Splunkworks updates

Signed-off-by: Zachary Christensen <[email protected]>

.github/workflows/appinspect.yml

@@ -5,12 +5,30 @@ on:
       - main
       - master
     paths:
-      - "src/**"
+      - "SA-CrowdstrikeDevices/**"
     types: [opened, ready_for_review]
 
 jobs:
-  call-packaging-workflow:
-    uses: ZachChristensen28/splunk-github-wfa/.github/workflows/appinspect.yml@7ecada57ac2b19c674658e3dac9751f5b23dec13
-    secrets:
-      API_USER: ${{ secrets.API_USER }}
-      API_PASS: ${{ secrets.API_PASS }}
+  appinspect-job:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: actions/setup-python@v4
+        with:
+          python-version: 3.7
+      - name: Download packaging toolkit
+        run: wget https://download.splunk.com/misc/packaging-toolkit/splunk-packaging-toolkit-1.0.1.tar.gz
+      - name: Install packaging toolkit
+        run: pip install splunk-packaging-toolkit-1.0.1.tar.gz
+      - name: Package app
+        run: |
+          cd SA-CrowdstrikeDevices
+          slim package -o ~/build/package $(ls)
+      - name: run Appinspect
+        uses: splunk/appinspect-api-action@v3
+        with:
+          username: ${{ secrets.API_USER }}
+          password: ${{ secrets.API_PASS }}
+          app_path: build/package/
+          included_tags: "cloud,self-service,future"
+

.github/workflows/fossa.yml

@@ -6,7 +6,7 @@ on:
       - main
       - master
     paths:
-      - "src/**"
+      - "SA-CrowdstrikeDevices/**"
     types: [opened, ready_for_review]
 
 jobs:

.github/workflows/release.yml

@@ -5,8 +5,40 @@ on:
       - master
       - main
     paths:
-      - "src/**"
+      - "SA-CrowdstrikeDevices/**"
 
 jobs:
-  call-packaging-workflow:
-    uses: ZachChristensen28/splunk-github-wfa/.github/workflows/package-app.yml@154fb6bd5201e90183c99b40661cb931d61781b4
+  package:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: actions/setup-python@v4
+        with:
+          python-version: 3.7
+      - name: Download packaging toolkit
+        run: wget https://download.splunk.com/misc/packaging-toolkit/splunk-packaging-toolkit-1.0.1.tar.gz
+      - name: Install packaging toolkit
+        run: pip install splunk-packaging-toolkit-1.0.1.tar.gz
+      - name: Package app
+        id: app
+        run: |
+          cd src
+          slim package -o ~/build/packages $(ls)
+          echo "app=$(realpath ~/build/packages/*)" >> $GITHUB_OUTPUT
+          cd ~/build/packages
+          md5sum $(ls) > $(ls).md5
+          echo "md5=$(realpath ~/build/packages/*.md5)" >> $GITHUB_OUTPUT
+      - name: Get info
+        id: info
+        run: |
+          echo "version=$(cat src/*/app.manifest | jq -r .info.id.version)" >> $GITHUB_OUTPUT
+          echo "name=$(cat src/*/app.manifest | jq -r .info.id.name)" >> $GITHUB_OUTPUT
+      - name: Draft Release
+        uses: softprops/action-gh-release@v1
+        with:
+          draft: true
+          name: ${{ steps.info.outputs.name }} v${{ steps.info.outputs.version }}
+          tag_name: v${{ steps.info.outputs.version }}
+          files: |
+            ${{ steps.app.outputs.app }}
+            ${{ steps.app.outputs.md5 }}

README.md

@@ -1,5 +1,3 @@
-#  CrowdStrike Devices for Splunk Enterprise Security
-
 [![License](https://img.shields.io/badge/License-Splunk%20General%20Terms-ce0070)](https://www.splunk.com/en_us/legal/splunk-general-terms.html)
 [![Docs](https://github.com/splunk/SA-CrowdstrikeDevices/actions/workflows/docs.yml/badge.svg)](splunk.github.io/SA-CrowdstrikeDevices/)
 ![Appinspect](https://github.com/splunk/SA-CrowdstrikeDevices/actions/workflows/appinspect.yml/badge.svg)
@@ -9,12 +7,14 @@
 [![CrowdStrike Add-on Compatibility](https://img.shields.io/badge/CrowdStrike%20Addon%20Compatibility-3.x-success)](https://splunkbase.splunk.com/app/5570)
 ![Splunk Cloud Compatibility](https://img.shields.io/badge/Splunk%20Cloud%20Ready-Victoria%20|%20Classic-informational?logo=splunk)
 [![FOSSA Status](https://app.fossa.com/api/projects/git%2Bgithub.com%2FZachChristensen28%2FSA-CrowdstrikeDevices.svg?type=small)](https://app.fossa.com/projects/git%2Bgithub.com%2FZachChristensen28%2FSA-CrowdstrikeDevices?ref=badge_small)
+![Splunkbase Downloads](https://img.shields.io/endpoint?color=%23&style=flat-square&url=https%3A%2F%2Fsplunkbasebadge.livehybrid.com%2Fv1%2Fdownloads%2F6573)
+<div align="center">
+    <h3>CrowdStrike Devices for Splunk Enterprise Security</h3>
+    <p>This supporting add-on comes with prebuilt content for  CrowdStrike device data to be easily used with Splunk Enterprise Security's asset database.</p>
+</div>
 
-This supporting add-on comes with prebuilt content for  CrowdStrike device data to be easily used with Splunk Enterprise Security's asset database.
-
-```markdown
-** This supporting add-on is only intended to work with Splunk Enterprise Security deployments **
-```
+> [!IMPORTANT]
+> This supporting add-on is only intended to work with Splunk Enterprise Security deployments
 
 ## Documentation
 
@@ -28,7 +28,7 @@ Full documentation can be found at [https://splunk.github.io/SA-CrowdstrikeDevic
 
 Info | Description
 ------|----------
-SA-CrowdstrikeDevices | 1.1.1 - [Splunkbase](https://splunkbase.splunk.com/app/6573/) 
+SA-CrowdstrikeDevices | 1.1.2 - [Splunkbase](https://splunkbase.splunk.com/app/6573/) 
 Splunk Enterprise Security Version (Required) | [7.x \| 6.x](https://splunkbase.splunk.com/app/263)
 CrowdStrike Devices Add-on (Required) | [3.x](https://splunkbase.splunk.com/app/5570)
 Add-on has a web UI | No, this add-on does not contain views.

src/SA-CrowdstrikeDevices/app.manifest → SA-CrowdstrikeDevices/app.manifest

@@ -5,7 +5,7 @@
     "id": {
       "group": null,
       "name": "SA-CrowdstrikeDevices",
-      "version": "1.1.1"
+      "version": "1.1.2"
     },
     "author": [
       {

src/SA-CrowdstrikeDevices/default/app.conf → SA-CrowdstrikeDevices/default/app.conf

@@ -3,12 +3,9 @@
 # To make changes, copy the section/stanza you want to change from ./default
 # into ../local and edit there.
 
-[author=ZachTheSplunker]
-email = [email protected]
-
 [id]
 name = SA-CrowdstrikeDevices
-version = 1.1.1
+version = 1.1.2
 
 [install]
 state_change_requires_restart = false
@@ -17,9 +14,8 @@ state = enabled
 build = 10
 
 [launcher]
-author  = ZachTheSplunker
 description = This supporting add-on allows device information pulled from CrowdStrike to be used with Splunk Enterprise Security's Asset Database.
-version = 1.1.1
+version = 1.1.2
 
 [ui]
 is_visible = 0

docs/index.md

@@ -27,7 +27,7 @@ This documentation assumes the following:
 
 Info | Description
 ------|----------
-SA-CrowdstrikeDevices | 1.1.1 - [Splunkbase <small>:icon-link-external:</small>](https://splunkbase.splunk.com/app/6573){ target="blank" } 
+SA-CrowdstrikeDevices | 1.1.2 - [Splunkbase <small>:icon-link-external:</small>](https://splunkbase.splunk.com/app/6573){ target="blank" } 
 Splunk Enterprise Security Version <small>(Required)</small> | [7.x \| 6.x <small>:icon-link-external:</small>](https://splunkbase.splunk.com/app/263){ target="blank" }
 CrowdStrike Devices Add-on <small>(Required)</small> | [3.x <small>:icon-link-external:</small>](https://splunkbase.splunk.com/app/5570){ target="blank" }
 Add-on has a web UI | No, this add-on does not contain views.

docs/releases/index.md

@@ -8,7 +8,18 @@ label: Releases
 
 Latest release can be found on [Splunkbase <small>:icon-link-external:</small>](https://splunkbase.splunk.com/app/6573){ target="blank" }.
 
-## v1.1.1 [!badge text="LATEST" variant="info"]
+## v1.1.2 [!badge text="LATEST" variant="info"]
+
+Released: December 1, 2023
+
++++ New :icon-shield-check:
+- [x] SplunkWorks updates
+
+This release has no functional changes of the add-on.
+
+---
+
+## v1.1.1
 
 Released: April 19, 2023
 

docs/retype.yml

@@ -3,7 +3,7 @@ output: .retype
 url: splunk.github.io/SA-CrowdstrikeDevices/
 branding:
   title: SA-CrowdstrikeDevices
-  label: v1.1.1
+  label: v1.1.2
   colors:
     label:
       text: "#fff"