I have to use some actions from v3 apparently

adding virus total check
whoopsie
2025-07-30 18:14:21 -03:00 · 2025-07-30 18:08:27 -03:00 · 2025-07-30 17:40:30 -03:00 · 2025-07-30 17:40:02 -03:00
4 changed files with 214 additions and 28 deletions
--- a/.gitea/workflows/main.yaml
+++ b/.gitea/workflows/main.yaml
@@ -4,8 +4,6 @@ on:
  push:
    branches:
      - main
-    tags:
-      - v*

 jobs:
  build:
@@ -18,29 +16,3 @@ jobs:
        run: npm install
      - name: Run build
        run: npm run build
-
-  release:
-    if: gitea.event_name == 'tag'
-    runs-on: ubuntu-latest
-    steps:
-      - name: Check out repository code
-        uses: actions/checkout@v4
-      - name: Setup zip
-        run: sudo apt-get install zip -y
-      - name: Install JS dependencies
-        run: npm install
-      - name: Run build
-        run: npm run build
-      - name: Prepare release
-        run: | 
-          bash scripts/prepare_release.sh
-          mv dist vision-start/
-          mv manifest.json vision-start/
-      - name: Create zip archive
-        run: zip -r vision-start-${{ gitea.ref_name }}.zip vision-start
-      - name: Release zip
-        uses: akkuman/gitea-release-action@v1
-        with:
-          name: ${{ gitea.ref_name }}
-          tag_name: ${{ gitea.ref_name }}
-          files: vision-start-${{ gitea.ref_name }}.zip
--- a/.gitea/workflows/release.yaml
+++ b/.gitea/workflows/release.yaml
@@ -0,0 +1,90 @@
+name: Build and Release
+
+on:
+  push:
+    tags:
+      - v*
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    outputs:
+      zip-file: vision-start-${{ gitea.ref_name }}.zip
+    steps:
+      - name: Check out repository code
+        uses: actions/checkout@v4
+      - name: Setup required tools
+        run: sudo apt-get install zip jq curl -y
+      - name: Install JS dependencies
+        run: npm install
+      - name: Run build
+        run: npm run build
+      - name: Prepare release
+        run: | 
+          bash scripts/prepare_release.sh
+          mv dist vision-start/
+          mv manifest.json vision-start/
+      - name: Create zip archive
+        run: zip -r vision-start-${{ gitea.ref_name }}.zip vision-start
+      - name: Upload artifact
+        uses: actions/upload-artifact@v3
+        with:
+          name: release-zip
+          path: vision-start-${{ gitea.ref_name }}.zip
+
+  virus-total-check:
+    runs-on: ubuntu-latest
+    needs: build
+    outputs:
+      analysis-url: ${{ steps.vt-check.outputs.analysis-url }}
+      detection-ratio: ${{ steps.vt-check.outputs.detection-ratio }}
+    steps:
+      - name: Check out repository code
+        uses: actions/checkout@v4
+      - name: Setup required tools
+        run: sudo apt-get install jq curl -y
+      - name: Download artifact
+        uses: actions/download-artifact@v3
+        with:
+          name: release-zip
+      - name: Run VirusTotal check
+        id: vt-check
+        env:
+          virustotal_apikey: ${{ secrets.VIRUSTOTAL_APIKEY }}
+          VIRUS_TOTAL_FILE: vision-start-${{ gitea.ref_name }}.zip
+        run: |
+          # Run the VirusTotal check script and capture output
+          bash scripts/check_virustotal.sh > vt_output.txt 2>&1
+          
+          # Extract analysis URL and detection ratio from output
+          ANALYSIS_URL=$(grep "Analysis URL:" vt_output.txt | cut -d' ' -f3- || echo "Not available")
+          DETECTION_RATIO=$(grep "Detection ratio:" vt_output.txt | cut -d' ' -f3- || echo "Not available")
+          
+          # Set outputs for next job
+          echo "analysis-url=$ANALYSIS_URL" >> $GITEA_OUTPUT
+          echo "detection-ratio=$DETECTION_RATIO" >> $GITEA_OUTPUT
+          
+          # Display the full output
+          cat vt_output.txt
+
+  release:
+    runs-on: ubuntu-latest
+    needs: [build, virus-total-check]
+    steps:
+      - name: Check out repository code
+        uses: actions/checkout@v4
+      - name: Download artifact
+        uses: actions/download-artifact@v3
+        with:
+          name: release-zip
+      - name: Release zip
+        uses: akkuman/gitea-release-action@v1
+        with:
+          body: |
+            This is the release for version ${{ gitea.ref_name }}.
+            
+            **Virus Total Analysis URL:** ${{ needs.virus-total-check.outputs.analysis-url }}
+            **Virus Total Detection Ratio:** ${{ needs.virus-total-check.outputs.detection-ratio }}
+          name: ${{ gitea.ref_name }}
+          tag_name: ${{ gitea.ref_name }}
+          files: vision-start-${{ gitea.ref_name }}.zip
--- a/README.md
+++ b/README.md
@@ -7,6 +7,17 @@
 ![Editing page with Abstract Red background](screenshots/editing-abstract-red.png)
 ![Configuration Tab opened](screenshots/configuration-abstract-red.png)

+## Installing
+
+Vision Start is not yet available on Chrome Web Store, but it can be installed manually:
+1. Go to https://git.ivanch.me/ivanch/vision-start/releases/latest
+2. Download the latest `vision-start-[version].zip` file
+3. Extract the zip file, you will have a `vision-start` folder
+4. Go to chrome://extensions/
+5. Enable "Developer mode" in the top right corner
+6. Click on "Load unpacked" and select the `vision-start` folder you extracted in step 3
+7. The extension should now be installed! Just open a new tab to see it in action.
+
 ## Backgrounds

 It comes with a selection of some nice pre-defined backgrounds. You can also upload up to one image to it.
--- a/scripts/check_virustotal.sh
+++ b/scripts/check_virustotal.sh
@@ -0,0 +1,113 @@
+#!/bin/bash
+
+# Script to check a file against VirusTotal API
+# Requires: curl, jq
+# Environment variable: virustotal_apikey
+
+set -e
+
+# Configuration
+FILE_PATH="${VIRUS_TOTAL_FILE:-vision-start.zip}"
+API_KEY="${virustotal_apikey}"
+BASE_URL="https://www.virustotal.com/vtapi/v2"
+
+# Check if API key is set
+if [ -z "$API_KEY" ]; then
+    echo "Error: virustotal_apikey environment variable is not set"
+    exit 1
+fi
+
+# Check if file exists
+if [ ! -f "$FILE_PATH" ]; then
+    echo "Error: File $FILE_PATH not found"
+    exit 1
+fi
+
+# Check if required tools are available
+if ! command -v curl &> /dev/null; then
+    echo "Error: curl is required but not installed"
+    exit 1
+fi
+
+if ! command -v jq &> /dev/null; then
+    echo "Error: jq is required but not installed"
+    exit 1
+fi
+
+echo "Uploading $FILE_PATH to VirusTotal for analysis..."
+
+# Upload file to VirusTotal
+UPLOAD_RESPONSE=$(curl -s -X POST \
+    -F "apikey=$API_KEY" \
+    -F "file=@$FILE_PATH" \
+    "$BASE_URL/file/scan")
+
+# Extract scan_id from response
+SCAN_ID=$(echo "$UPLOAD_RESPONSE" | jq -r '.scan_id')
+
+if [ "$SCAN_ID" == "null" ] || [ -z "$SCAN_ID" ]; then
+    echo "Error: Failed to upload file or get scan ID"
+    echo "Response: $UPLOAD_RESPONSE"
+    exit 1
+fi
+
+echo "File uploaded successfully. Scan ID: $SCAN_ID"
+echo "Waiting for analysis to complete..."
+
+# Wait for analysis to complete and get results
+MAX_ATTEMPTS=30
+ATTEMPT=0
+SLEEP_INTERVAL=10
+
+while [ $ATTEMPT -lt $MAX_ATTEMPTS ]; do
+    echo "Checking analysis status (attempt $((ATTEMPT + 1))/$MAX_ATTEMPTS)..."
+    
+    # Get scan report
+    REPORT_RESPONSE=$(curl -s -X POST \
+        -d "apikey=$API_KEY" \
+        -d "resource=$SCAN_ID" \
+        "$BASE_URL/file/report")
+    
+    # Check if analysis is complete
+    RESPONSE_CODE=$(echo "$REPORT_RESPONSE" | jq -r '.response_code')
+    
+    if [ "$RESPONSE_CODE" == "1" ]; then
+        # Analysis complete
+        echo "Analysis completed!"
+        
+        # Extract results
+        POSITIVES=$(echo "$REPORT_RESPONSE" | jq -r '.positives')
+        TOTAL=$(echo "$REPORT_RESPONSE" | jq -r '.total')
+        PERMALINK=$(echo "$REPORT_RESPONSE" | jq -r '.permalink')
+        
+        echo "Analysis URL: $PERMALINK"
+        echo "Detection ratio: $POSITIVES/$TOTAL"
+        
+        # Check if file is safe
+        if [ "$POSITIVES" -eq 0 ]; then
+            echo "✅ File is clean (no threats detected)"
+            exit 0
+        else
+            echo "❌ File contains threats ($POSITIVES detections out of $TOTAL scanners)"
+            exit 1
+        fi
+    elif [ "$RESPONSE_CODE" == "0" ]; then
+        # File not found or analysis not complete yet
+        echo "Analysis still in progress..."
+    elif [ "$RESPONSE_CODE" == "-2" ]; then
+        # Still queued for analysis
+        echo "File still queued for analysis..."
+    else
+        echo "Unexpected response code: $RESPONSE_CODE"
+        echo "Response: $REPORT_RESPONSE"
+        exit 1
+    fi
+    
+    ATTEMPT=$((ATTEMPT + 1))
+    if [ $ATTEMPT -lt $MAX_ATTEMPTS ]; then
+        sleep $SLEEP_INTERVAL
+    fi
+done
+
+echo "Timeout: Analysis did not complete within expected time"
+exit 1
Author	SHA1	Message	Date
José Henrique	9b818b05f9	I have to use some actions from v3 apparently All checks were successful Build and Release / build (push) Successful in 26s Details Build and Release / virus-total-check (push) Successful in 51s Details Build and Release / release (push) Successful in 5s Details	2025-07-30 18:14:21 -03:00
José Henrique	008d2321e5	adding virus total check Some checks failed Build and Release / build (push) Failing after 26s Details Build and Release / virus-total-check (push) Has been skipped Details Build and Release / release (push) Has been skipped Details	2025-07-30 18:08:27 -03:00
José Henrique	3aff7ffed6	whoopsie All checks were successful Build and Release / build (push) Successful in 12s Details Build and Release / release (push) Successful in 12s Details	2025-07-30 17:40:30 -03:00
José Henrique	9e80818fc5	redoing pipelines All checks were successful Build and Release / build (push) Successful in 11s Details Build and Release / release (push) Has been skipped Details	2025-07-30 17:40:02 -03:00