Skip to content

system.security dataset is not generated for Windows agent installed with unprivileged flag. #2888

system.security dataset is not generated for Windows agent installed with unprivileged flag.

system.security dataset is not generated for Windows agent installed with unprivileged flag. #2888

name: Add issue to Platform Ingest project
on:
issues:
types:
- labeled
env:
INGEST_PROJECT_ID: 'PVT_kwDOAGc3Zs4AEzn4'
DATA_PLANE_LABEL: 'Team:Elastic-Agent-Data-Plane'
CONTROL_PLANE_LABEL: 'Team:Elastic-Agent-Control-Plane'
ELASTIC_AGENT_LABEL: 'Team:Elastic-Agent'
AREA_FIELD_ID: 'PVTSSF_lADOAGc3Zs4AEzn4zgEgZSo'
ELASTIC_AGENT_OPTION_ID: 'c1e1a30a'
jobs:
add_to_ingest_project:
runs-on: ubuntu-latest
steps:
- uses: octokit/graphql-action@v2.x
id: add_to_project
if: github.event.label.name == env.DATA_PLANE_LABEL || github.event.label.name == env.CONTROL_PLANE_LABEL || github.event.label.name == env.ELASTIC_AGENT_LABEL
with:
query: |
# Variables have to be snake cased because of https://github.com/octokit/graphql-action/issues/164
mutation AddToIngestProject($project_id: ID!, $content_id: ID!) {
addProjectV2ItemById(input: { projectId: $project_id, contentId: $content_id }) {
item {
id
}
}
}
project_id: ${{ env.INGEST_PROJECT_ID }}
content_id: ${{ github.event.issue.node_id }}
env:
GITHUB_TOKEN: ${{ secrets.PROJECT_ASSIGNER_TOKEN }}
- uses: octokit/graphql-action@v2.x
id: set_elastic_agent_area
if: github.event.label.name == env.DATA_PLANE_LABEL || github.event.label.name == env.CONTROL_PLANE_LABEL || github.event.label.name == env.ELASTIC_AGENT_LABEL
with:
query: |
mutation updateIngestArea($item_id: ID!, $project_id: ID!, $area_field_id: ID!, $area_id: String) {
updateProjectV2ItemFieldValue(
input: { itemId: $item_id, projectId: $project_id, fieldId: $area_field_id, value: { singleSelectOptionId: $area_id } }) {
clientMutationId
}
}
item_id: ${{ fromJSON(steps.add_to_project.outputs.data).addProjectV2ItemById.item.id }}
project_id: ${{ env.INGEST_PROJECT_ID }}
area_field_id: ${{ env.AREA_FIELD_ID }}
area_id: ${{ env.ELASTIC_AGENT_OPTION_ID }}
env:
GITHUB_TOKEN: ${{ secrets.PROJECT_ASSIGNER_TOKEN }}