name: build on: pull_request: branches: [ master ] paths-ignore: - 'web/**' - 'doc/**' - '**.md' release: types: [edited, published] permissions: contents: write jobs: build: name: PyInstaller for ${{ matrix.os }} / Py ${{ matrix.python_version }} runs-on: ${{ matrix.os }} strategy: # set to false for debugging fail-fast: true matrix: # using Python 3.8 to support running across multiple operating systems including Windows 7 include: - os: ubuntu-20.04 # use old linux so that the shared library versioning is more portable artifact_name: capa asset_name: linux python_version: 3.8 - os: ubuntu-20.04 artifact_name: capa asset_name: linux-py311 python_version: 3.11 - os: windows-2019 artifact_name: capa.exe asset_name: windows python_version: 3.8 - os: macos-12 # use older macOS for assumed better portability artifact_name: capa asset_name: macos python_version: 3.8 steps: - name: Checkout capa uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: submodules: true - name: Set up Python ${{ matrix.python_version }} uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0 with: python-version: ${{ matrix.python_version }} - if: matrix.os == 'ubuntu-20.04' run: sudo apt-get install -y libyaml-dev - name: Upgrade pip, setuptools run: python -m pip install --upgrade pip setuptools - name: Install capa with build requirements run: | pip install -r requirements.txt pip install -e .[build] - name: Build standalone executable run: pyinstaller --log-level DEBUG .github/pyinstaller/pyinstaller.spec - name: Does it run (PE)? run: dist/capa -d "tests/data/Practical Malware Analysis Lab 01-01.dll_" - name: Does it run (Shellcode)? run: dist/capa -d "tests/data/499c2a85f6e8142c3f48d4251c9c7cd6.raw32" - name: Does it run (ELF)? run: dist/capa -d "tests/data/7351f8a40c5450557b24622417fc478d.elf_" - name: Does it run (CAPE)? run: | 7z e "tests/data/dynamic/cape/v2.2/d46900384c78863420fb3e297d0a2f743cd2b6b3f7f82bf64059a168e07aceb7.json.gz" dist/capa -d "d46900384c78863420fb3e297d0a2f743cd2b6b3f7f82bf64059a168e07aceb7.json" - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 with: name: ${{ matrix.asset_name }} path: dist/${{ matrix.artifact_name }} test_run: name: Test run on ${{ matrix.os }} / ${{ matrix.asset_name }} runs-on: ${{ matrix.os }} needs: [build] strategy: matrix: include: # OSs not already tested above - os: ubuntu-22.04 artifact_name: capa asset_name: linux - os: ubuntu-22.04 artifact_name: capa asset_name: linux-py311 - os: windows-2022 artifact_name: capa.exe asset_name: windows steps: - name: Download ${{ matrix.asset_name }} uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2 with: name: ${{ matrix.asset_name }} - name: Set executable flag if: matrix.os != 'windows-2022' run: chmod +x ${{ matrix.artifact_name }} - name: Run capa run: ./${{ matrix.artifact_name }} -h zip_and_upload: # upload zipped binaries to Release page if: github.event_name == 'release' name: zip and upload ${{ matrix.asset_name }} runs-on: ubuntu-20.04 needs: [build] strategy: matrix: include: - asset_name: linux artifact_name: capa - asset_name: linux-py311 artifact_name: capa - asset_name: windows artifact_name: capa.exe - asset_name: macos artifact_name: capa steps: - name: Download ${{ matrix.asset_name }} uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2 with: name: ${{ matrix.asset_name }} - name: Set executable flag run: chmod +x ${{ matrix.artifact_name }} - name: Set zip name run: echo "zip_name=capa-${GITHUB_REF#refs/tags/}-${{ matrix.asset_name }}.zip" >> $GITHUB_ENV - name: Zip ${{ matrix.artifact_name }} into ${{ env.zip_name }} run: zip ${{ env.zip_name }} ${{ matrix.artifact_name }} - name: Upload ${{ env.zip_name }} to GH Release uses: svenstaro/upload-release-action@2728235f7dc9ff598bd86ce3c274b74f802d2208 # v2 with: repo_token: ${{ secrets.GITHUB_TOKEN}} file: ${{ env.zip_name }} tag: ${{ github.ref }}