chore(release): making a new release v6.0.0 (#898)

### Features
* support of CIM v6.0.2

### BREAKING CHANGES
* removed support of cim-field-report generation

Author: dvarasani-crest

.github/workflows/build-test-release.yml

@@ -15,7 +15,7 @@ concurrency:
 
 jobs:
   meta:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     outputs:
       matrix_supportedSplunk: ${{ steps.matrix.outputs.supportedSplunk }}
     steps:
@@ -25,7 +25,7 @@ jobs:
 
   fossa-scan:
     continue-on-error: true
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     steps:
       - uses: actions/checkout@v4
       - name: run fossa anlyze and create report
@@ -47,13 +47,13 @@ jobs:
           FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }}
 
   compliance-copyrights:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     steps:
       - uses: actions/checkout@v4
       - uses: apache/[email protected]
 
   pre-commit:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     steps:
       - uses: actions/checkout@v4
       - uses: actions/setup-python@v5
@@ -67,7 +67,7 @@ jobs:
       SEMGREP_KEY: ${{ secrets.SEMGREP_PUBLISH_TOKEN }}
 
   test-splunk-unit:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     steps:
       - uses: actions/checkout@v4
         with:
@@ -80,7 +80,7 @@ jobs:
 
 
   test-splunk-external:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     needs:
       - meta
       - pre-commit
@@ -97,7 +97,6 @@ jobs:
           submodules: true
       - name: Setup for testing
         run: |
-          pip install git+https://github.com/pixelb/crudini
           mkdir test-results-${{ matrix.splunk.version }}
       - name: Test
         run: |
@@ -148,7 +147,7 @@ jobs:
           "splunk_setup_fixture",
           "splunk_app_req",
           "splunk_app_req_broken",
-          "splunk_cim_model_ipv6_regex",
+          "splunk_cim_model",
         ]
     steps:
       - uses: actions/checkout@v4

.licenserc.yaml

@@ -1,5 +1,5 @@
 #
-# Copyright 2024 Splunk Inc.
+# Copyright 2025 Splunk Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.

.pre-commit-config.yaml

@@ -1,5 +1,5 @@
 #
-# Copyright 2024 Splunk Inc.
+# Copyright 2025 Splunk Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.

.releaserc

@@ -1,5 +1,5 @@
 #
-# Copyright 2024 Splunk Inc.
+# Copyright 2025 Splunk Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.

Dockerfile.splunk

@@ -1,5 +1,5 @@
 #
-# Copyright 2024 Splunk Inc.
+# Copyright 2025 Splunk Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.

Dockerfile.tests

@@ -1,5 +1,5 @@
 #
-# Copyright 2024 Splunk Inc.
+# Copyright 2025 Splunk Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.

Dockerfile.uf

@@ -1,5 +1,5 @@
 #
-# Copyright 2024 Splunk Inc.
+# Copyright 2025 Splunk Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.

docker-compose-ci.yml

@@ -1,5 +1,5 @@
 #
-# Copyright 2024 Splunk Inc.
+# Copyright 2025 Splunk Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.

docker-compose.yml

@@ -1,5 +1,5 @@
 #
-# Copyright 2024 Splunk Inc.
+# Copyright 2025 Splunk Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.

docs/release_notes.md

@@ -0,0 +1,31 @@
+# Release Notes - Pytest-splunk-addon 6.0.0
+
+## Breaking Changes
+- Removed the support of cim-field-report generation.
+
+
+## New features
+
+- Added support for CIM v6.0.2
+  - New data models added:
+    - Data Access
+    - Database
+    - Event Signature
+    - Interprocess Messaging
+    - Computer Inventory
+    - JVM
+    - Performance
+    - Ticket Management
+  - Updated fields with expected values and conditions.
+    - Eg: Added expected values ["critical","high","medium","low","informational"] for severity field in Malware data model.
+  - For existing data models updated fields to required or optional based on CIM App Jsons.
+    - Eg: For Alert data model, body field is now marked as optional(as it is deprecated) and description is marked as required which was previously optional.
+    - So now if addon does not extract the description field for events tagged with Alert data model, then this will lead to failures for tests template: `test_cim_required_fields*` for those samples
+  - Furthermore, recommended fields have also been added to data models
+    - Eg: For Data Access fields like object_category and user_name are added as recommended fields.
+    - Again if the addon does not extract these fields then tests with test template : `test_cim_fields_recommended*` will fail for those samples.
+  - If the failures for test templates shown above are observed then it is recommended to extract those fields as the updates in all the Data models have been made with guidance of the SMEs.
+
+## Bug fixes
+
+- Fixed the issue with the token replacement for the fields defined under `other_mappings` for the sample event.

mkdocs.yml

@@ -1,5 +1,5 @@
 #
-# Copyright 2024 Splunk Inc.
+# Copyright 2025 Splunk Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -77,3 +77,4 @@ nav:
       - CimComplianceReport: "api_reference/cim_compliance_report.md"
   - Contributing: "contributing.md"
   - Troubleshooting: "troubleshoot.md"
+  - Release Notes: "release_notes.md"

pyproject.toml

@@ -1,5 +1,5 @@
 #
-# Copyright 2024 Splunk Inc.
+# Copyright 2025 Splunk Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -60,7 +60,6 @@ pytest11 = { plugin = "pytest_splunk_addon.plugin", "splunk" = "pytest_splunk_ad
 
 [tool.poetry.scripts]
 cim-report = 'pytest_splunk_addon.utilities.junit_parser:main'
-cim-field-report = 'pytest_splunk_addon.tools.cim_field_report:main'
 sample_splitter = 'pytest_splunk_addon.utilities.sample_splitter:main'
 
 [build-system]

pytest-ci.ini

@@ -1,5 +1,5 @@
 #
-# Copyright 2024 Splunk Inc.
+# Copyright 2025 Splunk Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.

pytest.ini

@@ -1,5 +1,5 @@
 #
-# Copyright 2024 Splunk Inc.
+# Copyright 2025 Splunk Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.

pytest_splunk_addon/CIM_Models/__init__.py

@@ -1,5 +1,5 @@
 #
-# Copyright 2024 Splunk Inc.
+# Copyright 2025 Splunk Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.