mirror of
https://github.com/ChrisTitusTech/winutil.git
synced 2024-11-14 22:55:52 -06:00
123 lines
4.2 KiB
YAML
123 lines
4.2 KiB
YAML
name: Pre-Release WinUtil
|
|
|
|
permissions:
|
|
contents: write
|
|
actions: read
|
|
|
|
on:
|
|
workflow_dispatch: # Manual trigger added
|
|
|
|
jobs:
|
|
build-runspace:
|
|
runs-on: windows-latest
|
|
env:
|
|
CERTIFICATE_BASE64: ${{ secrets.CERTIFICATE_BASE64 }}
|
|
steps:
|
|
- name: Checkout Repository
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Compile project
|
|
shell: pwsh
|
|
run: |
|
|
Set-ExecutionPolicy Bypass -Scope Process -Force; ./Compile.ps1
|
|
continue-on-error: false # Directly fail the job on error, removing the need for a separate check
|
|
|
|
- name: Set Version to Todays Date
|
|
id: extract_version
|
|
run: |
|
|
$version = (Get-Date -Format "yy.MM.dd")
|
|
echo "VERSION=$version" >> $env:GITHUB_ENV
|
|
shell: pwsh
|
|
|
|
- name: Create Tag
|
|
id: create_tag
|
|
run: |
|
|
$tagExists = git tag -l $env:VERSION
|
|
if ($tagExists -eq "") {
|
|
git tag $env:VERSION
|
|
if ($LASTEXITCODE -ne 0) {
|
|
Write-Error "Failed to create tag $env:VERSION"
|
|
exit 1
|
|
}
|
|
git push origin $env:VERSION
|
|
if ($LASTEXITCODE -ne 0) {
|
|
Write-Error "Failed to push tag $env:VERSION"
|
|
exit 1
|
|
}
|
|
} else {
|
|
Write-Host "Tag $env:VERSION already exists, skipping tag creation"
|
|
}
|
|
shell: pwsh
|
|
|
|
- name: Create and import code signing certificate
|
|
shell: pwsh
|
|
run: |
|
|
[System.IO.File]::WriteAllBytes("$env:USERPROFILE\code-signing-cert.pfx", [System.Convert]::FromBase64String("$env:CERTIFICATE_BASE64"))
|
|
Import-PfxCertificate -FilePath "$env:USERPROFILE\code-signing-cert.pfx" -CertStoreLocation Cert:\CurrentUser\My
|
|
|
|
- name: Code sign winutil.ps1
|
|
shell: pwsh
|
|
run: |
|
|
$cert = Get-ChildItem -Path Cert:\CurrentUser\My -CodeSigningCert | Select-Object -First 1
|
|
if ($null -eq $cert) { throw "Code signing certificate not found" }
|
|
Set-AuthenticodeSignature -FilePath ./winutil.ps1 -Certificate $cert
|
|
|
|
- name: Verify code signature
|
|
shell: pwsh
|
|
run: |
|
|
$signature = Get-AuthenticodeSignature -FilePath ./winutil.ps1
|
|
if ($signature.Status -ne 'Valid') { throw "Code signing failed" }
|
|
|
|
- name: Upload winutil.ps1 as artifact
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: winutil
|
|
path: ./winutil.ps1
|
|
|
|
- name: Get latest release tag
|
|
id: get_latest_release
|
|
run: |
|
|
git fetch --tags --force
|
|
$latestTag = git for-each-ref --sort=-creatordate --format '%(refname:short)' refs/tags --count 1
|
|
if ($LASTEXITCODE -ne 0 -or [string]::IsNullOrEmpty($latestTag)) {
|
|
Write-Error "Failed to get latest tag. Error code: $LASTEXITCODE"
|
|
exit 1
|
|
}
|
|
Write-Host "Latest tag: $latestTag"
|
|
echo "LATEST_TAG=$latestTag" >> $env:GITHUB_ENV
|
|
shell: pwsh
|
|
|
|
- name: Generate Release Notes
|
|
id: generate_notes
|
|
uses: release-drafter/release-drafter@v5
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
with:
|
|
config-name: release-drafter.yml
|
|
version: ${{ env.version }}
|
|
tag: ${{ env.LATEST_TAG }}
|
|
|
|
- name: Prepare Release Body
|
|
id: prepare_body
|
|
run: |
|
|
$newChanges = '${{ steps.generate_notes.outputs.body }}'
|
|
$escapedChanges = $newChanges -replace '(?m)^\s*(.+)\s*$', '$1' -replace "'", "''" -replace '"', '\"' -replace "`n", "\n" -replace "`r", ""
|
|
echo "body=$escapedChanges" | Out-File -Append -Encoding utf8 $env:GITHUB_OUTPUT
|
|
shell: pwsh
|
|
|
|
- name: Create and Upload Release
|
|
id: create_release
|
|
uses: softprops/action-gh-release@v2
|
|
with:
|
|
tag_name: ${{ env.version }}
|
|
name: Pre-Release ${{ env.version }}
|
|
body: |
|
|
${{ steps.prepare_body.outputs.body }}
|
|
|
|
![GitHub Downloads (specific asset, specific tag)](https://img.shields.io/github/downloads/ChrisTitusTech/winutil/${{ env.VERSION }}/winutil.ps1)
|
|
append_body: false
|
|
files: ./winutil.ps1
|
|
prerelease: true
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|