fix(ci): rewrite release notes generation - use direct echo instead o… #60

Workflow file for this run

.github/workflows/release.yml at 6c3a70a

	name: Build and Release

	on:
	push:
	tags:
	# 匹配包含 release 和版本号的 tag
	# 例如: release-v1.0.0, release-1.2.3, v1.0.0-release
	- 'release-v[0-9]+.[0-9]+.[0-9]+*'
	- 'v[0-9]+.[0-9]+.[0-9]+-release*'
	- 'release/v[0-9]+.[0-9]+.[0-9]+*'

	env:
	PYTHON_VERSION: '3.13'
	NODE_VERSION: '20'
	JAVA_VERSION_LEGACY: '11'
	JAVA_VERSION_MONTOYA: '17'
	PNPM_VERSION: '9'

	jobs:
	# ============================================
	# 构建前端
	# ============================================
	build-frontend:
	name: Build Frontend
	runs-on: ubuntu-latest
	steps:
	- name: Checkout repository
	uses: actions/checkout@v4
	with:
	submodules: recursive

	- name: Setup pnpm
	uses: pnpm/action-setup@v4
	with:
	version: ${{ env.PNPM_VERSION }}

	- name: Setup Node.js
	uses: actions/setup-node@v4
	with:
	node-version: ${{ env.NODE_VERSION }}
	cache: 'pnpm'
	cache-dependency-path: src/frontEnd/pnpm-lock.yaml

	- name: Install dependencies
	working-directory: src/frontEnd
	run: pnpm install --frozen-lockfile

	- name: Build frontend
	working-directory: src/frontEnd
	run: pnpm build

	- name: Upload frontend artifacts
	uses: actions/upload-artifact@v4
	with:
	name: frontend-dist
	path: src/backEnd/static
	retention-days: 1

	# ============================================
	# 构建 Burp Suite 插件 (Legacy API - Java 11)
	# ============================================
	build-burp-legacy:
	name: Build Burp Plugin (Legacy API)
	runs-on: ubuntu-latest
	steps:
	- name: Checkout repository
	uses: actions/checkout@v4

	- name: Setup Java ${{ env.JAVA_VERSION_LEGACY }}
	uses: actions/setup-java@v4
	with:
	distribution: 'temurin'
	java-version: ${{ env.JAVA_VERSION_LEGACY }}
	cache: 'maven'

	- name: Build with Maven
	working-directory: src/burpEx/legacy-api
	run: mvn clean package -DskipTests -B

	- name: Upload Burp Legacy Plugin
	uses: actions/upload-artifact@v4
	with:
	name: burp-plugin-legacy
	path: src/burpEx/legacy-api/target/sqlmap-webui-burp-legacy-*-jar-with-dependencies.jar
	retention-days: 1

	# ============================================
	# 构建 Burp Suite 插件 (Montoya API - Java 17)
	# ============================================
	build-burp-montoya:
	name: Build Burp Plugin (Montoya API)
	runs-on: ubuntu-latest
	steps:
	- name: Checkout repository
	uses: actions/checkout@v4

	- name: Setup Java ${{ env.JAVA_VERSION_MONTOYA }}
	uses: actions/setup-java@v4
	with:
	distribution: 'temurin'
	java-version: ${{ env.JAVA_VERSION_MONTOYA }}
	cache: 'maven'

	- name: Build with Maven
	working-directory: src/burpEx/montoya-api
	run: mvn clean package -DskipTests -B

	- name: Upload Burp Montoya Plugin
	uses: actions/upload-artifact@v4
	with:
	name: burp-plugin-montoya
	path: src/burpEx/montoya-api/target/sqlmap-webui-burp-montoya-*.jar
	if-no-files-found: error
	retention-days: 1

	# ============================================
	# 打包后端应用（包含前端）
	# ============================================
	build-backend:
	name: Build Backend Application
	runs-on: ubuntu-latest
	needs: build-frontend
	steps:
	- name: Checkout repository
	uses: actions/checkout@v4
	with:
	submodules: recursive

	- name: Download frontend artifacts
	uses: actions/download-artifact@v4
	with:
	name: frontend-dist
	path: src/backEnd/static

	- name: Setup Python
	uses: actions/setup-python@v5
	with:
	python-version: ${{ env.PYTHON_VERSION }}

	- name: Install uv
	uses: astral-sh/setup-uv@v4
	with:
	version: "latest"

	- name: Create backend package
	run: \|
	# 获取版本号
	VERSION=${GITHUB_REF_NAME}
	VERSION=${VERSION#release-}
	VERSION=${VERSION#v}
	VERSION=${VERSION%-release}
	echo "VERSION=$VERSION" >> $GITHUB_ENV

	# 创建打包目录
	mkdir -p dist/sqlmapwebui-$VERSION

	# 复制后端代码
	cp -r src/backEnd/* dist/sqlmapwebui-$VERSION/

	# 清理不需要的文件
	rm -rf dist/sqlmapwebui-$VERSION/__pycache__
	rm -rf dist/sqlmapwebui-$VERSION/**/__pycache__
	rm -rf dist/sqlmapwebui-$VERSION/.env
	rm -rf dist/sqlmapwebui-$VERSION/tests
	rm -rf dist/sqlmapwebui-$VERSION/uv.lock

	# 创建启动脚本 (Linux/Mac)
	cat > dist/sqlmapwebui-$VERSION/start.sh << 'EOF'
	#!/bin/bash
	cd "$(dirname "$0")"

	# 检查是否安装了 uv
	if ! command -v uv &> /dev/null; then
	echo "Installing uv..."
	curl -LsSf https://astral.sh/uv/install.sh \| sh
	source $HOME/.local/bin/env
	fi

	# 同步依赖
	echo "Syncing dependencies..."
	uv sync --extra thirdparty

	# 启动服务
	echo "Starting SQLMap WebUI..."
	uv run python main.py
	EOF
	chmod +x dist/sqlmapwebui-$VERSION/start.sh

	# 创建启动脚本 (Windows)
	cat > dist/sqlmapwebui-$VERSION/start.bat << 'EOF'
	@echo off
	cd /d "%~dp0"

	echo Checking uv installation...
	where uv >nul 2>nul
	if %errorlevel% neq 0 (
	echo Installing uv...
	powershell -ExecutionPolicy Bypass -Command "irm https://astral.sh/uv/install.ps1 \| iex"
	)

	echo Syncing dependencies...
	uv sync --extra thirdparty

	echo Starting SQLMap WebUI...
	uv run python main.py
	EOF

	# 创建 zip 包
	cd dist
	zip -r sqlmapwebui-$VERSION.zip sqlmapwebui-$VERSION

	- name: Upload backend package
	uses: actions/upload-artifact@v4
	with:
	name: backend-package
	path: dist/sqlmapwebui-*.zip
	retention-days: 1

	# ============================================
	# 打包靶场应用
	# ============================================
	build-vulnlab:
	name: Build Vulnerability Lab
	runs-on: ubuntu-latest
	steps:
	- name: Checkout repository
	uses: actions/checkout@v4

	- name: Create vulnlab package
	run: \|
	# 获取版本号
	VERSION=${GITHUB_REF_NAME}
	VERSION=${VERSION#release-}
	VERSION=${VERSION#v}
	VERSION=${VERSION%-release}
	echo "VERSION=$VERSION" >> $GITHUB_ENV

	# 创建打包目录
	mkdir -p dist/vulnTestServer-$VERSION

	# 复制靶场代码
	cp -r src/vulnTestServer/* dist/vulnTestServer-$VERSION/

	# 清理不需要的文件
	rm -rf dist/vulnTestServer-$VERSION/__pycache__
	rm -rf dist/vulnTestServer-$VERSION/**/__pycache__
	rm -rf dist/vulnTestServer-$VERSION/data/*.db

	# 创建启动脚本 (Linux/Mac)
	cat > dist/vulnTestServer-$VERSION/start.sh << 'EOF'
	#!/bin/bash
	cd "$(dirname "$0")"

	# 检查 Python 环境
	if ! command -v python3 &> /dev/null; then
	echo "Error: Python 3 is required"
	exit 1
	fi

	# 安装依赖
	echo "Installing dependencies..."
	pip install flask

	# 启动靶场服务器
	echo "Starting Vulnerability Test Server..."
	python3 server.py
	EOF
	chmod +x dist/vulnTestServer-$VERSION/start.sh

	# 创建启动脚本 (Windows)
	cat > dist/vulnTestServer-$VERSION/start.bat << 'EOF'
	@echo off
	cd /d "%~dp0"

	echo Installing dependencies...
	pip install flask

	echo Starting Vulnerability Test Server...
	python server.py
	EOF

	# 创建 zip 包
	cd dist
	zip -r vulnTestServer-$VERSION.zip vulnTestServer-$VERSION

	- name: Upload vulnlab package
	uses: actions/upload-artifact@v4
	with:
	name: vulnlab-package
	path: dist/vulnTestServer-*.zip
	retention-days: 1

	# ============================================
	# 创建 GitHub Release
	# ============================================
	create-release:
	name: Create GitHub Release
	runs-on: ubuntu-latest
	needs:
	- build-frontend
	- build-burp-legacy
	- build-burp-montoya
	- build-backend
	- build-vulnlab
	permissions:
	contents: write
	steps:
	- name: Checkout repository
	uses: actions/checkout@v4
	with:
	fetch-depth: 0
	fetch-tags: true

	- name: Get version from tag
	id: get_version
	run: \|
	VERSION=${GITHUB_REF_NAME}
	VERSION=${VERSION#release-}
	VERSION=${VERSION#v}
	VERSION=${VERSION%-release}
	echo "version=$VERSION" >> $GITHUB_OUTPUT
	echo "tag_name=${GITHUB_REF_NAME}" >> $GITHUB_OUTPUT

	- name: Download all artifacts
	uses: actions/download-artifact@v4
	with:
	path: artifacts

	- name: Prepare release assets
	run: \|
	VERSION=${{ steps.get_version.outputs.version }}
	mkdir -p release-assets

	# 后端应用包
	cp artifacts/backend-package/sqlmapwebui-*.zip release-assets/

	# 靶场包
	cp artifacts/vulnlab-package/vulnTestServer-*.zip release-assets/

	# Burp 插件 - Legacy API
	cp artifacts/burp-plugin-legacy/*.jar release-assets/sqlmap-webui-burp-legacy-${VERSION}.jar \|\| \
	cp artifacts/burp-plugin-legacy/*.jar release-assets/

	# Burp 插件 - Montoya API
	# 排除 original-* 文件
	for f in artifacts/burp-plugin-montoya/*.jar; do
	if [[ ! "$f" == "original-" ]]; then
	cp "$f" release-assets/sqlmap-webui-burp-montoya-${VERSION}.jar \|\| cp "$f" release-assets/
	fi
	done

	# 列出所有发布资源
	echo "Release assets:"
	ls -la release-assets/

	- name: Generate Release Notes
	id: release_notes
	run: \|
	VERSION=${{ steps.get_version.outputs.version }}
	TAG_NAME=${GITHUB_REF_NAME}
	REPO=${{ github.repository }}
	TODAY=$(date +'%Y-%m-%d')

	# ========== 1. 获取上一个 tag ==========
	PREV_TAG=$(git describe --tags --abbrev=0 HEAD^ 2>/dev/null \|\| echo "")
	echo "DEBUG: PREV_TAG='${PREV_TAG}'"
	echo "DEBUG: HEAD=$(git rev-parse HEAD)"
	echo "DEBUG: All tags: $(git tag -l 'release-v*' \| tr '\n' ' ')"

	# ========== 2. 生成 Changelog ==========
	if [ -z "$PREV_TAG" ]; then
	COMPARE_RANGE="HEAD"
	echo "No previous tag found, using all commits"
	else
	COMPARE_RANGE="${PREV_TAG}..HEAD"
	echo "Comparing: $COMPARE_RANGE"
	fi

	FEATURES=""
	FIXES=""
	IMPROVEMENTS=""
	DOCS=""
	REFACTOR=""
	CHORE=""
	OTHER=""

	while IFS= read -r line; do
	[ -z "$line" ] && continue
	HASH=$(echo "$line" \| cut -d'\|' -f1 \| cut -c1-7)
	MSG=$(echo "$line" \| cut -d'\|' -f2-)
	echo "$MSG" \| grep -qiE "^Merge" && continue
	ENTRY="- $MSG (\`$HASH\`)"
	if echo "$MSG" \| grep -qiE "^feat($.+$)?[!:]\|^feature[!:]"; then
	FEATURES="${FEATURES}${ENTRY}
	"
	elif echo "$MSG" \| grep -qiE "^fix($.+$)?[!:]"; then
	FIXES="${FIXES}${ENTRY}
	"
	elif echo "$MSG" \| grep -qiE "^perf($.+$)?[!:]\|^improve($.+$)?[!:]\|^optimize"; then
	IMPROVEMENTS="${IMPROVEMENTS}${ENTRY}
	"
	elif echo "$MSG" \| grep -qiE "^docs?($.+$)?[!:]"; then
	DOCS="${DOCS}${ENTRY}
	"
	elif echo "$MSG" \| grep -qiE "^refactor($.+$)?[!:]"; then
	REFACTOR="${REFACTOR}${ENTRY}
	"
	elif echo "$MSG" \| grep -qiE "^chore($.+$)?[!:]\|^build($.+$)?[!:]\|^ci($.+$)?[!:]"; then
	CHORE="${CHORE}${ENTRY}
	"
	else
	OTHER="${OTHER}${ENTRY}
	"
	fi
	done < <(git log ${COMPARE_RANGE} --pretty=format:"%H\|%s" --no-merges 2>/dev/null \|\| echo "")

	# 统计信息
	TOTAL_COMMITS=$(git rev-list --count ${COMPARE_RANGE} 2>/dev/null \|\| echo "0")
	CONTRIBUTORS=$(git log ${COMPARE_RANGE} --format='%aN' 2>/dev/null \| sort -u \| wc -l \| tr -d ' ' \|\| echo "0")
	echo "DEBUG: TOTAL_COMMITS=${TOTAL_COMMITS}, CONTRIBUTORS=${CONTRIBUTORS}"

	# ========== 3. 直接写入 release notes 文件（不使用占位符替换）==========
	{
	echo "# SQLMap WebUI v${VERSION}"
	echo ""
	echo "## 📋 版本概述"
	echo ""
	echo "发布日期: ${TODAY}"
	echo ""
	if [ -n "$PREV_TAG" ]; then
	echo "[📊 查看完整代码变更](https://github.com/${REPO}/compare/${PREV_TAG}...${TAG_NAME}) \| 共 ${TOTAL_COMMITS} 个提交，${CONTRIBUTORS} 位贡献者"
	else
	echo "这是首次发布版本"
	fi
	echo ""
	echo "## 🔄 更新内容"
	echo ""
	# 写入分类变更
	HAS_CHANGES=false
	if [ -n "$FEATURES" ]; then
	echo "### ✨ 新功能 (Features)"
	echo ""
	echo "$FEATURES"
	HAS_CHANGES=true
	fi
	if [ -n "$FIXES" ]; then
	echo "### 🐛 问题修复 (Bug Fixes)"
	echo ""
	echo "$FIXES"
	HAS_CHANGES=true
	fi
	if [ -n "$IMPROVEMENTS" ]; then
	echo "### ⚡ 性能优化 (Performance)"
	echo ""
	echo "$IMPROVEMENTS"
	HAS_CHANGES=true
	fi
	if [ -n "$REFACTOR" ]; then
	echo "### ♻️ 代码重构 (Refactor)"
	echo ""
	echo "$REFACTOR"
	HAS_CHANGES=true
	fi
	if [ -n "$DOCS" ]; then
	echo "### 📝 文档更新 (Documentation)"
	echo ""
	echo "$DOCS"
	HAS_CHANGES=true
	fi
	if [ -n "$CHORE" ]; then
	echo "### 🔧 其他更新 (Chore)"
	echo ""
	echo "$CHORE"
	HAS_CHANGES=true
	fi
	if [ -n "$OTHER" ]; then
	echo "### 📋 其他变更 (Other Changes)"
	echo ""
	echo "$OTHER"
	HAS_CHANGES=true
	fi
	if [ "$HAS_CHANGES" = false ]; then
	echo "暂无详细变更记录"
	fi
	echo ""
	echo "---"
	echo ""
	echo "## 📦 发布包说明"
	echo ""
	echo "### 后端应用 (sqlmapwebui-${VERSION}.zip)"
	echo "完整的后端服务包，包含："
	echo "- Python 后端 API 服务"
	echo "- 前端静态资源（已集成）"
	echo "- 启动脚本 (start.sh / start.bat)"
	echo ""
	echo '使用方法：'
	echo '```bash'
	echo '# Linux/Mac'
	echo "unzip sqlmapwebui-${VERSION}.zip"
	echo "cd sqlmapwebui-${VERSION}"
	echo './start.sh'
	echo ''
	echo '# Windows'
	echo '# 解压后运行 start.bat'
	echo '```'
	echo ""
	echo "### Burp Suite 插件"
	echo ""
	echo "#### Montoya API 版本 (推荐)"
	echo "- 文件: sqlmap-webui-burp-montoya-${VERSION}.jar"
	echo "- 适用: Burp Suite 2023.1 及以上版本"
	echo "- Java 要求: Java 17+"
	echo ""
	echo "#### Legacy API 版本"
	echo "- 文件: sqlmap-webui-burp-legacy-${VERSION}.jar"
	echo "- 适用: Burp Suite 老版本"
	echo "- Java 要求: Java 11+"
	echo ""
	echo "### 漏洞测试靶场 (vulnTestServer-${VERSION}.zip)"
	echo "用于测试的漏洞环境，包含多种 SQL 注入场景。"
	echo ""
	echo '使用方法：'
	echo '```bash'
	echo "unzip vulnTestServer-${VERSION}.zip"
	echo "cd vulnTestServer-${VERSION}"
	echo './start.sh # 或 Windows 运行 start.bat'
	echo '```'
	echo ""
	echo "## ⚠️ 安全提示"
	echo "本工具仅用于授权的安全测试。请确保在使用前获得适当的授权。"
	echo ""
	echo "---"
	echo "此版本由 GitHub Actions 自动构建发布"
	} > release_notes.md

	echo "DEBUG: release_notes.md generated successfully"
	echo "DEBUG: First 10 lines:"
	head -10 release_notes.md

	- name: Create Release
	uses: softprops/action-gh-release@v2
	with:
	tag_name: ${{ steps.get_version.outputs.tag_name }}
	name: SQLMap WebUI v${{ steps.get_version.outputs.version }}
	body_path: release_notes.md
	draft: false
	prerelease: ${{ contains(github.ref_name, 'alpha') \|\| contains(github.ref_name, 'beta') \|\| contains(github.ref_name, 'rc') }}
	files: \|
	release-assets/*
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

fix(ci): rewrite release notes generation - use direct echo instead o… #60

Workflow file

fix(ci): rewrite release notes generation - use direct echo instead o… #60

Uh oh!

Workflow file for this run