wisdark
diff --git a/‎.github/workflows/go_dev.yml‎
Lines changed: 68 additions & 0 deletions b/‎.github/workflows/go_dev.yml‎
Lines changed: 68 additions & 0 deletions
diff --git a/‎.github/workflows/go_main.yml‎
Lines changed: 73 additions & 0 deletions b/‎.github/workflows/go_main.yml‎
Lines changed: 73 additions & 0 deletions
diff --git a/‎.github/workflows/qodana.yml‎
Lines changed: 37 additions & 0 deletions b/‎.github/workflows/qodana.yml‎
Lines changed: 37 additions & 0 deletions
diff --git a/‎.github/workflows/qodana_pr.yml‎
Lines changed: 33 additions & 0 deletions b/‎.github/workflows/qodana_pr.yml‎
Lines changed: 33 additions & 0 deletions
diff --git a/‎.github/workflows/release.yml‎
Lines changed: 109 additions & 0 deletions b/‎.github/workflows/release.yml‎
Lines changed: 109 additions & 0 deletions
@@ -0,0 +1,68 @@
+# This workflow will build a golang project
+# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-go
+
+name: "Scan, Build, & Test: Development Work"
+
+on:
+  push:
+    branches-ignore:
+      - main
+    paths-ignore:
+      - '.github/**'
+      - 'data/**'
+      - 'docs/**'
+      - '.gitattributes'
+      - '.gitignore'
+      - '.gitmodules'
+      - 'LICENSE'
+      - 'README.MD'
+  pull_request:
+
+jobs:
+
+  build:
+    name: 'Code Quality Scan & Build: Development Work'
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Repository
+        id: checkout
+        uses: actions/checkout@v4
+
+      - name: Set up Go
+        uses: actions/setup-go@v4
+        with:
+          go-version: '1.21'
+
+      - name: 'Build Merlin Server'
+        id: build
+        run: 'make distro'
+
+      - name: 'Test Merlin Server'
+        id: test
+        run: 'go test ./...'
+
+      - name: GoVulnCheck
+        id: govulncheck
+        uses: golang/govulncheck-action@v1
+        with:
+          go-version-input: '1.21'
+          go-package: './...'
+
+      - name: Gosec Security Scanner
+        id: gosec
+        uses: securego/gosec@master
+        with:
+          args: ./...
+
+      - name: Go Report Card - Install
+        id: goreportcard_install
+        working-directory: /tmp
+        run: |
+          git clone https://github.com/gojp/goreportcard.git
+          cd goreportcard
+          make install
+          go install ./cmd/goreportcard-cli
+
+      - name: Go Report Card - Run
+        id: goreportcard_run
+        run: 'goreportcard-cli -v' # This renames the files in the ./rpc directory to *.grc.bak causing builds to fail
@@ -0,0 +1,73 @@
+# This workflow will build a golang project
+# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-go
+
+name: "Scan, Build, & Test: Main"
+
+on:
+  push:
+    branches:
+      - main
+    paths-ignore:
+      - '.github/**'
+      - 'data/**'
+      - 'docs/**'
+      - '.gitattributes'
+      - '.gitignore'
+      - '.gitmodules'
+      - 'LICENSE'
+      - 'README.MD'
+
+jobs:
+
+  build:
+    name: 'Code Quality Scan & Build: main'
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Repository
+        id: checkout
+        uses: actions/checkout@v4
+
+      - name: Set up Go
+        uses: actions/setup-go@v4
+        with:
+          go-version: '1.21'
+
+      - name: 'Build Merlin Server'
+        id: build
+        run: 'make distro'
+
+      - name: 'Test Merlin Server'
+        id: test
+        run: 'go test ./...'
+
+      - name: GoVulnCheck
+        id: govulncheck
+        uses: golang/govulncheck-action@v1
+        with:
+          go-version-input: '1.21'
+          go-package: './...'
+
+      - name: Gosec Security Scanner
+        id: gosec
+        uses: securego/gosec@master
+        with:
+          args: '-fmt sarif -out gosec.sarif ./...'
+
+      - name: Upload Gosec SARIF file
+        id: gosec_upload_sarif
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: gosec.sarif
+
+      - name: Go Report Card - Install
+        id: goreportcard_install
+        working-directory: /tmp
+        run: |
+          git clone https://github.com/gojp/goreportcard.git
+          cd goreportcard
+          make install
+          go install ./cmd/goreportcard-cli
+
+      - name: Go Report Card - Run
+        id: goreportcard_run
+        run: 'goreportcard-cli -v' # This renames the files in the ./rpc directory to *.grc.bak causing builds to fail
@@ -0,0 +1,37 @@
+name: "Qodana: Push"
+
+on:
+  workflow_dispatch:
+  push:
+    paths-ignore:
+      - '.github/**'
+      - 'data/**'
+      - 'docs/**'
+      - '.gitattributes'
+      - '.gitignore'
+      - '.gitmodules'
+      - 'qodana.yaml'
+      - 'qodana.sarif.json'
+      - 'LICENSE'
+      - 'README.MD'
+
+
+jobs:
+  qodana:
+    name: 'Qodana Job'
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      pull-requests: write
+      checks: write
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          ref: ${{ github.event.pull_request.head.sha }}  # to check out the actual pull request commit, not the merge commit
+          fetch-depth: 0  # a full history is required for pull request analysis
+      - name: 'Qodana Scan'
+        uses: JetBrains/[email protected]
+        with:
+          args: --baseline,.qodana/qodana.sarif.json
+        env:
+          QODANA_TOKEN: ${{ secrets.QODANA_TOKEN }}
@@ -0,0 +1,33 @@
+name: "Qodana: Pull Request"
+
+on:
+  workflow_dispatch:
+  pull_request:
+    paths-ignore:
+      - '.github/**'
+      - 'data/**'
+      - 'docs/**'
+      - '.gitattributes'
+      - '.gitignore'
+      - '.gitmodules'
+      - 'LICENSE'
+      - 'README.MD'
+
+jobs:
+  qodana:
+    name: 'Qodana Job'
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      pull-requests: write
+      checks: write
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          ref: ${{ github.event.pull_request.head.sha }}  # to check out the actual pull request commit, not the merge commit
+          fetch-depth: 0  # a full history is required for pull request analysis
+      - name: 'Qodana Scan'
+        uses: JetBrains/[email protected]
+        with:
+          args: --baseline,.qodana/qodana.sarif.json
+          pr-mode: false
@@ -0,0 +1,109 @@
+name: "Merlin Server Release"
+
+on:
+  push:
+    tags:
+      - 'v*.*.*'
+
+jobs:
+  release:
+    name: 'Release Job'
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Merlin
+        id: checkout_merlin
+        uses: actions/checkout@v4
+
+      - name: Checkout Merlin-Agent
+        id: checkout_merlin_agent
+        run: git clone https://github.com/Ne0nd0g/merlin-agent.git /home/runner/work/merlin-agent
+
+      - name: Checkout Merlin-Agent-DLL
+        id: checkout_merlin_agent_dll
+        run: git clone https://github.com/Ne0nd0g/merlin-agent-dll.git /home/runner/work/merlin-agent-dll
+
+      - name: Checkout Merlin CLI
+        id: checkout_merlin_cli
+        run: git clone https://github.com/Ne0nd0g/merlin-cli.git /home/runner/work/merlin-cli
+
+      - name: Set up Go
+        id: setup_go
+        uses: actions/setup-go@v4
+        with:
+          go-version: '1.21'
+
+        # Need 7zip installed to package up the release
+      - name: Install 7zip
+        id: install_7zip
+        run: sudo apt-get install p7zip-full
+
+        # Need MingGW installed to build the Agent DLL
+      - name: Install MingGW
+        id: install_mingw
+        run: sudo apt-get install -y -q mingw-w64
+
+      - name: Build Merlin Agents
+        id: build_agents
+        working-directory: /home/runner/work/merlin-agent
+        run: |
+          VERSION=$(cat ./core/core.go |grep "var Version ="|cut -d"\"" -f2)
+          BUILD=$(git rev-parse HEAD)
+          DIR=bin/v${VERSION}/${BUILD}
+          make all
+          mv $DIR/merlinAgent-* .
+
+      - name: Build Merlin Agent DLL
+        id: build_agent_dll
+        working-directory: /home/runner/work/merlin-agent-dll
+        run: make default
+
+      - name: Move Agents
+        id: move_agents
+        working-directory: /home/runner/work/merlin/merlin
+        run: |
+          mkdir -p data/bin
+          cp /home/runner/work/merlin-agent/merlinAgent-* ./data/bin
+          cp /home/runner/work/merlin-agent-dll/merlin.dll ./data/bin
+
+      - name: Build Merlin CLI
+        id: build_cli
+        working-directory: /home/runner/work/merlin-cli
+        run: make release
+
+      - name: Move Merlin CLI
+        id: move_cli
+        working-directory: /home/runner/work/merlin/merlin
+        run: |
+          cp /home/runner/work/merlin-cli/merlinCLI-* ./data/bin
+
+      - name: Build Merlin Server
+        id: build_server
+        working-directory: /home/runner/work/merlin/merlin
+        run: make distro
+
+      - name: Package Release
+        id: package_release
+        working-directory: /home/runner/work/merlin/merlin
+        run: |
+          VERSION=$(cat pkg/merlin.go |grep "const Version ="|cut -d"\"" -f2)
+          BUILD=$(git rev-parse HEAD)
+          DIR=data/temp/v${VERSION}/${BUILD}
+          cp docs/CHANGELOG.MD .
+          cp $DIR/merlinServer* .
+          F="LICENSE data/modules CHANGELOG.MD data/README.MD data/agents/README.MD data/log/README.MD data/x509 data/src data/bin"
+          7za a -pmerlin -mhe -mx=9 merlinServer-Linux-x64.7z $F merlinServer-Linux-x64
+          7za a -pmerlin -mhe -mx=9 merlinServer-Darwin-x64.7z $F merlinServer-Darwin-x64
+          7za a -pmerlin -mhe -mx=9 merlinServer-Windows-x64.7z $F merlinServer-Windows-x64.exe
+
+      - name: Create Draft Release
+        id: create_draft_release
+        uses: ncipollo/release-action@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          tag: ${{ github.ref_name }}
+          name: ${{ github.ref_name }}
+          draft: true
+          prerelease: false
+          artifactErrorsFailBuild: true
+          artifacts: '*.7z'