Skip to content
Release

Release #29

Sign in to view logs

Release

Release #29

Workflow file for this run

.github/workflows/release.yml at 85d82c1
name: Release
on:
workflow_dispatch:
inputs:
run_id:
description: 'workflow run id'
default: "latest"
required: true
dry-run:
description: 'Build packages without publishing'
required: true
type: boolean
default: 'true'
jobs:
package:
name: Build Packages
runs-on: windows-2022
environment: publish-prod
steps:
- name: Clone project
uses: actions/checkout@v4
- name: Install AzureSignTool
run: |
dotnet tool install --global AzureSignTool
- name: Code sign packages
shell: pwsh
env:
GH_TOKEN: ${{ github.token }}
run: |
Set-PSDebug -Trace 1
$RunId = '${{ github.event.inputs.run_id }}'
if ($RunId -eq 'latest') {
$RunId = $(gh run list -w 'build' --json 'status,databaseId,conclusion') |
ConvertFrom-Json | Where-Object { ($_.status -eq 'completed') -and ($_.conclusion -eq 'success') } |
Select-Object -First 1 -ExpandProperty databaseId
}
New-Item -Path "package" -ItemType Directory -ErrorAction SilentlyContinue | Out-Null
Push-Location "package"
Write-Host "Downloading run $RunId"
& gh run download $RunId -n 'cadeau-nupkg'
$NupkgFile = Get-Item .\Devolutions.Cadeau.*.nupkg
$NugetName = $NupkgFile.BaseName
$Version = $NugetName -Replace 'Devolutions.Cadeau.', ''
if ($Version.Split('.').Count -eq 3) { $Version += ".0" }
Set-Content -Path .\VERSION -Value $Version -NoNewLine -Force
Expand-Archive -Path $NupkgFile -Destination ".\$NugetName"
Remove-Item $NupkgFile -ErrorAction SilentlyContinue | Out-Null
$Params = @('sign',
'-kvt', '${{ secrets.AZURE_TENANT_ID }}',
'-kvu', '${{ secrets.CODE_SIGNING_KEYVAULT_URL }}',
'-kvi', '${{ secrets.CODE_SIGNING_CLIENT_ID }}',
'-kvs', '${{ secrets.CODE_SIGNING_CLIENT_SECRET }}',
'-kvc', '${{ secrets.CODE_SIGNING_CERTIFICATE_NAME }}',
'-tr', '${{ vars.CODE_SIGNING_TIMESTAMP_SERVER }}',
'-v')
Get-Item -Path ".\$NugetName\runtimes\win-*\native\*.dll" | ForEach-Object {
AzureSignTool @Params $_.FullName
}
Compress-Archive -Path ".\$NugetName\*" -DestinationPath $NupkgFile -CompressionLevel Optimal
- name: Package shared libraries as archives
shell: pwsh
working-directory: package
run: |
Set-PSDebug -Trace 1
$NupkgFile = Get-Item .\Devolutions.Cadeau.*.nupkg
$NugetName = $NupkgFile.BaseName
Get-Item -Path ".\$NugetName\runtimes\*" | ForEach-Object {
$LibFile = Get-Item -Path "$($_.FullName)\native\*xmf*"
$ArchiveName = "cadeau-$($_.Name).zip"
Compress-Archive -Path $LibFile -DestinationPath $ArchiveName -CompressionLevel Optimal
}
- name: Clean
shell: pwsh
working-directory: package
run: |
Set-PSDebug -Trace 1
$NupkgFile = Get-Item .\Devolutions.Cadeau.*.nupkg
$NugetName = $NupkgFile.BaseName
Remove-Item ".\$NugetName" -Recurse
- name: Upload package
uses: actions/upload-artifact@v4
with:
name: cadeau-libs
path: package/*
publish:
name: Publish packages
runs-on: ubuntu-20.04
environment: publish-prod
needs: package
if: ${{ github.event.inputs.dry-run == 'false' }}
steps:
- name: Download packages
uses: actions/download-artifact@v4
with:
name: cadeau-libs
path: package
- name: Publish to nuget.org
shell: pwsh
run: |
$NugetApiKey = '${{ secrets.NUGET_API_KEY }}'
$NugetSource = 'https://api.nuget.org/v3/index.json'
Get-ChildItem .\package\*.nupkg | ForEach-Object {
& dotnet nuget push $_.FullName --api-key $NugetApiKey --source $NugetSource --skip-duplicate
}
- name: Create GitHub Release
shell: pwsh
env:
GITHUB_TOKEN: ${{ secrets.DEVOLUTIONSBOT_WRITE_TOKEN }}
working-directory: package
run: |
$Version = Get-Content -Path .\VERSION
Remove-Item .\VERSION | Out-Null
$HashPath = 'checksums'
$Files = Get-Item * -Exclude ('VERSION','CHANGELOG.md') | % { Get-FileHash -Algorithm SHA256 $_.FullName }
$Files | % { "$($_.Hash) $(Split-Path $_.Path -Leaf)" } | Out-File -FilePath $HashPath -Append -Encoding ASCII
echo "::group::checksums"
Get-Content $HashPath
echo "::endgroup::"
$ReleaseTag = "v$Version"
$Repository = $Env:GITHUB_REPOSITORY
$ReleaseTitle = "Devolutions Cadeau v${Version}"
& gh release create $ReleaseTag --repo $Repository --title $ReleaseTitle --draft ./*