Force pySigma to only accept proper pipeline file types when passing a full folders of pipelines

[joshnck]

I found this bug because I keep my template.jinja2 file in my pipelines folder for ease-of-access with my post processing pipeline. When I use SigmaCLI to convert and pass the full folder using the -p param, I get a failure when it tries to use the template.jinja2 file as a pipeline. I've recreated this in my lab for further testing:

In this case the ./pipelines/valid_pipeline.yml file is a valid pipeline and bad_pipe.jinja2 is a likely improperly formatted jinja2 file that I just created on the fly for this example. But you can also try this with other file types:

sigma convert -t splunk -p /home/josh/test/pipelines/* sigma_rule.yml Traceback (most recent call last): File "/home/josh/.local/lib/python3.10/site-packages/sigma/processing/resolver.py", line 49, in resolve_pipeline pipeline = self.pipelines[spec] KeyError: '/home/josh/test/pipelines/hello_world.txt'

It fails on this line: https://github.com/Res260/pySigma/blob/ee6e267f4e68eb8b1b38a89b835a782c4e41240f/sigma/processing/resolver.py#L50C39-L50C43

So I think this can be solved by just putting in a check here to make sure the correct filetype is being used, but I could be wrong.

[thomaspatzke]

Possible solution could be to define an Allowlisting of file patterns that defaults to *.yml.