Skip to content

[WIP] Swap over to yara-x; improve performance and readability #2267

[WIP] Swap over to yara-x; improve performance and readability

[WIP] Swap over to yara-x; improve performance and readability #2267

Workflow file for this run

# Copyright 2024 Chainguard, Inc.
# SPDX-License-Identifier: Apache-2.0
name: Code Style
permissions:
contents: read
on:
pull_request:
branches:
- "main"
push:
branches:
- "main"
jobs:
yrcompile:
name: check yr compile
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
with:
egress-policy: audit
- name: Check out code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Install yara-x
run: |
wget https://github.com/VirusTotal/yara-x/releases/download/v0.10.0/yara-x-v0.10.0-x86_64-unknown-linux-gnu.gzip -O yara-x.gzip
tar -xzvf yara-x.gzip && mv yr /usr/local/bin/ && rm yara-x.gzip
- name: Verify yr installation
run: |
yr --version
- name: Run yr compile
run: |
yr compile rules/
ret=$?
if [[ $ret -ne 0 ]]; then
echo "Rule compilation failed; address findings and commit the changes"
exit 1
fi
yrfmt:
name: check yr fmt
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
with:
egress-policy: audit
- name: Check out code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Install yara-x
run: |
wget https://github.com/VirusTotal/yara-x/releases/download/v0.10.0/yara-x-v0.10.0-x86_64-unknown-linux-gnu.gzip -O yara-x.gzip
tar -xzvf yara-x.gzip && mv yr /usr/local/bin/ && rm yara-x.gzip
- name: Verify yr installation
run: |
yr --version
- name: Run yr fmt
run: |
find rules -type f -name "*.yara" | xargs -n 1 -I {} yr fmt {}
if [[ -n $(git status -s) ]]; then
echo "Rule files updated; please run yr fmt locally and commit the changes"
exit 1
fi
gofmt:
name: check gofmt
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
with:
egress-policy: audit
- name: Check out code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Set up Go
uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0
with:
go-version-file: go.mod
check-latest: true
- uses: chainguard-dev/actions/gofmt@9d943fc9889a0c0795e3c2bd4b949a9b610ac02e # main
with:
args: -s
goimports:
name: check goimports
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
with:
egress-policy: audit
- name: Check out code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Set up Go
uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0
with:
go-version-file: go.mod
check-latest: true
- uses: chainguard-dev/actions/goimports@9d943fc9889a0c0795e3c2bd4b949a9b610ac02e # main
golangci-lint:
name: golangci-lint
runs-on: mal-ubuntu-latest-8-core
steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
with:
egress-policy: audit
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Set up Go
uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0
with:
go-version-file: go.mod
check-latest: true
- name: Clone yara-x
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
repository: VirusTotal/yara-x
path: yara-x
- name: Setup Rust
uses: dtolnay/rust-toolchain@315e265cd78dad1e1dcf3a5074f6d6c47029d5aa # ???
with:
toolchain: stable
- name: Install yara-x-capi
run: |
cd ${{ github.workspace }}/yara-x
cargo install cargo-c
cargo cinstall -p yara-x-capi --release --destdir /tmp/yara-x
sudo mkdir -p /usr/local/lib
sudo mkdir -p /usr/local/include
sudo cp /tmp/yara-x/usr/local/include/yara_x.h /usr/local/include/
sudo cp -a /tmp/yara-x/usr/local/lib/x86_64-linux-gnu/* /usr/local/lib/
sudo ldconfig -v
cd ${{ github.workspace }}
- name: golangci-lint
uses: golangci/golangci-lint-action@971e284b6050e8a5849b72094c50ab08da042db8 # v6.1.1
with:
version: v1.62.0
args: --timeout=5m