chg: add rule parse check

.github/workflows/update-sigmarule.yaml

@@ -5,14 +5,46 @@ name: Pipeline for sigma rule updates
 
 on:
   ## This workflow is executed once a day.
-  ## I added workflow_dispatch so that you can execute this workflow from the GitHub UI. 
+  ## I added workflow_dispatch so that you can execute this workflow from the GitHub UI.
   workflow_dispatch:
   schedule:
-    - cron: '0 20 * * *' 
+    - cron: '0 20 * * *'
 
 jobs:
-  Reuse:
-    uses: ./.github/workflows/rule-parse-error-check.yaml
+  rule-parse-error-check:
+    runs-on: ubuntu-latest
+    steps:
+      - name: clone hayabusa rule repo
+        uses: actions/checkout@v3
+        with:
+          ref: ${{ github.event.pull_request.head.sha }}
+          path: hayabusa-rules
+
+      - name: clone hayabusa
+        uses: actions/checkout@v3
+        with:
+          repository: Yamato-Security/hayabusa
+          submodules: recursive
+          path: hayabusa
+
+      - name: clone hayabusa-sample-evtx
+        uses: actions/checkout@v3
+        with:
+          repository: Yamato-Security/hayabusa-sample-evtx
+          path: hayabusa-sample-evtx
+
+      - name: run csv-timeline
+        run: |
+            cd hayabusa
+            LATEST_VER=`git describe --tags --abbrev=0`
+            URL="https://github.com/Yamato-Security/hayabusa/releases/download/${LATEST_VER}/hayabusa-${LATEST_VER#v}-linux.zip"
+            mkdir tmp
+            cd tmp
+            curl -OL $URL
+            unzip *.zip
+            chmod +x hayabusa-${LATEST_VER#v}-lin-x64-gnu
+            ./hayabusa-${LATEST_VER#v}-lin-x64-gnu csv-timeline -d ../hayabusa-sample-evtx -r ../hayabusa-rules -w -o out.csv  | grep "Rule parsing error" | wc -l | grep 0
+
   updateSigmaRule:
     runs-on: ubuntu-latest
     steps: