-
Notifications
You must be signed in to change notification settings - Fork 0
100 lines (84 loc) · 2.81 KB
/
create-encrypted-package.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
name: Create encrypted rule package
on:
workflow_dispatch:
schedule:
- cron: '30 20 * * *'
jobs:
zip-and-commit:
runs-on: ubuntu-latest
steps:
- name: Setup Rust toolchain
uses: dtolnay/rust-toolchain@stable
with:
toolchain: stable
- name: Setup Poetry
run: |
curl -sSL https://install.python-poetry.org | python3 -
- name: Checkout Sigma
uses: actions/checkout@v4
with:
repository: SigmaHQ/sigma
path: sigma-repo
- name: Checkout sigma-to-hayabusa-converter
uses: actions/checkout@v4
with:
repository: Yamato-Security/sigma-to-hayabusa-converter
path: sigma-to-hayabusa-converter
- name: Checkout hayabusa-rules
uses: actions/checkout@v4
with:
repository: Yamato-Security/hayabusa-rules
path: hayabusa-rules
- name: Checkout self repository
uses: actions/checkout@v4
with:
path: './self'
- name: Update Sigma rules
run: |
cd sigma-to-hayabusa-converter
poetry install --no-root
sed -i.bak '/^[^#]/d' ignore-uuid-list.txt
poetry run python sigma-to-hayabusa-converter.py -r ../sigma-repo -o converted_rules
cd -
rm -rf hayabusa-rules/sigma/
mkdir hayabusa-rules/sigma/
cp -r sigma-to-hayabusa-converter/converted_rules/* hayabusa-rules/sigma/
- name: Extract directory
run: |
mkdir rules
mv hayabusa-rules/config ./rules/
mv hayabusa-rules/hayabusa ./rules/
mv hayabusa-rules/sigma ./rules/
- name: Zip directory
run: |
sudo apt-get install zip
zip -r -P yamato-security-hayabusa rules.zip ./rules
- name: Encode rules
run: |
cd self
HAYABUSA_RULES_ABS_PATH=$(realpath ../rules)
ENCODED_RULES_ABS_PATH=$(realpath ../encoded_rules.yml)
cargo run --release -- $HAYABUSA_RULES_ABS_PATH $ENCODED_RULES_ABS_PATH
- name: Copy zip and encrypted file to self repository
run: |
cp ./rules.zip ./self
cp ./encoded_rules.yml ./self
- name: Configure Git
run: |
cd ./self
git config --global user.name 'github-actions[bot]'
git config --global user.email 'github-actions[bot]@users.noreply.github.com'
- name: Commit changes
run: |
cd ./self
git add rules.zip
git add encoded_rules.yml
git commit -m "Automated update"
- name: Push changes
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
cd ./self
if [ "$(git log -1 --pretty=%B)" = "Automated update" ]; then
git push origin main
fi