Open geraldstanje opened 6 days ago
This is also something I am struggling with. I use yara-x for my file indexer FileTrove (https://github.com/steffenfritz/FileTrove) and I am fighting with Rust -> C -> Go builds and creating releases with Github Actions.
I asked in Go-Groups, they said ask Rustians. Rustians say it is something with C and Go, ask there. :)
More on topic: I think with CGO enabled you won't get a static build. You can find an example here https://github.com/steffenfritz/FileTrove/blob/main/yara.go with a rule file here https://github.com/steffenfritz/FileTrove/blob/main/testdata/yara/testrule.yara and a test file here https://github.com/steffenfritz/FileTrove/blob/main/yara_test.go
@steffenfritz @geraldstanje what's your OS? Linux or Windows?
In Linux it should be relatively easy, you must install the yara-x-capi
library first, as described in: https://virustotal.github.io/yara-x/docs/api/c/c-/
After installation, you can check if pkg-config
is able to find the installed library:
pkg-config --libs yara_x_capi
The command above should produce an output like:
-L/usr/local/lib -lyara_x_capi
If that works correctly you should be able to compile your Go program without any issues. The Go compiler uses pkg-config
for locating the required header files and libraries. The Go binary while be dynamically linked to the yara_x_capi
library, if you want static linking you must pass -tags static_link
to the Go compiler, like in:
go build -tags static_link
In Windows things are a bit more more complex because the pkg-config
mechanism doesn't work, therefore the Go compiler is unable to find the header files and libraries. I need still need to figure out an easy method for building the Go library in Windows.
hi, im using mac osx in the host, run a docker container to build the binary FROM golang:latest AS builder ...
for my target platform linux amd64
So, the problem is not while building the Go program, it's actually that you are unable to build the libyara_x_capi
library, as mentioned in #145. Right?
yes - one more last question is have: can i build the go app without pkg-config?
As I was mentioned in this issue I will also answer, hopefully not mixing things up.
I can build the library at Linux and MacOS without problems, Windows not tested so far.
However, I have no problem to ship the library with my tool, mentioned above. At the moment I struggle with exporting the artifacts from the Github Action.
It would be pretty cool if you could create library releases when you release yara-x binaries. It could be probably pretty easy implemented (for someone more familiar with the rust-toolchain than me). I tried my luck with this action, but without success https://github.com/VirusTotal/yara-x/blob/main/.github/workflows/golang.yaml
tl;dr: Could you also release the libraries during the release of new versions?
hi,
nice work.
i try to call yara.compile and yara.match like the github.com/VirusTotalyara-python lib...
do you have a small example which loads a yara file from disk, calls yara.compile and calls yara.match with an input string?
@plusvic does go get github.com/VirusTotal/yara-x/go@v0.4.0 also work? edit: seems yes.
how to compile the golang app using yarax for static build and what flags to set? i get error while loading shared lib: libyara_x_capi.so.0.4 - not found for:
cc @steffenfritz
Thanks, Gerald