Update to use Yara v3.11 (rednaga#166)

Update to Yara 3.11 and reduce docker layers

Yara-python now includes an important fix for using the dex module so we can use it directly.

.travis.yml

@@ -9,7 +9,7 @@ python:
 install:
   - pip install --upgrade pip
   - pip install wheel
-  - pip wheel --wheel-dir=/tmp/yara-python --build-option="build" --build-option="--enable-dex" git+https://github.com/VirusTotal/yara-python.git@v3.10.0
+  - pip wheel --wheel-dir=/tmp/yara-python --build-option="build" --build-option="--enable-dex" git+https://github.com/VirusTotal/yara-python.git@v3.11.0
   - pip install --no-index --find-links=/tmp/yara-python yara-python
   - pip install -e .[dev,test]
   - pip install --upgrade pytest factory_boy

Dockerfile

@@ -1,33 +1,22 @@
 FROM python:3-slim
+LABEL maintainer="Caleb Fenton"
 
 RUN groupadd -g 999 appuser && \
     useradd -r -u 999 -g appuser appuser
 
 RUN apt-get update -qq && \
     apt-get install -y git build-essential gcc pandoc
-RUN pip install --upgrade pip setuptools wheel
-
-# Disabled until Yara patch is applied
-#RUN pip wheel --wheel-dir=/tmp/yara-python --build-option="build" --build-option="--enable-dex" git+https://github.com/VirusTotal/[email protected]
-#RUN pip install --no-index --find-links=/tmp/yara-python yara-python
-#RUN rm -rf /tmp/yara-python
-
-RUN apt-get install -y curl
-RUN git clone --recursive -b "v3.10.0" https://github.com/VirusTotal/yara-python.git /tmp/yara-python
-RUN git config --global user.email "[email protected]"
-RUN git config --global user.name "APKiD User"
-WORKDIR /tmp/yara-python
-RUN cd yara && \
-    curl https://patch-diff.githubusercontent.com/raw/VirusTotal/yara/pull/1073.patch | git am
-RUN cd /tmp/yara-python
-RUN python setup.py build --enable-dex
-RUN python setup.py install
+
+RUN pip install --no-cache-dir --upgrade pip setuptools wheel curl && \
+    pip wheel --quiet --no-cache-dir --wheel-dir=/tmp/yara-python --build-option="build" --build-option="--enable-dex" git+https://github.com/VirusTotal/[email protected] && \
+    pip install --quiet --no-cache-dir --no-index --find-links=/tmp/yara-python yara-python && \
+    rm -rf /tmp/yara-python
 
 WORKDIR /apkid
 COPY . .
 
-RUN python prep-release.py
-RUN pip install -e .
+RUN python prep-release.py && \
+    pip install -e .
 
 # Place to bind a mount point to for scratch pad work
 RUN mkdir /input

README.md

@@ -18,26 +18,11 @@ For more information on what this tool can be used for, check out:
 
 # Installing
 
-Installation is unfortunately a bit involved until a [pull request](https://github.com/VirusTotal/yara/pull/1073) is merged in a dependency. Here's how you do it:
-
 ```bash
-git clone --recursive -b "v3.10.0" https://github.com/VirusTotal/yara-python.git /tmp/yara-python
-cd /tmp/yara-python/yara 
-curl https://patch-diff.githubusercontent.com/raw/VirusTotal/yara/pull/1073.patch | git am
-cd ..
-python setup.py build --enable-dex
-python setup.py install
-```
-
-Without this patch to Yara, the dexlib1 detection rule will fail as will any rule relying on string sizes.
 
-If this patch wasn't needed, here's how you'd install. First, install [yara-python](https://github.com/VirusTotal/yara-python) with `--enable-dex` to compile Yara's DEX module:
-
-```bash
-# Don't use this method, for now.
-#pip install --upgrade wheel
-#pip wheel --wheel-dir=/tmp/yara-python --build-option="build" --build-option="--enable-dex" git+https://github.com/VirusTotal/[email protected]
-#pip install --no-index --find-links=/tmp/yara-python yara-python
+pip install --upgrade wheel
+pip wheel --wheel-dir=/tmp/yara-python --build-option="build" --build-option="--enable-dex" git+https://github.com/VirusTotal/[email protected]
+pip install --no-index --find-links=/tmp/yara-python yara-python
 ```
 
 Finally, install APKiD:

setup.py

@@ -21,7 +21,7 @@ def package_files(directory):
 
 
 install_requires = [
-    'yara-python==3.10.0',
+    'yara-python==3.11.0',
     'argparse',
 ]