From 6031620faaae4366615a2f5daaf0faa275a7e80d Mon Sep 17 00:00:00 2001 From: umbynos Date: Mon, 21 Dec 2020 18:39:29 +0100 Subject: [PATCH 01/14] add virustotal scan to CI release workflow --- .github/workflows/release.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index dab32d8fd..d4469cfe5 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -410,6 +410,16 @@ jobs: rm -v release/._ArduinoCreateAgent*.dmg mv -v ArduinoCreateAgent-windows*/* release/ + - name: VirusTotal Scan + uses: crazy-max/ghaction-virustotal@v2 + with: + vt_api_key: ${{ secrets.VIRUSTOTAL_API_KEY }} + vt_monitor: true + files: | + release/*.exe + arduino-create-agent-windows-2019-386/arduino-create-agent.exe + arduino-create-agent-windows-2019-amd64/arduino-create-agent.exe + - name: Create Github Release uses: actions/create-release@v1 env: From 7df5910559ecceb267010c28c973e64a74920b2d Mon Sep 17 00:00:00 2001 From: umbynos Date: Tue, 22 Dec 2020 11:28:27 +0100 Subject: [PATCH 02/14] add virustotal separate workflow --- .github/workflows/released.yml | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 .github/workflows/released.yml diff --git a/.github/workflows/released.yml b/.github/workflows/released.yml new file mode 100644 index 000000000..fba42053a --- /dev/null +++ b/.github/workflows/released.yml @@ -0,0 +1,18 @@ +name: released + +on: + release: + types: [published] + +jobs: + virustotal: + runs-on: ubuntu-latest + steps: + - name: VirusTotal Scan + uses: crazy-max/ghaction-virustotal@v2 + with: + vt_api_key: ${{ secrets.VIRUSTOTAL_API_KEY }} + github_token: ${{ secrets.GITHUB_TOKEN }} + update_release_body: true + files: | + .exe$ \ No newline at end of file From ff3b995ed390a739f272b02b432dffb72def2285 Mon Sep 17 00:00:00 2001 From: umbynos Date: Tue, 22 Dec 2020 12:05:10 +0100 Subject: [PATCH 03/14] Revert "add virustotal scan to CI release workflow" This reverts commit 6031620faaae4366615a2f5daaf0faa275a7e80d. --- .github/workflows/release.yml | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index d4469cfe5..dab32d8fd 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -410,16 +410,6 @@ jobs: rm -v release/._ArduinoCreateAgent*.dmg mv -v ArduinoCreateAgent-windows*/* release/ - - name: VirusTotal Scan - uses: crazy-max/ghaction-virustotal@v2 - with: - vt_api_key: ${{ secrets.VIRUSTOTAL_API_KEY }} - vt_monitor: true - files: | - release/*.exe - arduino-create-agent-windows-2019-386/arduino-create-agent.exe - arduino-create-agent-windows-2019-amd64/arduino-create-agent.exe - - name: Create Github Release uses: actions/create-release@v1 env: From 72b3fe79bacdc624558fb814a405ea57f92d1fa2 Mon Sep 17 00:00:00 2001 From: umbynos Date: Tue, 22 Dec 2020 15:19:19 +0100 Subject: [PATCH 04/14] workflows fails with `Cannot send Error [ERR_FR_MAX_BODY_LENGTH_EXCEEDED]: Request body larger than maxBodyLength limit`, should be fixed in v2.3.0 (for ref https://github.com/crazy-max/ghaction-virustotal/issues/60) --- .github/workflows/released.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/released.yml b/.github/workflows/released.yml index fba42053a..3c1dd8436 100644 --- a/.github/workflows/released.yml +++ b/.github/workflows/released.yml @@ -9,10 +9,10 @@ jobs: runs-on: ubuntu-latest steps: - name: VirusTotal Scan - uses: crazy-max/ghaction-virustotal@v2 + uses: crazy-max/ghaction-virustotal@v2.3.0 with: vt_api_key: ${{ secrets.VIRUSTOTAL_API_KEY }} github_token: ${{ secrets.GITHUB_TOKEN }} update_release_body: true files: | - .exe$ \ No newline at end of file + .exe$ From 5550c7ea16a368a6ac07694bb8bfd523d4313e5e Mon Sep 17 00:00:00 2001 From: umbynos Date: Tue, 22 Dec 2020 17:40:28 +0100 Subject: [PATCH 05/14] try fix from https://github.com/crazy-max/ghaction-virustotal/pull/64 --- .github/workflows/released.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/released.yml b/.github/workflows/released.yml index 3c1dd8436..08b2372bb 100644 --- a/.github/workflows/released.yml +++ b/.github/workflows/released.yml @@ -9,7 +9,7 @@ jobs: runs-on: ubuntu-latest steps: - name: VirusTotal Scan - uses: crazy-max/ghaction-virustotal@v2.3.0 + uses: crazy-max/ghaction-virustotal@fix-maxbodylength with: vt_api_key: ${{ secrets.VIRUSTOTAL_API_KEY }} github_token: ${{ secrets.GITHUB_TOKEN }} From 3310b8b3deb00d761254594a9c052c2392dab084 Mon Sep 17 00:00:00 2001 From: umbynos Date: Tue, 22 Dec 2020 18:16:35 +0100 Subject: [PATCH 06/14] Revert the two previous commits: problem solved in the GHA --- .github/workflows/released.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/released.yml b/.github/workflows/released.yml index 08b2372bb..e636489a9 100644 --- a/.github/workflows/released.yml +++ b/.github/workflows/released.yml @@ -9,7 +9,7 @@ jobs: runs-on: ubuntu-latest steps: - name: VirusTotal Scan - uses: crazy-max/ghaction-virustotal@fix-maxbodylength + uses: crazy-max/ghaction-virustotal@v2 with: vt_api_key: ${{ secrets.VIRUSTOTAL_API_KEY }} github_token: ${{ secrets.GITHUB_TOKEN }} From b7df792a44e03f8db65499c6fe143db91115962b Mon Sep 17 00:00:00 2001 From: umbynos Date: Tue, 22 Dec 2020 18:50:13 +0100 Subject: [PATCH 07/14] Try again virustotal scan in CI release workflow This reverts commit ff3b995ed390a739f272b02b432dffb72def2285. --- .github/workflows/release.yml | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index dab32d8fd..7b1c8a01e 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -429,6 +429,17 @@ jobs: file_glob: true # If set to true, the file argument can be a glob pattern file: release/* + - name: VirusTotal Scan + uses: crazy-max/ghaction-virustotal@v2 + with: + vt_api_key: ${{ secrets.VIRUSTOTAL_API_KEY }} + github_token: ${{ secrets.GITHUB_TOKEN }} + update_release_body: true + files: | + release/*.exe + arduino-create-agent-windows-2019-386/arduino-create-agent.exe + arduino-create-agent-windows-2019-amd64/arduino-create-agent.exe + - name: Upload release files on Arduino downloads servers run: aws s3 sync release/ s3://${{ secrets.DOWNLOADS_BUCKET }}${{ env.PLUGIN_TARGET }} --include "*" if: steps.prerelease.outputs.IS_PRE != 'true' From 6f5b5d5ec26c9a632ee9a283a2dfc2d7c83dd8e4 Mon Sep 17 00:00:00 2001 From: umbynos Date: Wed, 23 Dec 2020 12:38:23 +0100 Subject: [PATCH 08/14] use analysis output from virustotal action to put links in release body `update_release_body: true` won't work trigger type is not release --- .github/workflows/release.yml | 31 +++++++++++++++++++------------ 1 file changed, 19 insertions(+), 12 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 7b1c8a01e..0c8c8fb5a 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -410,6 +410,24 @@ jobs: rm -v release/._ArduinoCreateAgent*.dmg mv -v ArduinoCreateAgent-windows*/* release/ + - name: VirusTotal Scan + id: virustotal_step + uses: crazy-max/ghaction-virustotal@v2 + with: + vt_api_key: ${{ secrets.VIRUSTOTAL_API_KEY }} + github_token: ${{ secrets.GITHUB_TOKEN }} + update_release_body: false # `true` won't work becasue trigger type is not release + files: | + release/*.exe + arduino-create-agent-windows-2019-386/arduino-create-agent.exe + arduino-create-agent-windows-2019-amd64/arduino-create-agent.exe + + - name: Organize release body message #use sed to clean and format the output markdown style + id: release_body + run: | + vt_links="$(echo ${{ steps.virustotal_step.outputs.analysis}} | sed 's/release\///g' | sed 's/,/\n/g' | sed 's/^/- [/' | sed 's/=/](/' | sed 's/$/)/')" + echo "::set-output name=RBODY::$vt_links" + - name: Create Github Release uses: actions/create-release@v1 env: @@ -417,7 +435,7 @@ jobs: with: tag_name: ${{ github.ref }} release_name: ${{ github.ref }} - body: "" + body: ${{ steps.release_body.outputs.RBODY}} draft: false prerelease: ${{ steps.prerelease.outputs.IS_PRE }} @@ -429,17 +447,6 @@ jobs: file_glob: true # If set to true, the file argument can be a glob pattern file: release/* - - name: VirusTotal Scan - uses: crazy-max/ghaction-virustotal@v2 - with: - vt_api_key: ${{ secrets.VIRUSTOTAL_API_KEY }} - github_token: ${{ secrets.GITHUB_TOKEN }} - update_release_body: true - files: | - release/*.exe - arduino-create-agent-windows-2019-386/arduino-create-agent.exe - arduino-create-agent-windows-2019-amd64/arduino-create-agent.exe - - name: Upload release files on Arduino downloads servers run: aws s3 sync release/ s3://${{ secrets.DOWNLOADS_BUCKET }}${{ env.PLUGIN_TARGET }} --include "*" if: steps.prerelease.outputs.IS_PRE != 'true' From 16e7d232c8e3c10ffcae54265d139e3a82a1e90d Mon Sep 17 00:00:00 2001 From: umbynos Date: Wed, 23 Dec 2020 12:39:18 +0100 Subject: [PATCH 09/14] remove `released.yml` because it was useless at this point --- .github/workflows/released.yml | 18 ------------------ 1 file changed, 18 deletions(-) delete mode 100644 .github/workflows/released.yml diff --git a/.github/workflows/released.yml b/.github/workflows/released.yml deleted file mode 100644 index e636489a9..000000000 --- a/.github/workflows/released.yml +++ /dev/null @@ -1,18 +0,0 @@ -name: released - -on: - release: - types: [published] - -jobs: - virustotal: - runs-on: ubuntu-latest - steps: - - name: VirusTotal Scan - uses: crazy-max/ghaction-virustotal@v2 - with: - vt_api_key: ${{ secrets.VIRUSTOTAL_API_KEY }} - github_token: ${{ secrets.GITHUB_TOKEN }} - update_release_body: true - files: | - .exe$ From 228a93a0d79eea7ca1fbad323d45a8414dfec498 Mon Sep 17 00:00:00 2001 From: umbynos Date: Wed, 23 Dec 2020 13:25:00 +0100 Subject: [PATCH 10/14] fix set-output truncating multiple lines https://github.community/t/set-output-truncates-multiline-strings/16852/3 --- .github/workflows/release.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 0c8c8fb5a..9f4eebb33 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -426,6 +426,7 @@ jobs: id: release_body run: | vt_links="$(echo ${{ steps.virustotal_step.outputs.analysis}} | sed 's/release\///g' | sed 's/,/\n/g' | sed 's/^/- [/' | sed 's/=/](/' | sed 's/$/)/')" + vt_links="${vt_links//$'\n'/'%0A'}" # replace \n with a special character -> generates a single lines, \n will be reintroduced later echo "::set-output name=RBODY::$vt_links" - name: Create Github Release From 5d45c38e1d767ff0acd76647c90ef78936d22e83 Mon Sep 17 00:00:00 2001 From: umbynos Date: Wed, 23 Dec 2020 15:09:01 +0100 Subject: [PATCH 11/14] add title to links added in the release --- .github/workflows/release.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 9f4eebb33..316a1f256 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -425,9 +425,10 @@ jobs: - name: Organize release body message #use sed to clean and format the output markdown style id: release_body run: | + vt_title="## VirusTotal analysis 🛡: %0A" vt_links="$(echo ${{ steps.virustotal_step.outputs.analysis}} | sed 's/release\///g' | sed 's/,/\n/g' | sed 's/^/- [/' | sed 's/=/](/' | sed 's/$/)/')" vt_links="${vt_links//$'\n'/'%0A'}" # replace \n with a special character -> generates a single lines, \n will be reintroduced later - echo "::set-output name=RBODY::$vt_links" + echo "::set-output name=RBODY::$vt_title$vt_links" - name: Create Github Release uses: actions/create-release@v1 From 80c5a682cddb799809888328b850f3f5e1723d34 Mon Sep 17 00:00:00 2001 From: umbynos Date: Wed, 23 Dec 2020 16:02:40 +0100 Subject: [PATCH 12/14] remove github token (not needed) --- .github/workflows/release.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 316a1f256..33ba6bfc0 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -415,7 +415,6 @@ jobs: uses: crazy-max/ghaction-virustotal@v2 with: vt_api_key: ${{ secrets.VIRUSTOTAL_API_KEY }} - github_token: ${{ secrets.GITHUB_TOKEN }} update_release_body: false # `true` won't work becasue trigger type is not release files: | release/*.exe From 7ac9059e97e9908df1dff7db57782e3b97973e4e Mon Sep 17 00:00:00 2001 From: umbynos Date: Wed, 23 Dec 2020 16:03:45 +0100 Subject: [PATCH 13/14] refactor release body (use dropdown: less confusing for the user) --- .github/workflows/release.yml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 33ba6bfc0..4a905f007 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -424,10 +424,13 @@ jobs: - name: Organize release body message #use sed to clean and format the output markdown style id: release_body run: | - vt_title="## VirusTotal analysis 🛡: %0A" + vt_title_pre="
\nVirusTotal analysis 🛡\n\n" vt_links="$(echo ${{ steps.virustotal_step.outputs.analysis}} | sed 's/release\///g' | sed 's/,/\n/g' | sed 's/^/- [/' | sed 's/=/](/' | sed 's/$/)/')" + vt_title_post="\n
" + vt_title_pre="${vt_title_pre//$'\n'/'%0A'}" vt_links="${vt_links//$'\n'/'%0A'}" # replace \n with a special character -> generates a single lines, \n will be reintroduced later - echo "::set-output name=RBODY::$vt_title$vt_links" + vt_title_post="${vt_title_post//$'\n'/'%0A'}" + echo "::set-output name=RBODY::$vt_title_pre$vt_links$vt_title_post" - name: Create Github Release uses: actions/create-release@v1 From 80216579d328504232e808851b4932e23d1f124d Mon Sep 17 00:00:00 2001 From: umbynos Date: Wed, 23 Dec 2020 16:42:53 +0100 Subject: [PATCH 14/14] solve body formatted wrong --- .github/workflows/release.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 4a905f007..3a62535e6 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -427,9 +427,9 @@ jobs: vt_title_pre="
\nVirusTotal analysis 🛡\n\n" vt_links="$(echo ${{ steps.virustotal_step.outputs.analysis}} | sed 's/release\///g' | sed 's/,/\n/g' | sed 's/^/- [/' | sed 's/=/](/' | sed 's/$/)/')" vt_title_post="\n
" - vt_title_pre="${vt_title_pre//$'\n'/'%0A'}" + vt_title_pre="${vt_title_pre//'\n'/'%0A'}" vt_links="${vt_links//$'\n'/'%0A'}" # replace \n with a special character -> generates a single lines, \n will be reintroduced later - vt_title_post="${vt_title_post//$'\n'/'%0A'}" + vt_title_post="${vt_title_post//'\n'/'%0A'}" echo "::set-output name=RBODY::$vt_title_pre$vt_links$vt_title_post" - name: Create Github Release