Migrating to a CI/CD Workflow
Transition from managing detection content in the Console to a CI/CD workflow
Last updated
Was this helpful?
Transition from managing detection content in the Console to a CI/CD workflow
Last updated
Was this helpful?
Panther does not support simultaneous use of the Console and CI/CD workflows to manage detection content. If you'd like to transition from managing detections in the Panther Console to managing them via a CI/CD workflow, and you have not yet cloned or forked the panther-analysis repo, follow the process below:
CI/CD overwrites anything included on upload, which includes rules, policies, global helpers, and data models. If you have created your own copy of Panther-managed enrichment provider helpers, global helpers or data models, you will need to download these as well.
There are two options available: Bulk-download all entities at once, or download entities individually:
When you use this option, you can download all detections, global helpers, saved searches, and data models from your Panther Console. Note that this download will include everything that is enabled (including Panther standard rules) and outputs every file under one folder. You will need to move files to the proper repository structure.
In the left-hand navigation bar of your Panther Console, click Detections.
In the upper-right corner, click Upload.
In the Bulk Uploader modal, click Download all entities.
To prevent Panther detection Packs from being enabled from the Console, self-declare as a developer workflow account:
In the Panther Console, navigate to Settings > General.
Click Developer Workflow.
Toggle the option to ON to disallow Panther Detection Packs from being enabled in the Console.
To prevent users from making edits in the Panther Console that may conflict with your source control, mark them as read-only:
In the Panther Console, navigate to Settings > Users.
In the user list, locate your developers who are using a CI/CD workflow.
Click ... on the right side of a user tile. In the dropdown menu that appears, click Edit.
Change the user's role to Read Only.
Click Update.
Repeat these steps for each developer who is using a CI/CD workflow.
See either or to set up your CI/CD workflow.
