-
Notifications
You must be signed in to change notification settings - Fork 219
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Enables make docs
to generate a yaml file with all techniques and their metadata. Fixes #172
#218
Conversation
|
||
// Full description (multi-line) | ||
Description string | ||
Description string `yaml:"-"` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Disabled serialisation for description like it was suggested on #172.
@@ -28,3 +28,24 @@ func PlatformFromString(name string) (Platform, error) { | |||
return "", errors.New("unknown platform: " + name) | |||
} | |||
} | |||
|
|||
func (p Platform) FormatName() (string, error) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Moved the formatPlatformName
function here so it could be used for the MarshalYAML
method as well.
"github.com/datadog/stratus-red-team/v2/pkg/stratus" | ||
_ "github.com/datadog/stratus-red-team/v2/pkg/stratus/loader" | ||
"github.com/datadog/stratus-red-team/v2/pkg/stratus/mitreattack" | ||
"gopkg.in/yaml.v3" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
VSCode uses go fmt
and it re-ordered the import like that (I belive that's goimports
default configuration`. Let me know if you would like the import the way it was and I will edit it using vim.
v2/pkg/stratus/attack_technique.go
Outdated
|
||
// Indicates if the technique is expected to be slow to warm-up or detonate | ||
IsSlow bool | ||
IsSlow bool `yaml:"slow"` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
IsSlow bool `yaml:"slow"` | |
IsSlow bool `yaml:"isSlow"` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Would be better if this was is-slow
? There is no really guidance here from YAML specification regarding field names, for mitre-attack-tactic
I separated different words with -
, but happy to change to whatever pattern that you prefer.
A few examples from other open source projects:
- Kubernetes uses camel case: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#creating-a-deployment
- Atomic Red Team uses snake case: https://github.com/redcanaryco/atomic-red-team/blob/master/atomic_red_team/spec.yaml
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we'd prefer going the camel case route
v2/pkg/stratus/attack_technique.go
Outdated
|
||
// Indicates if the detonation function is idempotent, i.e. if it can be run multiple times without reverting it | ||
IsIdempotent bool | ||
IsIdempotent bool `yaml:"idempotent"` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
IsIdempotent bool `yaml:"idempotent"` | |
IsIdempotent bool `yaml:"isIdempotent"` |
A few things to address but overall looks great! Looking forward to getting this merged |
Co-authored-by: Christophe Tafani-Dereeper <christophe@tafani-dereeper.me>
|
||
// UnmarshalYAML implements the Marshaler interface from "gopkg.in/yaml.v3". | ||
// It does the reverse operation defined on MarshalYAML. It mutates Platform from "Azure" to "azure". | ||
func (p Platform) UnmarshalYAML(node *yaml.Node) error { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same here, added the UnmarshalYAML
function.
os.Exit(1) | ||
func GenerateTechDocs(docsDirectory string, techniques []*stratus.AttackTechnique, index map[stratus.Platform]map[string][]*stratus.AttackTechnique) error { | ||
techniqueTemplate, err := os.ReadFile("tools/doc.tpl") | ||
if err != nil { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Handling this error, because otherwise techniqueTemplate
is ""
and docs are generated with empty string. That threw me off for quite a bit 😅
|
||
tpl, _ := template.New("technique").Funcs(funcMap).Parse(string(techniqueTemplate)) | ||
result := "" | ||
buf := bytes.NewBufferString(result) | ||
formatTechniqueDescription(technique) | ||
err := tpl.Execute(buf, technique) | ||
if err != nil { | ||
panic(err) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This changed the semantics a little bit. Instead of a panic, it returns an error then the error is printed and the command returns with exit code 1. Let me know if you prefer to panic
rather than doing this.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
much better than panic :)
Thanks! This looks great now. Really appreciate your contribution! |
What does this PR do?
Enhancement:
make docs
now generates adocs/index.yaml
file with all techniques serialised into it.Motivation
Motivation is described on #172
Checklist
N/A
Details
index.yaml
file contains all techniques grouped by MITRE tactic and platform. Some techniques are classified with in 2 or more tactics, when that happens, the technique is duplicated in the document.