Skip to content

Update third-party rules as of 2024-12-23 #2274

Update third-party rules as of 2024-12-23

Update third-party rules as of 2024-12-23 #2274

Workflow file for this run

# Copyright 2024 Chainguard, Inc.
# SPDX-License-Identifier: Apache-2.0
name: Code Style
permissions:
contents: read
on:
pull_request:
branches:
- "main"
push:
branches:
- "main"
jobs:
yrcompile:
name: check yr compile
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
with:
egress-policy: audit
- name: Check out code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Install yara-x
run: |
wget https://github.com/VirusTotal/yara-x/releases/download/v0.10.0/yara-x-v0.10.0-x86_64-unknown-linux-gnu.gzip -O yara-x.gzip
tar -xzvf yara-x.gzip && mv yr /usr/local/bin/ && rm yara-x.gzip
- name: Verify yr installation
run: |
yr --version
- name: Run yr compile
run: |
yr compile rules/
ret=$?
if [[ $ret -ne 0 ]]; then
echo "Rule compilation failed; address findings and commit the changes"
exit 1
fi
yrfmt:
name: check yr fmt
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
with:
egress-policy: audit
- name: Check out code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Install yara-x
run: |
wget https://github.com/VirusTotal/yara-x/releases/download/v0.10.0/yara-x-v0.10.0-x86_64-unknown-linux-gnu.gzip -O yara-x.gzip
tar -xzvf yara-x.gzip && mv yr /usr/local/bin/ && rm yara-x.gzip
- name: Verify yr installation
run: |
yr --version
- name: Run yr fmt
run: |
find rules -type f -name "*.yara" | xargs -n 1 -I {} yr fmt {}
if [[ -n $(git status -s) ]]; then
echo "Rule files updated; please run yr fmt locally and commit the changes"
exit 1
fi
gofmt:
name: check gofmt
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
with:
egress-policy: audit
- name: Check out code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Set up Go
uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0
with:
go-version-file: go.mod
check-latest: true
- uses: chainguard-dev/actions/gofmt@9d943fc9889a0c0795e3c2bd4b949a9b610ac02e # main
with:
args: -s
goimports:
name: check goimports
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
with:
egress-policy: audit
- name: Check out code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Set up Go
uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0
with:
go-version-file: go.mod
check-latest: true
- uses: chainguard-dev/actions/goimports@9d943fc9889a0c0795e3c2bd4b949a9b610ac02e # main
golangci-lint:
name: golangci-lint
runs-on: ubuntu-24.04
steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
with:
egress-policy: audit
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Set up Go
uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0
with:
go-version-file: go.mod
check-latest: true
- name: install libyara-dev
run: |
sudo apt update && sudo apt install libyara-dev -y
- name: golangci-lint
uses: golangci/golangci-lint-action@971e284b6050e8a5849b72094c50ab08da042db8 # v6.1.1
with:
version: v1.62.0
args: --timeout=5m