Merge branch 'new-rule-endpoint-security-promotions' of https://githu…

…b.com/elastic/detection-rules into new-rule-endpoint-security-promotions
elastic · Dec 19, 2024 · 9f76999 · 9f76999
2 parents e1b565d + 90869e8
commit 9f76999
Show file tree

Hide file tree

Showing 171 changed files with 6,113 additions and 1,047 deletions.
diff --git a/.github/workflows/lock-versions.yml b/.github/workflows/lock-versions.yml
@@ -6,7 +6,7 @@ on:
           description: 'List of branches to lock versions (ordered, comma separated)'
           required: true
           # 7.17 was intentionally skipped because it was added late and was bug fix only
-          default: '8.11,8.12,8.13,8.14,8.15,8.16'
+          default: '8.12,8.13,8.14,8.15,8.16,8.17'
 
 jobs:
   pr:

diff --git a/detection_rules/devtools.py b/detection_rules/devtools.py
@@ -63,6 +63,8 @@
     f'[![ATT&CK navigator coverage](https://img.shields.io/badge/ATT&CK-Navigator-red.svg)]({NAVIGATOR_URL})'
 )
 RULES_CONFIG = parse_rules_config()
+# The base package version that we will start to include all versions of historical rules
+BASE_PKG_VERSION = Version(major=8, minor=17, patch=0)
 
 
 def get_github_token() -> Optional[str]:
@@ -124,7 +126,19 @@ def build_release(ctx: click.Context, config_file, update_version_lock: bool, ge
                                                            registry_data['conditions']['kibana.version'].strip("^"))
     sde = SecurityDetectionEngine()
     historical_rules = sde.load_integration_assets(previous_pkg_version)
-    limited_historical_rules = sde.keep_latest_versions(historical_rules)
+    current_pkg_version = Version.parse(registry_data['version'])
+    # pre-release versions are not included in the version comparison
+    # Version 8.17.0-beta.1 is considered lower than 8.17.0
+    current_pkg_version_no_prerelease = Version(major=current_pkg_version.major,
+                                                minor=current_pkg_version.minor, patch=current_pkg_version.patch)
+    if current_pkg_version_no_prerelease >= BASE_PKG_VERSION:
+        click.echo(f'[+] Adding all historical rule versions in our release package for version \
+            {current_pkg_version_no_prerelease}')
+        limited_historical_rules = historical_rules
+    else:
+        click.echo(f'[+] Limit historical rule versions in our release package for version \
+            {current_pkg_version_no_prerelease}')
+        limited_historical_rules = sde.keep_latest_versions(historical_rules)
     package.add_historical_rules(limited_historical_rules, registry_data['version'])
     click.echo(f'[+] Adding historical rules from {previous_pkg_version} package')