add lint/check to check extra dependency #2362 #3682
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: build | |
| on: | |
| pull_request: | |
| branches: [ master ] | |
| paths-ignore: | |
| - 'web/**' | |
| - 'doc/**' | |
| - '**.md' | |
| release: | |
| types: [edited, published] | |
| permissions: | |
| contents: write | |
| jobs: | |
| build: | |
| name: PyInstaller for ${{ matrix.os }} / Py ${{ matrix.python_version }} | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| # set to false for debugging | |
| fail-fast: true | |
| matrix: | |
| include: | |
| - os: ubuntu-20.04 | |
| # use old linux so that the shared library versioning is more portable | |
| artifact_name: capa | |
| asset_name: linux | |
| python_version: '3.10' | |
| - os: ubuntu-20.04 | |
| artifact_name: capa | |
| asset_name: linux-py312 | |
| python_version: '3.12' | |
| - os: windows-2019 | |
| artifact_name: capa.exe | |
| asset_name: windows | |
| python_version: '3.10' | |
| - os: macos-13 | |
| # use older macOS for assumed better portability | |
| artifact_name: capa | |
| asset_name: macos | |
| python_version: '3.10' | |
| steps: | |
| - name: Checkout capa | |
| uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
| with: | |
| submodules: true | |
| - name: Set up Python ${{ matrix.python_version }} | |
| uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0 | |
| with: | |
| python-version: ${{ matrix.python_version }} | |
| - if: matrix.os == 'ubuntu-20.04' | |
| run: sudo apt-get install -y libyaml-dev | |
| - name: Upgrade pip, setuptools | |
| run: python -m pip install --upgrade pip setuptools | |
| - name: Capture installed packages before installation | |
| run: pip freeze > before.txt | |
| - name: Install capa with build requirements | |
| run: | | |
| pip install -r requirements.txt | |
| pip install -e .[build] | |
| - name: Capture installed packages after installation | |
| run: pip freeze > after.txt | |
| - name: Check for extra packages | |
| run: | | |
| diff <(sort before.txt) <(sort after.txt) > diff.txt || true | |
| if [ -s diff.txt ]; then | |
| echo "Warning: Extra packages were installed:" | |
| cat diff.txt | |
| else | |
| echo "No extra packages were installed." | |
| fi | |
| - name: Upload artifacts for debugging | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: debug-files-${{ github.run_id }} | |
| path: | | |
| before.txt | |
| after.txt | |
| diff.txt | |
| - name: Build standalone executable | |
| run: pyinstaller --log-level DEBUG .github/pyinstaller/pyinstaller.spec | |
| - name: Does it run (PE)? | |
| run: dist/capa -d "tests/data/Practical Malware Analysis Lab 01-01.dll_" | |
| - name: Does it run (Shellcode)? | |
| run: dist/capa -d "tests/data/499c2a85f6e8142c3f48d4251c9c7cd6.raw32" | |
| - name: Does it run (ELF)? | |
| run: dist/capa -d "tests/data/7351f8a40c5450557b24622417fc478d.elf_" | |
| - name: Does it run (CAPE)? | |
| run: | | |
| 7z e "tests/data/dynamic/cape/v2.2/d46900384c78863420fb3e297d0a2f743cd2b6b3f7f82bf64059a168e07aceb7.json.gz" | |
| dist/capa -d "d46900384c78863420fb3e297d0a2f743cd2b6b3f7f82bf64059a168e07aceb7.json" | |
| - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 | |
| with: | |
| name: ${{ matrix.asset_name }} | |
| path: dist/${{ matrix.artifact_name }} | |
| test_run: | |
| name: Test run on ${{ matrix.os }} / ${{ matrix.asset_name }} | |
| runs-on: ${{ matrix.os }} | |
| needs: [build] | |
| strategy: | |
| matrix: | |
| include: | |
| # OSs not already tested above | |
| - os: ubuntu-22.04 | |
| artifact_name: capa | |
| asset_name: linux | |
| - os: ubuntu-22.04 | |
| artifact_name: capa | |
| asset_name: linux-py312 | |
| - os: windows-2022 | |
| artifact_name: capa.exe | |
| asset_name: windows | |
| steps: | |
| - name: Download ${{ matrix.asset_name }} | |
| uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2 | |
| with: | |
| name: ${{ matrix.asset_name }} | |
| - name: Set executable flag | |
| if: matrix.os != 'windows-2022' | |
| run: chmod +x ${{ matrix.artifact_name }} | |
| - name: Run capa | |
| run: ./${{ matrix.artifact_name }} -h | |
| zip_and_upload: | |
| # upload zipped binaries to Release page | |
| if: github.event_name == 'release' | |
| name: zip and upload ${{ matrix.asset_name }} | |
| runs-on: ubuntu-latest | |
| needs: [build] | |
| strategy: | |
| matrix: | |
| include: | |
| - asset_name: linux | |
| artifact_name: capa | |
| - asset_name: linux-py312 | |
| artifact_name: capa | |
| - asset_name: windows | |
| artifact_name: capa.exe | |
| - asset_name: macos | |
| artifact_name: capa | |
| steps: | |
| - name: Download ${{ matrix.asset_name }} | |
| uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2 | |
| with: | |
| name: ${{ matrix.asset_name }} | |
| - name: Set executable flag | |
| run: chmod +x ${{ matrix.artifact_name }} | |
| - name: Set zip name | |
| run: echo "zip_name=capa-${GITHUB_REF#refs/tags/}-${{ matrix.asset_name }}.zip" >> $GITHUB_ENV | |
| - name: Zip ${{ matrix.artifact_name }} into ${{ env.zip_name }} | |
| run: zip ${{ env.zip_name }} ${{ matrix.artifact_name }} | |
| - name: Upload ${{ env.zip_name }} to GH Release | |
| uses: svenstaro/upload-release-action@2728235f7dc9ff598bd86ce3c274b74f802d2208 # v2 | |
| with: | |
| repo_token: ${{ secrets.GITHUB_TOKEN}} | |
| file: ${{ env.zip_name }} | |
| tag: ${{ github.ref }} |