diff --git a/.github/workflows/virustotal_scan.yml b/.github/workflows/virustotal_scan.yml index e59732075..88ec7f7e9 100644 --- a/.github/workflows/virustotal_scan.yml +++ b/.github/workflows/virustotal_scan.yml @@ -19,11 +19,9 @@ jobs: - name: Download Release Assets env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - TAG: ${{ github.event.release.tag_name }} run: | - echo "Downloading release tag $TAG" mkdir -p release_assets - gh release download "$TAG" --dir release_assets --pattern "*.apk" + gh release download ${{ github.event.release.tag_name }} --dir release_assets --pattern "*.apk" ls -l release_assets - name: Install VirusTotal CLI @@ -47,7 +45,7 @@ jobs: scan_id=$(vt scan file "$apk" -k $VT_API_KEY | awk '{print $2}') echo "Scan ID: $scan_id" - for i in {1..15}; do + for i in {1..20}; do sleep 15 analysis_json=$(vt analysis report "$scan_id" -k $VT_API_KEY --format json) status=$(echo "$analysis_json" | jq -r '.[0].status') @@ -59,6 +57,7 @@ jobs: if [ "$status" != "completed" ]; then echo " - [![VT](https://badges.cssnr.com/vt/id/$sha256?end=red&n=1) $filename](https://www.virustotal.com/gui/file/$sha256) — BAD ❌ (analysis incomplete)" >> vt_report.txt + break elif [ "$malicious" -gt 0 ]; then echo " - [![VT](https://badges.cssnr.com/vt/id/$sha256?end=red&n=1) $filename](https://www.virustotal.com/gui/file/$sha256) — BAD ❌" >> vt_report.txt else @@ -68,17 +67,12 @@ jobs: - name: Update Release with Quick Report env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} # <-- обязательно TAG: ${{ github.event.release.tag_name }} + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} # <-- mandatory run: | gh release view "$TAG" --json body -q .body > current_notes.txt cat vt_report.txt >> current_notes.txt gh release edit "$TAG" --notes-file current_notes.txt - name: Done - env: - TAG: ${{ github.event.release.tag_name }} - run: | - echo "VirusTotal quick scan finished and report added to release $TAG" - - + run: echo "VirusTotal quick scan finished and report added to release."