Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

auditbeat/module/file_integrity: Remove garbled Mach-O executable test file #37853

Closed
wants to merge 2 commits into from
Closed

auditbeat/module/file_integrity: Remove garbled Mach-O executable test file #37853

wants to merge 2 commits into from

Conversation

chemamartinez
Copy link
Contributor

Proposed commit message

Same as happened in #35724, the garble_macho_executable is detected as a malicious file by the Elastic Endpoint in macOS, being automatically removed every time the repository is cloned.

This test has been removed from the module.

Checklist

  • My code follows the style guidelines of this project
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • I have made corresponding change to the default configuration files
  • I have added tests that prove my fix is effective or that my feature works
  • I have added an entry in CHANGELOG.next.asciidoc or CHANGELOG-developer.next.asciidoc.

Related issues

Screenshots

image

@chemamartinez chemamartinez added Auditbeat backport-skip Skip notification from the automated backport with mergify Team:Security-Service Integrations Security Service Integrations Team labels Feb 4, 2024
@chemamartinez chemamartinez self-assigned this Feb 4, 2024
@botelastic botelastic bot added needs_team Indicates that the issue/PR needs a Team:* label and removed needs_team Indicates that the issue/PR needs a Team:* label labels Feb 4, 2024
@chemamartinez chemamartinez marked this pull request as ready for review February 4, 2024 19:01
@chemamartinez chemamartinez requested a review from a team as a code owner February 4, 2024 19:01
@elasticmachine
Copy link
Collaborator

Pinging @elastic/security-service-integrations (Team:Security-Service Integrations)

@elasticmachine
Copy link
Collaborator

❕ Build Aborted

There is a new build on-going so the previous on-going builds have been aborted.

the below badges are clickable and redirect to their specific view in the CI or DOCS
Pipeline View Test View Changes Artifacts preview

Expand to view the summary

Build stats

  • Start Time: 2024-02-04T18:55:38.214+0000

  • Duration: 12 min 19 sec

Test stats 🧪

Test Results
Failed 0
Passed 3
Skipped 0
Total 3

🤖 GitHub comments

Expand to view the GitHub comments

To re-run your PR in the CI, just comment with:

  • /test : Re-trigger the build.

  • /package : Generate the packages and run the E2E tests.

  • /beats-tester : Run the installation tests with beats-tester.

  • run elasticsearch-ci/docs : Re-trigger the docs validation. (use unformatted text in the comment!)

@elasticmachine
Copy link
Collaborator

💔 Build Failed

Failed CI Steps

cc @chemamartinez

@elasticmachine
Copy link
Collaborator

elasticmachine commented Feb 4, 2024
edited
Loading

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS
Pipeline View Test View Changes Artifacts preview preview

Expand to view the summary

Build stats

  • Duration: 10 min 16 sec

❕ Flaky test report

No test was executed to be analysed.

🤖 GitHub comments

Expand to view the GitHub comments

To re-run your PR in the CI, just comment with:

  • /test : Re-trigger the build.

  • /package : Generate the packages and run the E2E tests.

  • /beats-tester : Run the installation tests with beats-tester.

  • run elasticsearch-ci/docs : Re-trigger the docs validation. (use unformatted text in the comment!)

@v1v
Copy link
Member

v1v commented Feb 5, 2024

/test

@chemamartinez
Copy link
Contributor Author

An exception will be added to the Endpoint for this executable so removing the test is no longer needed.

@andrewkroh andrewkroh mentioned this pull request Feb 6, 2024
Open
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@chemamartinez chemamartinez

Labels
Auditbeat backport-skip Skip notification from the automated backport with mergify Team:Security-Service Integrations Security Service Integrations Team
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@chemamartinez @elasticmachine @v1v