Mach-O File Format Parsing

[daschwanden]

Description of the change

This PR proposes adding a Mach-O file format parser to Turbinia.

Applicable issues

• fixes #1561

Additional information

Mach-O parsing is critical to large enterprises with large fleets of MacOS devices. Having such functionality available could greatly enhance the reach of Turbinia.

Checklist

• [X] All tests were successful.
• [X] Unit tests added.
• [X] Documentation updated.

[hacktobeer]

LGTM. Merge it.

[hacktobeer]

I see you removed the docker compose dev file. Have a look at Tilt to setup a Turbinia dev environment, it's based on Docker Compose but provides source code file syncing into running containers for faster development.

Here is a Turbinia Tilt file. Let me know if you need help.

https://gist.githubusercontent.com/hacktobeer/9ce1cfcc0f7df57894e3d5c2f5252e33/raw/35aa567163e83a36c8d0c7898fbd2eff5f8c9d7c/Tiltfile

[aarontp]

Hi @daschwanden, I think this is ready to merge after the merge conflicts have been resolved. It's probably easiest just to re-run poetry lock to update that file. Thanks!

[daschwanden]

Hi @daschwanden, I think this is ready to merge after the merge conflicts have been resolved. It's probably easiest just to re-run poetry lock to update that file. Thanks!

Hi @aarontp , thanks heaps for resolving the merge conflicts. I am wondering whether the best way to resolve the remaining poetry.lock conflict would be to run poetry lock on both the upstream and the fork feature branch and then commit both. What do you think?

[aarontp]

Hi @aarontp , thanks heaps for resolving the merge conflicts. I am wondering whether the best way to resolve the remaining poetry.lock conflict would be to run poetry lock on both the upstream and the fork feature branch and then commit both. What do you think?

I mentioned this out of band as well, but I think it's fine to update all the dependencies in this PR (without a separate one) assuming all of the tests pass, etc. You might need to revert just the poetry.lock file in your PR and then re-run poetry lock.

[daschwanden]

Hi @aarontp , thanks heaps for resolving the merge conflicts. I am wondering whether the best way to resolve the remaining poetry.lock conflict would be to run poetry lock on both the upstream and the fork feature branch and then commit both. What do you think?

I mentioned this out of band as well, but I think it's fine to update all the dependencies in this PR (without a separate one) assuming all of the tests pass, etc. You might need to revert just the poetry.lock file in your PR and then re-run poetry lock.

Hi @aarontp , managed to resolve the conflict using the following excellent blog post. Noteing it here so in case we or someone run into this issue in the future again.