feat(m4): STIX parser + seed service + CLI
- backend/app/services/mitre_seed.py: stdlib-only STIX 2.1 parser (urllib + hashlib + json). Pinned to enterprise-attack-19.0.json with sha256 df520ea0775a57db7bff760145b02fed89290802913e056b7ed5970b02f3626a (~52 MB, ~1.1 s parse). Resolves sub-technique parents via relationship[subtechnique-of] with a T1003.001→T1003 dotted-id fallback; upserts on external_id, rebuilds the technique↔tactic M2M in a single transaction so external readers never see an empty join. Persists mitre_last_sync, mitre_version, mitre_source_url in the settings table. - Custom URLs MUST be paired with expected_sha256 OR allow_unverified=true — refuses silent integrity bypass. - CLI: flask metamorph seed-mitre [--source path|url] [--checksum-sha256 hex] [--skip-checksum]. Make target wraps it. - Docker: /data/mitre/ chowned to the metamorph user at build; named volume metamorph_mitre mounted from compose for cross-restart cache. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Knacky
@@ -38,6 +38,7 @@ services:
|
||||
EVIDENCE_DIR: ${EVIDENCE_DIR}
|
||||
volumes:
|
||||
- metamorph_evidence:/data/evidence
|
||||
- metamorph_mitre:/data/mitre
|
||||
depends_on:
|
||||
db:
|
||||
condition: service_healthy
|
||||
@@ -76,6 +77,7 @@ services:
|
||||
volumes:
|
||||
metamorph_db:
|
||||
metamorph_evidence:
|
||||
metamorph_mitre:
|
||||
|
||||
networks:
|
||||
metamorph:
|
||||
|
||||
Reference in New Issue
Block a user