Merge remote-tracking branch 'v2/main'

.github/workflows/build.yml

@@ -9,6 +9,7 @@ permissions:
   contents: read
   pages: write
   id-token: write
+  pull-requests: write
 
 jobs:
   docs:
@@ -38,27 +39,79 @@ jobs:
         name: summiting_the_pyramid_docs_html
         path: docs/_build/dirhtml/
 
-  github_pages:
-    # This job only runs when committing or merging to main branch.
-    if: github.ref_name == 'main'
+  # TODO Delete this job before public release and clear GitHub secrets:
+  azure_blob:
     needs: docs
     runs-on: ubuntu-latest
-    environment:
-      name: github-pages
-      url: ${{ steps.deployment.outputs.page_url }}
-
+    env:
+      AZURE_STORAGE_ACCOUNT: ctidstpv2
+      AZURE_STORAGE_SAS_TOKEN: ${{ secrets.AZURE_SAS_TOKEN }}
+      BRANCH_NAME: ${{ github.head_ref || github.ref_name }}
+      STATICRYPT_PASS: ${{ secrets.STATICRYPT_PASS }}
+      NODE_OPTIONS: --max-old-space-size=8192
     steps:
-    - name: Setup Pages
-      uses: actions/configure-pages@v2
-    - name: Download HTML docs
-      uses: actions/download-artifact@v3
-      with:
-        name: summiting_the_pyramid_docs_html
-        path: docs
-    - name: Upload artifact
-      uses: actions/upload-pages-artifact@v1
-      with:
-        path: ./docs
-    - name: Deploy to GitHub Pages
-      id: deployment
-      uses: actions/deploy-pages@v1
+      - uses: actions/setup-node@v3
+        with:
+          node-version: '19'
+      - run: npm install -g staticrypt
+      - name: Download HTML docs
+        uses: actions/download-artifact@v3
+        with:
+          name: summiting_the_pyramid_docs_html
+          path: docs
+      - run: >
+          staticrypt --remember 30 --salt c7e5dd825fa95aa53c087c4e3237d873 \
+            --password $STATICRYPT_PASS --short \
+            --template-title "Summiting the Pyramid II (branch: $BRANCH_NAME)" \
+            --template-instructions "The contents of this site are marked TLP:AMBER:CTID-R&D:24-08. Do not share with unauthorized individuals." \
+            --template-color-primary "#6241c5" \
+            --template-color-secondary "#b2b2b2" \
+            --template-button "Log In" \
+            -r docs/
+      - name: Ensure StatiCrypt ran # StatiCrypt will fail without warning; verify it created a directory
+        run: test -d encrypted
+      - name: Copy encrypted HTML files
+        run: rsync -Ir -v --include='*.html' --exclude='*.*' encrypted/docs .
+      - name: Set the branch name
+        run: mv docs "$BRANCH_NAME"
+      - name: Install Azure CLI
+        run: curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash
+      - name: Delete old blobs
+        run: az storage blob delete-batch -s '$web' --pattern "$BRANCH_NAME/*"
+      - name: Upload to blob storage
+        run: az storage blob upload-batch -s . --pattern "$BRANCH_NAME/*" -d '$web'
+      - uses: actions/github-script@v6
+        if: github.event_name == 'pull_request'
+        with:
+            script: |
+              github.rest.issues.createComment({
+                issue_number: context.issue.number,
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                body: `This PR has been published to https://${process.env['AZURE_STORAGE_ACCOUNT']}.z13.web.core.windows.net/${process.env['BRANCH_NAME']}/`,
+              })
+
+  # github_pages:
+  #   # This job only runs when committing or merging to main branch.
+  #   if: github.ref_name == 'main'
+  #   needs: docs
+  #   runs-on: ubuntu-latest
+  #   environment:
+  #     name: github-pages
+  #     url: ${{ steps.deployment.outputs.page_url }}
+
+  #   steps:
+  #   - name: Setup Pages
+  #     uses: actions/configure-pages@v2
+  #   - name: Download HTML docs
+  #     uses: actions/download-artifact@v3
+  #     with:
+  #       name: summiting_the_pyramid_docs_html
+  #       path: docs
+  #   - name: Upload artifact
+  #     uses: actions/upload-pages-artifact@v1
+  #     with:
+  #       path: ./docs
+  #   - name: Deploy to GitHub Pages
+  #     id: deployment
+  #     uses: actions/deploy-pages@v1

.github/workflows/delete-web-preview.yml

@@ -0,0 +1,24 @@
+name: Delete Preview Build
+
+on:
+  pull_request:
+    types: [closed]
+
+permissions:
+  contents: read
+  id-token: write
+  pages: write
+  pull-requests: write
+
+jobs:
+  azure_blob:
+    runs-on: ubuntu-latest
+    env:
+      AZURE_STORAGE_ACCOUNT: ctidstpv2
+      AZURE_STORAGE_SAS_TOKEN: ${{ secrets.AZURE_SAS_TOKEN }}
+      BRANCH_NAME: ${{ github.head_ref || github.ref_name }}
+    steps:
+      - name: Install Azure CLI
+        run: curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash
+      - name: Delete old blobs
+        run: az storage blob delete-batch -s '$web' --pattern "$BRANCH_NAME/*"

README.md

@@ -9,10 +9,10 @@ make the same updates there.
 
 Summiting the Pyramid is a research project focused on engineering cyber analytics to
 make adversary evasion more difficult. This project is created and maintained by the
-[MITRE Engenuity Center for Threat-Informed Defense](https://ctid.mitre-engenuity.org/)
-in futherance of our mission to advance the start of the art and and the state of the
-practice in threat-informed defense globally. The project is funded by our [research
-participants](https://mitre-engenuity.org/cybersecurity/center-for-threat-informed-defense/our-work/summiting-the-pyramid/#research-participants).
+[MITRE Center for Threat-Informed Defense](https://ctid.mitre.org/) in futherance of our
+mission to advance the start of the art and and the state of the practice in
+threat-informed defense globally. The project is funded by our [research
+participants](https://ctid.mitre.org/projects/summiting-the-pyramid/#participants-section).
 
 **Table Of Contents:**
 
@@ -24,12 +24,13 @@ participants](https://mitre-engenuity.org/cybersecurity/center-for-threat-inform
 
 ## Getting Started
 
-To get started, read the project website. It provides an overview of the goals and methodologies, defines all the key terms, and contains highly detailed examples.
+To get started, read the project website. It provides an overview of the goals and
+methodologies, defines all the key terms, and contains highly detailed examples.
 
 | Resource                                                                                       | Description                                                   |
 | ---------------------------------------------------------------------------------------------- | ------------------------------------------------------------- |
 | [Project Website](https://center-for-threat-informed-defense.github.io/summiting-the-pyramid/) | Complete documentation for the Summiting the Pyramid project. |
-| [Analytics Spreadsheet](docs/analytics/Scored_Analytics_20230802.csv)                          | A summary of the analytics scored by the project team.        |
+| [Analytics Spreadsheet](docs/analytics/ScoredAnalytics_12062024.csv)                          | A summary of the analytics scored by the project team.        |
 
 
 ## Getting Involved
@@ -41,7 +42,7 @@ threat-informed defense:
   your feedback on any aspect of the project: from high-level concepts to low-level
   technical details.
 - **Request analytics and observables.** Send your [analytic
-  requests]([/stix/attack-flow-schema-2.0.0.json](https://github.com/center-for-threat-informed-defense/summiting-the-pyramid/issues/new/choose))
+  requests](https://github.com/center-for-threat-informed-defense/summiting-the-pyramid/issues/new/choose)
   to our team. As we have time, we will work them through the process and publish scores
   and analysis.
 - **Submit your own analytics and observables.** We encourage you to use the methodology
@@ -50,27 +51,30 @@ threat-informed defense:
 
 ## Questions and Feedback
 
-Please submit issues for any technical questions/concerns or contact [email protected] directly for more general inquiries.
+Please submit issues for any technical questions/concerns or contact
+[email protected] directly for more general inquiries.
 
-Also see the guidance for contributors if are you interested in contributing or simply reporting issues.
+Also see the guidance for contributors if are you interested in contributing or simply
+reporting issues.
 
 ## How Do I Contribute?
 
-We welcome your feedback and contributions to help advance the Summiting project! Please see the guidance for
-contributors if are you interested in [contributing or simply reporting issues.](/CONTRIBUTING.md)
-
-Please submit [issues](https://github.com/center-for-threat-informed-defense/project_name/issues) for any
-technical questions/concerns or contact [email protected] directly for more general inquiries.
+We welcome your feedback and contributions to hel∑
 
 ## Notice
 
-© 2023 MITRE Engenuity. Approved for public release. Document number CT0078.
+© 2023, 2024 MITRE Engenuity. Approved for public release. Document number(s) CT0078,
+CT0128.
 
-Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
+Licensed under the Apache License, Version 2.0 (the "License"); you may not use this
+file except in compliance with the License. You may obtain a copy of the License at
 
 http://www.apache.org/licenses/LICENSE-2.0
 
-Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
+Unless required by applicable law or agreed to in writing, software distributed under
+the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the specific language governing
+permissions and limitations under the License.
 
 This project makes use of ATT&CK®