update chen to get cpg 1.0.1 and the latest protobuf (#165) #123
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: release | |
on: | |
push: | |
tags: | |
- 'v*' | |
workflow_dispatch: # allow to manually trigger this workflow | |
env: | |
REGISTRY: ghcr.io | |
IMAGE_NAME: appthreat/atom | |
jobs: | |
release-win: | |
if: github.repository_owner == 'appthreat' | |
concurrency: release-win | |
runs-on: windows-latest | |
permissions: | |
contents: write | |
packages: write | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Set up JDK | |
uses: graalvm/setup-graalvm@v1 | |
with: | |
distribution: 'graalvm-community' | |
java-version: '21' | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
native-image-job-reports: 'true' | |
cache: 'sbt' | |
- uses: ilammy/msvc-dev-cmd@v1 | |
with: | |
arch: amd64 | |
- run: | | |
Invoke-WebRequest -Uri https://github.com/upx/upx/releases/download/v4.2.2/upx-4.2.2-win64.zip -UseBasicParsing -OutFile upx-4.2.2-win64.zip | |
Expand-Archive -Path upx-4.2.2-win64.zip -DestinationPath . -Force | |
sbt stage createDistribution | |
sbt "GraalVMNativeImage / packageBin" | |
.\target\graalvm-native-image\atom.exe --help | |
cd target\graalvm-native-image | |
(Get-FileHash -Algorithm SHA512 .\atom.exe).hash | Out-File -FilePath .\atom.exe.sha512 | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Create Release | |
if: startsWith(github.ref, 'refs/tags/') | |
uses: softprops/action-gh-release@v2 | |
with: | |
files: | | |
target/graalvm-native-image/atom.exe | |
target/graalvm-native-image/atom.exe.sha512 | |
release: | |
if: github.repository_owner == 'appthreat' | |
concurrency: release | |
runs-on: ubuntu-latest | |
permissions: | |
contents: write | |
packages: write | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Set up JDK | |
uses: graalvm/setup-graalvm@v1 | |
with: | |
distribution: 'graalvm-community' | |
java-version: '21' | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
native-image-job-reports: 'true' | |
cache: 'sbt' | |
- run: | | |
wget https://github.com/upx/upx/releases/download/v4.2.2/upx-4.2.2-amd64_linux.tar.xz | |
tar -xvf upx-4.2.2-amd64_linux.tar.xz | |
chmod +x upx-4.2.2-amd64_linux/upx | |
sudo cp upx-4.2.2-amd64_linux/upx /usr/local/bin/ | |
sbt stage createDistribution | |
sha512sum target/atom.zip > target/atom.zip.sha512 | |
bash ci/native-image.sh | |
cp target/graalvm-native-image/atom target/graalvm-native-image/atom-amd64 | |
/usr/local/bin/upx -9 --lzma target/graalvm-native-image/atom-amd64 | |
target/graalvm-native-image/atom-amd64 --help | |
sha512sum target/graalvm-native-image/atom-amd64 > target/graalvm-native-image/atom-amd64.sha512 | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- run: sbt publish | |
if: startsWith(github.ref, 'refs/tags/') | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Upload atom to ghcr | |
run: | | |
cd target | |
echo $GITHUB_TOKEN | oras login ghcr.io -u $GITHUB_USERNAME --password-stdin | |
oras push ghcr.io/$IMAGE_NAME:v2 \ | |
--artifact-type application/vnd.oras.config.v1+json \ | |
./atom.zip:application/vnd.appthreat.atom.layer.v1+tar \ | |
./atom.zip.sha512:application/vnd.appthreat.atom.layer.v1+tar | |
cd graalvm-native-image | |
oras push ghcr.io/appthreat/atom-amd64:v2 \ | |
--artifact-type application/vnd.oras.config.v1+json \ | |
./atom-amd64:application/vnd.appthreat.atom.layer.v1+tar \ | |
./atom-amd64.sha512:application/vnd.appthreat.atom.layer.v1+tar | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
GITHUB_USERNAME: ${{ github.actor }} | |
- name: Generate SBOM with cdxgen | |
run: | | |
npm install -g @cyclonedx/cdxgen | |
cdxgen -t sbt -o bom.json . -p --no-recurse | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Create Release | |
if: startsWith(github.ref, 'refs/tags/') | |
uses: softprops/action-gh-release@v2 | |
with: | |
files: | | |
bom.json | |
target/atom.zip | |
target/atom.zip.sha512 | |
target/graalvm-native-image/atom-amd64 | |
target/graalvm-native-image/atom-amd64.sha512 |