adds support for loading yara rules from the Karton S3 storage

[r1d3th3wav3s]

In some situations it can be helpful to load Yara rules from the Karton S3 storage instead of mapping a volume to the docker container (for example if you deploy the Karton ecosystem on OpenShift).

Maybe my solution has room for improvement:-)

What do you think?

[chivay]

Hi, thank you for your contribution and sorry for the late response! After some internal discussion, we've decided that implementing this would be out of scope of this project.

Why do you require such feature? Do you have any usecase for this? You've mentioned OpenShift which suggests that you should be able build a container image bundled with YARA rules. To me, this sounds like the most natural way of running yaramatcher. Doing this would simplify deployment (no requirement for mounting a volume) and ensure reproducible behavior (no dependency on external storage).

[r1d3th3wav3s]

Yes one solution is, to build the image for karton-yaramatcher in our environment and copy the yara files into it and use this image for deployment for example on OpenShift. But for this, the repository of karton-yaramatcher needs to be in our git-repo and we slightly have to modify it (Dockerfile, yara files). That works fine, but as you provide an image via DockerHub, it would be simpler to directly pull this image, run a container from it and instruct the container to get the yara files from the Karton S3 storage.