VirusTotal Action

Upload Release Assets or Specified File Globs to VirusTotal and Optionally Update Release Notes with Links.

• Inputs
• Outputs
• Examples
• Planned Features
• Support
• Contributing

Note

Please submit a Feature Request for new features or Open an Issue if you find any bugs.

The /files/ endpoint is used for files under 32MB, otherwise, the /files/upload_url/ endpoint is used providing support for files up to 650MB. Therefore, files over 32MB will consume 2 API calls.

Inputs

input	required	default	description
github_token	Yes	-	GitHub Token: ${{ secrets.GITHUB_TOKEN }}
vt_api_key	Yes	-	VirusTotal API Key from VirusTotal *
file_globs	No	-	File Globs to Process, newline seperated *
rate_limit	No	4	API Calls Per Minute, 0 to disable
update_release	No	true	Update Release Notes, false to disable

vt_api_key - Get your API key from: https://www.virustotal.com/gui/my-apikey

file_globs - For glob pattern examples, see: https://github.com/actions/toolkit/tree/main/packages/glob#patterns

- name: 'VirusTotal'
  uses: cssnr/virustotal-action@v1
  with:
      github_token: ${{ secrets.GITHUB_TOKEN }}
      vt_api_key: ${{ secrets.VT_API_KEY }}

Update Release

The Update Release option will append text similar to this to the release body:

---

🛡️ VirusTotal Results:

• install-linux.deb
• install-macos.pkg
• install-win.exe

---

Outputs

output	description
results	Comma Seperated String of file/id

Example Output:

install-linux.deb/ZDAzY2M2ZGQzZmEwZWEwZTI2NjQ5NmVjZDcwZmY0YTY6MTcxNzU2NzI3Ng==,install-macos.pkg/YTkzOGFjMDZhNTI3NmU5MmI4YzQzNzg5ODE3OGRkMzg6MTcxNzU2NzI3OA==,install-win.exe/M2JhZDJhMzRhYjcyM2Y0MDFkNjU1OGZlYjFkNjgyMmY6MTcxNzU2NzI4MA==

- name: 'VirusTotal'
  uses: cssnr/virustotal-action@v1
  id: vt
  with:
      github_token: ${{ secrets.GITHUB_TOKEN }}
      vt_api_key: ${{ secrets.VT_API_KEY }}

- name: 'Echo Results'
  run: echo ${{ steps.vt.outputs.results }}

Examples

With File Globs:

- name: 'VirusTotal'
  uses: cssnr/virustotal-action@v1
  with:
      github_token: ${{ secrets.GITHUB_TOKEN }}
      vt_api_key: ${{ secrets.VT_API_KEY }}
      file_globs: artifacts/*

Multiple Globs:

- name: 'VirusTotal'
  uses: cssnr/virustotal-action@v1
  with:
      github_token: ${{ secrets.GITHUB_TOKEN }}
      vt_api_key: ${{ secrets.VT_API_KEY }}
      file_globs: |
          artifacts/*
          assets/asset.zip

Simple Example:

name: 'VirusTotal Example'

on:
    release:
        types: [published]

jobs:
    test:
        name: 'Test'
        runs-on: ubuntu-latest
        timeout-minutes: 5

        steps:
            - name: 'VirusTotal'
              uses: cssnr/virustotal-action@v1
              with:
                  github_token: ${{ secrets.GITHUB_TOKEN }}
                  vt_api_key: ${{ secrets.VT_API_KEY }}

Full Example:

name: 'VirusTotal Example'

on:
    release:
        types: [published]

jobs:
    windows:
        name: 'Windows Build'
        runs-on: windows-latest
        timeout-minutes: 5

        steps:
            - name: 'Checkout'
              uses: actions/checkout@v4

            - name: 'Build'
              uses: Minionguyjpro/Inno-Setup-Action@v1.2.2
              with:
                  path: client.iss
                  options: '/DMyAppVersion=${{ github.ref_name }}'

            - name: 'Upload to Release'
              uses: svenstaro/upload-release-action@v2
              if: ${{ github.event_name == 'release' }}
              with:
                  repo_token: ${{ secrets.GITHUB_TOKEN }}
                  file: out/*
                  tag: ${{ github.ref }}
                  overwrite: true
                  file_glob: true

    virustotal:
        name: 'VirusTotal Scan'
        runs-on: ubuntu-latest
        needs: [windows]
        timeout-minutes: 5
        if: ${{ github.event_name == 'release' }}

        steps:
            - name: 'VirusTotal'
              uses: cssnr/virustotal-action@v1
              with:
                  github_token: ${{ secrets.GITHUB_TOKEN }}
                  vt_api_key: ${{ secrets.VT_API_KEY }}
                  rate_limit: 4
                  update_release: true

To see this used in a build/release/scan workflow, check out:
https://github.com/cssnr/hls-downloader-client/blob/master/.github/workflows/build.yaml

Planned Features

• Add release body parsing to properly process new files on edited activity.
• Add workflow summary to workflow results.
• Add options to customize release update format.

Support

For general help or to request a feature see:

• Q&A Discussion: https://github.com/cssnr/virustotal-action/discussions/categories/q-a
• Request a Feature: https://github.com/cssnr/virustotal-action/discussions/categories/feature-requests

If you are experiencing an issue/bug or getting unexpected results you can:

• Report an Issue: https://github.com/cssnr/virustotal-action/issues
• Chat with us on Discord: https://discord.gg/wXy6m2X8wY
• Provide General Feedback: https://cssnr.github.io/feedback/

Contributing

Currently, the best way to contribute to this project is to star this project on GitHub.

Additionally, you can support other GitHub Actions I have published:

• VirusTotal Action
• Update Version Tags Action
• Update JSON Value Action
• Parse Issue Form Action
• Mirror Repository Action
• Portainer Stack Deploy
• Mozilla Addon Update Action

For a full list of current projects to support visit: https://cssnr.github.io/