Submit file globs or release assets to the VirusTotal API for scanning.
On release events the Release Notes will optionally be updated with links to the scan results.
You can now customize the links display and release notes heading. See the Features for more details.
The /files/ endpoint is used for files under 32MB, otherwise, the /files/upload_url/ endpoint is used providing support for files up to 650MB. Therefore, files over 32MB will consume 2 API calls.
With no inputs this will automatically process release assets.
- name: 'VirusTotal'
uses: cssnr/virustotal-action@v1
with:
vt_api_key: ${{ secrets.VT_API_KEY }}Make sure to review the Inputs and checkout more Examples.
This is a fairly simple action, for more details see src/index.js and src/vt.js.
Tip
A new Documentation site is currently being developed:
https://actions.cssnr.com/virustotal/
- Supports files up to 650MB
- Upload Release Assets or File Globs
- Automatically add Results to Release Notes
- Customize Release Notes Heading
- Rate Limited for Free Accounts
- Option to specify the Release ID
- Add options to customize release update/output format (next on the roadmap).
- Add release body parsing to properly process new files on edited activity.
- Add option to apply file_globs to release assets.
Note
Please submit a Feature Request for new features or Open an Issue if you find any bugs.
We are also working on a Badge Server (similar to shields.io) that supports VirusTotal Badges.
For more details see the Website, the README.md or the Discussion in this repo.
These badges may be eventually added to this action as an option for release notes. Any feedback is helpful during this phase of development.
| Input Name | Default Value | Description of the Input Value |
|---|---|---|
vt_api_key |
Required | VirusTotal API Key |
file_globs |
- | File Globs to Process |
rate_limit |
4 |
API Calls Per Minute |
release_id |
- | Release ID to Process |
sha256 |
false |
Calculate File SHA256 |
update_release |
true |
Update the Release Notes |
release_heading |
see below | Release Notes Heading |
collapsed |
false |
Show Links Collapsed. |
file_name |
name |
File Name Display: [name, id] |
summary |
true |
Add Summary to Job |
github_token |
github.token |
For use with a PAT |
For more details on inputs, see the VirusTotal API documentation.
Get your API key from: https://www.virustotal.com/gui/my-apikey
If provided, will process matching files instead of release assets.
For glob pattern, see examples and the docs.
Rate limit for file uploads. Set to 0 to disable if you know what you are doing.
If provided, will process the corresponding release. The release ID can be generated from a previous step. By providing a release ID, this action does not need to run on a release event to process a release.
If enabled this will calculate the file's SHA256 hash, and include it in the output.
Will add result details to the job summary in the workflow.
👀 View Job Summary Example
| File | ID |
|---|---|
| README.md | YmFmZTVlZjIzMDRkMjRlMTcwNjk1Yzg0MTgyN2FmMmM6MTc0MjExMjY5Mw== |
| .gitignore | ZTM4MjBkOGFhYmRhNjBiMTY0MTEwZjZkNDE1YjViODc6MTc0MjExMjY5Mw== |
Outputs
[
{
"id": "MGM1YTkxMzc5OGU3Y2UyNjViNTkxYzY5OTZmNTg3NjI6MTc2MDEyMzYzOA==",
"name": "README.md",
"link": "https://www.virustotal.com/gui/file-analysis/MGM1YTkxMzc5OGU3Y2UyNjViNTkxYzY5OTZmNTg3NjI6MTc2MDEyMzYzOA==",
"sha256": "75f762919859572abf753008cc5a1f5b75e05e9d0876080c0d28b2338ca46c26"
},
{
"id": "ZmIzNTcyMDI5NTAxN2VkYzRiZmRmMTg4NzhjNWJjY2Y6MTc2MDEyMzYzOQ==",
"name": ".gitignore",
"link": "https://www.virustotal.com/gui/file-analysis/ZmIzNTcyMDI5NTAxN2VkYzRiZmRmMTg4NzhjNWJjY2Y6MTc2MDEyMzYzOQ==",
"sha256": "4c534768e93cc21269fecf0dea55eb9191ab649cb2fff8952f40cbf7a21057fe"
}
]README.md/MGM1YTkxMzc5OGU3Y2UyNjViNTkxYzY5OTZmNTg3NjI6MTc2MDEyMzYzOA==
.gitignore/ZmIzNTcyMDI5NTAxN2VkYzRiZmRmMTg4NzhjNWJjY2Y6MTc2MDEyMzYzOQ==Config
files: ["README.md",".gitignore"]
rate: 4
update: true
heading: "🛡️ **VirusTotal Results:**"
summary: trueTo view a workflow run, click on a recent Test job (requires login).
Example with all inputs:
- name: 'VirusTotal'
uses: cssnr/virustotal-action@v1
with:
vt_api_key: ${{ secrets.VT_API_KEY }}
file_globs: |
file1
release/*
rate_limit: 4
update_release: true
release_heading: '🛡️ **VirusTotal Results:**'
summary: trueSee the Examples section for more options.
If run on a release event, the Release Notes are automatically updated with the results unless you set update_release to false.
You can customize the heading or remove it by specifying an empty string.
If triggered from a release workflow, will update the release notes and append the results.
Customize the Release Notes Heading.
Default: 🛡️ **VirusTotal Results:**
Set to true to collapse the result links by default. Experimental.
Customize the Release Notes File Name Display. This can be one of name, or id.
🛡️ VirusTotal Results:
This action requires the following permissions to edit releases notes:
permissions:
contents: writePermissions documentation for Workflows and Actions.
| Output | Output Description |
|---|---|
| results | CSV String of file/id |
| json | JSON Object Results List |
Web links can be generated by appending the ID or SHA256 to these URL:
README.md/MGM1YTkxMzc5OGU3Y2UyNjViNTkxYzY5OTZmNTg3NjI6MTc2MDEyMzYzOA==,.gitignore/ZmIzNTcyMDI5NTAxN2VkYzRiZmRmMTg4NzhjNWJjY2Y6MTc2MDEyMzYzOQ==
Note: The sha256 is only included if you set the input sha256: true.
[
{
"id": "MGM1YTkxMzc5OGU3Y2UyNjViNTkxYzY5OTZmNTg3NjI6MTc2MDEyMzYzOA==",
"name": "README.md",
"link": "https://www.virustotal.com/gui/file-analysis/MGM1YTkxMzc5OGU3Y2UyNjViNTkxYzY5OTZmNTg3NjI6MTc2MDEyMzYzOA==",
"sha256": "75f762919859572abf753008cc5a1f5b75e05e9d0876080c0d28b2338ca46c26"
},
{
"id": "ZmIzNTcyMDI5NTAxN2VkYzRiZmRmMTg4NzhjNWJjY2Y6MTc2MDEyMzYzOQ==",
"name": ".gitignore",
"link": "https://www.virustotal.com/gui/file-analysis/ZmIzNTcyMDI5NTAxN2VkYzRiZmRmMTg4NzhjNWJjY2Y6MTc2MDEyMzYzOQ==",
"sha256": "4c534768e93cc21269fecf0dea55eb9191ab649cb2fff8952f40cbf7a21057fe"
}
]Using the outputs.
- name: 'VirusTotal'
uses: cssnr/virustotal-action@v1
id: vt
with:
vt_api_key: ${{ secrets.VT_API_KEY }}
- name: 'Echo Results'
run: |
echo results: ${{ steps.vt.outputs.results }}
echo json: ${{ steps.vt.outputs.json }}💡 Click on an example heading to expand or collapse the example.
Process release assets
- name: 'VirusTotal'
uses: cssnr/virustotal-action@v1
with:
vt_api_key: ${{ secrets.VT_API_KEY }}Customize release notes heading
- name: 'VirusTotal'
uses: cssnr/virustotal-action@v1
if: ${{ github.event_name == 'release' }}
with:
vt_api_key: ${{ secrets.VT_API_KEY }}
release_heading: '### Scan Results'Only run on a release event
- name: 'VirusTotal'
uses: cssnr/virustotal-action@v1
if: ${{ github.event_name == 'release' }}
with:
vt_api_key: ${{ secrets.VT_API_KEY }}Using file globs
- name: 'VirusTotal'
uses: cssnr/virustotal-action@v1
with:
vt_api_key: ${{ secrets.VT_API_KEY }}
file_globs: artifacts/*Multiple file globs
- name: 'VirusTotal'
uses: cssnr/virustotal-action@v1
with:
vt_api_key: ${{ secrets.VT_API_KEY }}
file_globs: |
artifacts/*
assets/asset.zipWith all inputs
- name: 'VirusTotal'
uses: cssnr/virustotal-action@v1
with:
vt_api_key: ${{ secrets.VT_API_KEY }}
file_globs: |
file1
release/*
rate_limit: 4
update_release: true
release_heading: '🛡️ **VirusTotal Results:**'
summary: trueSimple workflow example
name: 'VirusTotal Example'
on:
release:
types: [published]
jobs:
release:
name: 'Release'
runs-on: ubuntu-latest
timeout-minutes: 5
permissions:
contents: write
steps:
- name: 'VirusTotal Action'
uses: cssnr/virustotal-action@v1
with:
vt_api_key: ${{ secrets.VT_API_KEY }}Note: the permissions are applied to the individual job here.
Full workflow example
name: 'VirusTotal Example'
on:
release:
types: [published]
permissions:
contents: write
jobs:
windows:
name: 'Windows Build'
runs-on: windows-latest
timeout-minutes: 5
steps:
- name: 'Checkout'
uses: actions/checkout@v5
- name: 'Build'
uses: Minionguyjpro/[email protected]
with:
path: client.iss
options: '/DMyAppVersion=${{ github.ref_name }}'
- name: 'Upload to Release'
uses: svenstaro/upload-release-action@v2
if: ${{ github.event_name == 'release' }}
with:
repo_token: ${{ secrets.GITHUB_TOKEN }}
file: out/*
tag: ${{ github.ref }}
overwrite: true
file_glob: true
virustotal:
name: 'VirusTotal'
runs-on: ubuntu-latest
needs: [windows]
timeout-minutes: 5
if: ${{ github.event_name == 'release' }}
steps:
- name: 'VirusTotal Action'
uses: cssnr/virustotal-action@v1
with:
vt_api_key: ${{ secrets.VT_API_KEY }}
rate_limit: 4
update_release: trueNote: the permissions are applied to the entire workflow here.
To see this used in a build/release/scan workflow, check out:
https://github.com/cssnr/hls-downloader-client/blob/master/.github/workflows/build.yaml
For more examples, you can check out other projects using this action:
https://github.com/cssnr/virustotal-action/network/dependents
The following rolling tags are maintained.
| Version Tag | Rolling | Bugs | Feat. | Name | Target | Example |
|---|---|---|---|---|---|---|
 |
✅ | ✅ | ✅ | Major | vN.x.x |
vN |
 |
✅ | ✅ | ❌ | Minor | vN.N.x |
vN.N |
 |
❌ | ❌ | ❌ | Micro | vN.N.N |
vN.N.N |
You can view the release notes for each version on the releases page.
The Major tag is recommended. It is the most up-to-date and always backwards compatible. Breaking changes would result in a Major version bump. At a minimum you should use a Minor tag.
For general help or to request a feature see:
- Q&A Discussion: https://github.com/cssnr/virustotal-action/discussions/categories/q-a
- Request a Feature: https://github.com/cssnr/virustotal-action/discussions/categories/feature-requests
If you are experiencing an issue/bug or getting unexpected results you can:
- Report an Issue: https://github.com/cssnr/virustotal-action/issues
- Chat with us on Discord: https://discord.gg/wXy6m2X8wY
- Provide General Feedback: https://cssnr.github.io/feedback/
For more information, see the CSSNR SUPPORT.md.
Please consider making a donation to support the development of this project and additional open source projects.
If you would like to submit a PR, please review the CONTRIBUTING.md.
Additionally, you can support other GitHub Actions I have published:
- Stack Deploy Action
- Portainer Stack Deploy Action
- Docker Context Action
- VirusTotal Action
- Mirror Repository Action
- Update Version Tags Action
- Docker Tags Action
- Update JSON Value Action
- JSON Key Value Check Action
- Parse Issue Form Action
- Cloudflare Purge Cache Action
- Mozilla Addon Update Action
- Package Changelog Action
- NPM Outdated Check Action
- Label Creator Action
- Algolia Crawler Action
- Upload Release Action
- Check Build Action
- Web Request Action
- Get Commit Action
❔ Unpublished Actions
These actions are not published on the Marketplace, but may be useful.
- cssnr/draft-release-action - Keep a draft release ready to publish.
- cssnr/env-json-action - Convert env file to json or vice versa.
- cssnr/push-artifacts-action - Sync files to a remote host with rsync.
- smashedr/update-release-notes-action - Update release notes.
- smashedr/combine-release-notes-action - Combine release notes.
📝 Template Actions
These are basic action templates that I use for creating new actions.
- js-test-action - JavaScript
- py-test-action - Python
- ts-test-action - TypeScript
- docker-test-action - Docker Image
Note: The docker-test-action builds, runs and pushes images to GitHub Container Registry.
For a full list of current projects visit: https://cssnr.github.io/
