-
Notifications
You must be signed in to change notification settings - Fork 174
95 lines (83 loc) · 4.76 KB
/
build-all.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
name: Build all and Check VirusTotal
on: [pull_request]
jobs:
buildAll:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Comment Building
uses: thollander/actions-comment-pull-request@v3
with:
message: |
:monkey: Monkeys are building your code...
comment-tag: pr_build_message
mode: upsert
- name: setup env
id: node-version
run: |
docker build -t enkrypt-build-container .
echo "NODE_VERSION=$(docker run --rm -v `pwd`:/home:rw enkrypt-build-container /bin/bash -c "node --version")" >> $GITHUB_OUTPUT
- name: Get yarn cache directory path
id: yarn-cache-dir-path
run: echo "dir=$(yarn config get cacheFolder)" >> $GITHUB_OUTPUT
- name: Cache yarn modules
uses: actions/cache@v4
id: yarn-cache
with:
path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
${{ runner.os }}-yarn-
- name: yarn install
run: docker run --rm -v `pwd`:/home:rw --user "$(id -u):$(id -g)" enkrypt-build-container /bin/bash -c "yarn install --silent"
- name: build
env:
VIRUS_TOTAL_API_KEY: ${{secrets.VIRUS_TOTAL_API_KEY}}
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
run: |
mkdir release-chrome
mkdir release-firefox
docker run --rm -v `pwd`:/home:rw --user "$(id -u):$(id -g)" enkrypt-build-container /bin/bash -c "yarn build:all"
docker run --rm -v `pwd`:/home:rw --user "$(id -u):$(id -g)" enkrypt-build-container /bin/bash -c "cd packages/extension && yarn build:chrome && yarn zip"
cp -r packages/extension/dist/* release-chrome
rm release-chrome/release.zip
FILE_SHA256=`sha256sum ./packages/extension/dist/release.zip | awk '{print $1}'`
curl --request GET --url https://www.virustotal.com/api/v3/files/upload_url --header "x-apikey: $VIRUS_TOTAL_API_KEY"
UPLOAD_URL=`curl --request GET --url https://www.virustotal.com/api/v3/files/upload_url --header "x-apikey: $VIRUS_TOTAL_API_KEY" | jq --raw-output '.data'`
curl --request POST --url "$UPLOAD_URL" --header "x-apikey: $VIRUS_TOTAL_API_KEY" --header 'Accept: application/json' --header 'Content-Type: multipart/form-data' -F "file=@./packages/extension/dist/release.zip"
VIRUS_TOTAL_URL_CHROME=https://www.virustotal.com/gui/file/$FILE_SHA256
docker run --rm -v `pwd`:/home:rw --user "$(id -u):$(id -g)" enkrypt-build-container /bin/bash -c "cd packages/extension && yarn build:firefox && yarn zip"
cp -r packages/extension/dist/* release-firefox
rm release-firefox/release.zip
FILE_SHA256=`sha256sum ./packages/extension/dist/release.zip | awk '{print $1}'`
curl --request GET --url https://www.virustotal.com/api/v3/files/upload_url --header "x-apikey: $VIRUS_TOTAL_API_KEY"
UPLOAD_URL=`curl --request GET --url https://www.virustotal.com/api/v3/files/upload_url --header "x-apikey: $VIRUS_TOTAL_API_KEY" | jq --raw-output '.data'`
curl --request POST --url "$UPLOAD_URL" --header "x-apikey: $VIRUS_TOTAL_API_KEY" --header 'Accept: application/json' --header 'Content-Type: multipart/form-data' -F "file=@./packages/extension/dist/release.zip"
VIRUS_TOTAL_URL_FIREFOX=https://www.virustotal.com/gui/file/$FILE_SHA256
echo "VIRUS_TOTAL_URL_CHROME=$VIRUS_TOTAL_URL_CHROME" >> $GITHUB_ENV
echo "VIRUS_TOTAL_URL_FIREFOX=$VIRUS_TOTAL_URL_FIREFOX" >> $GITHUB_ENV
echo "SHORT_SHA=`echo $(cat $GITHUB_EVENT_PATH | jq -r .pull_request.head.sha) | cut -c1-8`" >> $GITHUB_ENV
- uses: actions/upload-artifact@v4
id: artifact-upload-chrome
with:
name: enkrypt-chrome-${{ env.SHORT_SHA }}
path: ./release-chrome
retention-days: 3
- uses: actions/upload-artifact@v4
id: artifact-upload-firefox
with:
name: enkrypt-firefox-${{ env.SHORT_SHA }}
path: ./release-firefox
retention-days: 3
- name: Comment PR
uses: thollander/actions-comment-pull-request@v3
with:
message: |
:briefcase: Build Files
chrome: [enkrypt-chrome-${{ env.SHORT_SHA }}.zip](${{ steps.artifact-upload-chrome.outputs.artifact-url }})
firefox: [enkrypt-firefox-${{ env.SHORT_SHA }}.zip](${{ steps.artifact-upload-firefox.outputs.artifact-url }})
:syringe: Virus total analysis
chrome: [${{ env.SHORT_SHA }}](${{ env.VIRUS_TOTAL_URL_CHROME }})
firefox: [${{ env.SHORT_SHA }}](${{ env.VIRUS_TOTAL_URL_FIREFOX }})
comment-tag: pr_build_message
mode: upsert