diff --git a/.cirrus.yml b/.cirrus.yml index 28fe7a45b..c87babfec 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -3,16 +3,14 @@ task: freebsd_instance: image_family: freebsd-13-1 environment: - GITHUB_TOKEN: ENCRYPTED[affc51741bf633ccffe369e8c58c0896cff87afb4a640351ca8df9c64b9dc7d8a386bb65c5cf39132bb57f823184b258] S3_ACCESS_KEY: ENCRYPTED[2f368bef589e43779394e459191eaad2fc4cc50dc36c6f03168a1e8e43897476e8bf596fd4dd0d988bcbab8fa8e171f8] S3_SECRET_KEY: ENCRYPTED[45f352473433a1053622a662ce8d57bc7421bce5772c9c5caf4a0e54f63944bd420f71101e014876e038f0c66c134ac2] CF_EMAIL: ENCRYPTED[a9f0dcd0ee83fa111c36f092f34b3d5660acafe0d07804d6b6a89bfa70a127ef8305f21089408959c51e23ecd2fd3622] CF_TOKEN: ENCRYPTED[4f9f3f7c8603fd32978b825d65f34b06fce8e51bedb4303744c799d21fc38266173a6be5a7a46b5e616573d27c9f6e91] - TWINE_USERNAME: ENCRYPTED[216cb54746e1fa5d4cbf85736dc1830d4b3a0eaa99cf13fc5cf9e3b09feed5db23d44ab1e26b7023c72eeec7ca5749f6] - TWINE_PASSWORD: ENCRYPTED[df19e51426faf8b60a18e42c96541431438335612c18506c319cd775ffba984d9cf89b0faaedbde8d4eff94d4b94066c] - NPM_TOKEN: ENCRYPTED[e47a7de1c1fb59ab9c9fa09e7b0593b272441d28a70d06b6a0bedf13a969fdae8014af17982b3144214333181f70c22b] PYTHON: /usr/local/bin/python3.9 PYTHON3: /usr/local/bin/python3.9 + NODE_TARGETS_FREEBSD: '14.0.0 16.0.0 17.0.1' + ELECTRON_TARGETS_FREEBSD: '16.0.0' timeout_in: 2h install_dependencies_script: | pkg install -y \ @@ -22,13 +20,28 @@ task: git \ npm \ py39-pip \ - py39-requests \ - py39-setuptools \ - py39-twine - pip install agithub + py39-setuptools npm install -g cloudflare-cli - initialize_credentials_script: | - mkdir ~/.aws + clone_script: | + if [ -z "$CIRRUS_PR" ]; then + git clone --recurse-submodules --branch=$CIRRUS_BRANCH https://x-access-token:${CIRRUS_REPO_CLONE_TOKEN}@github.com/${CIRRUS_REPO_FULL_NAME}.git $CIRRUS_WORKING_DIR + else + git clone --recurse-submodules https://x-access-token:${CIRRUS_REPO_CLONE_TOKEN}@github.com/${CIRRUS_REPO_FULL_NAME}.git $CIRRUS_WORKING_DIR + git fetch origin pull/$CIRRUS_PR/head:pull/$CIRRUS_PR + fi + git reset --hard $CIRRUS_CHANGE_IN_REPO + git submodule update + setup_environment_script: | + ( + echo "FRIDA=$CIRRUS_WORKING_DIR" + echo "FRIDA_VERSION=$(releng/frida_version.py)" + echo "npm_config_jobs=max" + ) >> $CIRRUS_ENV + mkdir -p ~/.aws + ( + echo "[default]" + echo "region = us-east-1" + ) > ~/.aws/config ( echo "[default]" echo "aws_access_key_id = $S3_ACCESS_KEY" @@ -40,24 +53,53 @@ task: echo " email: $CF_EMAIL" echo " token: $CF_TOKEN" ) > ~/.cfcli.yml - echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" > ~/.npmrc - clone_script: | - if [ -z "$CIRRUS_PR" ]; then - git clone --recurse-submodules --branch=$CIRRUS_BRANCH https://x-access-token:${CIRRUS_REPO_CLONE_TOKEN}@github.com/${CIRRUS_REPO_FULL_NAME}.git $CIRRUS_WORKING_DIR - git reset --hard $CIRRUS_CHANGE_IN_REPO - else - git clone --recurse-submodules https://x-access-token:${CIRRUS_REPO_CLONE_TOKEN}@github.com/${CIRRUS_REPO_FULL_NAME}.git $CIRRUS_WORKING_DIR - git fetch origin pull/$CIRRUS_PR/head:pull/$CIRRUS_PR - git reset --hard $CIRRUS_CHANGE_IN_REPO - fi roll_toolchain_script: $PYTHON releng/deps.py roll toolchain freebsd-x86_64 --activate roll_sdk_script: $PYTHON releng/deps.py roll sdk freebsd-x86_64 - build_gum_script: make gum + build_gum_script: | + make gum + $PYTHON releng/devkit.py frida-gum freebsd-x86_64 build/devkits/gum + $PYTHON releng/devkit.py frida-gumjs freebsd-x86_64 build/devkits/gumjs + frida_gum_devkit_freebsd_x86_64_artifacts: + path: "build/devkits/gum/*" + frida_gumjs_devkit_freebsd_x86_64_artifacts: + path: "build/devkits/gumjs/*" test_gum_script: make check-gum - build_core_script: make core + build_core_script: | + make core + $PYTHON releng/devkit.py frida-core freebsd-x86_64 build/devkits/core + frida_core_devkit_freebsd_x86_64_artifacts: + path: "build/devkits/core/*" + frida_server_freebsd_x86_64_artifacts: + path: "build/frida-freebsd-x86_64/bin/frida-server" + frida_portal_freebsd_x86_64_artifacts: + path: "build/frida-freebsd-x86_64/bin/frida-portal" + frida_inject_freebsd_x86_64_artifacts: + path: "build/frida-freebsd-x86_64/bin/frida-inject" + frida_gadget_freebsd_x86_64_artifacts: + path: "build/frida-freebsd-x86_64/lib/frida/64/frida-gadget.so" test_core_script: make check-core || true - build_python_script: make python + build_python_script: | + make python + export FRIDA_EXTENSION=$PWD/build/frida-freebsd-x86_64/lib/python3.9/site-packages/_frida.so + cd frida-python + pip wheel -w ../build/wheels --no-deps . + frida_python_freebsd_x86_64_artifacts: + path: "build/wheels/frida-*.whl" test_python_script: make check-python - build_node_script: make node - test_node_script: make check-node - release_script: $PYTHON releng/release.py freebsd-x86_64 + build_node_script: | + cd frida-node + npm version $FRIDA_VERSION + npm install + for target in $NODE_TARGETS_FREEBSD; do + npm run prebuild -- -r node -t $target + done + for target in $ELECTRON_TARGETS_FREEBSD; do + npm run prebuild -- -r electron -t $target + done + frida_node_freebsd_x86_64_artifacts: + path: "frida-node/prebuilds/*" + test_node_script: | + cd frida-node + rm -rf build prebuilds + node_modules/.bin/node-gyp rebuild + npm run test diff --git a/.github/actions/package-artifact-file/action.yml b/.github/actions/package-artifact-file/action.yml new file mode 100644 index 000000000..e1813856f --- /dev/null +++ b/.github/actions/package-artifact-file/action.yml @@ -0,0 +1,36 @@ +name: Package single-file artifact +description: Downloads an artifact and uploads a compressed version of its file +inputs: + name: + required: true + description: Artifact name +runs: + using: composite + steps: + - name: Download + uses: actions/download-artifact@v3 + with: + name: ${{ inputs.name }} + path: ${{ inputs.name }} + - name: Compress + run: | + readarray -t files < <(ls -1 ${{ inputs.name }}) + n=${#files[@]} + if [ $n -ne 1 ]; then + echo "Artifact may only contain a single file" > /dev/stderr + exit 1 + fi + file=${files[0]} + if echo $file | grep -q '\.'; then + extension=".$(echo $file | cut -d'.' -f2-).xz" + else + extension=".xz" + fi + xz -c -T 0 ${{ inputs.name }}/$file > ${{ inputs.name }}/${{ inputs.name }}$extension + rm ${{ inputs.name }}/$file + shell: bash + - name: Upload + uses: actions/upload-artifact@v3 + with: + name: release-assets + path: ${{ inputs.name }}/* diff --git a/.github/actions/package-artifact-files-as-sfx/action.yml b/.github/actions/package-artifact-files-as-sfx/action.yml new file mode 100644 index 000000000..98eb69551 --- /dev/null +++ b/.github/actions/package-artifact-files-as-sfx/action.yml @@ -0,0 +1,24 @@ +name: Package artifact files as SFX +description: Downloads a specific artifact and uploads a packaged version of it +inputs: + name: + required: true + description: Artifact name +runs: + using: composite + steps: + - name: Download + uses: actions/download-artifact@v3 + with: + name: ${{ inputs.name }} + path: ${{ inputs.name }} + - name: Compress + run: | + cd ${{ inputs.name }} + 7z a -sfx -r ..\${{ inputs.name }}.exe . + shell: pwsh + - name: Upload + uses: actions/upload-artifact@v3 + with: + name: release-assets + path: ${{ inputs.name }}.exe diff --git a/.github/actions/package-artifact-files-as-tarball/action.yml b/.github/actions/package-artifact-files-as-tarball/action.yml new file mode 100644 index 000000000..a47af2b57 --- /dev/null +++ b/.github/actions/package-artifact-files-as-tarball/action.yml @@ -0,0 +1,24 @@ +name: Package artifact files as tarball +description: Downloads a specific artifact and uploads a packaged version of it +inputs: + name: + required: true + description: Artifact name +runs: + using: composite + steps: + - name: Download + uses: actions/download-artifact@v3 + with: + name: ${{ inputs.name }} + path: ${{ inputs.name }} + - name: Compress + run: tar -C ${{ inputs.name }} -cJf ${{ inputs.name }}.tar.xz . + env: + XZ_OPT: "-T 0" + shell: bash + - name: Upload + uses: actions/upload-artifact@v3 + with: + name: release-assets + path: ${{ inputs.name }}.tar.xz diff --git a/.github/actions/package-ios-assets/action.yml b/.github/actions/package-ios-assets/action.yml new file mode 100644 index 000000000..862cfd738 --- /dev/null +++ b/.github/actions/package-ios-assets/action.yml @@ -0,0 +1,18 @@ +name: Package iOS assets +description: Downloads iOS assets and packages them +runs: + using: composite + steps: + - name: Download iOS assets + uses: actions/download-artifact@v3 + with: + name: ios-assets + path: build/ios-assets/ + - name: Create frida-server iOS .deb + run: | + mkdir -p build/release-assets + cd build + ../frida-core/tools/package-server-ios.sh \ + ios-assets \ + release-assets/frida_${FRIDA_VERSION}_iphoneos-arm.deb + shell: bash diff --git a/.github/actions/publish-ios-debs/action.yml b/.github/actions/publish-ios-debs/action.yml new file mode 100644 index 000000000..0126ec6dc --- /dev/null +++ b/.github/actions/publish-ios-debs/action.yml @@ -0,0 +1,77 @@ +name: Publish iOS packages +description: Publishes already packaged iOS debs +inputs: + site: + required: true + path: Where to publish; set to either “production” or “development” +runs: + using: composite + steps: + - name: Create iOS repo metadata + run: | + cd build + rm -rf ios-repo-config + mkdir ios-repo-config + ( + echo "Origin: Cydia/Frida" + echo "Label: frida" + echo "Suite: stable" + echo "Version: 1.0" + echo "Codename: stable" + echo "Architectures: iphoneos-arm" + echo "Components: main" + echo "Description: Frida for iOS" + ) > ios-repo-config/distributions + rm -rf ios-repo + mkdir -p ios-repo/debs + cd ios-repo + ( + echo "Origin: Frida" + echo "Label: Frida" + echo "Suite: stable" + echo "Version: 1.0" + echo "Codename: ios" + echo "Architectures: iphoneos-arm" + echo "Components: main" + echo "Description: Official Frida Repo" + ) > Release + for file in frida_${FRIDA_VERSION}_iphoneos-arm.deb; do + cp $GITHUB_WORKSPACE/build/release-assets/$file debs/ + reprepro \ + -Vb . \ + --confdir $GITHUB_WORKSPACE/build/ios-repo-config \ + --ignore=forbiddenchar \ + includedeb \ + stable \ + debs/$file + done + cp dists/stable/main/binary-iphoneos-arm/Packages.gz . + gunzip -k Packages.gz + shell: bash + - name: Upload iOS package and repo metadata + run: | + cd build/ios-repo + case ${{ inputs.site }} in + production) + prefix= + ;; + development) + prefix=/dev + ;; + *) + echo "Invalid repo specified" > /dev/stderr + exit 1 + esac + aws s3 sync --delete pool/ s3://build.frida.re${prefix}/pool/ + for file in Release Packages Packages.gz; do + aws s3 cp $file s3://build.frida.re${prefix}/ + done + for file in Packages Packages.gz; do + aws s3 cp $file s3://build.frida.re${prefix}/./ + done + urls_to_invalidate=() + for file in Release Packages Packages.gz ./Packages ./Packages.gz; do + urls_to_invalidate+=("https://build.frida.re${prefix}/${file}") + done + cfcli purge ${urls_to_invalidate[@]} + shell: bash diff --git a/.github/actions/publish-python-bindings/action.yml b/.github/actions/publish-python-bindings/action.yml new file mode 100644 index 000000000..8aa0cc4d4 --- /dev/null +++ b/.github/actions/publish-python-bindings/action.yml @@ -0,0 +1,73 @@ +name: Publish Python bindings +description: Publishes Python source distribution and wheels to PyPI +inputs: + site: + required: true + path: Where to publish; set to either “production” or “development” + pypi-token: + required: true + description: The token used to authenticate with pypi.org + testpypi-token: + required: true + description: The token used to authenticate with test.pypi.org +runs: + using: composite + steps: + - name: Create source distribution + run: | + cd frida-python + python setup.py sdist --dist-dir ../build/python-packages + shell: bash + - name: Download wheel for Windows/x86 + uses: actions/download-artifact@v3 + with: + name: frida-python-windows-x86 + path: build/python-packages/ + - name: Download wheel for Windows/x86_64 + uses: actions/download-artifact@v3 + with: + name: frida-python-windows-x86_64 + path: build/python-packages/ + - name: Download wheel for macOS/x86_64 + uses: actions/download-artifact@v3 + with: + name: frida-python-macos-x86_64 + path: build/python-packages/ + - name: Download wheel for macOS/arm64 + uses: actions/download-artifact@v3 + with: + name: frida-python-macos-arm64 + path: build/python-packages/ + - name: Download wheel for Linux/x86 + uses: actions/download-artifact@v3 + with: + name: frida-python-linux-x86 + path: build/python-packages/ + - name: Download wheel for Linux/x86_64 + uses: actions/download-artifact@v3 + with: + name: frida-python-linux-x86_64 + path: build/python-packages/ + - name: Download wheel for Linux/armhf + uses: actions/download-artifact@v3 + with: + name: frida-python-linux-armhf + path: build/python-packages/ + - name: Download wheel for Linux/arm64 + uses: actions/download-artifact@v3 + with: + name: frida-python-linux-arm64 + path: build/python-packages/ + - name: Publish to pypi.org + if: inputs.site == 'production' + uses: pypa/gh-action-pypi-publish@release/v1.5 + with: + password: ${{ inputs.pypi-token }} + packages_dir: build/python-packages/ + - name: Publish to test.pypi.org + if: inputs.site == 'development' + uses: pypa/gh-action-pypi-publish@release/v1.5 + with: + password: ${{ inputs.testpypi-token }} + repository_url: https://test.pypi.org/legacy/ + packages_dir: build/python-packages/ diff --git a/.github/actions/setup-freebsd-env/action.yml b/.github/actions/setup-freebsd-env/action.yml new file mode 100644 index 000000000..050ea5a6a --- /dev/null +++ b/.github/actions/setup-freebsd-env/action.yml @@ -0,0 +1,54 @@ +name: Set up FreeBSD environment +description: Set up everything needed to build and release things on FreeBSD +inputs: + aws-access-key-id: + required: true + description: The aws-access-key-id used to authenticate with AWS + aws-secret-access-key: + required: true + description: The aws-secret-access-key used to authenticate with AWS + cloudflare-email: + required: true + description: The email used to authenticate with Cloudflare + cloudflare-token: + required: true + description: The token used to authenticate with Cloudflare +runs: + using: composite + steps: + - name: Configure git + run: | + git config --global user.name "Frida Developers" + git config --global user.email "oleavr@frida.re" + git config --global --add safe.directory $GITHUB_WORKSPACE + shell: bash + - name: Clean submodules + run: git submodule foreach "git clean -ffdx && git reset --hard HEAD" + shell: bash + - name: Check out releng/meson + run: | + git submodule init -- releng/meson + git submodule update --depth 1 -- releng/meson + shell: bash + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ inputs.aws-access-key-id }} + aws-secret-access-key: ${{ inputs.aws-secret-access-key }} + aws-region: us-east-1 + - name: Configure Cloudflare credentials + run: | + ( + echo "defaults:" + echo " domain: frida.re" + echo " email: ${{ inputs.cloudflare-email }}" + echo " token: ${{ inputs.cloudflare-token }}" + ) > ~/.cfcli.yml + shell: bash + - name: Set Frida environment variables + run: | + ( + echo "FRIDA=$GITHUB_WORKSPACE" + echo "FRIDA_VERSION=$(releng/frida_version.py)" + ) >> $GITHUB_ENV + shell: bash diff --git a/.github/actions/setup-linux-env/action.yml b/.github/actions/setup-linux-env/action.yml index cc3b50b5d..f24af770c 100644 --- a/.github/actions/setup-linux-env/action.yml +++ b/.github/actions/setup-linux-env/action.yml @@ -17,7 +17,13 @@ runs: using: composite steps: - name: Configure git - run: git config --global --add safe.directory $GITHUB_WORKSPACE + run: | + git config --global user.name "Frida Developers" + git config --global user.email "oleavr@frida.re" + git config --global --add safe.directory $GITHUB_WORKSPACE + shell: bash + - name: Clean submodules + run: git submodule foreach "git clean -ffdx && git reset --hard HEAD" shell: bash - name: Check out releng/meson run: | @@ -39,3 +45,10 @@ runs: echo " token: ${{ inputs.cloudflare-token }}" ) > ~/.cfcli.yml shell: bash + - name: Set Frida environment variables + run: | + ( + echo "FRIDA=$GITHUB_WORKSPACE" + echo "FRIDA_VERSION=$(releng/frida_version.py)" + ) >> $GITHUB_ENV + shell: bash diff --git a/.github/actions/setup-macos-env/action.yml b/.github/actions/setup-macos-env/action.yml index dd927a87c..c1477db20 100644 --- a/.github/actions/setup-macos-env/action.yml +++ b/.github/actions/setup-macos-env/action.yml @@ -1,6 +1,15 @@ name: Set up macOS environment description: Set up everything needed to build and release things on macOS inputs: + certificates-p12: + required: true + description: The certificates to use for codesigning, as a base64-encoded .p12 + certificates-password: + required: true + description: The password for the .p12 + keychain-password: + required: true + description: The keychain password to use aws-access-key-id: required: true description: The aws-access-key-id used to authenticate with AWS @@ -16,17 +25,60 @@ inputs: runs: using: composite steps: + - name: Install the Apple certificates + env: + CERTIFICATES_P12: ${{ inputs.certificates-p12 }} + CERTIFICATES_PASSWORD: ${{ inputs.certificates-password }} + KEYCHAIN_PASSWORD: ${{ inputs.keychain-password }} + run: | + CERTIFICATE_PATH=$RUNNER_TEMP/apple-certificates.p12 + KEYCHAIN_PATH=$RUNNER_TEMP/frida-signing.keychain-db + echo -n "$CERTIFICATES_P12" | base64 --decode --output $CERTIFICATE_PATH + security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH + security set-keychain-settings -lut 21600 $KEYCHAIN_PATH + security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH + security import $CERTIFICATE_PATH -P "$CERTIFICATES_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH + security list-keychain -d user -s $KEYCHAIN_PATH + rm $CERTIFICATE_PATH + ( + echo MACOS_CERTID=$(security find-identity -v -p codesigning | grep "Developer ID Application: " | awk '{ print $2 }') + echo IOS_CERTID=$(security find-identity -v -p codesigning | grep "Apple Development: " | awk '{ print $2 }') + ) >> $GITHUB_ENV + shell: bash + - name: Configure git + run: | + git config --global user.name "Frida Developers" + git config --global user.email "oleavr@frida.re" + shell: bash + - name: Clean submodules + run: git submodule foreach "git clean -ffdx && git reset --hard HEAD" + shell: bash - name: Check out releng/meson run: | git submodule init -- releng/meson git submodule update --depth 1 -- releng/meson shell: bash - - name: Configure AWS credentials + - name: Configure AWS credentials (x64) + if: runner.arch == 'X64' uses: aws-actions/configure-aws-credentials@v1 with: aws-access-key-id: ${{ inputs.aws-access-key-id }} aws-secret-access-key: ${{ inputs.aws-secret-access-key }} aws-region: us-east-1 + - name: Configure AWS credentials (arm64) + if: runner.arch == 'ARM64' + run: | + mkdir -p ~/.aws + ( + echo "[default]" + echo "region = us-east-1" + ) > ~/.aws/config + ( + echo "[default]" + echo "aws_access_key_id = ${{ inputs.aws-access-key-id }}" + echo "aws_secret_access_key = ${{ inputs.aws-secret-access-key }}" + ) > ~/.aws/credentials + shell: bash - name: Configure Cloudflare credentials run: | ( @@ -37,18 +89,18 @@ runs: ) > ~/.cfcli.yml shell: bash - name: Install Python + if: runner.arch == 'X64' uses: actions/setup-python@v4 with: python-version: '3.10' - - name: Install agithub - run: pip install agithub - shell: bash - - name: Install requests - run: pip install requests - shell: bash - - name: Install twine - run: pip install twine - shell: bash - name: Install cloudflare-cli + if: runner.arch == 'X64' run: npm install -g cloudflare-cli shell: bash + - name: Set Frida environment variables + run: | + ( + echo "FRIDA=$GITHUB_WORKSPACE" + echo "FRIDA_VERSION=$(releng/frida_version.py)" + ) >> $GITHUB_ENV + shell: bash diff --git a/.github/actions/setup-windows-env/action.yml b/.github/actions/setup-windows-env/action.yml index 2a8e478b7..3a1bede96 100644 --- a/.github/actions/setup-windows-env/action.yml +++ b/.github/actions/setup-windows-env/action.yml @@ -13,9 +13,25 @@ inputs: cloudflare-token: required: true description: The token used to authenticate with Cloudflare + architecture: + description: The target architecture + default: x64 runs: using: composite steps: + - name: Configure git + run: | + git config --global user.name "Frida Developers" + git config --global user.email "oleavr@frida.re" + shell: pwsh + - name: Clean submodules + run: git submodule foreach "git clean -ffdx && git reset --hard HEAD" + shell: pwsh + - name: Check out releng/meson + run: | + git submodule init -- releng/meson + git submodule update --depth 1 -- releng/meson + shell: pwsh - name: Configure AWS credentials uses: aws-actions/configure-aws-credentials@v1 with: @@ -37,15 +53,17 @@ runs: uses: actions/setup-python@v4 with: python-version: '3.10' - - name: Install agithub - run: pip install agithub - shell: pwsh - - name: Install requests - run: pip install requests - shell: pwsh - - name: Install twine - run: pip install twine - shell: pwsh + architecture: ${{ inputs.architecture }} + - name: Install Node.js + uses: actions/setup-node@v3 + with: + node-version: 18 + architecture: ${{ inputs.architecture }} - name: Install cloudflare-cli run: npm install -g cloudflare-cli shell: pwsh + - name: Set Frida environment variables + run: | + echo "FRIDA=$Env:GITHUB_WORKSPACE" >> $Env:GITHUB_ENV + echo "FRIDA_VERSION=$(python releng/frida_version.py)" >> $Env:GITHUB_ENV + shell: pwsh diff --git a/.github/actions/teardown-macos-env/action.yml b/.github/actions/teardown-macos-env/action.yml new file mode 100644 index 000000000..38e6b41ce --- /dev/null +++ b/.github/actions/teardown-macos-env/action.yml @@ -0,0 +1,13 @@ +name: Tear down macOS environment +description: Tear down a previously set up environment +runs: + using: composite + steps: + - name: Clean up + if: ${{ always() }} + run: | + rm -f ~/.cfcli.yml + rm -rf ~/.aws + rm -f ~/.gitconfig + security delete-keychain $RUNNER_TEMP/frida-signing.keychain-db + shell: bash diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 4d45fbf6c..21abdf19b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -10,96 +10,1602 @@ on: env: ANDROID_NDK_VERSION: r25b + NODE_TARGETS_DEFAULT: '10.0.0 12.0.0 14.0.0 16.0.0 18.0.0' + NODE_TARGETS_FREEBSD: '14.0.0 16.0.0 17.0.1' + ELECTRON_TARGETS_DEFAULT: '20.0.0' + ELECTRON_TARGETS_FREEBSD: '16.0.0' jobs: - toolchain-windows: + publish-prod: + if: startsWith(github.ref, 'refs/tags/') + runs-on: ubuntu-latest + needs: + - package-windows + - package-windows-sfx + - package-macos + - package-linux + - package-ios + - package-android + - package-freebsd + - package-qnx + - package-apple-universal + - assemble-ios-assets + steps: + - name: Check out repo + uses: actions/checkout@v3 + with: + fetch-depth: 0 + submodules: true + - name: Set up environment + uses: ./.github/actions/setup-linux-env + with: + aws-access-key-id: ${{ secrets.S3_ACCESS_KEY }} + aws-secret-access-key: ${{ secrets.S3_SECRET_KEY }} + cloudflare-email: ${{ secrets.CF_EMAIL }} + cloudflare-token: ${{ secrets.CF_TOKEN }} + - name: Set up Node.js + uses: actions/setup-node@v3 + with: + node-version: 18 + registry-url: 'https://registry.npmjs.org' + - name: Install tools + run: | + sudo apt-get update + sudo apt-get install -y reprepro + sudo npm install -g cloudflare-cli + - name: Download release assets + uses: actions/download-artifact@v3 + with: + name: release-assets + path: build/release-assets/ + - name: Download Node.js and Electron prebuilds for Windows/x86 + uses: actions/download-artifact@v3 + with: + name: frida-node-windows-x86 + path: build/release-assets/ + - name: Download Node.js and Electron prebuilds for Windows/x86_64 + uses: actions/download-artifact@v3 + with: + name: frida-node-windows-x86_64 + path: build/release-assets/ + - name: Download Node.js and Electron prebuilds for macOS/x86_64 + uses: actions/download-artifact@v3 + with: + name: frida-node-macos-x86_64 + path: build/release-assets/ + - name: Download Node.js and Electron prebuilds for macOS/arm64 + uses: actions/download-artifact@v3 + with: + name: frida-node-macos-arm64 + path: build/release-assets/ + - name: Download Node.js and Electron prebuilds for Linux/x86 + uses: actions/download-artifact@v3 + with: + name: frida-node-linux-x86 + path: build/release-assets/ + - name: Download Node.js and Electron prebuilds for Linux/x86_64 + uses: actions/download-artifact@v3 + with: + name: frida-node-linux-x86_64 + path: build/release-assets/ + - name: Download Node.js and Electron prebuilds for Linux/armhf + uses: actions/download-artifact@v3 + with: + name: frida-node-linux-armhf + path: build/release-assets/ + - name: Download Node.js and Electron prebuilds for Linux/arm64 + uses: actions/download-artifact@v3 + with: + name: frida-node-linux-arm64 + path: build/release-assets/ + - name: Download Node.js and Electron prebuilds for FreeBSD/arm64 + uses: actions/download-artifact@v3 + with: + name: frida-node-freebsd-arm64 + path: build/release-assets/ + - name: Package iOS assets + uses: ./.github/actions/package-ios-assets + - name: Package Cirrus CI artifacts + run: releng/package-cirrus-ci-artifacts.sh ${{ github.sha }} + - name: Rename release assets + run: releng/rename-release-assets.sh + - name: Publish release to GitHub + uses: softprops/action-gh-release@v1 + with: + name: "Frida ${{ env.FRIDA_VERSION }}" + body: "See https://frida.re/news/ for details." + files: build/release-assets/* + - name: Publish Python bindings to PyPI + uses: ./.github/actions/publish-python-bindings + with: + site: production + pypi-token: ${{ secrets.PYPI_API_TOKEN }} + testpypi-token: ${{ secrets.TEST_PYPI_API_TOKEN }} + - name: Publish iOS .debs + uses: ./.github/actions/publish-ios-debs + with: + site: production + - name: Publish Node.js bindings to npm + run: | + cd frida-node + npm version $FRIDA_VERSION + sed -i -e '/"install": /d' package.json + npm install + git checkout package.json + npm publish + env: + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + - name: Publish frida-gadget-ios to npm + run: | + cd releng/modules/frida-gadget-ios + npm version $FRIDA_VERSION + npm publish + env: + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + - name: Trigger magisk-frida CI + run: | + curl \ + -X POST \ + -H "Accept: application/vnd.github.v3+json" \ + -H "Authorization: token ${{ secrets.MAGISK_FRIDA_TOKEN }}" \ + https://api.github.com/repos/ViRb3/magisk-frida/dispatches \ + -d '{"event_type":"build"}' + + publish-dev: + if: ${{ !startsWith(github.ref, 'refs/tags/') }} + runs-on: ubuntu-latest + needs: + - frida-windows + - frida-macos + - frida-linux + - frida-freebsd + - assemble-ios-assets + steps: + - name: Check out repo + uses: actions/checkout@v3 + with: + fetch-depth: 0 + submodules: true + - name: Set up environment + uses: ./.github/actions/setup-linux-env + with: + aws-access-key-id: ${{ secrets.S3_ACCESS_KEY }} + aws-secret-access-key: ${{ secrets.S3_SECRET_KEY }} + cloudflare-email: ${{ secrets.CF_EMAIL }} + cloudflare-token: ${{ secrets.CF_TOKEN }} + - name: Install tools + run: | + sudo apt-get update + sudo apt-get install -y reprepro + sudo npm install -g cloudflare-cli + - name: Package iOS assets + uses: ./.github/actions/package-ios-assets + - name: Publish Python bindings to TestPyPI + uses: ./.github/actions/publish-python-bindings + with: + site: development + pypi-token: ${{ secrets.PYPI_API_TOKEN }} + testpypi-token: ${{ secrets.TEST_PYPI_API_TOKEN }} + - name: Publish iOS .debs + uses: ./.github/actions/publish-ios-debs + with: + site: development + + assemble-ios-assets: + runs-on: macos-latest + needs: frida-ios + steps: + - name: Check out repo + uses: actions/checkout@v3 + - name: Set up environment + uses: ./.github/actions/setup-macos-env + with: + certificates-p12: ${{ secrets.APPLE_CERTIFICATES_P12 }} + certificates-password: ${{ secrets.APPLE_CERTIFICATES_PASSWORD }} + keychain-password: ${{ secrets.APPLE_KEYCHAIN_PASSWORD }} + aws-access-key-id: ${{ secrets.S3_ACCESS_KEY }} + aws-secret-access-key: ${{ secrets.S3_SECRET_KEY }} + cloudflare-email: ${{ secrets.CF_EMAIL }} + cloudflare-token: ${{ secrets.CF_TOKEN }} + - name: Download frida-server for iOS/arm64 + uses: actions/download-artifact@v3 + with: + name: frida-server-ios-arm64 + path: ios-arm64/ + - name: Download frida-server for iOS/arm64e + uses: actions/download-artifact@v3 + with: + name: frida-server-ios-arm64e + path: ios-arm64e/ + - name: Download frida-server for iOS/arm64eoabi + uses: actions/download-artifact@v3 + with: + name: frida-server-ios-arm64eoabi + path: ios-arm64eoabi/ + - name: Create universal frida-server for iOS + run: | + ./releng/mkfatmacho.py \ + frida-server-ios-universal \ + ios-arm64/frida-server \ + ios-arm64eoabi/frida-server \ + ios-arm64e/frida-server + - name: Download frida-agent for iOS/arm64 + uses: actions/download-artifact@v3 + with: + name: frida-agent-ios-arm64 + path: ios-arm64/ + - name: Download frida-agent for iOS/arm64e + uses: actions/download-artifact@v3 + with: + name: frida-agent-ios-arm64e + path: ios-arm64e/ + - name: Create universal frida-agent for iOS + run: | + lipo \ + ios-arm64/frida-agent.dylib \ + ios-arm64e/frida-agent.dylib \ + -create -output frida-agent-ios-universal.dylib + install_name_tool \ + -id FridaAgent \ + frida-agent-ios-universal.dylib + codesign \ + -f -s "$IOS_CERTID" \ + frida-agent-ios-universal.dylib + - name: Assemble iOS assets + run: | + mkdir -p \ + ios-assets/usr/bin \ + ios-assets/usr/lib/frida + mv frida-server-ios-universal \ + ios-assets/usr/bin/frida-server + mv frida-agent-ios-universal.dylib \ + ios-assets/usr/lib/frida/frida-agent.dylib + - name: Upload iOS assets + uses: actions/upload-artifact@v3 + with: + name: ios-assets + path: ios-assets/* + - name: Tear down environment + uses: ./.github/actions/teardown-macos-env + + package-apple-universal: + if: startsWith(github.ref, 'refs/tags/') + runs-on: macos-latest + needs: [frida-macos, frida-ios] + steps: + - name: Check out repo + uses: actions/checkout@v3 + - name: Set up environment + uses: ./.github/actions/setup-macos-env + with: + certificates-p12: ${{ secrets.APPLE_CERTIFICATES_P12 }} + certificates-password: ${{ secrets.APPLE_CERTIFICATES_PASSWORD }} + keychain-password: ${{ secrets.APPLE_KEYCHAIN_PASSWORD }} + aws-access-key-id: ${{ secrets.S3_ACCESS_KEY }} + aws-secret-access-key: ${{ secrets.S3_SECRET_KEY }} + cloudflare-email: ${{ secrets.CF_EMAIL }} + cloudflare-token: ${{ secrets.CF_TOKEN }} + - name: Download frida-gadget for macOS/x86_64 + uses: actions/download-artifact@v3 + with: + name: frida-gadget-macos-x86_64 + path: macos-x86_64/ + - name: Download frida-gadget for macOS/arm64 + uses: actions/download-artifact@v3 + with: + name: frida-gadget-macos-arm64 + path: macos-arm64/ + - name: Download frida-gadget for macOS/arm64e + uses: actions/download-artifact@v3 + with: + name: frida-gadget-macos-arm64e + path: macos-arm64e/ + - name: Create universal frida-gadget for macOS + run: | + lipo \ + macos-x86_64/frida-gadget.dylib \ + macos-arm64/frida-gadget.dylib \ + macos-arm64e/frida-gadget.dylib \ + -create -output frida-gadget-macos-universal.dylib + install_name_tool \ + -id @executable_path/../Frameworks/FridaGadget.dylib \ + frida-gadget-macos-universal.dylib + codesign \ + -f -s "$MACOS_CERTID" \ + frida-gadget-macos-universal.dylib + - name: Compress universal frida-gadget for macOS + run: xz -T 0 frida-gadget-macos-universal.dylib + - name: Upload universal frida-gadget for macOS + uses: actions/upload-artifact@v3 + with: + name: release-assets + path: frida-gadget-macos-universal.dylib.xz + - name: Download frida-gadget for iOS/x86_64 + uses: actions/download-artifact@v3 + with: + name: frida-gadget-ios-x86_64 + path: ios-x86_64/ + - name: Download frida-gadget for iOS/arm64 + uses: actions/download-artifact@v3 + with: + name: frida-gadget-ios-arm64 + path: ios-arm64/ + - name: Download frida-gadget for iOS/arm64e + uses: actions/download-artifact@v3 + with: + name: frida-gadget-ios-arm64e + path: ios-arm64e/ + - name: Create universal frida-gadget for iOS + run: | + lipo \ + ios-x86_64/frida-gadget.dylib \ + ios-arm64/frida-gadget.dylib \ + ios-arm64e/frida-gadget.dylib \ + -create -output frida-gadget-ios-universal.dylib + install_name_tool \ + -id @executable_path/Frameworks/FridaGadget.dylib \ + frida-gadget-ios-universal.dylib + codesign \ + -f -s "$IOS_CERTID" \ + frida-gadget-ios-universal.dylib + - name: Compress universal frida-gadget for iOS + run: | + gzip -k frida-gadget-ios-universal.dylib + xz -T 0 frida-gadget-ios-universal.dylib + - name: Upload universal frida-gadget for iOS (gz) + uses: actions/upload-artifact@v3 + with: + name: release-assets + path: frida-gadget-ios-universal.dylib.gz + - name: Upload universal frida-gadget for iOS (xz) + uses: actions/upload-artifact@v3 + with: + name: release-assets + path: frida-gadget-ios-universal.dylib.xz + - name: Download Swift bindings for macOS/x86_64 + uses: actions/download-artifact@v3 + with: + name: frida-swift-macos-x86_64 + path: macos-x86_64/ + - name: Download Swift bindings for macOS/arm64 + uses: actions/download-artifact@v3 + with: + name: frida-swift-macos-arm64 + path: macos-arm64/ + - name: Create universal Swift bindings for macOS + run: | + tar -C macos-x86_64 -xf macos-x86_64/frida-swift.tar + tar -C macos-arm64 -xf macos-arm64/frida-swift.tar + lipo \ + macos-x86_64/Frida.framework/Frida \ + macos-arm64/Frida.framework/Frida \ + -create -output Frida.framework + cp -a macos-arm64/Frida.framework.dSYM . + rm Frida.framework.dSYM/Contents/Resources/DWARF/Frida + lipo \ + macos-x86_64/Frida.framework.dSYM/Contents/Resources/DWARF/Frida \ + macos-arm64/Frida.framework.dSYM/Contents/Resources/DWARF/Frida \ + -create -output Frida.framework.dSYM/Contents/Resources/DWARF/Frida + - name: Package universal Swift bindings for macOS + run: | + tar \ + -cJf frida-swift-macos-universal.tar.xz \ + Frida.framework \ + Frida.framework.dSYM + env: + XZ_OPT: "-T 0" + - name: Upload universal Swift bindings for macOS + uses: actions/upload-artifact@v3 + with: + name: release-assets + path: frida-swift-macos-universal.tar.xz + - name: Tear down environment + uses: ./.github/actions/teardown-macos-env + + package-windows: + if: startsWith(github.ref, 'refs/tags/') + needs: frida-windows + strategy: + matrix: + arch: [x86, x86_64] + runs-on: ubuntu-latest + steps: + - name: Check out repo + uses: actions/checkout@v3 + - name: Package Gum devkit + uses: ./.github/actions/package-artifact-files-as-tarball + with: + name: frida-gum-devkit-windows-${{ matrix.arch }} + - name: Package GumJS devkit + uses: ./.github/actions/package-artifact-files-as-tarball + with: + name: frida-gumjs-devkit-windows-${{ matrix.arch }} + - name: Package Core devkit + uses: ./.github/actions/package-artifact-files-as-tarball + with: + name: frida-core-devkit-windows-${{ matrix.arch }} + - name: Package frida-server + uses: ./.github/actions/package-artifact-file + with: + name: frida-server-windows-${{ matrix.arch }} + - name: Package frida-portal + uses: ./.github/actions/package-artifact-file + with: + name: frida-portal-windows-${{ matrix.arch }} + - name: Package frida-gadget + uses: ./.github/actions/package-artifact-file + with: + name: frida-gadget-windows-${{ matrix.arch }} + - name: Package .NET bindings + uses: ./.github/actions/package-artifact-file + with: + name: frida-clr-windows-${{ matrix.arch }} + - name: Package QML bindings + uses: ./.github/actions/package-artifact-files-as-tarball + with: + name: frida-qml-windows-${{ matrix.arch }} + + package-windows-sfx: + if: startsWith(github.ref, 'refs/tags/') + needs: frida-windows + strategy: + matrix: + arch: [x86, x86_64] + runs-on: windows-latest + steps: + - name: Check out repo + uses: actions/checkout@v3 + - name: Package Gum devkit + uses: ./.github/actions/package-artifact-files-as-sfx + with: + name: frida-gum-devkit-windows-${{ matrix.arch }} + - name: Package GumJS devkit + uses: ./.github/actions/package-artifact-files-as-sfx + with: + name: frida-gumjs-devkit-windows-${{ matrix.arch }} + - name: Package Core devkit + uses: ./.github/actions/package-artifact-files-as-sfx + with: + name: frida-core-devkit-windows-${{ matrix.arch }} + + package-macos: + if: startsWith(github.ref, 'refs/tags/') + needs: frida-macos + strategy: + matrix: + arch: [x86_64, arm64, arm64e] + runs-on: ubuntu-latest + steps: + - name: Check out repo + uses: actions/checkout@v3 + - name: Package Gum devkit + uses: ./.github/actions/package-artifact-files-as-tarball + with: + name: frida-gum-devkit-macos-${{ matrix.arch }} + - name: Package gum-graft + if: matrix.arch != 'arm64e' + uses: ./.github/actions/package-artifact-file + with: + name: gum-graft-macos-${{ matrix.arch }} + - name: Package GumJS devkit + uses: ./.github/actions/package-artifact-files-as-tarball + with: + name: frida-gumjs-devkit-macos-${{ matrix.arch }} + - name: Package Core devkit + uses: ./.github/actions/package-artifact-files-as-tarball + with: + name: frida-core-devkit-macos-${{ matrix.arch }} + - name: Package frida-server + uses: ./.github/actions/package-artifact-file + with: + name: frida-server-macos-${{ matrix.arch }} + - name: Package frida-portal + uses: ./.github/actions/package-artifact-file + with: + name: frida-portal-macos-${{ matrix.arch }} + - name: Package frida-inject + uses: ./.github/actions/package-artifact-file + with: + name: frida-inject-macos-${{ matrix.arch }} + - name: Package QML bindings + if: matrix.arch == 'x86_64' + uses: ./.github/actions/package-artifact-files-as-tarball + with: + name: frida-qml-macos-${{ matrix.arch }} + + package-linux: + if: startsWith(github.ref, 'refs/tags/') + needs: frida-linux + strategy: + matrix: + arch: [x86, x86_64, armhf, arm64, mips, mipsel, mips64, mips64el] + runs-on: ubuntu-latest + steps: + - name: Check out repo + uses: actions/checkout@v3 + - name: Package Gum devkit + uses: ./.github/actions/package-artifact-files-as-tarball + with: + name: frida-gum-devkit-linux-${{ matrix.arch }} + - name: Package GumJS devkit + uses: ./.github/actions/package-artifact-files-as-tarball + with: + name: frida-gumjs-devkit-linux-${{ matrix.arch }} + - name: Package Core devkit + uses: ./.github/actions/package-artifact-files-as-tarball + with: + name: frida-core-devkit-linux-${{ matrix.arch }} + - name: Package frida-server + uses: ./.github/actions/package-artifact-file + with: + name: frida-server-linux-${{ matrix.arch }} + - name: Package frida-portal + uses: ./.github/actions/package-artifact-file + with: + name: frida-portal-linux-${{ matrix.arch }} + - name: Package frida-gadget + uses: ./.github/actions/package-artifact-file + with: + name: frida-gadget-linux-${{ matrix.arch }} + - name: Package frida-inject + uses: ./.github/actions/package-artifact-file + with: + name: frida-inject-linux-${{ matrix.arch }} + - name: Package QML bindings + if: matrix.arch == 'x86_64' + uses: ./.github/actions/package-artifact-files-as-tarball + with: + name: frida-qml-linux-${{ matrix.arch }} + + package-ios: + if: startsWith(github.ref, 'refs/tags/') + needs: frida-ios + strategy: + matrix: + arch: [x86_64, arm64, arm64e, arm64eoabi] + runs-on: ubuntu-latest + steps: + - name: Check out repo + uses: actions/checkout@v3 + - name: Package Gum devkit + uses: ./.github/actions/package-artifact-files-as-tarball + with: + name: frida-gum-devkit-ios-${{ matrix.arch }} + - name: Package GumJS devkit + uses: ./.github/actions/package-artifact-files-as-tarball + with: + name: frida-gumjs-devkit-ios-${{ matrix.arch }} + - name: Package Core devkit + uses: ./.github/actions/package-artifact-files-as-tarball + with: + name: frida-core-devkit-ios-${{ matrix.arch }} + - name: Package frida-portal + uses: ./.github/actions/package-artifact-file + with: + name: frida-portal-ios-${{ matrix.arch }} + + package-android: + if: startsWith(github.ref, 'refs/tags/') + needs: frida-android + strategy: + matrix: + arch: [x86, x86_64, arm, arm64] + runs-on: ubuntu-latest + steps: + - name: Check out repo + uses: actions/checkout@v3 + - name: Package Gum devkit + uses: ./.github/actions/package-artifact-files-as-tarball + with: + name: frida-gum-devkit-android-${{ matrix.arch }} + - name: Package GumJS devkit + uses: ./.github/actions/package-artifact-files-as-tarball + with: + name: frida-gumjs-devkit-android-${{ matrix.arch }} + - name: Package Core devkit + uses: ./.github/actions/package-artifact-files-as-tarball + with: + name: frida-core-devkit-android-${{ matrix.arch }} + - name: Package frida-server + uses: ./.github/actions/package-artifact-file + with: + name: frida-server-android-${{ matrix.arch }} + - name: Package frida-portal + uses: ./.github/actions/package-artifact-file + with: + name: frida-portal-android-${{ matrix.arch }} + - name: Package frida-gadget + uses: ./.github/actions/package-artifact-file + with: + name: frida-gadget-android-${{ matrix.arch }} + - name: Package frida-inject + uses: ./.github/actions/package-artifact-file + with: + name: frida-inject-android-${{ matrix.arch }} + + package-freebsd: + if: startsWith(github.ref, 'refs/tags/') + needs: frida-freebsd + strategy: + matrix: + arch: [arm64] + runs-on: ubuntu-latest + steps: + - name: Check out repo + uses: actions/checkout@v3 + - name: Package Gum devkit + uses: ./.github/actions/package-artifact-files-as-tarball + with: + name: frida-gum-devkit-freebsd-${{ matrix.arch }} + - name: Package GumJS devkit + uses: ./.github/actions/package-artifact-files-as-tarball + with: + name: frida-gumjs-devkit-freebsd-${{ matrix.arch }} + - name: Package Core devkit + uses: ./.github/actions/package-artifact-files-as-tarball + with: + name: frida-core-devkit-freebsd-${{ matrix.arch }} + - name: Package frida-server + uses: ./.github/actions/package-artifact-file + with: + name: frida-server-freebsd-${{ matrix.arch }} + - name: Package frida-portal + uses: ./.github/actions/package-artifact-file + with: + name: frida-portal-freebsd-${{ matrix.arch }} + - name: Package frida-gadget + uses: ./.github/actions/package-artifact-file + with: + name: frida-gadget-freebsd-${{ matrix.arch }} + - name: Package frida-inject + uses: ./.github/actions/package-artifact-file + with: + name: frida-inject-freebsd-${{ matrix.arch }} + + package-qnx: + if: startsWith(github.ref, 'refs/tags/') + needs: frida-qnx + strategy: + matrix: + arch: [armeabi] + runs-on: ubuntu-latest + steps: + - name: Check out repo + uses: actions/checkout@v3 + - name: Package Gum devkit + uses: ./.github/actions/package-artifact-files-as-tarball + with: + name: frida-gum-devkit-qnx-${{ matrix.arch }} + - name: Package GumJS devkit + uses: ./.github/actions/package-artifact-files-as-tarball + with: + name: frida-gumjs-devkit-qnx-${{ matrix.arch }} + - name: Package Core devkit + uses: ./.github/actions/package-artifact-files-as-tarball + with: + name: frida-core-devkit-qnx-${{ matrix.arch }} + - name: Package frida-server + uses: ./.github/actions/package-artifact-file + with: + name: frida-server-qnx-${{ matrix.arch }} + - name: Package frida-portal + uses: ./.github/actions/package-artifact-file + with: + name: frida-portal-qnx-${{ matrix.arch }} + - name: Package frida-gadget + uses: ./.github/actions/package-artifact-file + with: + name: frida-gadget-qnx-${{ matrix.arch }} + - name: Package frida-inject + uses: ./.github/actions/package-artifact-file + with: + name: frida-inject-qnx-${{ matrix.arch }} + + frida-windows: + needs: sdk-windows + strategy: + matrix: + arch: [x86, x86_64] + fail-fast: false runs-on: windows-latest steps: - - name: Checkout monorepo + - name: Check out repo + uses: actions/checkout@v3 + with: + fetch-depth: 0 + submodules: true + - name: Set up Windows environment + uses: ./.github/actions/setup-windows-env + with: + aws-access-key-id: ${{ secrets.S3_ACCESS_KEY }} + aws-secret-access-key: ${{ secrets.S3_SECRET_KEY }} + cloudflare-email: ${{ secrets.CF_EMAIL }} + cloudflare-token: ${{ secrets.CF_TOKEN }} + architecture: ${{ matrix.arch == 'x86_64' && 'x64' || 'x86' }} + - name: Install Qt + uses: jurplel/install-qt-action@v3 + with: + arch: ${{ matrix.arch == 'x86_64' && 'win64_msvc2019_64' || 'win32_msvc2019' }} + cache: true + setup-python: false + - name: Set up MSVS environment + uses: ilammy/msvc-dev-cmd@v1 + with: + vsversion: 2022 + arch: ${{ matrix.arch }} + - name: Set up MSVS shorthands + run: | + $platforms = @{ + x86 = 'Win32' + x86_64 = 'x64' + } + $cpuModes = @{ + x86 = 32 + x86_64 = 64 + } + $arch = '${{ matrix.arch }}' + $config = 'Release' + $platform = $platforms[$arch] + $cpuMode = $cpuModes[$arch] + echo "FRIDA_SLN_CONFIG=$config|$platform" >> $Env:GITHUB_ENV + echo "FRIDA_VS_HOST=$platform-$config" >> $Env:GITHUB_ENV + echo "FRIDA_CPU_MODE=$cpuMode" >> $Env:GITHUB_ENV + - name: Prepare prebuilt dependencies + run: devenv frida.sln /Build $Env:FRIDA_SLN_CONFIG /Project frida-deps + - name: Build Gum library + run: devenv frida.sln /Build $Env:FRIDA_SLN_CONFIG /Project gum-${Env:FRIDA_CPU_MODE} + - name: Build Gum devkit + run: python releng/devkit.py frida-gum windows-${{ matrix.arch }} build/devkits/gum + - name: Upload Gum devkit + uses: actions/upload-artifact@v3 + with: + name: frida-gum-devkit-windows-${{ matrix.arch }} + path: build/devkits/gum/ + - name: Build GumJS library + run: devenv frida.sln /Build $Env:FRIDA_SLN_CONFIG /Project gumjs-${Env:FRIDA_CPU_MODE} + - name: Build GumJS devkit + run: python releng/devkit.py frida-gumjs windows-${{ matrix.arch }} build/devkits/gumjs + - name: Upload GumJS devkit + uses: actions/upload-artifact@v3 + with: + name: frida-gumjs-devkit-windows-${{ matrix.arch }} + path: build/devkits/gumjs/ + - name: Build Core library + run: devenv frida.sln /Build $Env:FRIDA_SLN_CONFIG /Project frida-core + - name: Build Core devkit + run: python releng/devkit.py frida-core windows-${{ matrix.arch }} build/devkits/core + - name: Upload Core devkit + uses: actions/upload-artifact@v3 + with: + name: frida-core-devkit-windows-${{ matrix.arch }} + path: build/devkits/core/ + - name: Build frida-server + run: devenv frida.sln /Build $Env:FRIDA_SLN_CONFIG /Project frida-server + - name: Upload frida-server + uses: actions/upload-artifact@v3 + with: + name: frida-server-windows-${{ matrix.arch }} + path: build/frida-windows/${{ env.FRIDA_VS_HOST }}/bin/frida-server.exe + - name: Build frida-portal + run: devenv frida.sln /Build $Env:FRIDA_SLN_CONFIG /Project frida-portal + - name: Upload frida-portal + uses: actions/upload-artifact@v3 + with: + name: frida-portal-windows-${{ matrix.arch }} + path: build/frida-windows/${{ env.FRIDA_VS_HOST }}/bin/frida-portal.exe + - name: Build frida-gadget + run: devenv frida.sln /Build $Env:FRIDA_SLN_CONFIG /Project frida-gadget + - name: Upload frida-gadget + uses: actions/upload-artifact@v3 + with: + name: frida-gadget-windows-${{ matrix.arch }} + path: build/frida-windows/${{ env.FRIDA_VS_HOST }}/bin/frida-gadget.dll + - name: Build Python bindings + run: | + devenv frida.sln /Build $Env:FRIDA_SLN_CONFIG /Project frida-python + $Env:FRIDA_EXTENSION = "$pwd\build\frida-windows\${Env:FRIDA_VS_HOST}\lib\python3.10\site-packages\_frida.pyd" + cd frida-python + pip wheel -w ..\build\wheels --no-deps . + - name: Upload Python bindings + uses: actions/upload-artifact@v3 + with: + name: frida-python-windows-${{ matrix.arch }} + path: build/wheels/frida-*.whl + - name: Build Node.js bindings + run: | + $Env:npm_config_jobs = 'max' + cd frida-node + npm version $Env:FRIDA_VERSION + npm install + $nodeTargets = '${{ env.NODE_TARGETS_DEFAULT }}'.Split(' ') + $electronTargets = '${{ env.ELECTRON_TARGETS_DEFAULT }}'.Split(' ') + if ('${{ matrix.arch }}' -eq 'x86') { + $nodeTargets = $nodeTargets | where { [int]($_.Split('.')[0]) -le 16 } + } + npm run prebuild -- -r node $($nodeTargets | % {'-t', $_}) + npm run prebuild -- -r electron $($electronTargets | % {'-t', $_}) + - name: Upload Node.js bindings + uses: actions/upload-artifact@v3 + with: + name: frida-node-windows-${{ matrix.arch }} + path: frida-node/prebuilds/* + - name: Build .NET bindings + run: devenv frida.sln /Build $Env:FRIDA_SLN_CONFIG /Project frida-clr + - name: Upload .NET bindings + uses: actions/upload-artifact@v3 + with: + name: frida-clr-windows-${{ matrix.arch }} + path: build/frida-windows/${{ env.FRIDA_VS_HOST }}/bin/Frida.dll + - name: Build QML bindings + run: | + cd build/tmp-windows/${Env:FRIDA_VS_HOST} + md frida-qml + cd frida-qml + qmake QMAKE_TARGET.arch=${{ matrix.arch }} ../../../../frida-qml + nmake /f Makefile.Release install + - name: Upload QML bindings + uses: actions/upload-artifact@v3 + with: + name: frida-qml-windows-${{ matrix.arch }} + path: build/frida-windows/${{ env.FRIDA_VS_HOST }}/lib/qt5/qml/ + + frida-macos: + needs: sdk-macos + strategy: + matrix: + arch: [x86_64, arm64, arm64e] + fail-fast: false + runs-on: ${{ matrix.arch == 'x86_64' && 'macos-12' || 'macos-12-arm64' }} + steps: + - name: Check out repo + uses: actions/checkout@v3 + with: + fetch-depth: 0 + submodules: true + - name: Set up environment + uses: ./.github/actions/setup-macos-env + with: + certificates-p12: ${{ secrets.APPLE_CERTIFICATES_P12 }} + certificates-password: ${{ secrets.APPLE_CERTIFICATES_PASSWORD }} + keychain-password: ${{ secrets.APPLE_KEYCHAIN_PASSWORD }} + aws-access-key-id: ${{ secrets.S3_ACCESS_KEY }} + aws-secret-access-key: ${{ secrets.S3_SECRET_KEY }} + cloudflare-email: ${{ secrets.CF_EMAIL }} + cloudflare-token: ${{ secrets.CF_TOKEN }} + - name: Install Qt + if: matrix.arch == 'x86_64' + uses: jurplel/install-qt-action@v3 + with: + cache: true + setup-python: false + - name: Build Gum libraries and tools + run: make build/frida-macos-${{ matrix.arch }}/lib/pkgconfig/frida-gum-1.0.pc + - name: Build Gum devkit + run: releng/devkit.py frida-gum macos-${{ matrix.arch }} build/devkits/gum + - name: Upload Gum devkit + uses: actions/upload-artifact@v3 + with: + name: frida-gum-devkit-macos-${{ matrix.arch }} + path: build/devkits/gum/ + - name: Upload gum-graft + uses: actions/upload-artifact@v3 + with: + name: gum-graft-macos-${{ matrix.arch }} + path: build/frida-macos-${{ matrix.arch }}/bin/gum-graft + - name: Build GumJS devkit + run: releng/devkit.py frida-gumjs macos-${{ matrix.arch }} build/devkits/gumjs + - name: Upload GumJS devkit + uses: actions/upload-artifact@v3 + with: + name: frida-gumjs-devkit-macos-${{ matrix.arch }} + path: build/devkits/gumjs/ + - name: Build Core libraries and tools + run: make build/frida-macos-${{ matrix.arch }}/lib/pkgconfig/frida-core-1.0.pc + - name: Build Core devkit + run: releng/devkit.py frida-core macos-${{ matrix.arch }} build/devkits/core + - name: Upload Core devkit + uses: actions/upload-artifact@v3 + with: + name: frida-core-devkit-macos-${{ matrix.arch }} + path: build/devkits/core/ + - name: Upload frida-server + uses: actions/upload-artifact@v3 + with: + name: frida-server-macos-${{ matrix.arch }} + path: build/frida-macos-${{ matrix.arch }}/bin/frida-server + - name: Upload frida-portal + uses: actions/upload-artifact@v3 + with: + name: frida-portal-macos-${{ matrix.arch }} + path: build/frida-macos-${{ matrix.arch }}/bin/frida-portal + - name: Upload frida-inject + uses: actions/upload-artifact@v3 + with: + name: frida-inject-macos-${{ matrix.arch }} + path: build/frida-macos-${{ matrix.arch }}/bin/frida-inject + - name: Upload frida-gadget + uses: actions/upload-artifact@v3 + with: + name: frida-gadget-macos-${{ matrix.arch }} + path: build/frida-macos-${{ matrix.arch }}/lib/frida/frida-gadget.dylib + - name: Build Swift bindings + if: matrix.arch != 'arm64e' + run: | + cp build/devkits/core/* frida-swift/CFrida/ + cd frida-swift + xcodebuild -arch ${{ matrix.arch }} -configuration Release + - name: Package Swift bindings + if: matrix.arch != 'arm64e' + run: | + tar \ + -C frida-swift/build/Release \ + -cf frida-swift.tar \ + Frida.framework \ + Frida.framework.dSYM + - name: Upload Swift bindings + if: matrix.arch != 'arm64e' + uses: actions/upload-artifact@v3 + with: + name: frida-swift-macos-${{ matrix.arch }} + path: frida-swift.tar + - name: Build Python bindings + run: | + make build/tmp-macos-${{ matrix.arch }}/frida-python3.10/.frida-stamp PYTHON=python3.10 + export FRIDA_EXTENSION=$PWD/build/frida-macos-${{ matrix.arch }}/lib/python3.10/site-packages/_frida.so + case ${{ matrix.arch }} in + x86_64) + platform=macosx-10.9-x86_64 + ;; + arm64*) + platform=macosx-11.0-arm64 + ;; + esac + export _PYTHON_HOST_PLATFORM=$platform + cd frida-python + pip wheel -w ../build/wheels --no-deps . + - name: Upload Python bindings + uses: actions/upload-artifact@v3 + with: + name: frida-python-macos-${{ matrix.arch }} + path: build/wheels/frida-*.whl + - name: Build Node.js bindings + if: matrix.arch != 'arm64e' + run: | + . build/frida-env-macos-${{ matrix.arch }}.rc + case ${{ matrix.arch }} in + x86_64) + gyp_arch=x64 + ;; + *) + gyp_arch=${{ matrix.arch }} + ;; + esac + export npm_config_arch=$gyp_arch + export npm_config_jobs=max + export prebuild_arch=$gyp_arch + cd frida-node + npm version $FRIDA_VERSION + npm install + for target in ${{ env.NODE_TARGETS_DEFAULT }}; do + npm run prebuild -- -r node -t $target + done + for target in ${{ env.ELECTRON_TARGETS_DEFAULT }}; do + npm run prebuild -- -r electron -t $target + done + - name: Upload Node.js bindings + if: matrix.arch != 'arm64e' + uses: actions/upload-artifact@v3 + with: + name: frida-node-macos-${{ matrix.arch }} + path: frida-node/prebuilds/* + - name: Build QML bindings + if: matrix.arch == 'x86_64' + run: | + cd build/tmp-macos-${{ matrix.arch }} + mkdir frida-qml + cd frida-qml + qmake QMAKE_TARGET.arch=${{ matrix.arch }} ../../../frida-qml + make -j$(nproc) install + - name: Upload QML bindings + if: matrix.arch == 'x86_64' + uses: actions/upload-artifact@v3 + with: + name: frida-qml-macos-${{ matrix.arch }} + path: build/frida-macos-${{ matrix.arch }}/lib/qt5/qml/ + - name: Tear down environment + uses: ./.github/actions/teardown-macos-env + + frida-linux: + needs: sdk-linux + strategy: + matrix: + arch: [x86, x86_64, armhf, arm64, mips, mipsel, mips64, mips64el] + fail-fast: false + runs-on: ubuntu-latest + container: ghcr.io/frida/x-tools-linux-${{ matrix.arch }}:latest + steps: + - name: Check out repo uses: actions/checkout@v3 with: fetch-depth: 0 submodules: true - name: Set up environment - uses: ./.github/actions/setup-windows-env + uses: ./.github/actions/setup-linux-env + with: + aws-access-key-id: ${{ secrets.S3_ACCESS_KEY }} + aws-secret-access-key: ${{ secrets.S3_SECRET_KEY }} + cloudflare-email: ${{ secrets.CF_EMAIL }} + cloudflare-token: ${{ secrets.CF_TOKEN }} + - name: Install packages needed for installing Qt + if: matrix.arch == 'x86_64' + run: | + apt-get update + apt-get install -y sudo + - name: Install Qt + if: matrix.arch == 'x86_64' + uses: jurplel/install-qt-action@v3 + with: + cache: true + setup-python: false + - name: Build Gum libraries and tools + run: make build/frida_thin-linux-${{ matrix.arch }}/lib/pkgconfig/frida-gum-1.0.pc + - name: Build Gum devkit + run: releng/devkit.py -t frida-gum linux-${{ matrix.arch }} build/devkits/gum + - name: Upload Gum devkit + uses: actions/upload-artifact@v3 + with: + name: frida-gum-devkit-linux-${{ matrix.arch }} + path: build/devkits/gum/ + - name: Build GumJS devkit + run: releng/devkit.py -t frida-gumjs linux-${{ matrix.arch }} build/devkits/gumjs + - name: Upload GumJS devkit + uses: actions/upload-artifact@v3 + with: + name: frida-gumjs-devkit-linux-${{ matrix.arch }} + path: build/devkits/gumjs/ + - name: Build Core libraries and tools + run: make build/frida_thin-linux-${{ matrix.arch }}/lib/pkgconfig/frida-core-1.0.pc + - name: Build Core devkit + run: releng/devkit.py -t frida-core linux-${{ matrix.arch }} build/devkits/core + - name: Upload Core devkit + uses: actions/upload-artifact@v3 + with: + name: frida-core-devkit-linux-${{ matrix.arch }} + path: build/devkits/core/ + - name: Upload frida-server + uses: actions/upload-artifact@v3 + with: + name: frida-server-linux-${{ matrix.arch }} + path: build/frida-linux-${{ matrix.arch }}/bin/frida-server + - name: Upload frida-portal + uses: actions/upload-artifact@v3 + with: + name: frida-portal-linux-${{ matrix.arch }} + path: build/frida-linux-${{ matrix.arch }}/bin/frida-portal + - name: Upload frida-inject + uses: actions/upload-artifact@v3 + with: + name: frida-inject-linux-${{ matrix.arch }} + path: build/frida-linux-${{ matrix.arch }}/bin/frida-inject + - name: Upload 32-bit frida-gadget + if: ${{ !contains(matrix.arch, '64') }} + uses: actions/upload-artifact@v3 + with: + name: frida-gadget-linux-${{ matrix.arch }} + path: build/frida-linux-${{ matrix.arch }}/lib/frida/32/frida-gadget.so + - name: Upload 64-bit frida-gadget + if: ${{ contains(matrix.arch, '64') }} + uses: actions/upload-artifact@v3 + with: + name: frida-gadget-linux-${{ matrix.arch }} + path: build/frida-linux-${{ matrix.arch }}/lib/frida/64/frida-gadget.so + - name: Build Python bindings + run: | + make build/tmp_thin-linux-${{ matrix.arch }}/frida-python3.10/.frida-stamp \ + PYTHON_NAME=python3.10 \ + PYTHON_INCDIR=/opt/x-tools/$XTOOLS_HOST/$XTOOLS_HOST/sysroot/usr/include/python3.10 + export FRIDA_EXTENSION=$PWD/build/frida_thin-linux-${{ matrix.arch }}/lib/python3.10/site-packages/_frida.so + case ${{ matrix.arch }} in + x86) + py_arch=i686 + ;; + armhf) + py_arch=armv7l + ;; + arm64) + py_arch=aarch64 + ;; + *) + py_arch=${{ matrix.arch }} + ;; + esac + export _PYTHON_HOST_PLATFORM=manylinux-2.5-$py_arch + cd frida-python + pip wheel -w ../build/wheels --no-deps . + - name: Upload Python bindings + uses: actions/upload-artifact@v3 + with: + name: frida-python-linux-${{ matrix.arch }} + path: build/wheels/frida-*.whl + - name: Build Node.js bindings + if: ${{ !startsWith(matrix.arch, 'mips') }} + run: | + case ${{ matrix.arch }} in + x86) + gyp_arch=ia32 + ;; + x86_64) + gyp_arch=x64 + ;; + armhf) + gyp_arch=arm + ;; + *) + gyp_arch=${{ matrix.arch }} + ;; + esac + export npm_config_arch=$gyp_arch + export npm_config_jobs=max + export prebuild_arch=$gyp_arch + cd frida-node + npm version $FRIDA_VERSION + npm install + for target in ${{ env.NODE_TARGETS_DEFAULT }}; do + npm run prebuild -- -r node -t $target + done + for target in ${{ env.ELECTRON_TARGETS_DEFAULT }}; do + npm run prebuild -- -r electron -t $target + done + - name: Upload Node.js bindings + if: ${{ !startsWith(matrix.arch, 'mips') }} + uses: actions/upload-artifact@v3 + with: + name: frida-node-linux-${{ matrix.arch }} + path: frida-node/prebuilds/* + - name: Build QML bindings + if: matrix.arch == 'x86_64' + run: | + cd build/tmp_thin-linux-${{ matrix.arch }} + mkdir frida-qml + cd frida-qml + qmake QMAKE_TARGET.arch=${{ matrix.arch }} ../../../frida-qml + make -j$(nproc) install + - name: Upload QML bindings + if: matrix.arch == 'x86_64' + uses: actions/upload-artifact@v3 + with: + name: frida-qml-linux-${{ matrix.arch }} + path: build/frida-linux-${{ matrix.arch }}/lib/qt5/qml/ + + frida-ios: + needs: sdk-ios + strategy: + matrix: + arch: [x86_64, arm64, arm64e, arm64eoabi] + fail-fast: false + runs-on: macos-11 + env: + XCODE11: /Applications/Xcode_11.7.app + steps: + - name: Check out repo + uses: actions/checkout@v3 + with: + fetch-depth: 0 + submodules: true + - name: Set up environment + uses: ./.github/actions/setup-macos-env + with: + certificates-p12: ${{ secrets.APPLE_CERTIFICATES_P12 }} + certificates-password: ${{ secrets.APPLE_CERTIFICATES_PASSWORD }} + keychain-password: ${{ secrets.APPLE_KEYCHAIN_PASSWORD }} + aws-access-key-id: ${{ secrets.S3_ACCESS_KEY }} + aws-secret-access-key: ${{ secrets.S3_SECRET_KEY }} + cloudflare-email: ${{ secrets.CF_EMAIL }} + cloudflare-token: ${{ secrets.CF_TOKEN }} + - name: Build Gum libraries and tools + run: make build/frida-ios-${{ matrix.arch }}/usr/lib/pkgconfig/frida-gum-1.0.pc + - name: Build Gum devkit + run: releng/devkit.py frida-gum ios-${{ matrix.arch }} build/devkits/gum + - name: Upload Gum devkit + uses: actions/upload-artifact@v3 + with: + name: frida-gum-devkit-ios-${{ matrix.arch }} + path: build/devkits/gum/ + - name: Build GumJS devkit + run: releng/devkit.py frida-gumjs ios-${{ matrix.arch }} build/devkits/gumjs + - name: Upload GumJS devkit + uses: actions/upload-artifact@v3 + with: + name: frida-gumjs-devkit-ios-${{ matrix.arch }} + path: build/devkits/gumjs/ + - name: Build Core libraries and tools + run: make build/frida-ios-${{ matrix.arch }}/usr/lib/pkgconfig/frida-core-1.0.pc + - name: Build Core devkit + run: releng/devkit.py frida-core ios-${{ matrix.arch }} build/devkits/core + - name: Upload Core devkit + uses: actions/upload-artifact@v3 + with: + name: frida-core-devkit-ios-${{ matrix.arch }} + path: build/devkits/core/ + - name: Upload frida-server + uses: actions/upload-artifact@v3 + with: + name: frida-server-ios-${{ matrix.arch }} + path: build/frida-ios-${{ matrix.arch }}/usr/bin/frida-server + - name: Upload frida-portal + uses: actions/upload-artifact@v3 + with: + name: frida-portal-ios-${{ matrix.arch }} + path: build/frida-ios-${{ matrix.arch }}/usr/bin/frida-portal + - name: Upload frida-inject + uses: actions/upload-artifact@v3 + with: + name: frida-inject-ios-${{ matrix.arch }} + path: build/frida-ios-${{ matrix.arch }}/usr/bin/frida-inject + - name: Upload frida-agent + uses: actions/upload-artifact@v3 + with: + name: frida-agent-ios-${{ matrix.arch }} + path: build/frida-ios-${{ matrix.arch }}/usr/lib/frida/frida-agent.dylib + - name: Upload frida-gadget + uses: actions/upload-artifact@v3 + with: + name: frida-gadget-ios-${{ matrix.arch }} + path: build/frida-ios-${{ matrix.arch }}/usr/lib/frida/frida-gadget.dylib + - name: Tear down environment + uses: ./.github/actions/teardown-macos-env + + frida-android: + needs: [sdk-linux, sdk-android-32, sdk-android-64] + strategy: + matrix: + arch: [x86, x86_64, arm, arm64] + fail-fast: false + runs-on: ubuntu-latest + steps: + - name: Check out repo + uses: actions/checkout@v3 + with: + fetch-depth: 0 + submodules: true + - name: Set up environment + uses: ./.github/actions/setup-linux-env + with: + aws-access-key-id: ${{ secrets.S3_ACCESS_KEY }} + aws-secret-access-key: ${{ secrets.S3_SECRET_KEY }} + cloudflare-email: ${{ secrets.CF_EMAIL }} + cloudflare-token: ${{ secrets.CF_TOKEN }} + - name: Set up NDK + id: setup-ndk + uses: nttld/setup-ndk@v1 + with: + ndk-version: ${{ env.ANDROID_NDK_VERSION }} + add-to-path: false + - name: Add ANDROID_NDK_ROOT to environment + run: echo "ANDROID_NDK_ROOT=${{ steps.setup-ndk.outputs.ndk-path }}" >> $GITHUB_ENV + - name: Install Python + uses: actions/setup-python@v4 + with: + python-version: '3.10' + - name: Build Gum libraries and tools + run: make build/frida-android-${{ matrix.arch }}/lib/pkgconfig/frida-gum-1.0.pc + - name: Build Gum devkit + run: releng/devkit.py frida-gum android-${{ matrix.arch }} build/devkits/gum + - name: Upload Gum devkit + uses: actions/upload-artifact@v3 + with: + name: frida-gum-devkit-android-${{ matrix.arch }} + path: build/devkits/gum/ + - name: Build GumJS devkit + run: releng/devkit.py frida-gumjs android-${{ matrix.arch }} build/devkits/gumjs + - name: Upload GumJS devkit + uses: actions/upload-artifact@v3 + with: + name: frida-gumjs-devkit-android-${{ matrix.arch }} + path: build/devkits/gumjs/ + - name: Build Core libraries and tools + run: make build/frida-android-${{ matrix.arch }}/lib/pkgconfig/frida-core-1.0.pc + - name: Build Core devkit + run: releng/devkit.py frida-core android-${{ matrix.arch }} build/devkits/core + - name: Upload Core devkit + uses: actions/upload-artifact@v3 + with: + name: frida-core-devkit-android-${{ matrix.arch }} + path: build/devkits/core/ + - name: Upload frida-server + uses: actions/upload-artifact@v3 + with: + name: frida-server-android-${{ matrix.arch }} + path: build/frida-android-${{ matrix.arch }}/bin/frida-server + - name: Upload frida-portal + uses: actions/upload-artifact@v3 + with: + name: frida-portal-android-${{ matrix.arch }} + path: build/frida-android-${{ matrix.arch }}/bin/frida-portal + - name: Upload frida-inject + uses: actions/upload-artifact@v3 + with: + name: frida-inject-android-${{ matrix.arch }} + path: build/frida-android-${{ matrix.arch }}/bin/frida-inject + - name: Upload 32-bit frida-gadget + if: ${{ !contains(matrix.arch, '64') }} + uses: actions/upload-artifact@v3 + with: + name: frida-gadget-android-${{ matrix.arch }} + path: build/frida-android-${{ matrix.arch }}/lib/frida/32/frida-gadget.so + - name: Upload 64-bit frida-gadget + if: ${{ contains(matrix.arch, '64') }} + uses: actions/upload-artifact@v3 + with: + name: frida-gadget-android-${{ matrix.arch }} + path: build/frida-android-${{ matrix.arch }}/lib/frida/64/frida-gadget.so + + frida-freebsd: + runs-on: [freebsd, arm64] + steps: + - name: Check out repo + uses: actions/checkout@v3 + with: + fetch-depth: 0 + submodules: true + - name: Set up environment + uses: ./.github/actions/setup-freebsd-env with: aws-access-key-id: ${{ secrets.S3_ACCESS_KEY }} aws-secret-access-key: ${{ secrets.S3_SECRET_KEY }} cloudflare-email: ${{ secrets.CF_EMAIL }} cloudflare-token: ${{ secrets.CF_TOKEN }} + - name: Roll toolchain + run: releng/deps.py roll toolchain freebsd-arm64 --activate + - name: Roll SDK + run: releng/deps.py roll sdk freebsd-arm64 + - name: Build Gum libraries and tools + run: make gum + - name: Build Gum devkit + run: releng/devkit.py frida-gum freebsd-arm64 build/devkits/gum + - name: Upload Gum devkit + uses: actions/upload-artifact@v3 + with: + name: frida-gum-devkit-freebsd-arm64 + path: build/devkits/gum/ + - name: Build GumJS devkit + run: releng/devkit.py frida-gumjs freebsd-arm64 build/devkits/gumjs + - name: Upload GumJS devkit + uses: actions/upload-artifact@v3 + with: + name: frida-gumjs-devkit-freebsd-arm64 + path: build/devkits/gumjs/ + - name: Test Gum + run: make check-gum + - name: Build Core libraries and tools + run: make core + - name: Build Core devkit + run: releng/devkit.py frida-core freebsd-arm64 build/devkits/core + - name: Upload Core devkit + uses: actions/upload-artifact@v3 + with: + name: frida-core-devkit-freebsd-arm64 + path: build/devkits/core/ + - name: Upload frida-server + uses: actions/upload-artifact@v3 + with: + name: frida-server-freebsd-arm64 + path: build/frida-freebsd-arm64/bin/frida-server + - name: Upload frida-portal + uses: actions/upload-artifact@v3 + with: + name: frida-portal-freebsd-arm64 + path: build/frida-freebsd-arm64/bin/frida-portal + - name: Upload frida-inject + uses: actions/upload-artifact@v3 + with: + name: frida-inject-freebsd-arm64 + path: build/frida-freebsd-arm64/bin/frida-inject + - name: Upload frida-gadget + uses: actions/upload-artifact@v3 + with: + name: frida-gadget-freebsd-arm64 + path: build/frida-freebsd-arm64/lib/frida/64/frida-gadget.so + - name: Test Core + run: make check-core + - name: Build Python bindings + run: | + make python + export FRIDA_EXTENSION=$PWD/build/frida-freebsd-arm64/lib/python3.9/site-packages/_frida.so + cd frida-python + pip wheel -w ../build/wheels --no-deps . + - name: Upload Python bindings + uses: actions/upload-artifact@v3 + with: + name: frida-python-freebsd-arm64 + path: build/wheels/frida-*.whl + - name: Build Node.js bindings + run: | + export npm_config_jobs=max + cd frida-node + npm version $FRIDA_VERSION + npm install + for target in ${{ env.NODE_TARGETS_FREEBSD }}; do + npm run prebuild -- -r node -t $target + done + for target in ${{ env.ELECTRON_TARGETS_FREEBSD }}; do + npm run prebuild -- -r electron -t $target + done + - name: Upload Node.js bindings + uses: actions/upload-artifact@v3 + with: + name: frida-node-freebsd-arm64 + path: frida-node/prebuilds/* + + frida-qnx: + runs-on: ubuntu-latest + needs: sdk-linux + container: ghcr.io/frida/qnx-tools:latest + steps: + - name: Check out repo + uses: actions/checkout@v3 + with: + fetch-depth: 0 + submodules: true + - name: Set up environment + uses: ./.github/actions/setup-linux-env + with: + aws-access-key-id: ${{ secrets.S3_ACCESS_KEY }} + aws-secret-access-key: ${{ secrets.S3_SECRET_KEY }} + cloudflare-email: ${{ secrets.CF_EMAIL }} + cloudflare-token: ${{ secrets.CF_TOKEN }} + - name: Roll SDK + run: releng/deps.py roll sdk qnx-armeabi + - name: Build Gum libraries and tools + run: make gum-qnx-armeabi + - name: Build Gum devkit + run: releng/devkit.py -t frida-gum qnx-armeabi build/devkits/gum + - name: Upload Gum devkit + uses: actions/upload-artifact@v3 + with: + name: frida-gum-devkit-qnx-armeabi + path: build/devkits/gum/ + - name: Build GumJS devkit + run: releng/devkit.py -t frida-gumjs qnx-armeabi build/devkits/gumjs + - name: Upload GumJS devkit + uses: actions/upload-artifact@v3 + with: + name: frida-gumjs-devkit-qnx-armeabi + path: build/devkits/gumjs/ + - name: Test Gum + run: | + tar -C build/tmp_thin-qnx-armeabi/frida-gum/tests -cf /tmp/runner.tar gum-tests data/ + /opt/sabrelite/run.sh /tmp/runner.tar /opt/frida/gum-tests + - name: Build Core libraries and tools + run: make core-qnx-armeabi + - name: Build Core devkit + run: releng/devkit.py -t frida-core qnx-armeabi build/devkits/core + - name: Upload Core devkit + uses: actions/upload-artifact@v3 + with: + name: frida-core-devkit-qnx-armeabi + path: build/devkits/core/ + - name: Upload frida-server + uses: actions/upload-artifact@v3 + with: + name: frida-server-qnx-armeabi + path: build/frida_thin-qnx-armeabi/bin/frida-server + - name: Upload frida-portal + uses: actions/upload-artifact@v3 + with: + name: frida-portal-qnx-armeabi + path: build/frida_thin-qnx-armeabi/bin/frida-portal + - name: Upload frida-inject + uses: actions/upload-artifact@v3 + with: + name: frida-inject-qnx-armeabi + path: build/frida_thin-qnx-armeabi/bin/frida-inject + - name: Upload frida-gadget + uses: actions/upload-artifact@v3 + with: + name: frida-gadget-qnx-armeabi + path: build/frida_thin-qnx-armeabi/lib/frida/32/frida-gadget.so + - name: Test Core + run: | + mkdir -p /tmp/pkg + cd build/tmp_thin-qnx-armeabi/frida-core + cp -a tests/frida-tests tests/labrats/ lib/agent/frida-agent.so /tmp/pkg + tar -C /tmp/pkg -cf /tmp/runner.tar . + /opt/sabrelite/run.sh /tmp/runner.tar /opt/frida/frida-tests + continue-on-error: true + + toolchain-windows: + runs-on: windows-latest + steps: + - name: Check out repo + uses: actions/checkout@v3 + - name: Set up environment + uses: ./.github/actions/setup-windows-env + with: + aws-access-key-id: ${{ secrets.S3_ACCESS_KEY }} + aws-secret-access-key: ${{ secrets.S3_SECRET_KEY }} + cloudflare-email: ${{ secrets.CF_EMAIL }} + cloudflare-token: ${{ secrets.CF_TOKEN }} - name: Roll toolchain run: python releng\deps.py roll toolchain windows-x86 sdk-windows: - runs-on: windows-latest needs: toolchain-windows strategy: matrix: arch: [x86, x86_64] config: [release, debug] fail-fast: false + runs-on: windows-latest steps: - - name: Checkout monorepo + - name: Check out repo uses: actions/checkout@v3 - with: - fetch-depth: 0 - submodules: true - name: Set up environment uses: ./.github/actions/setup-windows-env with: - aws-access-key-id: ${{ secrets.S3_ACCESS_KEY }} - aws-secret-access-key: ${{ secrets.S3_SECRET_KEY }} - cloudflare-email: ${{ secrets.CF_EMAIL }} - cloudflare-token: ${{ secrets.CF_TOKEN }} + aws-access-key-id: ${{ secrets.S3_ACCESS_KEY }} + aws-secret-access-key: ${{ secrets.S3_SECRET_KEY }} + cloudflare-email: ${{ secrets.CF_EMAIL }} + cloudflare-token: ${{ secrets.CF_TOKEN }} - name: Roll SDK run: python releng\deps.py roll sdk windows-${{ matrix.arch }}-${{ matrix.config }} --activate toolchain-macos: - runs-on: macos-latest strategy: matrix: arch: [x86_64, arm64] fail-fast: false + runs-on: macos-latest steps: - name: Check out repo uses: actions/checkout@v3 - name: Set up environment uses: ./.github/actions/setup-macos-env with: - aws-access-key-id: ${{ secrets.S3_ACCESS_KEY }} - aws-secret-access-key: ${{ secrets.S3_SECRET_KEY }} - cloudflare-email: ${{ secrets.CF_EMAIL }} - cloudflare-token: ${{ secrets.CF_TOKEN }} + certificates-p12: ${{ secrets.APPLE_CERTIFICATES_P12 }} + certificates-password: ${{ secrets.APPLE_CERTIFICATES_PASSWORD }} + keychain-password: ${{ secrets.APPLE_KEYCHAIN_PASSWORD }} + aws-access-key-id: ${{ secrets.S3_ACCESS_KEY }} + aws-secret-access-key: ${{ secrets.S3_SECRET_KEY }} + cloudflare-email: ${{ secrets.CF_EMAIL }} + cloudflare-token: ${{ secrets.CF_TOKEN }} - name: Roll toolchain run: releng/deps.py roll toolchain macos-${{ matrix.arch }} + - name: Tear down environment + uses: ./.github/actions/teardown-macos-env sdk-macos: - runs-on: macos-latest needs: toolchain-macos strategy: matrix: arch: [x86_64, arm64, arm64e] fail-fast: false + runs-on: ${{ matrix.arch == 'x86_64' && 'macos-latest' || 'macos-12-arm64' }} steps: - name: Check out repo uses: actions/checkout@v3 - name: Set up environment uses: ./.github/actions/setup-macos-env with: - aws-access-key-id: ${{ secrets.S3_ACCESS_KEY }} - aws-secret-access-key: ${{ secrets.S3_SECRET_KEY }} - cloudflare-email: ${{ secrets.CF_EMAIL }} - cloudflare-token: ${{ secrets.CF_TOKEN }} + certificates-p12: ${{ secrets.APPLE_CERTIFICATES_P12 }} + certificates-password: ${{ secrets.APPLE_CERTIFICATES_PASSWORD }} + keychain-password: ${{ secrets.APPLE_KEYCHAIN_PASSWORD }} + aws-access-key-id: ${{ secrets.S3_ACCESS_KEY }} + aws-secret-access-key: ${{ secrets.S3_SECRET_KEY }} + cloudflare-email: ${{ secrets.CF_EMAIL }} + cloudflare-token: ${{ secrets.CF_TOKEN }} - name: Roll SDK run: releng/deps.py roll sdk macos-${{ matrix.arch }} --activate + - name: Tear down environment + uses: ./.github/actions/teardown-macos-env sdk-ios: - runs-on: macos-11 needs: toolchain-macos strategy: matrix: arch: [x86_64, arm64, arm64e, arm64eoabi] fail-fast: false + runs-on: macos-11 env: XCODE11: /Applications/Xcode_11.7.app steps: @@ -108,19 +1614,23 @@ jobs: - name: Set up environment uses: ./.github/actions/setup-macos-env with: - aws-access-key-id: ${{ secrets.S3_ACCESS_KEY }} - aws-secret-access-key: ${{ secrets.S3_SECRET_KEY }} - cloudflare-email: ${{ secrets.CF_EMAIL }} - cloudflare-token: ${{ secrets.CF_TOKEN }} + certificates-p12: ${{ secrets.APPLE_CERTIFICATES_P12 }} + certificates-password: ${{ secrets.APPLE_CERTIFICATES_PASSWORD }} + aws-access-key-id: ${{ secrets.S3_ACCESS_KEY }} + aws-secret-access-key: ${{ secrets.S3_SECRET_KEY }} + cloudflare-email: ${{ secrets.CF_EMAIL }} + cloudflare-token: ${{ secrets.CF_TOKEN }} - name: Roll SDK run: releng/deps.py roll sdk ios-${{ matrix.arch }} --activate + - name: Tear down environment + uses: ./.github/actions/teardown-macos-env toolchain-linux: - runs-on: ubuntu-latest strategy: matrix: arch: [x86, x86_64, armhf, arm64] fail-fast: false + runs-on: ubuntu-latest container: ghcr.io/frida/x-tools-linux-${{ matrix.arch }}:latest steps: - name: Check out repo @@ -128,20 +1638,20 @@ jobs: - name: Set up environment uses: ./.github/actions/setup-linux-env with: - aws-access-key-id: ${{ secrets.S3_ACCESS_KEY }} - aws-secret-access-key: ${{ secrets.S3_SECRET_KEY }} - cloudflare-email: ${{ secrets.CF_EMAIL }} - cloudflare-token: ${{ secrets.CF_TOKEN }} + aws-access-key-id: ${{ secrets.S3_ACCESS_KEY }} + aws-secret-access-key: ${{ secrets.S3_SECRET_KEY }} + cloudflare-email: ${{ secrets.CF_EMAIL }} + cloudflare-token: ${{ secrets.CF_TOKEN }} - name: Roll toolchain run: releng/deps.py roll toolchain linux-${{ matrix.arch }} sdk-linux: - runs-on: ubuntu-latest needs: toolchain-linux strategy: matrix: arch: [x86, x86_64, armhf, arm64, mips, mipsel, mips64, mips64el] fail-fast: false + runs-on: ubuntu-latest container: ghcr.io/frida/x-tools-linux-${{ matrix.arch }}:latest steps: - name: Check out repo @@ -149,10 +1659,10 @@ jobs: - name: Set up environment uses: ./.github/actions/setup-linux-env with: - aws-access-key-id: ${{ secrets.S3_ACCESS_KEY }} - aws-secret-access-key: ${{ secrets.S3_SECRET_KEY }} - cloudflare-email: ${{ secrets.CF_EMAIL }} - cloudflare-token: ${{ secrets.CF_TOKEN }} + aws-access-key-id: ${{ secrets.S3_ACCESS_KEY }} + aws-secret-access-key: ${{ secrets.S3_SECRET_KEY }} + cloudflare-email: ${{ secrets.CF_EMAIL }} + cloudflare-token: ${{ secrets.CF_TOKEN }} - name: Configure qemu-user if: ${{ !startsWith(matrix.arch, 'x86') }} run: echo "FRIDA_QEMU_SYSROOT=/opt/x-tools/$XTOOLS_HOST/$XTOOLS_HOST/sysroot" >> $GITHUB_ENV @@ -160,12 +1670,12 @@ jobs: run: releng/deps.py roll sdk linux-${{ matrix.arch }} --activate sdk-android-32: - runs-on: ubuntu-latest needs: toolchain-linux strategy: matrix: arch: [x86, arm] fail-fast: false + runs-on: ubuntu-latest container: ghcr.io/frida/x-tools-linux-x86:latest steps: - name: Check out repo @@ -173,10 +1683,10 @@ jobs: - name: Set up environment uses: ./.github/actions/setup-linux-env with: - aws-access-key-id: ${{ secrets.S3_ACCESS_KEY }} - aws-secret-access-key: ${{ secrets.S3_SECRET_KEY }} - cloudflare-email: ${{ secrets.CF_EMAIL }} - cloudflare-token: ${{ secrets.CF_TOKEN }} + aws-access-key-id: ${{ secrets.S3_ACCESS_KEY }} + aws-secret-access-key: ${{ secrets.S3_SECRET_KEY }} + cloudflare-email: ${{ secrets.CF_EMAIL }} + cloudflare-token: ${{ secrets.CF_TOKEN }} - name: Set up NDK id: setup-ndk uses: nttld/setup-ndk@v1 @@ -204,12 +1714,12 @@ jobs: FRIDA_BUILD_ARCH: x86 sdk-android-64: - runs-on: ubuntu-latest needs: toolchain-linux strategy: matrix: arch: [x86_64, arm64] fail-fast: false + runs-on: ubuntu-latest container: ghcr.io/frida/x-tools-linux-x86_64:latest steps: - name: Check out repo @@ -217,10 +1727,10 @@ jobs: - name: Set up environment uses: ./.github/actions/setup-linux-env with: - aws-access-key-id: ${{ secrets.S3_ACCESS_KEY }} - aws-secret-access-key: ${{ secrets.S3_SECRET_KEY }} - cloudflare-email: ${{ secrets.CF_EMAIL }} - cloudflare-token: ${{ secrets.CF_TOKEN }} + aws-access-key-id: ${{ secrets.S3_ACCESS_KEY }} + aws-secret-access-key: ${{ secrets.S3_SECRET_KEY }} + cloudflare-email: ${{ secrets.CF_EMAIL }} + cloudflare-token: ${{ secrets.CF_TOKEN }} - name: Set up NDK id: setup-ndk uses: nttld/setup-ndk@v1 @@ -245,91 +1755,3 @@ jobs: releng/deps.py roll sdk android-${{ matrix.arch }} --activate env: ANDROID_NDK_ROOT: ${{ steps.setup-ndk.outputs.ndk-path }} - - frida-freebsd-arm64: - runs-on: [self-hosted, freebsd, arm64] - steps: - - name: Initialize credentials - run: | - mkdir ~/.aws - ( - echo "[default]" - echo "aws_access_key_id = ${{ secrets.S3_ACCESS_KEY }}" - echo "aws_secret_access_key = ${{ secrets.S3_SECRET_KEY }}" - ) > ~/.aws/credentials - ( - echo "defaults:" - echo " domain: frida.re" - echo " email: ${{ secrets.CF_EMAIL }}" - echo " token: ${{ secrets.CF_TOKEN }}" - ) > ~/.cfcli.yml - echo "//registry.npmjs.org/:_authToken=${{ secrets.NPM_TOKEN }}" > ~/.npmrc - - name: Checkout monorepo - uses: actions/checkout@v3 - with: - fetch-depth: 0 - submodules: true - - name: Roll toolchain - run: releng/deps.py roll toolchain freebsd-arm64 --activate - - name: Roll SDK - run: releng/deps.py roll sdk freebsd-arm64 - - name: Build Gum - run: make gum - - name: Test Gum - run: make check-gum - - name: Build Core - run: make core - - name: Test Core - run: make check-core - - name: Build Python Bindings - run: make python - - name: Test Python Bindings - run: make check-python - - name: Build Node.js Bindings - run: make node - - name: Test Node.js Bindings - run: make check-node - - name: Release - run: releng/release.py freebsd-arm64 - env: - GITHUB_TOKEN: ${{ github.token }} - TWINE_USERNAME: ${{ secrets.TWINE_USERNAME }} - TWINE_PASSWORD: ${{ secrets.TWINE_PASSWORD }} - - frida-qnx: - runs-on: ubuntu-latest - needs: sdk-linux - container: ghcr.io/frida/qnx-tools:latest - steps: - - name: Check out repo - uses: actions/checkout@v3 - with: - fetch-depth: 0 - submodules: true - - name: Set up environment - uses: ./.github/actions/setup-linux-env - with: - aws-access-key-id: ${{ secrets.S3_ACCESS_KEY }} - aws-secret-access-key: ${{ secrets.S3_SECRET_KEY }} - cloudflare-email: ${{ secrets.CF_EMAIL }} - cloudflare-token: ${{ secrets.CF_TOKEN }} - - name: Roll SDK - run: releng/deps.py roll sdk qnx-armeabi - - name: Build - run: make core-qnx-armeabi - - name: Test Gum - run: | - tar -C build/tmp_thin-qnx-armeabi/frida-gum/tests -cf /tmp/runner.tar gum-tests data/ - /opt/sabrelite/run.sh /tmp/runner.tar /opt/frida/gum-tests - - name: Test Core - run: | - mkdir -p /tmp/pkg - cd build/tmp_thin-qnx-armeabi/frida-core - cp -a tests/frida-tests tests/labrats/ lib/agent/frida-agent.so /tmp/pkg - tar -C /tmp/pkg -cf /tmp/runner.tar . - /opt/sabrelite/run.sh /tmp/runner.tar /opt/frida/frida-tests - continue-on-error: true - - name: Release - run: releng/release.py qnx - env: - GITHUB_TOKEN: ${{ github.token }} diff --git a/releng/frida_version.py b/releng/frida_version.py index e4811c724..f79509a3e 100755 --- a/releng/frida_version.py +++ b/releng/frida_version.py @@ -51,4 +51,4 @@ def detect() -> FridaVersion: if __name__ == "__main__": - print(f"FRIDA_VERSION={detect().name}") + print(detect().name) diff --git a/releng/package-cirrus-ci-artifacts.sh b/releng/package-cirrus-ci-artifacts.sh new file mode 100755 index 000000000..c990e1a1f --- /dev/null +++ b/releng/package-cirrus-ci-artifacts.sh @@ -0,0 +1,116 @@ +#!/bin/bash + +sha=$1 +if [ -z "$sha" ]; then + echo "Usage: $0 " > /dev/stderr + exit 1 +fi + +set -e + +build_id="" +while [ -z "$build_id" ]; do + response=$(curl https://api.cirrus-ci.com/graphql --silent --data \ + '{ + "query": "query BuildBySHAQuery($owner: String!, $name: String!, $SHA: String) { searchBuilds(repositoryOwner: $owner, repositoryName: $name, SHA: $SHA) { id, status } }", + "variables": { + "owner": "frida", + "name": "frida", + "SHA": "'$sha'" + } + }' + ); + pending=0 + errors=0 + for build in $(echo $response | jq -r '.data.searchBuilds[] | { id, status } | join("|")'); do + id=$(echo $build | cut -d'|' -f1) + status=$(echo $build | cut -d'|' -f2) + case $status in + COMPLETED) + build_id=$id + ;; + FAILED|ABORTED|ERRORED) + errors=$((errors+1)) + ;; + *) + pending=$((pending+1)) + ;; + esac + done + if [ -z "$build_id" ]; then + if [ $errors -gt 0 ] && [ $pending -eq 0 ]; then + echo "Cirrus CI build failed :(" > /dev/stderr + exit 1 + else + echo "Cirrus CI build not yet completed. Checking back in 5 minutes." + sleep 300 + fi + fi +done + +output_dir=$PWD/build/release-assets +mkdir -p "$output_dir" + +export XZ_OPT="-T 0" + +for task in freebsd_x86_64; do + host=$(echo $task | sed -e 's,_,-,') + + enter_artifact () + { + local name=$1 + rm -rf build/pkg + mkdir -p build/pkg + pushd build/pkg > /dev/null + local url=https://api.cirrus-ci.com/v1/artifact/build/$build_id/${name}_${task}.zip + echo "Processing $url" + curl $url -sLo artifact.zip + unzip -qq artifact.zip + rm artifact.zip + } + + leave_artifact () + { + popd > /dev/null + rm -rf build/pkg + } + + for component in gum gumjs core; do + enter_artifact frida_${component}_devkit + + mv build/devkits/$component/* . + rm -rf build + tar -cJf "$output_dir/frida-$component-devkit-$host.tar.xz" . + + leave_artifact + done + + for component in server portal inject gadget; do + enter_artifact frida_${component} + + readarray -t files < <(find . -type f) + n=${#files[@]} + if [ $n -ne 1 ]; then + echo "The frida-$component artifact should only contain a single file" > /dev/stderr + exit 1 + fi + file=${files[0]} + name=$(basename $file) + if echo $name | grep -q '\.'; then + extension=".$(echo $name | cut -d'.' -f2-).xz" + else + extension=".xz" + fi + xz -c -T 0 "$file" > "$output_dir/frida-$component-$host$extension" + + leave_artifact + done + + enter_artifact frida_python + mv build/wheels/* "$output_dir" + leave_artifact + + enter_artifact frida_node + mv frida-node/prebuilds/* "$output_dir" + leave_artifact +done diff --git a/releng/rename-release-assets.sh b/releng/rename-release-assets.sh new file mode 100755 index 000000000..69181cd37 --- /dev/null +++ b/releng/rename-release-assets.sh @@ -0,0 +1,29 @@ +#!/bin/bash + +if [ -z "$FRIDA_VERSION" ]; then + echo "FRIDA_VERSION must be set" > /dev/stderr + exit 1 +fi + +set -e + +cd build/release-assets +for name in *; do + if echo $name | grep -q $FRIDA_VERSION; then + continue + fi + case $name in + frida-*-devkit-*) + new_name=$(echo $name | sed -e "s,devkit-,devkit-$FRIDA_VERSION-,") + ;; + frida-server-*|frida-portal-*|frida-inject-*|frida-gadget-*|frida-swift-*|frida-clr-*|frida-qml-*|gum-graft-*) + new_name=$(echo $name | sed -E -e "s,^(frida|gum)-([^-]+),\\1-\\2-$FRIDA_VERSION,") + ;; + *) + new_name="" + ;; + esac + if [ -n "$new_name" ]; then + mv -v $name $new_name + fi +done