mirror of
https://github.com/ChrisTitusTech/winutil.git
synced 2024-11-15 07:05:51 -06:00
109 lines
3.5 KiB
YAML
109 lines
3.5 KiB
YAML
name: Pre-Release WinUtil
|
|
|
|
permissions:
|
|
contents: write
|
|
actions: read
|
|
|
|
on:
|
|
workflow_dispatch: # Manual trigger added
|
|
|
|
jobs:
|
|
build-runspace:
|
|
runs-on: windows-latest
|
|
env:
|
|
CERTIFICATE_BASE64: ${{ secrets.CERTIFICATE_BASE64 }}
|
|
steps:
|
|
- name: Checkout Repository
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Compile project
|
|
shell: pwsh
|
|
run: |
|
|
Set-ExecutionPolicy Bypass -Scope Process -Force; ./Compile.ps1
|
|
continue-on-error: false # Directly fail the job on error, removing the need for a separate check
|
|
|
|
- name: Set Version to Todays Date
|
|
id: extract_version
|
|
run: |
|
|
$version = (Get-Date -Format "yy.MM.dd")
|
|
echo "VERSION=$version" >> $env:GITHUB_ENV
|
|
shell: pwsh
|
|
|
|
- name: Create Tag
|
|
id: create_tag
|
|
run: |
|
|
$tagExists = git tag -l $env:VERSION
|
|
if ($tagExists -eq "") {
|
|
git tag $env:VERSION
|
|
if ($LASTEXITCODE -ne 0) {
|
|
Write-Error "Failed to create tag $env:VERSION"
|
|
exit 1
|
|
}
|
|
git push origin $env:VERSION
|
|
if ($LASTEXITCODE -ne 0) {
|
|
Write-Error "Failed to push tag $env:VERSION"
|
|
exit 1
|
|
}
|
|
} else {
|
|
Write-Host "Tag $env:VERSION already exists, skipping tag creation"
|
|
}
|
|
shell: pwsh
|
|
|
|
- name: Create and import code signing certificate
|
|
shell: pwsh
|
|
run: |
|
|
[System.IO.File]::WriteAllBytes("$env:USERPROFILE\code-signing-cert.pfx", [System.Convert]::FromBase64String("$env:CERTIFICATE_BASE64"))
|
|
Import-PfxCertificate -FilePath "$env:USERPROFILE\code-signing-cert.pfx" -CertStoreLocation Cert:\CurrentUser\My
|
|
|
|
- name: Code sign winutil.ps1
|
|
shell: pwsh
|
|
run: |
|
|
$cert = Get-ChildItem -Path Cert:\CurrentUser\My -CodeSigningCert | Select-Object -First 1
|
|
if ($null -eq $cert) { throw "Code signing certificate not found" }
|
|
Set-AuthenticodeSignature -FilePath ./winutil.ps1 -Certificate $cert
|
|
|
|
- name: Verify code signature
|
|
shell: pwsh
|
|
run: |
|
|
$signature = Get-AuthenticodeSignature -FilePath ./winutil.ps1
|
|
if ($signature.Status -ne 'Valid') { throw "Code signing failed" }
|
|
|
|
- name: Upload winutil.ps1 as artifact
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: winutil
|
|
path: ./winutil.ps1
|
|
|
|
- name: Generate Release Notes
|
|
id: generate_notes
|
|
uses: release-drafter/release-drafter@v5
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
with:
|
|
config-name: release-drafter.yml
|
|
version: ${{ env.version }}
|
|
|
|
- name: Prepare Release Body
|
|
id: prepare_body
|
|
run: |
|
|
new_changes="${{ steps.generate_notes.outputs.body }}"
|
|
echo "body<<EOF" >> $GITHUB_OUTPUT
|
|
echo "$new_changes" >> $GITHUB_OUTPUT
|
|
echo "EOF" >> $GITHUB_OUTPUT
|
|
|
|
- name: Create and Upload Release
|
|
id: create_release
|
|
uses: softprops/action-gh-release@v2
|
|
with:
|
|
tag_name: ${{ env.version }}
|
|
name: Pre-Release ${{ env.version }}
|
|
body: |
|
|
${{ steps.prepare_body.outputs.body }}
|
|
|
|
|
|
append_body: false
|
|
files: ./winutil.ps1
|
|
prerelease: true
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|