-
-
Notifications
You must be signed in to change notification settings - Fork 82
238 lines (204 loc) · 8.14 KB
/
auto-update.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
name: Github CI
on:
push:
workflow_dispatch:
inputs:
debug_enabled:
description: 'Run the build with tmate debugging enabled (https://github.com/marketplace/actions/debugging-with-tmate)'
required: false
default: false
repository_dispatch:
schedule:
- cron: "0 */12 * * *" # https://crontab.guru/
defaults:
run:
shell: bash -x -e -c ". $0" "{0}"
working-directory: Fermion
jobs:
update:
runs-on: ubuntu-latest
outputs:
FRIDA_VER: ${{ steps.check.outputs.FRIDA_VER }}
FRIDA_GUM_VER: ${{ steps.check.outputs.FRIDA_GUM_VER }}
FRIDA_ELECTRON: ${{ steps.check.outputs.FRIDA_ELECTRON }}
FERMION_TAG: ${{ steps.check.outputs.FERMION_TAG }}
NO_BUILD: ${{ steps.checkTag.outputs.exists }}
steps:
- name: Checkout
uses: actions/checkout@v3
with:
fetch-depth: 2
submodules: recursive
- uses: gautamkrishnar/keepalive-workflow@master
# Enable tmate debugging of manually-triggered workflows if the input option was provided
- name: Setup tmate session
uses: mxschmitt/action-tmate@v3
if: ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.debug_enabled }}
env:
SECRETS_CONTEXT: ${{ toJson(secrets) }}
- name: Populate Fermion Variables
id: check
run: python3 ../.github/workflows/populate_variables.py
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# Check if we are building a new Fermion tag
- uses: mukunku/[email protected]
id: checkTag
with:
tag: v${{ steps.check.outputs.FERMION_TAG }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
build:
needs:
- update
if: ${{ needs.update.outputs.NO_BUILD == 'false' }}
# Build Matrix
strategy:
matrix:
os: [macos-latest, ubuntu-latest, windows-latest]
# Create tasks across our build matrix
runs-on: ${{ matrix.os }}
steps:
- name: Checkout
uses: actions/checkout@v3
with:
fetch-depth: 2
submodules: recursive
- uses: actions/setup-node@v3
with:
node-version: '16'
# Update dependency versions in the package manifest & install
- name: Update Frida package
id: npmi
run: |
export npm_config_runtime=electron
export npm_config_target=${{needs.update.outputs.FRIDA_ELECTRON}}
npm install
npm i @types/frida-gum@${{needs.update.outputs.FRIDA_GUM_VER}}
npm i frida@${{needs.update.outputs.FRIDA_VER}}
echo "ELECTRON_VER=${{needs.update.outputs.FRIDA_ELECTRON}}" >> $GITHUB_OUTPUT
- name: Prepare building..
run: |
OUT='${{ github.workspace }}/build'
echo "OUT=$OUT" >> $GITHUB_ENV
rm -rf "$OUT"
mkdir "$OUT"
# Package Fermion across our build matrix
- name: Build Windows
if: runner.os == 'Windows'
run: |
npx electron-packager . --icon ./src/images/fermion-ico.ico --out "$OUT"
- name: Build Linux
if: runner.os == 'Linux'
run: |
npx electron-packager . --icon ./src/images/fermion-ico.png --out "$OUT"
- name: Build macOS
if: runner.os == 'macOS'
run: |
npx electron-packager . --icon ./src/images/fermion-ico.icns --out "$OUT"
# Archive fermion
- name: Package build asset
run: |
cd "$OUT"
find . -type d -name node_modules -prune -exec ls -ald "{}" \;
ZIPNAME="fermion-${{ matrix.os }}-v${{ needs.update.outputs.FERMION_TAG }}"
if command -v zip > /dev/null; then
(cd *; zip -qr "../$ZIPNAME.zip" .)
else
(cd *; python3 -c "import shutil; shutil.make_archive('../$ZIPNAME', 'zip', '.')")
fi
ls -al
# Upload action artifact as-is
- name: Upload to GitHub Actions artifact
uses: NyaMisty/upload-artifact-as-is@master
with:
path: ${{ env.OUT }}/fermion-*.zip
release:
runs-on: ubuntu-latest
needs:
- update
- build
name: "release"
steps:
- name: "Create artifact directory"
run: |
mkdir -p build_output
working-directory: ${{ runner.temp }}
- name: "Download all artifacts"
uses: actions/download-artifact@v2
with:
path: ${{ runner.temp }}/build_output
- name: "Rearrange artifacts"
run: |
find build_output
mkdir -p build_release
mv build_output/*/* build_release
ls build_release
if [ "$(ls -A build_release)" ]; then exit 0; else exit 1; fi
working-directory: ${{ runner.temp }}
- name: Checkout
uses: actions/checkout@v3
with:
fetch-depth: 2
submodules: recursive
- name: Update package index
run: |
export npm_config_runtime=electron
export npm_config_target=${{needs.update.outputs.FRIDA_ELECTRON}}
npm install
npm i @types/frida-gum@${{needs.update.outputs.FRIDA_GUM_VER}}
npm i frida@${{needs.update.outputs.FRIDA_VER}}
- name: Update badgen & compile instructions
run: |
# Set new frida version for badgen
perl -i -pe 's|badgen.net/badge/Frida-Node/v[\d.]+?/grey|badgen.net/badge/Frida-Node/v${{ needs.update.outputs.FRIDA_VER }}/grey|' ../README.md
# Set new gum version for badgen
perl -i -pe 's|badgen.net/badge/Frida-Gum/v[\d.]+?/grey|badgen.net/badge/Frida-Gum/v${{ needs.update.outputs.FRIDA_GUM_VER }}/grey|' ../README.md
# Set new Fermion version for badgen
perl -i -pe 's|badgen.net/badge/Fermion/v[\d.]+?/grey|badgen.net/badge/Fermion/v${{ needs.update.outputs.FERMION_TAG }}/grey|' ../README.md
# Set new electron version for README
perl -i -pe 's|npm_config_target=[\d.]+|npm_config_target=${{ needs.update.outputs.FRIDA_ELECTRON }}|' ../README.md
# This is still a todo
- name: Update Frida assets
run: |
/bin/bash .github/workflows/update_fermion_asset.sh
working-directory: ${{ github.workspace }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# Commit
- name: Update Versions to Git
id: bumpver
run: |
if ! [ -z "$(git status --untracked-files=no --porcelain)" ]; then
AUTOUPDATE_PATTERN="^\[AutoUpdate\]"
preserve_branch=0
if ! [[ "$(git log -1 --pretty=%B)" =~ $AUTOUPDATE_PATTERN ]]; then
preserve_branch=1
git branch -f before_auto_update
fi
git config --local user.email "41898282+github-actions[bot]@users.noreply.github.com"
git config --local user.name "github-actions[bot]"
git commit -a -m "[AutoUpdate] v${{ needs.update.outputs.FERMION_TAG }}"
git push origin master
if [[ "$preserve_branch" == "1" ]]; then
git push -f origin before_auto_update
fi
fi
echo "CURRENT_SHA=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT
# Release
- name: Create New Release and Upload
if: ${{ !startsWith(github.ref, 'refs/tags/') }}
uses: ncipollo/release-action@v1
with:
artifacts: "${{ runner.temp }}/build_release/*"
name: "${{ format('Fermion v{0}', needs.update.outputs.FERMION_TAG, needs.update.outputs.FRIDA_VER, needs.update.outputs.FRIDA_GUM_VER) }}"
body: "${{ format('Electron: {0}\nFrida: {1}\nGumJS: {2}\nBuild: Windows, Linux, Mac\n', needs.update.outputs.FRIDA_ELECTRON, needs.update.outputs.FRIDA_VER, needs.update.outputs.FRIDA_GUM_VER) }}"
tag: v${{ needs.update.outputs.FERMION_TAG }}
commit: ${{ steps.bumpver.outputs.CURRENT_SHA }}
prerelease: false
allowUpdates: true
# NOTE: edit this to false & true if you want to preserve original artifact
removeArtifacts: true
replacesArtifacts: false
artifactErrorsFailBuild: true
token: ${{ secrets.GITHUB_TOKEN }}