Update to Python 3.10 as minimum #1037
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: build | |
on: | |
pull_request: | |
branches: [ master ] | |
release: | |
types: [edited, published] | |
jobs: | |
build: | |
name: PyInstaller for ${{ matrix.os }} | |
runs-on: ${{ matrix.os }} | |
strategy: | |
matrix: | |
include: | |
# use old linux so that the shared library versioning is more portable | |
- os: ubuntu-20.04 | |
artifact_name: floss | |
asset_name: linux | |
- os: windows-2019 | |
artifact_name: floss.exe | |
asset_name: windows | |
- os: macos-13 | |
artifact_name: floss | |
asset_name: macos | |
# Pin action version by commit hash to maximize trust, ref: https://securitylab.github.com/research/github-actions-building-blocks/ | |
steps: | |
- name: Checkout floss | |
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
with: | |
submodules: false | |
- name: Set up Python 3.10 | |
uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0 | |
with: | |
python-version: '3.10' | |
- name: Install floss [build] | |
run: | | |
pip install -r requirements.txt | |
pip install -e .[build] | |
- name: Build standalone executable | |
run: pyinstaller .github/pyinstaller/floss.spec | |
- uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 | |
with: | |
name: ${{ matrix.asset_name }} | |
path: dist/${{ matrix.artifact_name }} | |
test_run: | |
name: Test run on ${{ matrix.os }} | |
runs-on: ${{ matrix.os }} | |
needs: [build] | |
strategy: | |
matrix: | |
include: | |
- os: ubuntu-20.04 | |
artifact_name: floss | |
asset_name: linux | |
- os: ubuntu-22.04 | |
artifact_name: floss | |
asset_name: linux | |
- os: windows-2019 | |
artifact_name: floss.exe | |
asset_name: windows | |
- os: windows-2022 | |
artifact_name: floss.exe | |
asset_name: windows | |
- os: macos-13 | |
artifact_name: floss | |
asset_name: macos | |
steps: | |
- name: Download ${{ matrix.asset_name }} | |
uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4 | |
with: | |
name: ${{ matrix.asset_name }} | |
- name: Checkout testfiles | |
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
with: | |
repository: mandiant/flare-floss-testfiles | |
path: tests/data | |
- name: Set executable flag | |
if: startsWith(matrix.os, 'windows') != true | |
run: chmod +x ${{ matrix.artifact_name }} | |
- name: Run floss -h | |
run: ./${{ matrix.artifact_name }} -h | |
- name: Run floss | |
run: ./${{ matrix.artifact_name }} tests/data/test-decode-to-stack.exe | |
zip_and_upload: | |
# upload zipped binaries to Release page | |
if: github.event_name == 'release' | |
name: zip and upload ${{ matrix.asset_name }} | |
runs-on: ubuntu-20.04 | |
needs: [build] | |
strategy: | |
matrix: | |
include: | |
- asset_name: linux | |
artifact_name: floss | |
- asset_name: windows | |
artifact_name: floss.exe | |
- asset_name: macos | |
artifact_name: floss | |
steps: | |
- name: Download ${{ matrix.asset_name }} | |
uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4 | |
with: | |
name: ${{ matrix.asset_name }} | |
- name: Set executable flag | |
run: chmod +x ${{ matrix.artifact_name }} | |
- name: Set zip name | |
run: echo "zip_name=floss-${GITHUB_REF#refs/tags/}-${{ matrix.asset_name }}.zip" >> $GITHUB_ENV | |
- name: Zip ${{ matrix.artifact_name }} into ${{ env.zip_name }} | |
run: zip ${{ env.zip_name }} ${{ matrix.artifact_name }} | |
- name: Upload ${{ env.zip_name }} to GH Release | |
uses: svenstaro/upload-release-action@04733e069f2d7f7f0b4aebc4fbdbce8613b03ccd # v2.9.0 | |
with: | |
repo_token: ${{ secrets.GITHUB_TOKEN }} | |
file: ${{ env.zip_name }} | |
tag: ${{ github.ref }} |