Skip to content
Build and Release

Improve permission handling and add secure origin for dev.versus.cam #2

Sign in to view logs

Improve permission handling and add secure origin for dev.versus.cam

Improve permission handling and add secure origin for dev.versus.cam #2

Workflow file for this run

.github/workflows/build-release.yml at ad3aedb
name: Build and Release
on:
push:
tags:
- 'v*'
workflow_dispatch:
inputs:
version:
description: 'Version tag (e.g., v2.23.1)'
required: true
jobs:
build-windows:
runs-on: windows-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
submodules: recursive
ssh-key: ${{ secrets.SUBMODULE_SSH_KEY }}
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '20'
cache: 'npm'
- name: Install dependencies
run: npm ci
env:
# Skip native module build if submodule not available
WINDOW_AUDIO_CAPTURE_SKIP: ${{ secrets.SUBMODULE_SSH_KEY == '' && '1' || '0' }}
- name: Build Windows
run: npm run build:win32
- name: Get version
id: version
shell: bash
run: |
if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then
echo "tag=${{ github.event.inputs.version }}" >> $GITHUB_OUTPUT
else
echo "tag=${GITHUB_REF#refs/tags/}" >> $GITHUB_OUTPUT
fi
- name: Upload to Release
if: startsWith(github.ref, 'refs/tags/')
uses: softprops/action-gh-release@v1
with:
files: |
dist/elecap_win_*_portable.zip
dist/elecap_win_*_installer.zip
dist/elecap-*.exe
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload artifacts (for workflow_dispatch)
if: github.event_name == 'workflow_dispatch'
uses: actions/upload-artifact@v4
with:
name: windows-builds
path: |
dist/elecap_win_*_portable.zip
dist/elecap_win_*_installer.zip
dist/elecap-*.exe
- name: Submit to VirusTotal
shell: bash
run: |
if [ -z "$VIRUSTOTAL_API_KEY" ]; then
echo "::notice::Skipping VirusTotal - no API key configured"
exit 0
fi
EXE_FILE="dist/elecap.exe"
if [ -f "$EXE_FILE" ]; then
echo "Submitting $EXE_FILE to VirusTotal..."
# Get SHA256 for direct link
SHA256=$(sha256sum "$EXE_FILE" | cut -d' ' -f1)
echo "SHA256: $SHA256"
# Get upload URL for large files (>32MB)
UPLOAD_URL=$(curl -s --request GET \
--url 'https://www.virustotal.com/api/v3/files/upload_url' \
--header "x-apikey: $VIRUSTOTAL_API_KEY" | jq -r '.data')
if [ -n "$UPLOAD_URL" ] && [ "$UPLOAD_URL" != "null" ]; then
# Upload to the large file endpoint
RESPONSE=$(curl -s --request POST \
--url "$UPLOAD_URL" \
--header "x-apikey: $VIRUSTOTAL_API_KEY" \
--form "file=@$EXE_FILE")
ANALYSIS_ID=$(echo "$RESPONSE" | jq -r '.data.id // empty')
if [ -n "$ANALYSIS_ID" ]; then
echo "::notice::VirusTotal scan submitted successfully"
echo "::notice::View results: https://www.virustotal.com/gui/file/$SHA256"
else
echo "::warning::VirusTotal response: $RESPONSE"
fi
else
echo "::warning::Failed to get VirusTotal upload URL"
fi
else
echo "::warning::No exe file found at $EXE_FILE"
fi
env:
VIRUSTOTAL_API_KEY: ${{ secrets.VIRUSTOTAL_API_KEY }}
build-linux:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '20'
cache: 'npm'
- name: Install dependencies
run: npm ci
env:
WINDOW_AUDIO_CAPTURE_SKIP: '1'
- name: Build Linux
run: npm run build:linux
- name: Upload to Release
if: startsWith(github.ref, 'refs/tags/')
uses: softprops/action-gh-release@v1
with:
files: |
dist/*.AppImage
dist/*.deb
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload artifacts (for workflow_dispatch)
if: github.event_name == 'workflow_dispatch'
uses: actions/upload-artifact@v4
with:
name: linux-builds
path: |
dist/*.AppImage
dist/*.deb