Check CSV timeline and JSON timeline Diff #41
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Check CSV timeline and JSON timeline Diff | |
on: | |
workflow_dispatch: | |
jobs: | |
timeline-diff: | |
runs-on: ubuntu-latest | |
env: | |
BRANCH_NAME: ${{ github.head_ref }} | |
steps: | |
- name: Checkout main | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.event.ref }} | |
submodules: recursive | |
fetch-depth: 0 | |
- name: Checkout hayabusa-sample-evtx repo | |
uses: actions/checkout@v4 | |
with: | |
repository: Yamato-Security/hayabusa-sample-evtx | |
path: hayabusa-sample-evtx | |
- name: Set up Rust | |
uses: dtolnay/rust-toolchain@stable | |
- name: Run on dev branch | |
run: | | |
cargo run --release -- update-rules -q | |
cargo run --release -- csv-timeline -d ./hayabusa-sample-evtx -o dev.csv -p super-verbose -q -w -D -n -u | |
cargo run --release -- json-timeline -d ./hayabusa-sample-evtx -o dev.jsonl -L -p super-verbose -q -w -D -n -u | |
- name: Run on dev branch(encoded_rules) | |
run: | | |
cargo build --release | |
mv ./config ../ | |
mv ./rules ../ | |
cp target/release/hayabusa . | |
curl -O https://raw.githubusercontent.com/Yamato-Security/hayabusa-encoded-rules/refs/heads/main/encoded_rules.yml | |
curl -O https://raw.githubusercontent.com/Yamato-Security/hayabusa-encoded-rules/refs/heads/main/rules_config_files.txt | |
./hayabusa update-rules -q | |
./hayabusa csv-timeline -d ./hayabusa-sample-evtx -o dev-encoded.csv -p super-verbose -q -w -D -n -u | |
./hayabusa json-timeline -d ./hayabusa-sample-evtx -o dev-encoded.jsonl -L -p super-verbose -q -w -D -n -u | |
mv ../config ./ | |
mv ../rules ./ | |
mv encoded_rules.yml ../ | |
mv rules_config_files.txt ../ | |
- name: Run on main branch | |
run: | | |
git checkout main | |
cargo run --release -- update-rules -q | |
cargo run --release -- csv-timeline -d ./hayabusa-sample-evtx -o main.csv -p super-verbose -q -w -D -n -u | |
cargo run --release -- json-timeline -d ./hayabusa-sample-evtx -o main.jsonl -L -p super-verbose -q -w -D -n -u | |
- name: Run on main branch(encoded_rules) | |
run: | | |
cargo build --release | |
mv ./config ../ | |
mv ./rules ../ | |
curl -O https://raw.githubusercontent.com/Yamato-Security/hayabusa-encoded-rules/refs/heads/main/encoded_rules.yml | |
curl -O https://raw.githubusercontent.com/Yamato-Security/hayabusa-encoded-rules/refs/heads/main/rules_config_files.txt | |
cp target/release/hayabusa . | |
./hayabusa update-rules -q | |
./hayabusa csv-timeline -d ./hayabusa-sample-evtx -o main-encoded.csv -p super-verbose -q -w -D -n -u | |
./hayabusa json-timeline -d ./hayabusa-sample-evtx -o main-encoded.jsonl -L -p super-verbose -q -w -D -n -u | |
rm -rf encoded_rules.yml rules_config_files.txt hayabusa | |
- name: Check CSV Timeline diff | |
run: | | |
diff main.csv dev.csv | |
if [ $? -ne 0 ]; then | |
echo "CSV files are different" | |
exit 1 | |
fi | |
- name: Check CSV Timeline diff(encoded_rules) | |
run: | | |
diff main-encoded.csv dev-encoded.csv | |
if [ $? -ne 0 ]; then | |
echo "CSV files are different" | |
exit 1 | |
fi | |
- name: Check JSONL Timeline diff | |
run: | | |
diff main.jsonl dev.jsonl | |
if [ $? -ne 0 ]; then | |
echo "JSON files are different" | |
exit 1 | |
fi | |
- name: Check JSONL Timeline diff(encoded_rules) | |
run: | | |
diff main.jsonl dev.jsonl | |
if [ $? -ne 0 ]; then | |
echo "JSON files are different" | |
exit 1 | |
fi |