Merge pull request #7 from google/yaml-validation

Add validation of component YAML files on push.
google · Aug 23, 2023 · d2ca712 · d2ca712
2 parents 4b4dd84 + afde8a2
commit d2ca712
Show file tree

Hide file tree

Showing 7 changed files with 87 additions and 1 deletion.
diff --git a/.github/workflows/yamale.yml b/.github/workflows/yamale.yml
@@ -0,0 +1,24 @@
+name: Validate DFIQ YAML
+
+on:
+ [push]
+jobs:
+ build:
+ runs-on: ubuntu-latest
+ steps:
+ - uses: actions/checkout@v3
+ - name: Set up Python 3.11
+ uses: actions/setup-python@v4
+ with:
+ python-version: 3.11
+ - name: Install dependencies
+ run: |
+ python -m pip install --upgrade pip
+ pip install pipenv
+ pip install yamale
+ - name: Validate Scenarios YAML
+ run: |
+ yamale -s utils/scenario_spec.yaml ./data/scenarios
+ yamale -s utils/facet_spec.yaml ./data/facets
+ yamale -s utils/question_spec.yaml ./data/questions
+ yamale -s utils/approach_spec.yaml ./data/approaches
diff --git a/data/questions/Q1001.yaml b/data/questions/Q1001.yaml
@@ -15,10 +15,12 @@
 ---
 display_name: What files were downloaded using a web browser?
 type: question
-description:
+description: Downloading files via a web browser is a common way to introduce files to a computer. Determining what
+ files were downloaded can be helpful in variety of scenarios, ranging from malware investigations to insider cases.
 id: Q1001
 dfiq_version: 1.0.0
 tags:
+ - Web Browser
 parent_ids:
  - F1008
  - F1002
diff --git a/data/scenarios/S1001.yaml b/data/scenarios/S1001.yaml
@@ -22,3 +22,4 @@ description: >
 id: S1001
 dfiq_version: 1.0.0
 tags:
+ - Insider
diff --git a/utils/approach_spec.yaml b/utils/approach_spec.yaml
@@ -0,0 +1,33 @@
+---
+display_name: str()
+type: enum('approach')
+description:
+ summary: str()
+ details: str()
+ references: list(str(), required=False)
+ references_internal: list(str(), required=False)
+id: regex('^Q\d{4}\.\d{2}$')
+dfiq_version: regex('\d{1,2}\.\d{1,2}\.\d{1,2}')
+tags: list(str(), required=False)
+contributors: list(str(), required=False)
+view:
+ data: list(include('string_type_and_value'))
+ notes:
+ covered: list(str())
+ not_covered: list(str())
+ processors: list(include('processor'))
+---
+string_type_and_value:
+ type: str()
+ value: str()
+processor:
+ name: str()
+ options: list(include('string_type_and_value'))
+ analysis: list(include('analysis_object'))
+analysis_object:
+ name: str()
+ steps: list(include('analysis_step'))
+analysis_step:
+ description: str()
+ type: str()
+ value: str()
diff --git a/utils/facet_spec.yaml b/utils/facet_spec.yaml
@@ -0,0 +1,9 @@
+---
+display_name: str()
+type: enum('facet')
+description: str(required=False)
+id: regex('^F\d{4}$')
+dfiq_version: regex('\d{1,2}\.\d{1,2}\.\d{1,2}')
+tags: list(str(), required=False)
+contributors: list(str(), required=False)
+parent_ids: list(regex('S\d{4}'))
diff --git a/utils/question_spec.yaml b/utils/question_spec.yaml
@@ -0,0 +1,9 @@
+---
+display_name: str()
+type: enum('question')
+description: str(required=False)
+id: regex('^Q\d{4}$')
+dfiq_version: regex('\d{1,2}\.\d{1,2}\.\d{1,2}')
+tags: list(str(), required=False)
+contributors: list(str(), required=False)
+parent_ids: list(regex('F\d{4}'))
diff --git a/utils/scenario_spec.yaml b/utils/scenario_spec.yaml
@@ -0,0 +1,8 @@
+---
+display_name: str()
+type: enum('scenario')
+description: str()
+id: regex('^S\d{4}$')
+dfiq_version: regex('\d{1,2}\.\d{1,2}\.\d{1,2}')
+tags: list(str(), required=False)
+contributors: list(str(), required=False)