From e50572532fbba1ab0cb4b6f52ccbb5c5a567b7a4 Mon Sep 17 00:00:00 2001 From: Jan De Dobbeleer Date: Wed, 27 Nov 2024 15:41:21 +0100 Subject: [PATCH] chore(release): use single release workflow --- .github/workflows/release2.yml | 102 +++++++++++++++++++++++++++++++++ build/post.ps1 | 16 ++++++ build/pre.ps1 | 30 ++++++++++ packages/msi/build.ps1 | 10 ++-- 4 files changed, 152 insertions(+), 6 deletions(-) create mode 100644 .github/workflows/release2.yml create mode 100644 build/post.ps1 create mode 100644 build/pre.ps1 diff --git a/.github/workflows/release2.yml b/.github/workflows/release2.yml new file mode 100644 index 00000000..a303822f --- /dev/null +++ b/.github/workflows/release2.yml @@ -0,0 +1,102 @@ +name: Release + +on: + push: + branches: + - next + paths: + - "src/**" + - "packages/**" + - ".github/workflows/**" + +jobs: + changelog: + runs-on: ubuntu-latest + outputs: + version: ${{ steps.changelog.outputs.version }} + body: ${{ steps.changelog.outputs.clean_changelog }} + tag: ${{ steps.changelog.outputs.tag }} + skipped: ${{ steps.changelog.outputs.skipped }} + steps: + - name: Checkout code 👋 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - name: Create changelog ✍️ + id: changelog + uses: TriPSs/conventional-changelog-action@3c4970b6573374889b897403d2f1278c395ea0df + with: + github-token: ${{ secrets.github_token }} + skip-version-file: "true" + output-file: "false" + skip-commit: "true" + skip-on-empty: "true" + skip-tag: "true" + + artifacts: + needs: changelog + if: ${{ needs.changelog.outputs.skipped == 'false' }} + runs-on: windows-latest + defaults: + run: + shell: pwsh + working-directory: ${{ github.workspace }}/build + steps: + - name: Checkout code 👋 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - name: Install Go 🗳 + uses: ./.github/workflows/composite/bootstrap-go + - name: Pre Build 😸 + env: + SIGNING_KEY: ${{ secrets.SIGNING_KEY }} + run: | + ./pre.ps1 -Version ${{ needs.changelog.outputs.version }} + - name: Run GoReleaser 🚀 + uses: goreleaser/goreleaser-action@9ed2f89a662bf1735a48bc8557fd212fa902bebf + with: + distribution: goreleaser + version: v2.3.2 + args: release --clean --skip publish + workdir: src + env: + AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} + AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} + AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} + - name: Post Build 🤐 + run: | + ./post.ps1 + - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 + with: + name: build-artifacts + path: | + src/dist/posh-* + src/dist/themes.* + src/dist/checksums.* + msi: + needs: + - changelog + - artifacts + runs-on: windows-latest + strategy: + matrix: + arch: [x64, arm64, x86] + defaults: + run: + shell: pwsh + working-directory: ${{ github.workspace }}/packages/msi + steps: + - name: Checkout code 👋 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 + with: + name: build-artifacts + path: dist + - name: Install Wix Toolset 🛠 + run: dotnet tool install --global wix + - name: Build installer 📦 + id: build + env: + AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} + AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} + AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} + run: | + $version = '${{ needs.changelog.outputs.version }}'.TrimStart("v") + ./build.ps1 -Architecture ${{ matrix.arch }} -Version $version -Sign -Copy diff --git a/build/post.ps1 b/build/post.ps1 new file mode 100644 index 00000000..226ee7cb --- /dev/null +++ b/build/post.ps1 @@ -0,0 +1,16 @@ +# Description: Post build script to compress the themes and generate SHA256 hashes for all files in the dist folder + +# Compress all themes +$compress = @{ + Path = "../themes/*.omp.*" + CompressionLevel = "Fastest" + DestinationPath = "../src/dist/themes.zip" +} +Compress-Archive @compress + +# Generate SHA256 hashes for all files in the dist folder +Get-ChildItem ./dist -Exclude *.yaml, *.sig | Get-Unique | +Foreach-Object { + $zipHash = Get-FileHash $_.FullName -Algorithm SHA256 + $zipHash.Hash | Out-File -Encoding 'UTF8' "../src/dist/$($_.Name).sha256" +} diff --git a/build/pre.ps1 b/build/pre.ps1 new file mode 100644 index 00000000..5929c10f --- /dev/null +++ b/build/pre.ps1 @@ -0,0 +1,30 @@ +Param +( + [string] + $Version, + [parameter(Mandatory = $false)] + [string] + $SDKVersion = "10.0.22621.0" +) + +git config --global user.name "GitHub Actions" +git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com" +git tag $Version --force + +$PSDefaultParameterValues['Out-File:Encoding'] = 'UTF8' + +$shaSigningKeyLocation = Join-Path -Path $env:RUNNER_TEMP -ChildPath sha_signing_key.pem +$env:SIGNING_KEY > $shaSigningKeyLocation +Write-Output "SHA_SIGNING_KEY_LOCATION=$shaSigningKeyLocation" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append + +# install code signing dlib +nuget.exe install Microsoft.Trusted.Signing.Client -Version 1.0.60 -ExcludeVersion -OutputDirectory $env:RUNNER_TEMP +Write-Output "SIGNTOOLDLIB=$env:RUNNER_TEMP/Microsoft.Trusted.Signing.Client/bin/x64/Azure.CodeSigning.Dlib.dll" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append + +# requires Windows Dev Kit 10.0.22621.0 +$signtool = "C:/Program Files (x86)/Windows Kits/10/bin/$SDKVersion/x64/signtool.exe" +Write-Output "SIGNTOOL=$signtool" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append + +# openssl +$openssl = 'C:/Program Files/Git/usr/bin/openssl.exe' +Write-Output "OPENSSL=$openssl" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append diff --git a/packages/msi/build.ps1 b/packages/msi/build.ps1 index ffdf799e..a713e246 100644 --- a/packages/msi/build.ps1 +++ b/packages/msi/build.ps1 @@ -9,8 +9,8 @@ Param [parameter(Mandatory = $false)] [string] $SDKVersion = "10.0.22621.0", - [switch]$Download, [switch]$Sign, + [switch]$Copy, [switch]$Upload ) @@ -19,17 +19,15 @@ $PSDefaultParameterValues['Out-File:Encoding'] = 'UTF8' New-Item -Path "." -Name "dist" -ItemType Directory -ErrorAction SilentlyContinue New-Item -Path "." -Name "out" -ItemType Directory -ErrorAction SilentlyContinue -if ($Download) { - # download the executable +if ($Copy) { switch ($Architecture) { 'x86' { $file = "posh-windows-386.exe" } 'x64' { $file = "posh-windows-amd64.exe" } Default { $file = "posh-windows-$Architecture.exe" } } - $name = "oh-my-posh.exe" - $url = "https://github.com/jandedobbeleer/oh-my-posh/releases/download/v$Version/$file" - Invoke-WebRequest $url -Out "./dist/$($name)" + # copy the correct architecture to ./dist + Copy-Item -Path "../../dist/$file" -Destination "./dist/oh-my-posh.exe" } # variables