From d85c3d54603980f737bbb6849a63ad82160ff465 Mon Sep 17 00:00:00 2001 From: scito Date: Fri, 5 Apr 2024 12:21:41 +0200 Subject: [PATCH] debug 1 --- .github/dependabot.yml | 11 - .github/workflows/ci.yml | 76 ------ .github/workflows/ci_docker.yml | 259 ------------------ .github/workflows/ci_release.yml | 376 ++++++++++++++------------ .github/workflows/codeql-analysis.yml | 74 ----- 5 files changed, 196 insertions(+), 600 deletions(-) delete mode 100644 .github/dependabot.yml delete mode 100644 .github/workflows/ci.yml delete mode 100644 .github/workflows/ci_docker.yml delete mode 100644 .github/workflows/codeql-analysis.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml deleted file mode 100644 index 91abb11..0000000 --- a/.github/dependabot.yml +++ /dev/null @@ -1,11 +0,0 @@ -# To get started with Dependabot version updates, you'll need to specify which -# package ecosystems to update and where the package manifests are located. -# Please see the documentation for all configuration options: -# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates - -version: 2 -updates: - - package-ecosystem: "pip" # See documentation for possible values - directory: "/" # Location of package manifests - schedule: - interval: "weekly" diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml deleted file mode 100644 index ad1cd6d..0000000 --- a/.github/workflows/ci.yml +++ /dev/null @@ -1,76 +0,0 @@ -name: tests - -# https://docs.github.com/de/actions/using-workflows/workflow-syntax-for-github-actions -# https://docs.github.com/en/actions/using-workflows -# https://docs.github.com/en/actions/learn-github-actions/contexts -# https://docs.github.com/en/actions/learn-github-actions/expressions - -on: - push: - paths-ignore: - - 'docs/**' - - '**.md' - # pull_request: - schedule: - # Run daily on default branch - - cron: '37 3 * * *' - -jobs: - build: - - strategy: - matrix: - python-version: ["3.12", "3.11", "3.10", "3.9", "3.8"] - platform: [ubuntu-latest, macos-latest, windows-latest] - # exclude: - - runs-on: ${{ matrix.platform }} - - steps: - - uses: actions/checkout@v3 - - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v4 - with: - python-version: ${{ matrix.python-version }} - check-latest: ${{ github.event_name == 'schedule' }} - - name: Install zbar shared lib for QReader (Linux) - if: runner.os == 'Linux' - run: | - sudo apt-get install -y libzbar0 - - name: Install zbar shared lib for QReader (macOS) - if: runner.os == 'macOS' - run: | - brew install zbar - - name: Install dependencies - run: | - python -m pip install --upgrade pip - pip install -U -r requirements-dev.txt - pip install -U . - - name: Lint with flake8 - run: | - # stop the build if there are Python syntax errors or undefined names - flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics - # exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide - flake8 . --count --exit-zero --max-complexity=10 --max-line-length=200 --statistics - if: matrix.python-version != '3.7' - - name: Type checking with mypy - run: | - mypy --install-types --non-interactive src/*.py tests/*.py - mypy --strict src/*.py tests/*.py - if: matrix.python-version == '3.x' && matrix.platform == 'ubuntu-latest' - - name: Test with pytest - run: pytest - if: (matrix.python-version != '3.x' || matrix.platform != 'ubuntu-latest') && (matrix.python-version != '3.10' && matrix.platform != 'macos-latest') - - name: Test with pytest (with code coverage) - run: pytest --cov=extract_otp_secrets_test --junitxml=pytest.xml --cov-report=term-missing | tee pytest-coverage.txt - if: matrix.python-version == '3.x' && matrix.platform == 'ubuntu-latest' - # https://github.com/marketplace/actions/pytest-coverage-comment - - name: Pytest coverage comment - uses: MishaKav/pytest-coverage-comment@main - with: - pytest-coverage-path: ./pytest-coverage.txt - junitxml-path: ./pytest.xml - if: | - false && matrix.python-version == '3.x' && matrix.platform == 'ubuntu-latest' - && !contains(github.ref, 'refs/tags/') - diff --git a/.github/workflows/ci_docker.yml b/.github/workflows/ci_docker.yml deleted file mode 100644 index 5413078..0000000 --- a/.github/workflows/ci_docker.yml +++ /dev/null @@ -1,259 +0,0 @@ -name: docker - -# https://docs.github.com/de/actions/using-workflows/workflow-syntax-for-github-actions -# https://docs.github.com/en/actions/using-workflows -# https://docs.github.com/en/actions/learn-github-actions/contexts -# https://docs.github.com/en/actions/learn-github-actions/expressions - -# How to setup: https://event-driven.io/en/how_to_buid_and_push_docker_image_with_github_actions/ -# How to run: https://aschmelyun.com/blog/using-docker-run-inside-of-github-actions/ - -on: - # run it on push to the default repository branch - push: - paths-ignore: - - 'docs/**' - - '**.md' - tags-ignore: - - '**' - # branches is needed if tags-ignore is used - branches: - - '**' - schedule: - # Run weekly on default branch - - cron: '47 3 * * 6' - -jobs: - build-and-push-docker-debian-image: - name: Build Docker Bookworm image and push to repositories - # run only when code is compiling and tests are passing - runs-on: ubuntu-latest - - # steps to perform in job - steps: - - name: Checkout code - uses: actions/checkout@v3 - - # avoid building if there are testing errors - - name: Run smoke test - run: | - sudo apt-get install -y libzbar0 - python -m pip install --upgrade pip - pip install -U -r requirements-dev.txt - pip install -U . - pytest - - - name: Set up QEMU - uses: docker/setup-qemu-action@v2 - - # setup Docker build action - - name: Set up Docker Buildx - id: buildx - uses: docker/setup-buildx-action@v2 - # Workaround for failing builds: https://github.com/docker/build-push-action/issues/761#issuecomment-1383822381 - # TODO remove workaround when fixed - with: - driver-opts: | - image=moby/buildkit:v0.10.6 - - - name: Login to DockerHub - uses: docker/login-action@v2 - if: github.secret_source == 'Actions' - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - - - name: Login to Github Packages - uses: docker/login-action@v2 - if: github.secret_source == 'Actions' - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GHCR_IO_TOKEN }} - - - name: "Build image and push to Docker Hub and GitHub Container Registry" - id: docker_build_qr_reader_latest - uses: docker/build-push-action@v3 - with: - platforms: linux/amd64,linux/arm64 - # relative path to the place where source code with Dockerfile is located - # TODO file:, move to docker/ - context: . - file: docker/Dockerfile - # builder: ${{ steps.buildx.outputs.name }} - # Note: tags has to be all lower-case - build-args: | - BASE_IMAGE=python:3.12-slim-bookworm - pull: true - tags: | - scit0/extract_otp_secrets:latest - scit0/extract_otp_secrets:bookworm - ghcr.io/scito/extract_otp_secrets:latest - ghcr.io/scito/extract_otp_secrets:bookworm - # build on feature branches, push only on master branch - push: ${{ github.ref == 'refs/heads/master' && github.secret_source == 'Actions'}} - - - name: Image digest - # TODO upload digests to assets - run: | - echo "extract_otp_secrets digests: ${{ steps.docker_build_qr_reader_latest.outputs.digest }}" - echo "${{ steps.docker_build_qr_reader_latest.outputs.digest }}" > digests.txt - - name: Save docker digests as artifacts - if: github.ref == 'refs/heads/master' - uses: actions/upload-artifact@v3 - with: - name: debian_digests - path: digests.txt - - build-and-push-docker-alpine-image: - name: Build Docker Alpine image and push to repositories - # run only when code is compiling and tests are passing - runs-on: ubuntu-latest - - # steps to perform in job - steps: - - name: Checkout code - uses: actions/checkout@v3 - - # avoid building if there are testing errors - - name: Run smoke test - run: | - sudo apt-get install -y libzbar0 - python -m pip install --upgrade pip - pip install -U -r requirements-dev.txt - pip install -U . - pytest - - - name: Set up QEMU - uses: docker/setup-qemu-action@v2 - - # setup Docker build action - - name: Set up Docker Buildx - id: buildx - uses: docker/setup-buildx-action@v2 - - - name: Login to DockerHub - uses: docker/login-action@v2 - if: github.secret_source == 'Actions' - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - - - name: Login to Github Packages - uses: docker/login-action@v2 - if: github.secret_source == 'Actions' - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GHCR_IO_TOKEN }} - - - name: "only_txt: Build image and push to Docker Hub and GitHub Container Registry" - id: docker_build_only_txt - uses: docker/build-push-action@v3 - with: - # relative path to the place where source code with Dockerfile is located - platforms: linux/amd64,linux/arm64 - context: . - file: docker/Dockerfile_only_txt - # builder: ${{ steps.buildx.outputs.name }} - # Note: tags has to be all lower-case - pull: true - tags: | - scit0/extract_otp_secrets:only-txt - scit0/extract_otp_secrets:alpine - ghcr.io/scito/extract_otp_secrets:only-txt - ghcr.io/scito/extract_otp_secrets:alpine - # build on feature branches, push only on master branch - push: ${{ github.ref == 'refs/heads/master' && github.secret_source == 'Actions'}} - build-args: | - RUN_TESTS=true - - - name: Image digest - # TODO upload digests to assets - run: | - echo "extract_otp_secrets:only-txt digests: ${{ steps.docker_build_only_txt.outputs.digest }}" - echo "${{ steps.docker_build_qr_reader_latest.outputs.digest }}" > digests.txt - - - name: Save docker digests as artifacts - if: github.ref == 'refs/heads/master' - uses: actions/upload-artifact@v3 - with: - name: alpine_digests - path: digests.txt - - build-and-push-docker-bullseye-image: - name: Build Docker Bullseye image (for PyInstsaller) and push to repositories - # run only when code is compiling and tests are passing - runs-on: ubuntu-latest - - # steps to perform in job - steps: - - name: Checkout code - uses: actions/checkout@v3 - - # avoid building if there are testing errors - - name: Run smoke test - run: | - sudo apt-get install -y libzbar0 - python -m pip install --upgrade pip - pip install -U -r requirements-dev.txt - pip install -U . - pytest - - - name: Set up QEMU - uses: docker/setup-qemu-action@v2 - - # setup Docker build action - - name: Set up Docker Buildx - id: buildx - uses: docker/setup-buildx-action@v2 - # Workaround for failing builds: https://github.com/docker/build-push-action/issues/761#issuecomment-1383822381 - # TODO remove workaround when fixed - with: - driver-opts: | - image=moby/buildkit:v0.10.6 - - - name: Login to DockerHub - uses: docker/login-action@v2 - if: github.secret_source == 'Actions' - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - - - name: Login to Github Packages - uses: docker/login-action@v2 - if: github.secret_source == 'Actions' - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GHCR_IO_TOKEN }} - - - name: "Build image from Bullseye and push to GitHub Container Registry" - id: docker_build_bullseye - if: github.ref == 'refs/heads/master' - uses: docker/build-push-action@v3 - with: - platforms: linux/amd64,linux/arm64 - # relative path to the place where source code with Dockerfile is located - context: . - file: docker/Dockerfile - # builder: ${{ steps.buildx.outputs.name }} - build-args: | - BASE_IMAGE=python:3.12-slim-bullseye - # Note: tags has to be all lower-case - pull: true - tags: | - scit0/extract_otp_secrets:bullseye - push: ${{ github.secret_source == 'Actions' }} - - - name: Image digest - # TODO upload digests to assets - run: | - echo "extract_otp_secrets digests: ${{ steps.docker_build_qr_reader_latest.outputs.digest }}" - echo "${{ steps.docker_build_qr_reader_latest.outputs.digest }}" > digests.txt - - name: Save docker digests as artifacts - if: github.ref == 'refs/heads/master' - uses: actions/upload-artifact@v3 - with: - name: bullseye_digests - path: digests.txt diff --git a/.github/workflows/ci_release.yml b/.github/workflows/ci_release.yml index 870099e..e00d4c3 100644 --- a/.github/workflows/ci_release.yml +++ b/.github/workflows/ci_release.yml @@ -105,119 +105,119 @@ jobs: name: release_id path: release_id.txt - build-linux-executable-in-docker: - name: Build ${{ matrix.PLATFORM }} release in docker container - # run only when code is compiling and tests are passing - runs-on: ubuntu-latest - needs: create-release - strategy: - matrix: - include: - - PLATFORM: linux/amd64 - EXE: extract_otp_secrets_linux_x86_64 - ASSET_NAME: extract_otp_secrets${{ needs.create-release.outputs.inline_version }}_linux_x86_64 - - PLATFORM: linux/arm64 - EXE: extract_otp_secrets_linux_arm64 - ASSET_NAME: extract_otp_secrets${{ needs.create-release.outputs.inline_version }}_linux_arm64 + # build-linux-executable-in-docker: + # name: Build ${{ matrix.PLATFORM }} release in docker container + # # run only when code is compiling and tests are passing + # runs-on: ubuntu-latest + # needs: create-release + # strategy: + # matrix: + # include: + # - PLATFORM: linux/amd64 + # EXE: extract_otp_secrets_linux_x86_64 + # ASSET_NAME: extract_otp_secrets${{ needs.create-release.outputs.inline_version }}_linux_x86_64 + # - PLATFORM: linux/arm64 + # EXE: extract_otp_secrets_linux_arm64 + # ASSET_NAME: extract_otp_secrets${{ needs.create-release.outputs.inline_version }}_linux_arm64 - # steps to perform in job - steps: - - name: Checkout code - uses: actions/checkout@v3 + # # steps to perform in job + # steps: + # - name: Checkout code + # uses: actions/checkout@v3 - # avoid building if there are testing errors - - name: Run smoke test - run: | - sudo apt-get install -y libzbar0 - python -m pip install --upgrade pip - pip install -U -r requirements-dev.txt - pip install -U . - pytest + # # avoid building if there are testing errors + # - name: Run smoke test + # run: | + # sudo apt-get install -y libzbar0 + # python -m pip install --upgrade pip + # pip install -U -r requirements-dev.txt + # pip install -U . + # pytest - - name: Set up QEMU - uses: docker/setup-qemu-action@v2 + # - name: Set up QEMU + # uses: docker/setup-qemu-action@v2 - # setup Docker build action - - name: Set up Docker Buildx - id: buildx - uses: docker/setup-buildx-action@v2 - # Workaround for failing builds: https://github.com/docker/build-push-action/issues/761#issuecomment-1383822381 - # TODO remove workaround when fixed - with: - driver-opts: | - image=moby/buildkit:v0.10.6 + # # setup Docker build action + # - name: Set up Docker Buildx + # id: buildx + # uses: docker/setup-buildx-action@v2 + # # Workaround for failing builds: https://github.com/docker/build-push-action/issues/761#issuecomment-1383822381 + # # TODO remove workaround when fixed + # with: + # driver-opts: | + # image=moby/buildkit:v0.10.6 - - name: Login to DockerHub - uses: docker/login-action@v2 - if: github.secret_source == 'Actions' - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} + # - name: Login to DockerHub + # uses: docker/login-action@v2 + # if: github.secret_source == 'Actions' + # with: + # username: ${{ secrets.DOCKERHUB_USERNAME }} + # password: ${{ secrets.DOCKERHUB_TOKEN }} - - name: Login to Github Packages - uses: docker/login-action@v2 - if: github.secret_source == 'Actions' - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GHCR_IO_TOKEN }} + # - name: Login to Github Packages + # uses: docker/login-action@v2 + # if: github.secret_source == 'Actions' + # with: + # registry: ghcr.io + # username: ${{ github.actor }} + # password: ${{ secrets.GHCR_IO_TOKEN }} - - name: Image digest - # TODO upload digests to assets - run: | - echo "extract_otp_secrets: ${{ steps.docker_build_bullseye.outputs.digest }}" + # - name: Image digest + # # TODO upload digests to assets + # run: | + # echo "extract_otp_secrets: ${{ steps.docker_build_bullseye.outputs.digest }}" - # TODO use local docker image https://stackoverflow.com/a/61155718/1663871 - # https://github.com/multiarch/qemu-user-static - # https://hub.docker.com/r/multiarch/qemu-user-static/ - - name: Run Pyinstaller in container for ${{ matrix.EXE }} - run: | - docker run --pull always --rm --privileged multiarch/qemu-user-static --reset -p yes - docker run --platform ${{ matrix.PLATFORM }} --pull always --entrypoint /bin/bash --rm -v "$(pwd)":/files -w /files scit0/extract_otp_secrets:bullseye -c 'apt-get update && apt-get -y install binutils && pip install -U -r /files/requirements.txt && pip install pyinstaller && PYTHONHASHSEED=31 && pyinstaller -y --add-data /usr/local/__yolo_v3_qr_detector/:__yolo_v3_qr_detector/ --onefile --name ${{ matrix.EXE }} --distpath /files/dist/ /files/src/extract_otp_secrets.py' + # # TODO use local docker image https://stackoverflow.com/a/61155718/1663871 + # # https://github.com/multiarch/qemu-user-static + # # https://hub.docker.com/r/multiarch/qemu-user-static/ + # - name: Run Pyinstaller in container for ${{ matrix.EXE }} + # run: | + # docker run --pull always --rm --privileged multiarch/qemu-user-static --reset -p yes + # docker run --platform ${{ matrix.PLATFORM }} --pull always --entrypoint /bin/bash --rm -v "$(pwd)":/files -w /files scit0/extract_otp_secrets:bullseye -c 'apt-get update && apt-get -y install binutils && pip install -U -r /files/requirements.txt && pip install pyinstaller && PYTHONHASHSEED=31 && pyinstaller -y --add-data /usr/local/__yolo_v3_qr_detector/:__yolo_v3_qr_detector/ --onefile --name ${{ matrix.EXE }} --distpath /files/dist/ /files/src/extract_otp_secrets.py' - - name: Smoke tests linux/amd64 - if: matrix.PLATFORM == 'linux/amd64' - run: | - dist/${{ matrix.EXE }} -V - dist/${{ matrix.EXE }} -h - dist/${{ matrix.EXE }} --debug - dist/${{ matrix.EXE }} example_export.png - dist/${{ matrix.EXE }} - < example_export.txt - dist/${{ matrix.EXE }} --qr ZBAR example_export.png - dist/${{ matrix.EXE }} --qr QREADER example_export.png - dist/${{ matrix.EXE }} --qr QREADER_DEEP example_export.png - dist/${{ matrix.EXE }} --qr CV2 example_export.png - dist/${{ matrix.EXE }} --qr CV2_WECHAT example_export.png - - name: Smoke tests linux/arm64 - if: matrix.PLATFORM == 'linux/arm64' - run: | - docker run --platform ${{ matrix.PLATFORM }} --pull always --entrypoint /bin/bash --rm -v "$(pwd)":/files -w /files scit0/extract_otp_secrets -c 'dist/${{ matrix.EXE }} -V && dist/${{ matrix.EXE }} -h && dist/${{ matrix.EXE }} example_export.png && dist/${{ matrix.EXE }} - < example_export.txt && dist/${{ matrix.EXE }} --qr ZBAR example_export.png && dist/${{ matrix.EXE }} --qr QREADER example_export.png && dist/${{ matrix.EXE }} --qr QREADER_DEEP example_export.png && dist/${{ matrix.EXE }} --qr CV2 example_export.png && dist/${{ matrix.EXE }} --qr CV2_WECHAT example_export.png' - - name: Load Release URL File from release job - if: startsWith(github.ref, 'refs/tags/v') - uses: actions/download-artifact@v3 - with: - name: release_url - - name: Display structure of files - run: ls -R - - name: Upload EXE to artifacts - uses: actions/upload-artifact@v3 - with: - name: ${{ matrix.EXE }} - path: dist/${{ matrix.EXE }} - - name: Upload Release Asset - id: upload-release-asset - if: startsWith(github.ref, 'refs/tags/v') - run: | - response=$(curl \ - -X POST \ - -H "Accept: application/vnd.github+json" \ - -H "Content-Type: application/x-executable" \ - -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}"\ - -H "X-GitHub-Api-Version: 2022-11-28" \ - --silent \ - --show-error \ - --data-binary @dist/${{ matrix.EXE }} \ - $(cat release_url.txt)=${{ matrix.ASSET_NAME }}) + # - name: Smoke tests linux/amd64 + # if: matrix.PLATFORM == 'linux/amd64' + # run: | + # dist/${{ matrix.EXE }} -V + # dist/${{ matrix.EXE }} -h + # dist/${{ matrix.EXE }} --debug + # dist/${{ matrix.EXE }} example_export.png + # dist/${{ matrix.EXE }} - < example_export.txt + # dist/${{ matrix.EXE }} --qr ZBAR example_export.png + # dist/${{ matrix.EXE }} --qr QREADER example_export.png + # dist/${{ matrix.EXE }} --qr QREADER_DEEP example_export.png + # dist/${{ matrix.EXE }} --qr CV2 example_export.png + # dist/${{ matrix.EXE }} --qr CV2_WECHAT example_export.png + # - name: Smoke tests linux/arm64 + # if: matrix.PLATFORM == 'linux/arm64' + # run: | + # docker run --platform ${{ matrix.PLATFORM }} --pull always --entrypoint /bin/bash --rm -v "$(pwd)":/files -w /files scit0/extract_otp_secrets -c 'dist/${{ matrix.EXE }} -V && dist/${{ matrix.EXE }} -h && dist/${{ matrix.EXE }} example_export.png && dist/${{ matrix.EXE }} - < example_export.txt && dist/${{ matrix.EXE }} --qr ZBAR example_export.png && dist/${{ matrix.EXE }} --qr QREADER example_export.png && dist/${{ matrix.EXE }} --qr QREADER_DEEP example_export.png && dist/${{ matrix.EXE }} --qr CV2 example_export.png && dist/${{ matrix.EXE }} --qr CV2_WECHAT example_export.png' + # - name: Load Release URL File from release job + # if: startsWith(github.ref, 'refs/tags/v') + # uses: actions/download-artifact@v3 + # with: + # name: release_url + # - name: Display structure of files + # run: ls -R + # - name: Upload EXE to artifacts + # uses: actions/upload-artifact@v3 + # with: + # name: ${{ matrix.EXE }} + # path: dist/${{ matrix.EXE }} + # - name: Upload Release Asset + # id: upload-release-asset + # if: startsWith(github.ref, 'refs/tags/v') + # run: | + # response=$(curl \ + # -X POST \ + # -H "Accept: application/vnd.github+json" \ + # -H "Content-Type: application/x-executable" \ + # -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}"\ + # -H "X-GitHub-Api-Version: 2022-11-28" \ + # --silent \ + # --show-error \ + # --data-binary @dist/${{ matrix.EXE }} \ + # $(cat release_url.txt)=${{ matrix.ASSET_NAME }}) build-native-executables: name: Build native packages @@ -227,18 +227,18 @@ jobs: matrix: # https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#choosing-github-hosted-runners include: - - os: windows-latest - TARGET: windows - # TODO add --icon - # TODO add --manifest - # TODO find more elegant solution for pyzbar\libiconv.dll and pyzbar\libzbar-64.dll - # Files of Visual C++ 2013 Redistributable Package: https://support.microsoft.com/en-us/topic/update-for-visual-c-2013-redistributable-package-d8ccd6a5-4e26-c290-517b-8da6cfdf4f10 - EXE: extract_otp_secrets.exe - ASSET_NAME: extract_otp_secrets${{ needs.create-release.outputs.inline_version }}_win_x86_64.exe - ASSET_MIME: application/vnd.microsoft.portable-executable - UPLOAD: true - CMD_BUILD: | - pyinstaller -y --add-data "$($Env:pythonLocation)\__yolo_v3_qr_detector:__yolo_v3_qr_detector" --add-binary "$($Env:pythonLocation)\Lib\site-packages\pyzbar\libiconv.dll:pyzbar" --add-binary "$($Env:pythonLocation)\Lib\site-packages\pyzbar\libzbar-64.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\msvcr120.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\msvcp120.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\vcamp120.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\vcomp120.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\vccorlib120.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\mfc120.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\mfc120u.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\mfc120chs.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\mfc120cht.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\mfc120deu.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\mfc120enu.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\mfc120esn.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\mfc120fra.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\mfc120ita.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\mfc120jpn.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\mfc120kor.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\mfc120rus.dll:pyzbar" --onefile --version-file build\win_file_version_info.txt --name extract_otp_secrets.exe src\extract_otp_secrets.py + # - os: windows-latest + # TARGET: windows + # # TODO add --icon + # # TODO add --manifest + # # TODO find more elegant solution for pyzbar\libiconv.dll and pyzbar\libzbar-64.dll + # # Files of Visual C++ 2013 Redistributable Package: https://support.microsoft.com/en-us/topic/update-for-visual-c-2013-redistributable-package-d8ccd6a5-4e26-c290-517b-8da6cfdf4f10 + # EXE: extract_otp_secrets.exe + # ASSET_NAME: extract_otp_secrets${{ needs.create-release.outputs.inline_version }}_win_x86_64.exe + # ASSET_MIME: application/vnd.microsoft.portable-executable + # UPLOAD: true + # CMD_BUILD: | + # pyinstaller -y --add-data "$($Env:pythonLocation)\__yolo_v3_qr_detector:__yolo_v3_qr_detector" --add-binary "$($Env:pythonLocation)\Lib\site-packages\pyzbar\libiconv.dll:pyzbar" --add-binary "$($Env:pythonLocation)\Lib\site-packages\pyzbar\libzbar-64.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\msvcr120.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\msvcp120.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\vcamp120.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\vcomp120.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\vccorlib120.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\mfc120.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\mfc120u.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\mfc120chs.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\mfc120cht.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\mfc120deu.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\mfc120enu.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\mfc120esn.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\mfc120fra.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\mfc120ita.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\mfc120jpn.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\mfc120kor.dll:pyzbar" --add-binary "$($Env:WinDir)\system32\mfc120rus.dll:pyzbar" --onefile --version-file build\win_file_version_info.txt --name extract_otp_secrets.exe src\extract_otp_secrets.py - os: macos-12 TARGET: macos # https://pyinstaller.org/en/stable/spec-files.html#spec-file-options-for-a-macos-bundle @@ -265,14 +265,14 @@ jobs: VERSION_STR=$(setuptools-git-versioning) COPYRIGHT_YEARS='2020-2024' envsubst < installer/extract_otp_secrets_macos_template.spec > extract_otp_secrets_macos.spec pyinstaller -y extract_otp_secrets_macos.spec installer/build_dmg.sh - - os: ubuntu-latest - TARGET: linux - EXE: extract_otp_secrets_ubuntu - ASSET_NAME: extract_otp_secrets${{ needs.create-release.outputs.inline_version }}_linux_x86_64_ubuntu_latest - ASSET_MIME: application/x-executable - UPLOAD: false - CMD_BUILD: | - pyinstaller -y --add-data $pythonLocation/__yolo_v3_qr_detector/:__yolo_v3_qr_detector/ --onefile --name extract_otp_secrets_ubuntu src/extract_otp_secrets.py + # - os: ubuntu-latest + # TARGET: linux + # EXE: extract_otp_secrets_ubuntu + # ASSET_NAME: extract_otp_secrets${{ needs.create-release.outputs.inline_version }}_linux_x86_64_ubuntu_latest + # ASSET_MIME: application/x-executable + # UPLOAD: false + # CMD_BUILD: | + # pyinstaller -y --add-data $pythonLocation/__yolo_v3_qr_detector/:__yolo_v3_qr_detector/ --onefile --name extract_otp_secrets_ubuntu src/extract_otp_secrets.py steps: - name: Output path if: runner.os == 'Windows' @@ -281,10 +281,6 @@ jobs: if: runner.os == 'Windows' run: ls "$($Env:WinDir)\system32" - uses: actions/checkout@v3 - - name: Set macos macos_python_path - if: runner.os == 'macOS' - # TODO use variable for Python version - run: echo "macos_python_path=/Library/Frameworks/Python.framework/Versions/3.12" >> $GITHUB_ENV - name: Set up Python 3.12 uses: actions/setup-python@v4 with: @@ -297,8 +293,28 @@ jobs: - name: Install zbar shared lib for QReader (macOS) if: runner.os == 'macOS' run: | - export DYLD_LIBRARY_PATH="$(brew --prefix)/lib:$DYLD_LIBRARY_PATH" + # https://earthly.dev/blog/homebrew-on-m1/ + eval "$(/opt/homebrew/bin/brew shellenv)" brew install zbar create-dmg + - name: List MacOS dirs + if: runner.os == 'macOS' + run: | + echo "ls /opt/homebrew/Cellar/zbar" + ls -al "/opt/homebrew/Cellar/zbar" + echo "ls /opt/homebrew/Cellar/zbar/0.23.93" + ls -al "/opt/homebrew/Cellar/zbar/0.23.93" + echo /opt/homebrew/lib + ls -al /opt/homebrew/lib + echo PATH + echo $PATH + echo HOMEBREW_CELLAR + echo $HOMEBREW_CELLAR + echo brew deps --tree --installed + brew deps --tree --installed + - name: List env + if: runner.os == 'macOS' + run: | + set - name: Install dependencies # TODO fix --use-pep517 run: | @@ -371,55 +387,55 @@ jobs: run: | curl -X POST -H "Accept: application/vnd.github+json" -H "Content-Type: ${{ matrix.ASSET_MIME }}" -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" -H "X-GitHub-Api-Version: 2022-11-28" --show-error --data-binary @dist/${{ matrix.DMG }} ${{ steps.meta.outputs.upload_url }}=${{ matrix.ASSET_NAME_DMG }} - upload-hashes: - name: Upload hashes - if: startsWith(github.ref, 'refs/tags/v') - needs: - - build-linux-executable-in-docker - - build-native-executables - runs-on: ubuntu-latest - steps: - - name: Load Release Id File from release job - uses: actions/download-artifact@v3 - with: - name: release_id - - name: Set meta data - id: meta - run: | - echo "release_id=$(cat release_id.txt)" >> $GITHUB_OUTPUT - echo "upload_url=https://uploads.github.com/repos/scito/extract_otp_secrets/releases/$(cat release_id.txt)/assets?name=" >> $GITHUB_OUTPUT - - name: Calculate and upload hashes from assets - run: | - GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }} - for asset_url in $(curl \ - -H "Accept: application/vnd.github+json" \ - -H "Authorization: Bearer $GITHUB_TOKEN"\ - -H "X-GitHub-Api-Version: 2022-11-28" \ - --silent \ - --show-error \ - https://api.github.com/repos/scito/extract_otp_secrets/releases/${{ steps.meta.outputs.release_id }}/assets | - jq -r '.[].url'); do - echo "Download $asset_url" - name=$(curl \ - -H "Accept: application/vnd.github+json" \ - -H "Authorization: Bearer $GITHUB_TOKEN"\ - -H "X-GitHub-Api-Version: 2022-11-28" \ - --output-dir assets \ - -L \ - $asset_url | - jq -r '.name') - curl \ - -H "Accept: application/octet-stream" \ - -H "Authorization: Bearer $GITHUB_TOKEN"\ - -H "X-GitHub-Api-Version: 2022-11-28" \ - --create-dirs \ - --output-dir assets \ - -L \ - -o $name \ - $asset_url - done - (cd assets/ && sha256sum * > ../sha256_hashes.txt) - curl -X POST -H "Accept: application/vnd.github+json" -H "Content-Type: text/plain" -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" -H "X-GitHub-Api-Version: 2022-11-28" --show-error --data-binary @sha256_hashes.txt ${{ steps.meta.outputs.upload_url }}=sha256_hashes.txt + # upload-hashes: + # name: Upload hashes + # if: startsWith(github.ref, 'refs/tags/v') + # needs: + # - build-linux-executable-in-docker + # - build-native-executables + # runs-on: ubuntu-latest + # steps: + # - name: Load Release Id File from release job + # uses: actions/download-artifact@v3 + # with: + # name: release_id + # - name: Set meta data + # id: meta + # run: | + # echo "release_id=$(cat release_id.txt)" >> $GITHUB_OUTPUT + # echo "upload_url=https://uploads.github.com/repos/scito/extract_otp_secrets/releases/$(cat release_id.txt)/assets?name=" >> $GITHUB_OUTPUT + # - name: Calculate and upload hashes from assets + # run: | + # GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }} + # for asset_url in $(curl \ + # -H "Accept: application/vnd.github+json" \ + # -H "Authorization: Bearer $GITHUB_TOKEN"\ + # -H "X-GitHub-Api-Version: 2022-11-28" \ + # --silent \ + # --show-error \ + # https://api.github.com/repos/scito/extract_otp_secrets/releases/${{ steps.meta.outputs.release_id }}/assets | + # jq -r '.[].url'); do + # echo "Download $asset_url" + # name=$(curl \ + # -H "Accept: application/vnd.github+json" \ + # -H "Authorization: Bearer $GITHUB_TOKEN"\ + # -H "X-GitHub-Api-Version: 2022-11-28" \ + # --output-dir assets \ + # -L \ + # $asset_url | + # jq -r '.name') + # curl \ + # -H "Accept: application/octet-stream" \ + # -H "Authorization: Bearer $GITHUB_TOKEN"\ + # -H "X-GitHub-Api-Version: 2022-11-28" \ + # --create-dirs \ + # --output-dir assets \ + # -L \ + # -o $name \ + # $asset_url + # done + # (cd assets/ && sha256sum * > ../sha256_hashes.txt) + # curl -X POST -H "Accept: application/vnd.github+json" -H "Content-Type: text/plain" -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" -H "X-GitHub-Api-Version: 2022-11-28" --show-error --data-binary @sha256_hashes.txt ${{ steps.meta.outputs.upload_url }}=sha256_hashes.txt - (cd assets/ && sha512sum * > ../sha512_hashes.txt) - curl -X POST -H "Accept: application/vnd.github+json" -H "Content-Type: text/plain" -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" -H "X-GitHub-Api-Version: 2022-11-28" --show-error --data-binary @sha512_hashes.txt ${{ steps.meta.outputs.upload_url }}=sha512_hashes.txt + # (cd assets/ && sha512sum * > ../sha512_hashes.txt) + # curl -X POST -H "Accept: application/vnd.github+json" -H "Content-Type: text/plain" -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" -H "X-GitHub-Api-Version: 2022-11-28" --show-error --data-binary @sha512_hashes.txt ${{ steps.meta.outputs.upload_url }}=sha512_hashes.txt diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml deleted file mode 100644 index 7ed9dfd..0000000 --- a/.github/workflows/codeql-analysis.yml +++ /dev/null @@ -1,74 +0,0 @@ -# For most projects, this workflow file will not need changing; you simply need -# to commit it to your repository. -# -# You may wish to alter this file to override the set of languages analyzed, -# or to provide custom queries or build logic. -# -# ******** NOTE ******** -# We have attempted to detect the languages in your repository. Please check -# the `language` matrix defined below to confirm you have the correct set of -# supported CodeQL languages. -# -name: "CodeQL" - -on: - push: - branches: [ "master" ] - pull_request: - # The branches below must be a subset of the branches above - branches: [ "master" ] - schedule: - - cron: '25 19 * * 0' - -jobs: - analyze: - name: Analyze - runs-on: ubuntu-latest - permissions: - actions: read - contents: read - security-events: write - - strategy: - fail-fast: false - matrix: - language: [ 'python' ] - # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ] - # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support - - steps: - - name: Checkout repository - uses: actions/checkout@v3 - - # Initializes the CodeQL tools for scanning. - - name: Initialize CodeQL - uses: github/codeql-action/init@v2 - with: - languages: ${{ matrix.language }} - # If you wish to specify custom queries, you can do so here or in a config file. - # By default, queries listed here will override any specified in a config file. - # Prefix the list here with "+" to use these queries and those in the config file. - - # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs - # queries: security-extended,security-and-quality - - - # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). - # If this step fails, then you should remove it and run the build manually (see below) - - name: Autobuild - uses: github/codeql-action/autobuild@v2 - - # ℹī¸ Command-line programs to run using the OS shell. - # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun - - # If the Autobuild fails above, remove it and uncomment the following three lines. - # modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance. - - # - run: | - # echo "Run, Build Application using script" - # ./location_of_script_within_repo/buildscript.sh - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 - with: - category: "/language:${{matrix.language}}"