From 838db0759a80544c3a901e38225b47910e6e66c8 Mon Sep 17 00:00:00 2001 From: Pete Markowsky Date: Sun, 7 Sep 2025 16:46:21 -0400 Subject: [PATCH 1/5] Update README.md and Makefile to prep for release. This updates the readme and makefile to prepare for the OSS release of this repo. It also removes the unneeded private buf registry access. --- Makefile | 2 -- README.md | 74 ++++++++++++++----------------------------------------- 2 files changed, 19 insertions(+), 57 deletions(-) diff --git a/Makefile b/Makefile index 2d9a2e5..b556a66 100644 --- a/Makefile +++ b/Makefile @@ -9,8 +9,6 @@ all: deps build .PHONY: deps .ONESHELL: deps deps: - export GOPRIVATE="buf.build/gen/go,${GOPRIVATE}" - buf registry login go mod download # Build the binary diff --git a/README.md b/README.md index aee989f..a46b355 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,10 @@ # Santa Rule Importer (santaruleimporter) -This project reads all rules out of either a [Moroz](https://github.com/groob/moroz) TOML config or [Rudolph](https://github.com/airbnb/rudolph/tree/master) [CSV rule export](https://github.com/airbnb/rudolph/blob/master/docs/rules.md#importing-or-exporting-rules) and imports it into a Workshop instance using the API. +This project reads all rules out of either a +[Moroz](https://github.com/groob/moroz) TOML config or +[Rudolph](https://github.com/airbnb/rudolph/tree/master) [CSV rule +export](https://github.com/airbnb/rudolph/blob/master/docs/rules.md#importing-or-exporting-rules) +or a Zentral server and imports it into a Workshop instance using the API. # Table of Contents @@ -17,75 +21,35 @@ Run the following: - Export `WORKSHOP_API_KEY` with your Workshop API key which must have the superadmin role. - run ./santa-rule-importer -## Example - -```shell -$ make deps -export GOPRIVATE="buf.build/gen/go," -buf registry login -Opening your browser to complete authorization process. - -If your browser doesn't open automatically, please open this URL in a browser to complete the process: - -https://buf.build/settings/user/device?code=MXXX-XXXX - -Logged in as user. Credentials saved to /Users/user/.netrc. -go mod tidy -[ user@Mac (11:45PM) ~/santaruleimporter ] -$ make build -go build -o santa-rule-importer ./cmd/main.go -[ user@Mac (11:45PM) ~/santaruleimporter ] -$ ./santa-rule-importer -insecure ./internal/morozconfig/testdata/global.toml nps.workshop.cloud -2/2 rules added successfully! -``` - # Building -You need access to NPS' prebuilt Go packages that are hosted in a private -registry on buf.build. - -Assuming you have access to the registry you can run: - -```shell -prompt$ make deps # get the dependencies and buf -prompt$ make build # build the binary ``` - -## Build Details - -This does the following: - -```shell -prompt$ export GOPRIVATE="buf.build/gen/go,${GOPRIVATE}" -prompt$ buf registry login -Opening your browser to complete authorization process. - -If your browser doesn't open automatically, please open this URL in a browser to complete the process: - -https://buf.build/settings/user/device?code=[REDACTED] - -Logged in as user. Credentials saved to /Users/user/.netrc. -prompt$ go mod download -``` - -You can now build the importer. - -```shell -prompt$ go build -o moroz-rule-importer ./cmd/main.go +prompt$ make build # build the binary ``` # Usage ``` -$ ./santa-rule-importer +$ ./santa-rule-importer --help Usage: ./santa-rule-importer [OPTIONS] -santa-rule-importer - tool to import rules from Moroz and Rudolph to Workshop +santa-rule-importer - tool to import rules from Moroz, Rudolph, and Zentral to Workshop This tool expects the Workshop API Key to be in the WORKSHOP_API_KEY env var +For Zentral imports, set ZENTRAL_API_KEY env var with your Zentral API token -insecure Use insecure connection + -use-custom-msg-as-comment + Use custom message as comment (moroz only) + -zentral-config-id int + Filter Zentral rules by configuration ID + -zentral-target-identifier string + Filter Zentral rules by target identifier + -zentral-target-type string + Filter Zentral rules by target type (BINARY, CERTIFICATE, etc.) + -zentral-url string + Zentral base URL (e.g., zentral.example.com) Example Usage: ./santa-rule-importer global.toml nps.workshop.cloud From 9329d03c7cb6af5c26cb14581fc94b0a23854474 Mon Sep 17 00:00:00 2001 From: Pete Markowsky Date: Sun, 7 Sep 2025 16:50:14 -0400 Subject: [PATCH 2/5] Remove unneeded href and update comment. --- README.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/README.md b/README.md index a46b355..8cb31de 100644 --- a/README.md +++ b/README.md @@ -10,7 +10,6 @@ or a Zentral server and imports it into a Workshop instance using the API. - [Quick Start](#quick-start) - [Building](#building) - - [Build Details](#build-details) - [Usage](#usage) # Quick Start @@ -18,7 +17,7 @@ or a Zentral server and imports it into a Workshop instance using the API. Run the following: - `make deps` - `make build` -- Export `WORKSHOP_API_KEY` with your Workshop API key which must have the superadmin role. +- Export `WORKSHOP_API_KEY` with your Workshop API key which must have the `rules:write` permission - run ./santa-rule-importer # Building From 048a9405bfe27984831f3e4b41de89ac6664d3f7 Mon Sep 17 00:00:00 2001 From: Pete Markowsky Date: Sun, 7 Sep 2025 16:51:42 -0400 Subject: [PATCH 3/5] Make hyphenated name consistent. --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 8cb31de..28e8e64 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# Santa Rule Importer (santaruleimporter) +# Santa Rule Importer (santa-rule-importer) This project reads all rules out of either a [Moroz](https://github.com/groob/moroz) TOML config or From c648e1356d516d1d0dbc5b399ee83a0cea1afc36 Mon Sep 17 00:00:00 2001 From: Pete Markowsky Date: Sun, 7 Sep 2025 16:54:15 -0400 Subject: [PATCH 4/5] Update README.md Co-authored-by: Russell Hancox --- README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 28e8e64..9c92653 100644 --- a/README.md +++ b/README.md @@ -1,10 +1,10 @@ # Santa Rule Importer (santa-rule-importer) -This project reads all rules out of either a -[Moroz](https://github.com/groob/moroz) TOML config or +This project reads all rules out of: a +[Moroz](https://github.com/groob/moroz) TOML config, a [Rudolph](https://github.com/airbnb/rudolph/tree/master) [CSV rule -export](https://github.com/airbnb/rudolph/blob/master/docs/rules.md#importing-or-exporting-rules) -or a Zentral server and imports it into a Workshop instance using the API. +export](https://github.com/airbnb/rudolph/blob/master/docs/rules.md#importing-or-exporting-rules), +or a Zentral server, and imports it into a Workshop instance using the API. # Table of Contents From 452072353cebebcf40ada2ea4a1a6e9d62b99d74 Mon Sep 17 00:00:00 2001 From: Pete Markowsky Date: Sun, 7 Sep 2025 16:54:11 -0400 Subject: [PATCH 5/5] Fix permission string. --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 9c92653..02e88d5 100644 --- a/README.md +++ b/README.md @@ -17,7 +17,7 @@ or a Zentral server, and imports it into a Workshop instance using the API. Run the following: - `make deps` - `make build` -- Export `WORKSHOP_API_KEY` with your Workshop API key which must have the `rules:write` permission +- Export `WORKSHOP_API_KEY` with your Workshop API key which must have the `write:rules` permission - run ./santa-rule-importer # Building