
1 parent 2d3d590 commit 546e360
Show file tree
Hide file tree
Showing 4 changed files with 503 additions and 4 deletions.
9 changes: 6 additions & 3 deletions .github/workflows/build.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ jobs:
strategy:
fail-fast: false
matrix:
node-version: [14.x]
node-version: [18.x]
os: [ubuntu-latest]

steps:
Expand All @@ -23,6 +23,9 @@ jobs:
- name: Install dependencies
run: yarn

- name: Validate
run: yarn validate

# Publishing is done in a separate job to allow
# for all matrix builds to complete.
release:
Expand All @@ -32,13 +35,13 @@ jobs:
strategy:
fail-fast: false
matrix:
node: [14]
node-version: [18.x]

steps:
- name: Setup Node
uses: actions/setup-node@v1
with:
node-version: 14.x
node-version: ${{ matrix.node-version }}

- name: Check out repo
uses: actions/checkout@v2
Expand Down
12 changes: 11 additions & 1 deletion package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,11 +2,21 @@
"name": "@jupiterone/jupiterone-alert-rules",
"version": "0.23.0",
"description": "Alert rule packages for the JupiterOne platform",
"scripts": {
"validate": "node --loader tsx ./scripts/validate.ts"
},
"repository": {
"type": "git",
"url": "https://github.com/JupiterOne/jupiterone-alert-rules"
},
"license": "MIT",
"main": "index.js",
"author": "JupiterOne <[email protected]>"
"author": "JupiterOne <[email protected]>",
"devDependencies": {
"@jupiterone/query-language-parser": "^3.16.1",
"@types/node": "^20.11.13",
"euberlog": "^2.5.1",
"tsx": "^4.7.0",
"typescript": "^5.3.3"
}
}
83 changes: 83 additions & 0 deletions scripts/validate.ts
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,83 @@
import { readdirSync, readFileSync } from "node:fs";
import { resolve } from "node:path";
import { cwd } from "node:process";
import { Logger } from "euberlog";
import ts from "typescript";
import { parse } from "@jupiterone/query-language-parser";

const logger = new Logger();

const validateExports = () => {
const files = readdirSync(resolve(cwd(), "rule-packs"));

const indexPath = resolve(cwd(), "rule-packs", "index.js");

const file = ts.preProcessFile(readFileSync(indexPath, "utf-8"), true, true);

const importedFiles = file.importedFiles.map((f) =>
f.fileName.replace("./", "")
);

for (const file of files) {
if (file === "index.js" || importedFiles.includes(file)) {
continue;
}
throw new Error(`File ${file} is not imported in index.js.`);
}
};

const validateJsonContent = () => {
const files = readdirSync(resolve(cwd(), "rule-packs")).filter(
(file) => file !== "index.js"
);
for (const file of files) {
const rulePack = require(resolve(cwd(), "rule-packs", file));
if (!(rulePack instanceof Array)) {
throw new Error(`File ${file} does not export an array.`);
}
for (const rule of rulePack) {
validateRule(rule);
}
}
};

const validateRule = (rule) => {
if (
!["MEDIUM", "HIGH", "LOW", "INFO", "CRITICAL", undefined].includes(
rule.alertLevel
)
) {
throw new Error(
`Rule ${rule.name} has an invalid alertLevel. ${rule.alertLevel} is not a valid alertLevel.`
);
}
for (const queryObj of rule.queries) {
if (RegExp(/[^A-Za-z0-9_]/g).test(queryObj.name)) {
throw new Error(
`Rule ${rule.name} has an invalid query name. "${queryObj.name}" is not a valid query name.`
);
}
try {
parse(queryObj.query);
} catch (e) {
throw new Error(
`Rule ${rule.name} has an invalid query. ${queryObj.name} is not a valid query.
${e.message}
`
);
}
}
};

try {
logger.info("Starting validation...");
logger.info("Validating exports...");
validateExports();
logger.info("Validating json contents...");
validateJsonContent();
logger.success("Everything valid");
} catch (e) {
logger.error(e.message);
process.exit(1);
}
Loading

0 comments on commit 546e360

Please sign in to comment.