Skip to content

update chen to get cpg 1.0.1 and the latest protobuf (#165) #123

update chen to get cpg 1.0.1 and the latest protobuf (#165)

update chen to get cpg 1.0.1 and the latest protobuf (#165) #123

Workflow file for this run

name: release
on:
push:
tags:
- 'v*'
workflow_dispatch: # allow to manually trigger this workflow
env:
REGISTRY: ghcr.io
IMAGE_NAME: appthreat/atom
jobs:
release-win:
if: github.repository_owner == 'appthreat'
concurrency: release-win
runs-on: windows-latest
permissions:
contents: write
packages: write
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up JDK
uses: graalvm/setup-graalvm@v1
with:
distribution: 'graalvm-community'
java-version: '21'
github-token: ${{ secrets.GITHUB_TOKEN }}
native-image-job-reports: 'true'
cache: 'sbt'
- uses: ilammy/msvc-dev-cmd@v1
with:
arch: amd64
- run: |
Invoke-WebRequest -Uri https://github.com/upx/upx/releases/download/v4.2.2/upx-4.2.2-win64.zip -UseBasicParsing -OutFile upx-4.2.2-win64.zip
Expand-Archive -Path upx-4.2.2-win64.zip -DestinationPath . -Force
sbt stage createDistribution
sbt "GraalVMNativeImage / packageBin"
.\target\graalvm-native-image\atom.exe --help
cd target\graalvm-native-image
(Get-FileHash -Algorithm SHA512 .\atom.exe).hash | Out-File -FilePath .\atom.exe.sha512
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Create Release
if: startsWith(github.ref, 'refs/tags/')
uses: softprops/action-gh-release@v2
with:
files: |
target/graalvm-native-image/atom.exe
target/graalvm-native-image/atom.exe.sha512
release:
if: github.repository_owner == 'appthreat'
concurrency: release
runs-on: ubuntu-latest
permissions:
contents: write
packages: write
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up JDK
uses: graalvm/setup-graalvm@v1
with:
distribution: 'graalvm-community'
java-version: '21'
github-token: ${{ secrets.GITHUB_TOKEN }}
native-image-job-reports: 'true'
cache: 'sbt'
- run: |
wget https://github.com/upx/upx/releases/download/v4.2.2/upx-4.2.2-amd64_linux.tar.xz
tar -xvf upx-4.2.2-amd64_linux.tar.xz
chmod +x upx-4.2.2-amd64_linux/upx
sudo cp upx-4.2.2-amd64_linux/upx /usr/local/bin/
sbt stage createDistribution
sha512sum target/atom.zip > target/atom.zip.sha512
bash ci/native-image.sh
cp target/graalvm-native-image/atom target/graalvm-native-image/atom-amd64
/usr/local/bin/upx -9 --lzma target/graalvm-native-image/atom-amd64
target/graalvm-native-image/atom-amd64 --help
sha512sum target/graalvm-native-image/atom-amd64 > target/graalvm-native-image/atom-amd64.sha512
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- run: sbt publish
if: startsWith(github.ref, 'refs/tags/')
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload atom to ghcr
run: |
cd target
echo $GITHUB_TOKEN | oras login ghcr.io -u $GITHUB_USERNAME --password-stdin
oras push ghcr.io/$IMAGE_NAME:v2 \
--artifact-type application/vnd.oras.config.v1+json \
./atom.zip:application/vnd.appthreat.atom.layer.v1+tar \
./atom.zip.sha512:application/vnd.appthreat.atom.layer.v1+tar
cd graalvm-native-image
oras push ghcr.io/appthreat/atom-amd64:v2 \
--artifact-type application/vnd.oras.config.v1+json \
./atom-amd64:application/vnd.appthreat.atom.layer.v1+tar \
./atom-amd64.sha512:application/vnd.appthreat.atom.layer.v1+tar
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITHUB_USERNAME: ${{ github.actor }}
- name: Generate SBOM with cdxgen
run: |
npm install -g @cyclonedx/cdxgen
cdxgen -t sbt -o bom.json . -p --no-recurse
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Create Release
if: startsWith(github.ref, 'refs/tags/')
uses: softprops/action-gh-release@v2
with:
files: |
bom.json
target/atom.zip
target/atom.zip.sha512
target/graalvm-native-image/atom-amd64
target/graalvm-native-image/atom-amd64.sha512