chore(ci): bump aquasecurity/trivy-action from 0.22.0 to 0.23.0 #1612
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and Package Drifty | |
| on: | |
| push: | |
| paths-ignore: | |
| - "Website/**" | |
| - "*.md" | |
| - "*.txt" | |
| pull_request: | |
| paths-ignore: | |
| - "Website/**" | |
| - "*.md" | |
| - "*.txt" | |
| workflow_dispatch: | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| build-Drifty: | |
| name: Build [${{ matrix.os }}, ${{ matrix.mode }}] | |
| strategy: | |
| matrix: | |
| os: ["windows-latest", "macos-latest", "ubuntu-latest"] | |
| mode: ["CLI", "GUI"] | |
| fail-fast: false | |
| runs-on: ${{ matrix.os }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| # Setup the Windows build environment | |
| - name: Add msbuild to PATH | |
| if: ${{ matrix.os == 'windows-latest' && matrix.mode == 'GUI' }} | |
| uses: microsoft/setup-msbuild@v2 | |
| with: | |
| msbuild-architecture: x64 | |
| - name: Visual Studio shell | |
| if: ${{ matrix.os == 'windows-latest' && matrix.mode == 'GUI' }} | |
| uses: egor-tensin/vs-shell@v2 | |
| - name: Update system packages | |
| if: ${{ matrix.os == 'ubuntu-latest' && matrix.mode == 'GUI' }} | |
| run: sudo apt-get update | |
| - name: Install required build dependencies for Linux | |
| if: ${{ matrix.os == 'ubuntu-latest' && matrix.mode == 'GUI' }} | |
| run: | | |
| sudo apt-get install libasound2-dev libavcodec-dev libavformat-dev libavutil-dev libfreetype6-dev | |
| sudo apt-get install libgl-dev libglib2.0-dev libgtk-3-dev libpango1.0-dev libx11-dev libxtst-dev zlib1g-dev | |
| - name: Set up GraalVM JDK 21 | |
| uses: graalvm/setup-graalvm@v1 | |
| with: | |
| java-version: '21' | |
| distribution: 'graalvm' | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| set-java-home: true | |
| cache: 'maven' | |
| - name: Package Drifty CLI for ${{ matrix.os }} with GraalVM | |
| if: ${{ matrix.mode == 'CLI' }} | |
| shell: bash | |
| run: mvn -P build-drifty-cli-for-${{ matrix.os }} package | |
| - name: Set Up Maven version 3.8.8 # For GUI build issues, maven version 3.8.8 needs to be used | |
| if: ${{ matrix.mode == 'GUI' }} | |
| uses: stCarolas/setup-maven@v5 | |
| with: | |
| maven-version: 3.8.8 | |
| - name: Build platform-specific C object for missing jdk libraries | |
| if: ${{ matrix.mode == 'GUI' }} | |
| shell: bash | |
| run: gcc -c config/missing_symbols.c -o config/missing_symbols-${{ matrix.os }}.o | |
| - name: Install dependency modules for GUI | |
| if: ${{ matrix.mode == 'GUI' }} | |
| run: mvn -U clean install | |
| - name: Package Drifty GUI for ${{ matrix.os }} with GluonFX maven plugin | |
| if: ${{ matrix.mode == 'GUI' }} | |
| run: mvn -P build-drifty-gui-for-${{ matrix.os }} gluonfx:build gluonfx:package -rf :GUI | |
| - name: Create Application Type specific folders | |
| run: | | |
| mkdir build | |
| mkdir build/${{ matrix.mode }} | |
| - name: Categorise build artifacts for linux | |
| if: ${{ matrix.os == 'ubuntu-latest' }} | |
| run: | | |
| if ${{ matrix.mode == 'CLI' }}; then | |
| mv "CLI/target/CLI/linux/Drifty CLI" "CLI/target/CLI/linux/Drifty-CLI_linux" | |
| mv "CLI/target/CLI/linux/Drifty-CLI_linux" -t build/CLI | |
| else | |
| mv GUI/target/gluonfx/x86_64-linux/GUI "GUI/target/gluonfx/x86_64-linux/Drifty-GUI_linux" | |
| mv "GUI/target/gluonfx/x86_64-linux/Drifty-GUI_linux" -t build/GUI | |
| fi | |
| - name: Categorise build artifacts for windows | |
| if: ${{ matrix.os == 'windows-latest' }} | |
| shell: bash | |
| run: | | |
| if ${{ matrix.mode == 'CLI' }}; then | |
| mv "CLI/target/CLI/windows/Drifty CLI.exe" "CLI/target/CLI/windows/Drifty-CLI.exe" | |
| mv "CLI/target/CLI/windows/Drifty-CLI.exe" build/CLI | |
| else | |
| mv GUI/target/gluonfx/x86_64-windows/GUI-1.0.msi "GUI/target/gluonfx/x86_64-windows/Drifty-GUI.msi" | |
| mv GUI/target/gluonfx/x86_64-windows/GUI.exe "GUI/target/gluonfx/x86_64-windows/Drifty-GUI.exe" | |
| mv "GUI/target/gluonfx/x86_64-windows/Drifty-GUI.msi" build/GUI | |
| mv "GUI/target/gluonfx/x86_64-windows/Drifty-GUI.exe" build/GUI | |
| fi | |
| - name: Categorise build artifacts for macOS | |
| if: ${{ matrix.os == 'macos-latest' }} | |
| run: | | |
| if ${{ matrix.mode == 'CLI' }}; then | |
| mv "CLI/target/CLI/macos/Drifty CLI" "CLI/target/CLI/macos/Drifty-CLI_macos" | |
| mv "CLI/target/CLI/macos/Drifty-CLI_macos" build/CLI | |
| else | |
| mv GUI/target/gluonfx/aarch64-darwin/GUI-1.0.0.pkg "GUI/target/gluonfx/aarch64-darwin/Drifty-GUI.pkg" | |
| mv GUI/target/gluonfx/aarch64-darwin/GUI.app "GUI/target/gluonfx/aarch64-darwin/Drifty-GUI.app" | |
| mv "GUI/target/gluonfx/aarch64-darwin/Drifty-GUI.pkg" build/GUI | |
| mv "GUI/target/gluonfx/aarch64-darwin/Drifty-GUI.app" build/GUI | |
| fi | |
| - name: Tar build files # To prevent file permission loss | |
| run: | | |
| tar -cvf ${{ matrix.os }}-${{ matrix.mode }}.tar build/${{ matrix.mode }} | |
| - name: Push generated artifacts for ${{ matrix.os }} for ${{ matrix.mode }} | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: ${{ matrix.os }}-${{ matrix.mode }}-Build-Files | |
| path: ${{ matrix.os }}-${{ matrix.mode }}.tar | |
| generate-metadata-and-create-release: | |
| name: Artifacts Metadata & Release | |
| runs-on: ubuntu-latest | |
| needs: build-Drifty | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-tags: true | |
| - name: Get Drifty version from version.json file | |
| run: echo "VERSION=$(jq .version version.json | sed -r 's/"//g')" >> $GITHUB_ENV | |
| - name: Split up Version into semantic parts | |
| run: | | |
| echo "VERSION_NUMBER=$(echo $VERSION | cut -d '-' -f1)" >> $GITHUB_ENV | |
| if [[ $VERSION == *-* ]]; then | |
| RELEASE_STAGE=$(echo $VERSION | cut -d '-' -f2 | cut -d '.' -f1) | |
| REVISION_NUMBER=$(echo $VERSION | cut -d '-' -f2 | cut -d '.' -f2) | |
| else | |
| RELEASE_STAGE="Stable" | |
| REVISION_NUMBER=0 | |
| fi | |
| echo "REVISION_NUMBER=$REVISION_NUMBER" >> $GITHUB_ENV | |
| if [[ $RELEASE_STAGE == "alpha" ]]; then | |
| echo "RELEASE_STAGE=Alpha" >> $GITHUB_ENV | |
| elif [[ $RELEASE_STAGE == "beta" ]]; then | |
| echo "RELEASE_STAGE=Beta" >> $GITHUB_ENV | |
| elif [[ $RELEASE_STAGE == "rc" ]]; then | |
| echo "RELEASE_STAGE=Release Candidate" >> $GITHUB_ENV | |
| else | |
| echo "RELEASE_STAGE=Stable" >> $GITHUB_ENV | |
| fi | |
| - name: Fetch Previous Release Version | |
| if: ${{ github.event_name == 'workflow_dispatch' && github.repository == 'SaptarshiSarkar12/Drifty' }} | |
| run: | | |
| if ${{ env.RELEASE_STAGE == 'Stable' }}; then | |
| PREVIOUS_RELEASE_VERSION=$(gh release list --exclude-pre-releases -L 1 --json tagName | grep -o 'v[0-9]*.[0-9]*.[0-9]*') | |
| else | |
| if (gh release list -L 1 --json tagName | grep -o 'v[0-9]*.[0-9]*.[0-9]*-[a-z]*[.0-9]*'); then | |
| PREVIOUS_RELEASE_VERSION=$(gh release list -L 1 --json tagName | grep -o 'v[0-9]*.[0-9]*.[0-9]*-[a-z]*[.0-9]*') | |
| else | |
| PREVIOUS_RELEASE_VERSION=$(gh release list -L 1 --json tagName | grep -o 'v[0-9]*.[0-9]*.[0-9]*') | |
| fi | |
| fi | |
| echo "PREVIOUS_RELEASE_VERSION=$PREVIOUS_RELEASE_VERSION" >> $GITHUB_ENV | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Download Build artifacts | |
| uses: actions/download-artifact@v4 | |
| - name: Make OS specific build directories | |
| run: | | |
| mkdir linux | |
| mkdir macos | |
| mkdir windows | |
| - name: Extract build files from tar | |
| run: | | |
| tar -xvf ubuntu-latest-CLI-Build-Files/ubuntu-latest-CLI.tar -C linux | |
| tar -xvf ubuntu-latest-GUI-Build-Files/ubuntu-latest-GUI.tar -C linux | |
| tar -xvf macos-latest-CLI-Build-Files/macos-latest-CLI.tar -C macos | |
| tar -xvf macos-latest-GUI-Build-Files/macos-latest-GUI.tar -C macos | |
| tar -xvf windows-latest-CLI-Build-Files/windows-latest-CLI.tar -C windows | |
| tar -xvf windows-latest-GUI-Build-Files/windows-latest-GUI.tar -C windows | |
| - name: Get Size of Build Artifacts | |
| run: | | |
| echo "CLI_LINUX_SIZE=$(echo `du -h 'linux/build/CLI/Drifty-CLI_linux'` | sed 's/ .*//')" >> "$GITHUB_ENV" | |
| echo "GUI_LINUX_SIZE=$(echo `du -h 'linux/build/GUI/Drifty-GUI_linux'` | sed 's/ .*//')" >> "$GITHUB_ENV" | |
| echo "CLI_MACOS_SIZE=$(echo `du -h 'macos/build/CLI/Drifty-CLI_macos'` | sed 's/ .*//')" >> "$GITHUB_ENV" | |
| echo "GUI_MACOS_PKG_SIZE=$(echo `du -h 'macos/build/GUI/Drifty-GUI.pkg'` | sed 's/ .*//')" >> "$GITHUB_ENV" | |
| echo "GUI_MACOS_APP_SIZE=$(echo `du -h 'macos/build/GUI/Drifty-GUI.app'` | sed 's/ .*//')" >> "$GITHUB_ENV" | |
| echo "CLI_WINDOWS_SIZE=$(echo `du -h 'windows/build/CLI/Drifty-CLI.exe'` | sed 's/ .*//')" >> "$GITHUB_ENV" | |
| echo "GUI_WINDOWS_MSI_SIZE=$(echo `du -h 'windows/build/GUI/Drifty-GUI.msi'` | sed 's/ .*//')" >> "$GITHUB_ENV" | |
| echo "GUI_WINDOWS_EXE_SIZE=$(echo `du -h 'windows/build/GUI/Drifty-GUI.exe'` | sed 's/ .*//')" >> "$GITHUB_ENV" | |
| - name: Generate Artifact metadata summary | |
| run: | | |
| if ${{ github.event_name == 'workflow_dispatch' }}; then | |
| if ${{ env.RELEASE_STAGE == 'Stable' }}; then | |
| echo "# Drifty v$VERSION Stable Built! :rocket:" >> $GITHUB_STEP_SUMMARY | |
| else | |
| echo "# Drifty v${{ env.VERSION_NUMBER }} ${{ env.RELEASE_STAGE }} - Revision ${{ env.REVISION_NUMBER }} Built! :rocket:" >> $GITHUB_STEP_SUMMARY | |
| fi | |
| elif ${{ github.event_name == 'pull_request' }}; then | |
| echo "# Drifty Built! :rocket:" >> $GITHUB_STEP_SUMMARY | |
| else | |
| echo "# Drifty v$VERSION Built! :rocket:" >> $GITHUB_STEP_SUMMARY | |
| fi | |
| echo "## Build Artifacts :package: Summary :memo:" >> $GITHUB_STEP_SUMMARY | |
| echo "### Artifacts :package: Generated for Linux :penguin:" >> $GITHUB_STEP_SUMMARY | |
| echo "| Application Type | Artifact Name | Size |" >> $GITHUB_STEP_SUMMARY | |
| echo "|------------------|---------------|------|" >> $GITHUB_STEP_SUMMARY | |
| echo "| CLI | Drifty-CLI_linux | $CLI_LINUX_SIZE |" >> $GITHUB_STEP_SUMMARY | |
| echo "| GUI | Drifty-GUI_linux | $GUI_LINUX_SIZE |" >> $GITHUB_STEP_SUMMARY | |
| echo "### Artifacts :package: Generated for macOS :apple:" >> $GITHUB_STEP_SUMMARY | |
| echo "| Application Type | Artifact Name | Size |" >> $GITHUB_STEP_SUMMARY | |
| echo "|------------------|---------------|------|" >> $GITHUB_STEP_SUMMARY | |
| echo "| CLI | Drifty-CLI_macos | $CLI_MACOS_SIZE |" >> $GITHUB_STEP_SUMMARY | |
| echo "| GUI | Drifty-GUI.pkg | $GUI_MACOS_PKG_SIZE |" >> $GITHUB_STEP_SUMMARY | |
| echo "| GUI | Drifty-GUI.app | $GUI_MACOS_APP_SIZE |" >> $GITHUB_STEP_SUMMARY | |
| echo "### Artifacts :package: Generated for Windows :window:" >> $GITHUB_STEP_SUMMARY | |
| echo "| Application Type | Artifact Name | Size |" >> $GITHUB_STEP_SUMMARY | |
| echo "|------------------|---------------|------|" >> $GITHUB_STEP_SUMMARY | |
| echo "| CLI | Drifty-CLI.exe | $CLI_WINDOWS_SIZE |" >> $GITHUB_STEP_SUMMARY | |
| echo "| GUI | Drifty-GUI.msi | $GUI_WINDOWS_MSI_SIZE |" >> $GITHUB_STEP_SUMMARY | |
| echo "| GUI | Drifty-GUI.exe | $GUI_WINDOWS_EXE_SIZE |" >> $GITHUB_STEP_SUMMARY | |
| - name: Create Pre-Release with automated release notes | |
| if: ${{ github.repository == 'SaptarshiSarkar12/Drifty' && github.ref_name == 'master' && github.event_name == 'workflow_dispatch' && env.RELEASE_STAGE != 'Stable' }} | |
| run: | | |
| echo "## Release :bookmark: Drifty v${{ env.VERSION_NUMBER }} ${{ env.RELEASE_STAGE }} - Revision ${{ env.REVISION_NUMBER }}" >> $GITHUB_STEP_SUMMARY | |
| gh release create v$VERSION --prerelease --generate-notes --notes-start-tag ${{ env.PREVIOUS_RELEASE_VERSION }} 'linux/build/CLI/Drifty-CLI_linux#Drifty-CLI_linux' 'linux/build/GUI/Drifty-GUI_linux#Drifty-GUI_linux' 'macos/build/CLI/Drifty-CLI_macos#Drifty-CLI_macos' 'macos/build/GUI/Drifty-GUI.pkg#Drifty-GUI.pkg' 'windows/build/CLI/Drifty-CLI.exe#Drifty-CLI.exe' 'windows/build/GUI/Drifty-GUI.msi#Drifty-GUI.msi' 'windows/build/GUI/Drifty-GUI.exe#Drifty-GUI.exe' --title "Drifty v${{ env.VERSION_NUMBER }} ${{ env.RELEASE_STAGE }} - Revision ${{ env.REVISION_NUMBER }} Release" | |
| echo "[Released :white_check_mark: Drifty v${{ env.VERSION_NUMBER }} ${{ env.RELEASE_STAGE }} - Revision ${{ env.REVISION_NUMBER }}](https://github.com/SaptarshiSarkar12/Drifty/releases/tag/v$VERSION) successfully :rocket:!" >> $GITHUB_STEP_SUMMARY | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Create Latest Release with automated release notes | |
| if: ${{ github.repository == 'SaptarshiSarkar12/Drifty' && github.ref_name == 'master' && github.event_name == 'workflow_dispatch' && env.RELEASE_STAGE == 'Stable' }} | |
| run: | | |
| echo "## Release :bookmark: Drifty v$VERSION" >> $GITHUB_STEP_SUMMARY | |
| gh release create v$VERSION --generate-notes --notes-start-tag ${{ env.PREVIOUS_RELEASE_VERSION }} 'linux/build/CLI/Drifty-CLI_linux#Drifty-CLI_linux' 'linux/build/GUI/Drifty-GUI_linux#Drifty-GUI_linux' 'macos/build/CLI/Drifty-CLI_macos#Drifty-CLI_macos' 'macos/build/GUI/Drifty-GUI.pkg#Drifty-GUI.pkg' 'windows/build/CLI/Drifty-CLI.exe#Drifty-CLI.exe' 'windows/build/GUI/Drifty-GUI.msi#Drifty-GUI.msi' 'windows/build/GUI/Drifty-GUI.exe#Drifty-GUI.exe' --title "Drifty v$VERSION Stable Release" | |
| echo "[Released :white_check_mark: Drifty v$VERSION Stable](https://github.com/SaptarshiSarkar12/Drifty/releases/tag/v$VERSION) successfully :rocket:!" >> $GITHUB_STEP_SUMMARY | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} |