Bump versions

- Bump `volatility3` to 2.7.0 - Bump `dwarf2json` to 0.8.0 and created a new pipeline for the first versioned release (different from the original `edge` pipeline) - Fix issue with Capstone that was making the build fail
sk4la · Jul 8, 2024 · cd456e9 · cd456e9
1 parent ec286eb
commit cd456e9
Show file tree

Hide file tree

Showing 7 changed files with 70 additions and 9 deletions.
diff --git a/.github/workflows/dwarf2json-edge.yml b/.github/workflows/dwarf2json-edge.yml
@@ -14,9 +14,7 @@ on:
 
 env:
   DOCKER_TAG_ALPINE: latest
-  # No tags/releases declared in the repository so we use the `edge` tag that follows the main development branch.
   DOCKER_TAG_DWARF2JSON: edge
-  # No tags/releases declared in the repository so we use the development branch.
   GIT_TAG_DWARF2JSON: master
 
 jobs:

diff --git a/.github/workflows/dwarf2json.yml b/.github/workflows/dwarf2json.yml
@@ -0,0 +1,62 @@
+name: dwarf2json-edge
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - development
+      - master
+      - staging
+    paths:
+      - .github/workflows/dwarf2json.yml
+      - src/dwarf2json/**
+      - README.md
+
+env:
+  DOCKER_TAG_ALPINE: latest
+  DOCKER_TAG_DWARF2JSON: "0.8.0"
+  GIT_TAG_DWARF2JSON: v0.8.0
+
+jobs:
+  docker:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout sources
+        uses: actions/checkout@v4
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      - name: Set up docker buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Get current date
+        id: date
+        run: echo "date=$(date --iso-8601 --utc)" >> $GITHUB_OUTPUT
+
+      - name: Login to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKER_HUB_USERNAME }}
+          password: ${{ secrets.DOCKER_HUB_TOKEN }}
+
+      - name: Build and push ${{ secrets.DOCKER_HUB_USERNAME }}/dwarf2json
+        uses: docker/build-push-action@v5
+        with:
+          context: src/dwarf2json
+          platforms: linux/amd64,linux/arm64/v8
+          push: true
+          tags: ${{ secrets.DOCKER_HUB_USERNAME }}/dwarf2json:${{ env.DOCKER_TAG_DWARF2JSON }}
+          build-args: |
+            DOCKER_TAG_ALPINE=${{ env.DOCKER_TAG_ALPINE }}
+            GIT_TAG_DWARF2JSON=${{ env.GIT_TAG_DWARF2JSON }}
+            PRODUCT_BUILD_COMMIT=${{ github.sha }}
+            PRODUCT_BUILD_DATE=${{ steps.date.outputs.date }}
+
+      - name: Update Docker Hub repository description for ${{ secrets.DOCKER_HUB_USERNAME }}/dwarf2json
+        uses: peter-evans/dockerhub-description@v4
+        with:
+          username: ${{ secrets.DOCKER_HUB_USERNAME }}
+          password: ${{ secrets.DOCKER_HUB_PASSWORD }}
+          repository: ${{ secrets.DOCKER_HUB_USERNAME }}/dwarf2json
+          short-description: ${{ github.event.repository.description }}
diff --git a/.github/workflows/volatility-edge.yml b/.github/workflows/volatility-edge.yml
@@ -17,7 +17,7 @@ env:
   DOCKER_TAG_ALPINE: "3.15"
   # No new tags/releases declared in the repository so we use the `edge` tag that follows the main development branch.
   DOCKER_TAG_VOLATILITY: edge
-  GIT_TAG_PYTHON_YARA: v4.4.0
+  GIT_TAG_PYTHON_YARA: v4.5.0
   # No new tags/releases declared in the repository so we use the development branch.
   GIT_TAG_VOLATILITY: master
   # No new tags/releases declared in the repository so we use the development branch.

diff --git a/.github/workflows/volatility3-edge.yml b/.github/workflows/volatility3-edge.yml
@@ -19,7 +19,7 @@ env:
   DOCKER_TAG_VOLATILITY3: edge
   # No tags/releases declared in the repository so we use the development branch.
   GIT_TAG_JPCERT_SYMBOLS: main
-  GIT_TAG_PYTHON_YARA: v4.4.0
+  GIT_TAG_PYTHON_YARA: v4.5.0
   GIT_TAG_VOLATILITY3: develop
   # No tags/releases declared in the repository so we use the development branch.
   GIT_TAG_VOLATILITY3_COMMUNITY: master

diff --git a/.github/workflows/volatility3.yml b/.github/workflows/volatility3.yml
@@ -16,11 +16,11 @@ on:
 
 env:
   DOCKER_TAG_ALPINE: latest
-  DOCKER_TAG_VOLATILITY3: "2.5.0"
+  DOCKER_TAG_VOLATILITY3: "2.7.0"
   # No tags/releases declared in the repository so we use the development branch.
   GIT_TAG_JPCERT_SYMBOLS: main
-  GIT_TAG_PYTHON_YARA: v4.4.0
-  GIT_TAG_VOLATILITY3: v2.5.0
+  GIT_TAG_PYTHON_YARA: v4.5.0
+  GIT_TAG_VOLATILITY3: v2.7.0
   # No tags/releases declared in the repository so we use the development branch.
   GIT_TAG_VOLATILITY3_COMMUNITY: master
 

diff --git a/README.md b/README.md
@@ -14,13 +14,13 @@ By the way, [why are these images not (yet) official?](https://github.com/volati
 
 ## What's in the box?
 
-- [`sk4la/volatility3`](https://hub.docker.com/r/sk4la/volatility) ⭐ (version [2.5.0](https://github.com/volatilityfoundation/volatility3/releases/tag/v2.5.0) from September 27, 2023)
+- [`sk4la/volatility3`](https://hub.docker.com/r/sk4la/volatility) ⭐ (version [2.7.0](https://github.com/volatilityfoundation/volatility3/releases/tag/v2.7.0) from May 29, 2024)
   - The latest release of the official [Volatility 3](https://github.com/volatilityfoundation/volatility3) project
   - The [community-maintained plugins](https://github.com/volatilityfoundation/community3) for Volatility 3
   - The [official symbol tables](https://github.com/volatilityfoundation/volatility3#symbol-tables) for Windows, macOS and GNU/Linux provided by the Volatility Foundation
   - The [symbol tables](https://github.com/JPCERTCC/Windows-Symbol-Tables) provided by the [JPCERT/CC](https://www.jpcert.or.jp/) for the ongoing Windows 11+ support
 
-> The `latest` and `stable` tags, as well as the literal version number (e.g `2.5.0`) all point to the [latest official release](https://github.com/volatilityfoundation/volatility3/releases). In order to follow the development cycle of Volatility 3, an `edge` tag has been added, which points to the current state of the `master` branch—which could be unstable. Power-users should feel free to use this one at their own expense. The `sk4la/volatility3` and `sk4la/volatility3:edge` images are built every week in order to include the newest symbols.
+> The `latest` and `stable` tags, as well as the literal version number (e.g `2.7.0`) all point to the [latest official release](https://github.com/volatilityfoundation/volatility3/releases). In order to follow the development cycle of Volatility 3, an `edge` tag has been added, which points to the current state of the `master` branch—which could be unstable. Power-users should feel free to use this one at their own expense. The `sk4la/volatility3` and `sk4la/volatility3:edge` images are built every week in order to include the newest symbols.
 
 - [`sk4la/volatility`](https://hub.docker.com/r/sk4la/volatility)
   - The latest release of the official [Volatility](https://github.com/volatilityfoundation/volatility) project (unmaintained since 2020)

diff --git a/src/volatility3/Dockerfile b/src/volatility3/Dockerfile
@@ -71,6 +71,7 @@ RUN apk add --no-cache \
         capstone \
         dumb-init \
         less \
+        py3-capstone \
         py3-pefile \
         py3-pip \
         py3-pycryptodome \