Add VirusTotal upload to release workflow, bring back Snowflake driver #211
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: push | |
| env: | |
| APP: usql | |
| VER: ${{ github.ref_name }} | |
| GO_VERSION: stable | |
| jobs: | |
| build_for_linux: | |
| name: Build for Linux | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| arch: [amd64, arm, arm64] | |
| steps: | |
| - name: Install build dependencies | |
| run: | | |
| sudo apt-get -qq update | |
| sudo apt-get install -y \ | |
| build-essential \ | |
| qemu-user \ | |
| gcc-arm-linux-gnueabihf \ | |
| g++-arm-linux-gnueabihf \ | |
| gcc-aarch64-linux-gnu \ | |
| g++-aarch64-linux-gnu \ | |
| libstdc++6-armhf-cross \ | |
| libstdc++6-arm64-cross \ | |
| libc6-dev-armhf-cross \ | |
| libc6-dev-arm64-cross \ | |
| file | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| - name: Build ${{ matrix.arch }} | |
| run: | | |
| ./build.sh -v $VER -a ${{ matrix.arch }} | |
| - name: Build ${{ matrix.arch }} (static) | |
| if: matrix.arch != 'arm' | |
| run: | | |
| ./build.sh -v $VER -a ${{ matrix.arch }} -s | |
| - name: Archive artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: dist-linux-${{ matrix.arch }} | |
| path: build/linux/**/* | |
| if-no-files-found: error | |
| build_for_macos: | |
| name: Build for macOS | |
| runs-on: macos-latest | |
| strategy: | |
| matrix: | |
| arch: [amd64, arm64] | |
| steps: | |
| - name: Install build dependencies | |
| run: | | |
| brew install coreutils gnu-tar | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| - name: Build ${{ matrix.arch }} | |
| run: | | |
| ./build.sh -v $VER -a ${{ matrix.arch }} | |
| - name: Archive artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: dist-darwin-${{ matrix.arch }} | |
| path: build/darwin/**/* | |
| if-no-files-found: error | |
| build_for_macos_universal: | |
| name: Build for macOS (universal) | |
| needs: | |
| - build_for_macos | |
| runs-on: macos-latest | |
| steps: | |
| - name: Install build dependencies | |
| run: | | |
| brew install coreutils gnu-tar | |
| - name: Download artifacts | |
| uses: actions/download-artifact@v4 | |
| - name: Build universal | |
| run: | | |
| export WORKDIR=$PWD/build/darwin/universal/$VER | |
| mkdir -p $WORKDIR | |
| gtar -jxvf dist-darwin-amd64/*/*/*.tar.bz2 -C $WORKDIR $APP | |
| gtar -jxvf dist-darwin-amd64/*/*/*.tar.bz2 -C $WORKDIR LICENSE | |
| mv $WORKDIR/$APP $WORKDIR/$APP-amd64 | |
| gtar -jxvf dist-darwin-arm64/*/*/*.tar.bz2 -C $WORKDIR $APP | |
| mv $WORKDIR/$APP $WORKDIR/$APP-arm64 | |
| file $WORKDIR/$APP-{amd64,arm64} | |
| lipo -create -output $WORKDIR/$APP $WORKDIR/$APP-amd64 $WORKDIR/$APP-arm64 | |
| chmod +x $WORKDIR/$APP | |
| file $WORKDIR/$APP | |
| rm $WORKDIR/$APP-{amd64,arm64} | |
| sudo /usr/sbin/purge | |
| gtar -C $WORKDIR -cjf $WORKDIR/$APP-${VER#v}-darwin-universal.tar.bz2 $APP LICENSE | |
| ls -alh $WORKDIR/* | |
| sha256sum $WORKDIR/* | |
| - name: Archive artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: dist-darwin-universal | |
| path: build/darwin/**/* | |
| if-no-files-found: error | |
| build_for_windows: | |
| name: Build for Windows | |
| runs-on: windows-latest | |
| steps: | |
| - name: Install build dependencies | |
| run: choco install zip | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| - name: Build amd64 | |
| shell: bash | |
| run: | | |
| ./build.sh -v $VER | |
| - name: Archive artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: dist-windows | |
| path: build/windows/**/* | |
| if-no-files-found: error | |
| release: | |
| name: Draft Release | |
| needs: | |
| - build_for_linux | |
| - build_for_macos | |
| - build_for_macos_universal | |
| - build_for_windows | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Download artifacts | |
| uses: actions/download-artifact@v4 | |
| - name: Extract artifacts | |
| run: | | |
| mkdir /tmp/scan | |
| mkdir scan | |
| for i in dist-*/*/*/*.tar.bz2; do | |
| ver=$(sed -e 's/\.tar\.bz2$//' <<< $i|cut -d- -f2-) | |
| echo "extracting $i ($ver)" | |
| tar -C /tmp/scan -jv -f $i -x $APP | |
| hash=$(sha256sum /tmp/scan/$APP|awk '{print $1}') | |
| mv /tmp/scan/$APP ./scan/$APP-$ver-${hash:0:8} | |
| done | |
| for i in dist-*/*/*/*.zip; do | |
| ver=$(sed -e 's/\.zip$//' <<< $i|cut -d- -f2-) | |
| echo "extracting $i ($ver)" | |
| unzip -d /tmp/scan $i $APP.exe | |
| hash=$(sha256sum /tmp/scan/$APP.exe|awk '{print $1}') | |
| mv /tmp/scan/$APP.exe ./scan/$APP-$ver-${hash:0:8}.exe | |
| done | |
| - name: Submit to VirusTotal | |
| uses: crazy-max/ghaction-virustotal@v4 | |
| with: | |
| vt_api_key: ${{ secrets.VIRUSTOTAL_API_KEY }} | |
| request_rate: 4 | |
| files: | | |
| ./scan/${{ env.APP }}-* | |
| - name: Release | |
| uses: softprops/action-gh-release@v2 | |
| if: startsWith(github.ref, 'refs/tags/v') | |
| with: | |
| name: ${{ env.APP }} ${{ env.VER }} | |
| draft: true | |
| generate_release_notes: true | |
| files: | | |
| dist-*/*/*/*.tar.bz2 | |
| dist-*/*/*/*.zip |