mirror of
https://github.com/lunchcat/sif.git
synced 2026-04-28 11:33:06 -07:00
a469463c19
Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release) from 2 to 3. - [Release notes](https://github.com/softprops/action-gh-release/releases) - [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md) - [Commits](https://github.com/softprops/action-gh-release/compare/v2...v3) --- updated-dependencies: - dependency-name: softprops/action-gh-release dependency-version: '3' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
208 lines
6.8 KiB
YAML
208 lines
6.8 KiB
YAML
name: release
|
|
|
|
on:
|
|
push:
|
|
tags:
|
|
- "v*"
|
|
|
|
permissions:
|
|
contents: write
|
|
packages: write
|
|
|
|
jobs:
|
|
test:
|
|
uses: ./.github/workflows/runtest.yml
|
|
|
|
build-and-release:
|
|
needs: test
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
contents: write
|
|
steps:
|
|
- uses: actions/checkout@v6
|
|
- name: set up go
|
|
uses: actions/setup-go@v5
|
|
with:
|
|
go-version: "1.24"
|
|
|
|
- name: extract version
|
|
run: echo "VERSION=${GITHUB_REF_NAME#v}" >> $GITHUB_ENV
|
|
|
|
- name: build for windows
|
|
run: |
|
|
GOOS=windows GOARCH=amd64 go build -ldflags="-s -w -X main.version=${{ env.VERSION }}" -o sif-windows-amd64.exe ./cmd/sif
|
|
GOOS=windows GOARCH=386 go build -ldflags="-s -w -X main.version=${{ env.VERSION }}" -o sif-windows-386.exe ./cmd/sif
|
|
|
|
- name: build for macOS
|
|
run: |
|
|
GOOS=darwin GOARCH=amd64 go build -ldflags="-s -w -X main.version=${{ env.VERSION }}" -o sif-macos-amd64 ./cmd/sif
|
|
GOOS=darwin GOARCH=arm64 go build -ldflags="-s -w -X main.version=${{ env.VERSION }}" -o sif-macos-arm64 ./cmd/sif
|
|
|
|
- name: build for linux
|
|
run: |
|
|
GOOS=linux GOARCH=amd64 go build -ldflags="-s -w -X main.version=${{ env.VERSION }}" -o sif-linux-amd64 ./cmd/sif
|
|
GOOS=linux GOARCH=386 go build -ldflags="-s -w -X main.version=${{ env.VERSION }}" -o sif-linux-386 ./cmd/sif
|
|
GOOS=linux GOARCH=arm64 go build -ldflags="-s -w -X main.version=${{ env.VERSION }}" -o sif-linux-arm64 ./cmd/sif
|
|
|
|
- name: package releases with modules
|
|
run: |
|
|
for binary in sif-linux-amd64 sif-linux-386 sif-linux-arm64 sif-macos-amd64 sif-macos-arm64; do
|
|
mkdir -p "dist/${binary}"
|
|
cp "${binary}" "dist/${binary}/sif"
|
|
cp -r modules "dist/${binary}/"
|
|
tar -czf "${binary}.tar.gz" -C dist "${binary}"
|
|
done
|
|
for binary in sif-windows-amd64 sif-windows-386; do
|
|
mkdir -p "dist/${binary}"
|
|
cp "${binary}.exe" "dist/${binary}/sif.exe"
|
|
cp -r modules "dist/${binary}/"
|
|
cd dist && zip -r "../${binary}.zip" "${binary}" && cd ..
|
|
done
|
|
|
|
- name: build debian packages
|
|
run: |
|
|
declare -A arch_map=(
|
|
["sif-linux-amd64"]="amd64"
|
|
["sif-linux-386"]="i386"
|
|
["sif-linux-arm64"]="arm64"
|
|
)
|
|
|
|
for binary in sif-linux-amd64 sif-linux-386 sif-linux-arm64; do
|
|
arch="${arch_map[$binary]}"
|
|
pkg_dir="sif_${{ env.VERSION }}_${arch}"
|
|
|
|
mkdir -p "${pkg_dir}/DEBIAN"
|
|
mkdir -p "${pkg_dir}/usr/bin"
|
|
mkdir -p "${pkg_dir}/usr/share/sif/modules"
|
|
|
|
cp "${binary}" "${pkg_dir}/usr/bin/sif"
|
|
chmod 755 "${pkg_dir}/usr/bin/sif"
|
|
cp -r modules/* "${pkg_dir}/usr/share/sif/modules/"
|
|
|
|
cat > "${pkg_dir}/DEBIAN/control" << EOF
|
|
Package: sif
|
|
Version: ${{ env.VERSION }}
|
|
Section: security
|
|
Priority: optional
|
|
Architecture: ${arch}
|
|
Maintainer: vmfunc <celeste@linux.com>
|
|
Homepage: https://github.com/vmfunc/sif
|
|
Description: Modular pentesting toolkit
|
|
sif is a fast, concurrent, and extensible pentesting toolkit written in Go.
|
|
It supports multiple scan types including directory fuzzing, subdomain
|
|
enumeration, port scanning, and vulnerability detection.
|
|
EOF
|
|
|
|
dpkg-deb --build "${pkg_dir}"
|
|
done
|
|
|
|
- name: generate checksums
|
|
run: |
|
|
sha256sum \
|
|
sif-windows-amd64.zip \
|
|
sif-windows-386.zip \
|
|
sif-macos-amd64.tar.gz \
|
|
sif-macos-arm64.tar.gz \
|
|
sif-linux-amd64.tar.gz \
|
|
sif-linux-386.tar.gz \
|
|
sif-linux-arm64.tar.gz \
|
|
sif_*.deb \
|
|
> checksums-sha256.txt
|
|
|
|
- name: generate SBOM
|
|
uses: anchore/sbom-action@v0
|
|
with:
|
|
artifact-name: sbom.spdx.json
|
|
output-file: sbom.spdx.json
|
|
|
|
- name: generate changelog
|
|
id: changelog
|
|
uses: actions/github-script@v8
|
|
with:
|
|
result-encoding: string
|
|
script: |
|
|
const { data: releases } = await github.rest.repos.listReleases({
|
|
owner: context.repo.owner,
|
|
repo: context.repo.repo,
|
|
per_page: 1,
|
|
});
|
|
|
|
const prev = releases.length > 0 ? releases[0].tag_name : '';
|
|
const range = prev ? `${prev}...${context.ref}` : '';
|
|
|
|
const { data: commits } = await github.rest.repos.compareCommitsWithBasehead({
|
|
owner: context.repo.owner,
|
|
repo: context.repo.repo,
|
|
basehead: prev ? `${prev}...${{ github.ref_name }}` : `${{ github.sha }}~10...${{ github.sha }}`,
|
|
}).catch(() => ({ data: { commits: [] } }));
|
|
|
|
let log = '';
|
|
for (const c of commits.commits || []) {
|
|
const msg = c.commit.message.split('\n')[0];
|
|
const sha = c.sha.substring(0, 7);
|
|
log += `- ${msg} (${sha})\n`;
|
|
}
|
|
|
|
return log || 'initial release';
|
|
|
|
- name: create release
|
|
uses: softprops/action-gh-release@v3
|
|
with:
|
|
name: sif v${{ env.VERSION }}
|
|
body: |
|
|
## what's changed
|
|
|
|
${{ steps.changelog.outputs.result }}
|
|
|
|
## install
|
|
|
|
**homebrew / linuxbrew**
|
|
```bash
|
|
# coming soon
|
|
```
|
|
|
|
**debian / ubuntu**
|
|
```bash
|
|
sudo dpkg -i sif_${{ env.VERSION }}_amd64.deb
|
|
```
|
|
|
|
**go install**
|
|
```bash
|
|
go install github.com/dropalldatabases/sif/cmd/sif@v${{ env.VERSION }}
|
|
```
|
|
|
|
**binary download** - grab the right archive from below.
|
|
|
|
## verification
|
|
|
|
```bash
|
|
sha256sum -c checksums-sha256.txt
|
|
```
|
|
draft: false
|
|
prerelease: ${{ contains(github.ref_name, '-') }}
|
|
files: |
|
|
sif-windows-amd64.zip
|
|
sif-windows-386.zip
|
|
sif-macos-amd64.tar.gz
|
|
sif-macos-arm64.tar.gz
|
|
sif-linux-amd64.tar.gz
|
|
sif-linux-386.tar.gz
|
|
sif-linux-arm64.tar.gz
|
|
sif_*_amd64.deb
|
|
sif_*_i386.deb
|
|
sif_*_arm64.deb
|
|
checksums-sha256.txt
|
|
sbom.spdx.json
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
- name: push to cloudsmith
|
|
if: ${{ !contains(github.ref_name, '-') }}
|
|
env:
|
|
CLOUDSMITH_API_KEY: ${{ secrets.CLOUDSMITH_API_KEY }}
|
|
run: |
|
|
pip install cloudsmith-cli
|
|
for deb in sif_*.deb; do
|
|
cloudsmith push deb sif/deb/any-distro/any-version "$deb" -k "$CLOUDSMITH_API_KEY"
|
|
done
|