QS: Output Schema #67
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: build quantumstrand | |
on: | |
pull_request: | |
branches: [ quantumstrand ] | |
push: | |
branches: [ quantumstrand ] | |
release: | |
types: [edited, published] | |
branches: [ quantumstrand ] | |
jobs: | |
build: | |
name: PyInstaller for ${{ matrix.os }} | |
runs-on: ${{ matrix.os }} | |
strategy: | |
matrix: | |
include: | |
# use old linux so that the shared library versioning is more portable | |
- os: ubuntu-20.04 | |
artifact_name: quantumstrand | |
asset_name: linux | |
- os: windows-2019 | |
artifact_name: quantumstrand.exe | |
asset_name: windows | |
- os: macos-11 | |
artifact_name: quantumstrand | |
asset_name: macos | |
# Pin action version by commit hash to maximize trust, ref: https://securitylab.github.com/research/github-actions-building-blocks/ | |
steps: | |
- name: Checkout floss | |
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 | |
with: | |
submodules: false | |
- name: Set up Python 3.11 | |
uses: actions/setup-python@d27e3f3d7c64b4bbf8e4abfb9b63b83e846e0435 # v4.5.0 | |
with: | |
python-version: '3.11' | |
- name: Install floss[build] | |
run: pip install -e .[build] | |
- name: Install floss[qs] | |
run: pip install -e .[qs] | |
- name: Build standalone executable | |
run: pyinstaller .github/pyinstaller/qs.spec | |
- uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 | |
with: | |
name: ${{ matrix.asset_name }} | |
path: dist/${{ matrix.artifact_name }} | |
test_run: | |
name: Test run on ${{ matrix.os }} | |
runs-on: ${{ matrix.os }} | |
needs: [build] | |
strategy: | |
matrix: | |
include: | |
- os: ubuntu-20.04 | |
artifact_name: quantumstrand | |
asset_name: linux | |
- os: ubuntu-22.04 | |
artifact_name: quantumstrand | |
asset_name: linux | |
- os: windows-2019 | |
artifact_name: quantumstrand.exe | |
asset_name: windows | |
- os: windows-2022 | |
artifact_name: quantumstrand.exe | |
asset_name: windows | |
- os: macos-11 | |
artifact_name: quantumstrand | |
asset_name: macos | |
steps: | |
- name: Download ${{ matrix.asset_name }} | |
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 | |
with: | |
name: ${{ matrix.asset_name }} | |
- name: Checkout testfiles | |
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 | |
with: | |
repository: mandiant/flare-floss-testfiles | |
path: tests/data | |
- name: Set executable flag | |
if: startsWith(matrix.os, 'windows') != true | |
run: chmod +x ${{ matrix.artifact_name }} | |
- name: Run quantumstrand -h | |
run: ./${{ matrix.artifact_name }} -h | |
- name: Run quantumstrand | |
run: ./${{ matrix.artifact_name }} tests/data/test-decode-to-stack.exe | |
zip_and_upload: | |
# upload zipped binaries to Release page | |
if: github.event_name == 'release' | |
name: zip and upload ${{ matrix.asset_name }} | |
runs-on: ubuntu-20.04 | |
needs: [build] | |
strategy: | |
matrix: | |
include: | |
- asset_name: linux | |
artifact_name: quantumstrand | |
- asset_name: windows | |
artifact_name: quantumstrand.exe | |
- asset_name: macos | |
artifact_name: quantumstrand | |
steps: | |
- name: Download ${{ matrix.asset_name }} | |
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 | |
with: | |
name: ${{ matrix.asset_name }} | |
- name: Set executable flag | |
run: chmod +x ${{ matrix.artifact_name }} | |
- name: Set zip name | |
run: echo "zip_name=quantumstrand-${GITHUB_REF#refs/tags/}-${{ matrix.asset_name }}.zip" >> $GITHUB_ENV | |
- name: Zip ${{ matrix.artifact_name }} into ${{ env.zip_name }} | |
run: zip ${{ env.zip_name }} ${{ matrix.artifact_name }} | |
- name: Upload ${{ env.zip_name }} to GH Release | |
uses: svenstaro/upload-release-action@v2 | |
with: | |
repo_token: ${{ secrets.GITHUB_TOKEN }} | |
file: ${{ env.zip_name }} | |
tag: ${{ github.ref }} |