[FR] Redesign Filed Mapping Check for Integration Packages

### Repository Feature

Core Repo - (rule management, validation, testing, lib, cicd, etc.)

### Problem Description

When fileds.yml was removed in version 2.0.3 of DGA as part of the [PR](https://github.com/elastic/integrations/pull/10476), in the current design of our unit tests, we pull any YML field files for all integrations to do integration specific field validation within our queries, [Refer](https://github.com/elastic/detection-rules/blob/10ba6ad5a636b510dea9b1440ab5a30c2aff2dd5/detection_rules/integrations.py#L146)  making the tests dependent on static mappings somewhere.

### Desired Solution

- Ideate on Possible ways to move from the static mapping of the fields. 
<< TBD >>

### Considered Alternatives

Currently for the Integrations tests to pass, DGA package was regenerated with the field mappings via https://github.com/elastic/security-ml/issues/474.

### Additional Context

The ML team has a concern leaving the yaml files with the fields in these packages because it gives the illusion that the field mapping issue with them is already solved. The ML team has another [issue](https://github.com/elastic/package-spec/issues/778) open to try to help with the issue. 

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[FR] Redesign Filed Mapping Check for Integration Packages #4006

shashank-elastic
openedon Aug 22, 2024

Repository Feature

Problem Description

Desired Solution

Considered Alternatives

Additional Context

Assignees

Labels

Type

Projects

Milestone

Relationships

Development