[FR] Limit historical rules to the latest 2

Mikaayenson commented 3 months ago

Issues

N/A

Summary

Currently we publish historical rules for each release. At times rules may include multiple updates / versions in the release package, which inflates the number of files in the release package. Today the package has > 5000 artifacts, which impacts memory resources upstream. We have been asked by D&R to update this process to release only the latest 2 versions instead of all to de-risk memory concerns.

I've added a new method keep_latest_versions which filters down to the latest two versions.

Testing

Debug the python -m detection_rules dev build-release

Debugging

![Screenshot 2024-06-27 at 1 30 50 PM](https://github.com/elastic/detection-rules/assets/1636709/0b58e600-d049-4d57-afe5-0c8026b6c4e4) ![Screenshot 2024-06-27 at 1 34 21 PM](https://github.com/elastic/detection-rules/assets/1636709/c2db0f1b-baee-4948-b1eb-282591605b53)

Additional Information

Internal thread

eric-forte-elastic commented 3 months ago

:green_circle: Testing looks good to me, I have the same debugging results as @Mikaayenson

Debugging

Historical Rules before Limiting ![Screenshot from 2024-06-27 14-59-50](https://github.com/elastic/detection-rules/assets/119343520/3e3fd0c9-4d29-4402-821f-fb7458d20b10) Historical Rules post limiting ![Screenshot from 2024-06-27 15-00-15](https://github.com/elastic/detection-rules/assets/119343520/27b08658-7e66-498b-9530-9b569e57d327)

Mikaayenson commented 3 months ago

I double confirmed the package is built with the two latest versions and we should be g2g.

Screenshot 2024-06-27 at 5 14 20 PM

elastic / detection-rules