Merge pull request #297 from ruppde/master #698

	# This workflow assembles all Yara rules into a single file

	name: Assemble Yara

	on:
	push:
	branches:
	- master

	# Allows you to run this workflow manually from the Actions tab
	workflow_dispatch:

	jobs:
	build:
	runs-on: ubuntu-latest

	steps:
	# Checks-out the repository under $GITHUB_WORKSPACE
	- name: Check-out the repository
	uses: actions/checkout@v2

	# Assemble all *.yar files (except those requiring external variables)
	- name: Assemble all Yara files
	run: "for f in $GITHUB_WORKSPACE/yara/.yar; do if [[ (\"${f##/}\" != \"generic_anomalies.yar\") && (\"${f##/}\" != \"general_cloaking.yar\") && (\"${f##/}\" != \"gen_webshells_ext_vars.yar\") && (\"${f##/}\" != \"thor_inverse_matches.yar\") && (\"${f##/}\" != \"yara_mixed_ext_vars.yar\") && (\"${f##/}\" != \"configured_vulns_ext_vars.yar\") && (\"${f##/}\" != \"gen_fake_amsi_dll.yar\") && (\"${f##/}\" != \"expl_citrix_netscaler_adc_exploitation_cve_2023_3519.yar\") && (\"${f##/}\" != \"yara-rules_vuln_drivers_strict_renamed.yar\") ]]; then cat $f >> signature-base.yar; fi;done"

	# Upload the assembled Yara artifact
	- name: Upload the resulting Yara artifact
	uses: actions/upload-artifact@v2
	with:
	name: signature-base.yar
	path: signature-base.yar

Provide feedback