|
2 | 2 |
|
3 | 3 | on: |
4 | 4 | push: |
5 | | - branches: [ master, 'v[0-9]+' ] |
| 5 | + branches: [ master ] |
6 | 6 | pull_request: |
7 | | - branches: [ master, 'v[0-9]+' ] |
| 7 | + branches: [ master ] |
8 | 8 | # trigger workflow on edited as well (opened and synchronize are default) |
9 | 9 | types: [opened, edited, synchronize] |
10 | 10 | workflow_dispatch: |
@@ -95,35 +95,27 @@ jobs: |
95 | 95 | done |
96 | 96 | continue-on-error: true |
97 | 97 |
|
98 | | - # On update of version branch, ensure that branch rules are compatible with latest respective release |
99 | | - # assume we only update the branch that corresponds to the latest release |
| 98 | + # warn if new rules are not compatible with latest release |
100 | 99 | rules_latest_release: |
101 | | - # e.g. v4 |
102 | | - if: startsWith(github.base_ref, 'v') |
103 | 100 | runs-on: ubuntu-20.04 |
| 101 | + continue-on-error: true |
104 | 102 | steps: |
105 | | - - name: Get latest release executable name and version |
106 | | - run: | |
107 | | - v=$(curl -s https://api.github.com/repos/mandiant/capa/releases/latest | jq .name | tr -d '"') |
108 | | - echo "zip_name=capa-$v-linux.zip" >> $GITHUB_ENV |
109 | | - echo "major_version=$(echo $v | cut -d. -f1)" >> $GITHUB_ENV |
110 | 103 | - name: Checkout capa-rules |
111 | 104 | uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 |
112 | 105 | with: |
113 | | - ref: ${{ env.major_version }} |
114 | 106 | path: rules |
115 | 107 | - name: Checkout capa-testfiles |
116 | 108 | uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 |
117 | 109 | with: |
118 | 110 | repository: mandiant/capa-testfiles |
119 | 111 | path: tests/data |
120 | 112 | - name: Fetch latest capa release executable |
121 | | - uses: robinraju/release-downloader@v1 |
| 113 | + uses: robinraju/release-downloader@a96f54c1b5f5e09e47d9504526e96febd949d4c2 # v1.11 |
122 | 114 | with: |
123 | 115 | repository: "mandiant/capa" |
124 | 116 | latest: true |
125 | | - fileName: ${{ env.zip_name }} |
| 117 | + fileName: "latest.zip" |
126 | 118 | - name: Unzip |
127 | | - run: unzip ${{ env.zip_name }} -d latest-release |
| 119 | + run: unzip latest.zip -d latest-release |
128 | 120 | - name: Run latest release with current rules |
129 | 121 | run: latest-release/capa -r rules/ tests/data/9324d1a8ae37a36ae560c37448c9705a.exe_ |
0 commit comments