Github action to create encrypted package

Yamato-Security / hayabusa-encrypted-rules

Encrypted Hayabusa and Sigma rules to avoid anti-virus false positives

Other

2 stars 0 forks source link

Github action to create encrypted package #1

Open YamatoSecurity opened 2 weeks ago

YamatoSecurity commented 2 weeks ago

@fukusuket Could I ask you to do this one? We need to create a github action to copy all of the hayabusa and sigma rules from the hayabusa-rules repository and encrypt and zip them into a rules.zip file with a password of yamato-security-hayabusa. I think using the standard encryption used in the zip utility might be better as we don't need the best encryption and compression that 7z might offer. We want to prioritize speed and less CPU usage.

fukusuket commented 2 weeks ago

Thank you for comment :) Yes, I would love to implement it!💪

YamatoSecurity commented 2 weeks ago

I just remembered we need to copy the config directory as well so the following directories need to be synced:

config
hayabusa
sigma

fukusuket commented 2 weeks ago

@YamatoSecurity @hitenkoku For now, I created an Actions that creates an encrypted zip. (Executing the Actions will commit/push to this repository.) What do you think? If you see something that needs to be changed, please let me know🙏

(Since this is the first implementation, I committed directly to main, but after this implementation, I will create a PR.)

fukusuket commented 2 weeks ago

https://github.com/Yamato-Security/hayabusa-encrypted-rules/actions/workflows/create-encrypted-package.yml

It will be executed by cron at 20:30(UTC). Manual execution is also possible.
If there is no difference since the last execution, do not commit/push.

YamatoSecurity commented 2 weeks ago

@fukusuket Thanks so much! LGTM! I checked that I could unzip it and the contents look good. I think committing to main is fine for now.