feat(release): publish artifacts to CDN

This commit is contained in:
Jan De Dobbeleer 2024-11-27 11:29:42 +01:00 committed by Jan De Dobbeleer
parent dacdd9cf02
commit ebc7d25922
8 changed files with 175 additions and 167 deletions

View file

@ -1,10 +1,7 @@
name: Windows Store name: Windows Store
on: on:
workflow_dispatch: release:
inputs: types: [published]
version:
description: 'The latest version'
required: true
jobs: jobs:
microsoft_store: microsoft_store:
@ -27,29 +24,29 @@ jobs:
with: with:
command: update command: update
product-update: '{ product-update: '{
"packages":[ "packages":[
{ {
"packageUrl":"https://github.com/JanDeDobbeleer/oh-my-posh/releases/download/v${{ github.event.inputs.version }}/install-x64.msi", "packageUrl":"https://github.com/JanDeDobbeleer/oh-my-posh/releases/download/${{ github.event.release.tag_name }}/install-x64.msi",
"languages":["en"], "languages":["en"],
"architectures":["X64"], "architectures":["X64"],
"installerParameters":"/quiet INSTALLER=ws", "installerParameters":"/quiet INSTALLER=ws",
"isSilentInstall":false "isSilentInstall":false
}, },
{ {
"packageUrl":"https://github.com/JanDeDobbeleer/oh-my-posh/releases/download/v${{ github.event.inputs.version }}/install-arm64.msi", "packageUrl":"https://github.com/JanDeDobbeleer/oh-my-posh/releases/download/${{ github.event.release.tag_name }}/install-arm64.msi",
"languages":["en"], "languages":["en"],
"architectures":["Arm64"], "architectures":["Arm64"],
"installerParameters":"/quiet INSTALLER=ws", "installerParameters":"/quiet INSTALLER=ws",
"isSilentInstall":false "isSilentInstall":false
}, },
{ {
"packageUrl":"https://github.com/JanDeDobbeleer/oh-my-posh/releases/download/v${{ github.event.inputs.version }}/install-x86.msi", "packageUrl":"https://github.com/JanDeDobbeleer/oh-my-posh/releases/download/${{ github.event.release.tag_name }}/install-x86.msi",
"languages":["en"], "languages":["en"],
"architectures":["X86"], "architectures":["X86"],
"installerParameters":"/quiet INSTALLER=ws", "installerParameters":"/quiet INSTALLER=ws",
"isSilentInstall":false "isSilentInstall":false
} }
] ]
}' }'
- name: Publish Submission - name: Publish Submission
uses: jandedobbeleer/store-submission@submission-status uses: jandedobbeleer/store-submission@submission-status

View file

@ -1,74 +0,0 @@
name: MSI
on:
release:
types: [published]
jobs:
package:
runs-on: windows-latest
strategy:
matrix:
arch: [x64, arm64, x86]
defaults:
run:
shell: pwsh
working-directory: ${{ github.workspace }}/packages/msi
steps:
- name: Checkout code 👋
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
- name: Install Wix Toolset 🛠
run: dotnet tool install --global wix
- name: Build installer 📦
id: build
env:
AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }}
AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
run: |
$version = $env:GITHUB_REF.TrimStart("refs/tags/v")
./build.ps1 -Architecture ${{ matrix.arch }} -Version $version -Download -Sign
- name: Upload artifacts 🆙
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea
with:
github-token: ${{secrets.GITHUB_TOKEN}}
script: |
console.log('environment', process.versions);
const fs = require('fs').promises;
const { repo: { owner, repo }, sha } = context;
console.log({ owner, repo, sha });
for (let file of await fs.readdir('./packages/msi/out')) {
if (file.indexOf(".msi") < 0) {
continue;
}
console.log('uploading', file);
await github.rest.repos.uploadReleaseAsset({
owner, repo,
release_id: ${{ github.event.release.id }},
name: file,
data: await fs.readFile(`./packages/msi/out/${file}`)
});
}
notify:
runs-on: ubuntu-latest
needs: package
strategy:
matrix:
workflow: [winget, microsoft_store]
steps:
- name: Notify 🙋🏾‍♀️
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea
with:
github-token: ${{ secrets.GH_PAT }}
script: |
await github.request('POST /repos/{owner}/{repo}/actions/workflows/{workflow_id}/dispatches', {
owner: 'jandedobbeleer',
repo: '${{ github.event.repository.name }}',
workflow_id: '${{ matrix.workflow }}.yml',
ref: 'main',
inputs: {"version": process.env.GITHUB_REF.replace('refs/tags/v', '')}
})

View file

@ -5,13 +5,13 @@ on:
branches: branches:
- main - main
paths: paths:
- 'src/**' - "src/**"
- 'packages/**' - "packages/**"
- '.github/workflows/**' - ".github/workflows/**"
jobs: jobs:
changelog: changelog:
runs-on: macos-latest runs-on: ubuntu-latest
outputs: outputs:
version: ${{ steps.changelog.outputs.version }} version: ${{ steps.changelog.outputs.version }}
body: ${{ steps.changelog.outputs.clean_changelog }} body: ${{ steps.changelog.outputs.clean_changelog }}
@ -29,6 +29,8 @@ jobs:
output-file: "false" output-file: "false"
skip-commit: "true" skip-commit: "true"
skip-on-empty: "true" skip-on-empty: "true"
skip-tag: "true"
artifacts: artifacts:
needs: changelog needs: changelog
if: ${{ needs.changelog.outputs.skipped == 'false' }} if: ${{ needs.changelog.outputs.skipped == 'false' }}
@ -36,38 +38,17 @@ jobs:
defaults: defaults:
run: run:
shell: pwsh shell: pwsh
working-directory: ${{ github.workspace }}/src working-directory: ${{ github.workspace }}/build
steps: steps:
- name: Checkout code 👋 - name: Checkout code 👋
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
- name: Install Go 🗳 - name: Install Go 🗳
uses: ./.github/workflows/composite/bootstrap-go uses: ./.github/workflows/composite/bootstrap-go
- name: Tag HEAD 😸 - name: Pre Build 😸
run: |
git config --global user.name "GitHub Actions"
git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com"
git tag ${{ needs.changelog.outputs.tag }}
- name: Prerequisites 🔐
run: |
$PSDefaultParameterValues['Out-File:Encoding']='UTF8'
$shaSigningKeyLocation = Join-Path -Path $env:RUNNER_TEMP -ChildPath sha_signing_key.pem
$env:SIGNING_KEY > $shaSigningKeyLocation
Write-Output "SHA_SIGNING_KEY_LOCATION=$shaSigningKeyLocation" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
# install code signing dlib
nuget.exe install Microsoft.Trusted.Signing.Client -Version 1.0.60 -ExcludeVersion -OutputDirectory $env:RUNNER_TEMP
Write-Output "SIGNTOOLDLIB=$env:RUNNER_TEMP/Microsoft.Trusted.Signing.Client/bin/x64/Azure.CodeSigning.Dlib.dll" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
# requires Windows Dev Kit 10.0.22621.0
$signtool = 'C:/Program Files (x86)/Windows Kits/10/bin/10.0.22621.0/x64/signtool.exe'
Write-Output "SIGNTOOL=$signtool" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
# openssl
$openssl = 'C:/Program Files/Git/usr/bin/openssl.exe'
Write-Output "OPENSSL=$openssl" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
env: env:
SIGNING_KEY: ${{ secrets.SIGNING_KEY }} SIGNING_KEY: ${{ secrets.SIGNING_KEY }}
run: |
./pre.ps1 -Version ${{ needs.changelog.outputs.version }}
- name: Run GoReleaser 🚀 - name: Run GoReleaser 🚀
uses: goreleaser/goreleaser-action@9ed2f89a662bf1735a48bc8557fd212fa902bebf uses: goreleaser/goreleaser-action@9ed2f89a662bf1735a48bc8557fd212fa902bebf
with: with:
@ -79,21 +60,85 @@ jobs:
AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }}
AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
- name: Zip theme files 🤐 - name: Post Build 🤐
run: | run: |
$compress = @{ ./post.ps1
Path = "../themes/*.omp.*" - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
CompressionLevel = "Fastest" with:
DestinationPath = "./dist/themes.zip" name: build-artifacts
} path: |
Compress-Archive @compress src/dist/posh-*
- name: Add hashes 🤫 src/dist/themes.*
src/dist/checksums.*
msi:
needs:
- changelog
- artifacts
runs-on: windows-latest
strategy:
matrix:
arch: [x64, arm64, x86]
defaults:
run:
shell: pwsh
working-directory: ${{ github.workspace }}/packages/msi
steps:
- name: Checkout code 👋
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
- uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16
with:
name: build-artifacts
path: dist
- name: Install Wix Toolset 🛠
run: dotnet tool install --global wix
- name: Build installer 📦
id: build
env:
AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }}
AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
run: | run: |
Get-ChildItem ./dist -Exclude *.yaml,*.sig | Get-Unique | $version = '${{ needs.changelog.outputs.version }}'.TrimStart("v")
Foreach-Object { ./build.ps1 -Architecture ${{ matrix.arch }} -Version $version -Copy -Sign
$zipHash = Get-FileHash $_.FullName -Algorithm SHA256 - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
$zipHash.Hash | Out-File -Encoding 'UTF8' "./dist/$($_.Name).sha256" with:
} name: msi-artifact-${{ matrix.arch }}
path: |
packages/msi/out/install-${{ matrix.arch }}.msi
packages/msi/out/install-${{ matrix.arch }}.msi.sha256
cdn:
runs-on: ubuntu-latest
needs:
- changelog
- msi
strategy:
matrix:
arch: [x64, arm64, x86]
steps:
- uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16
with:
name: msi-artifact-${{ matrix.arch }}
- name: Upload MSI to CDN
env:
CDN_CONNECTIONSTRING: ${{ secrets.CDN_CONNECTIONSTRING }}
run: |
az storage blob upload --container-name v${{ needs.changelog.outputs.version }} --file install-${{ matrix.arch }}.msi --connection-string $CDN_CONNECTIONSTRING
az storage blob upload --container-name latest --file install-${{ matrix.arch }}.msi --overwrite true --connection-string $CDN_CONNECTIONSTRING
release:
runs-on: ubuntu-latest
needs:
- changelog
- cdn
steps:
- uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16
with:
merge-multiple: true
- name: Upload version file
env:
CDN_CONNECTIONSTRING: ${{ secrets.CDN_CONNECTIONSTRING }}
run: |
echo v${{ needs.changelog.outputs.version }} > version.txt
az storage blob upload --container-name latest --file version.txt --overwrite true --connection-string $CDN_CONNECTIONSTRING
- name: Release 🎓 - name: Release 🎓
uses: softprops/action-gh-release@01570a1f39cb168c169c802c3bceb9e93fb10974 uses: softprops/action-gh-release@01570a1f39cb168c169c802c3bceb9e93fb10974
with: with:
@ -102,6 +147,4 @@ jobs:
fail_on_unmatched_files: true fail_on_unmatched_files: true
token: ${{ secrets.GH_PAT }} token: ${{ secrets.GH_PAT }}
files: | files: |
src/dist/posh-* *
src/dist/themes.*
src/dist/checksums.*

View file

@ -1,10 +1,7 @@
name: Winget name: Winget
on: on:
workflow_dispatch: release:
inputs: types: [published]
version:
description: 'The latest version'
required: true
jobs: jobs:
publish: publish:
@ -20,4 +17,4 @@ jobs:
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
- name: Create manifest and submit PR 📦 - name: Create manifest and submit PR 📦
run: | run: |
./build.ps1 -Version "${{ github.event.inputs.version }}" -Token $env:WINGETCREATE_TOKEN ./build.ps1 -Version "${{ github.event.release.tag_name }}" -Token $env:WINGETCREATE_TOKEN

16
build/post.ps1 Normal file
View file

@ -0,0 +1,16 @@
# Description: Post build script to compress the themes and generate SHA256 hashes for all files in the dist folder
# Compress all themes
$compress = @{
Path = "../themes/*.omp.*"
CompressionLevel = "Fastest"
DestinationPath = "../src/dist/themes.zip"
}
Compress-Archive @compress
# Generate SHA256 hashes for all files in the dist folder
Get-ChildItem ./dist -Exclude *.yaml, *.sig | Get-Unique |
Foreach-Object {
$zipHash = Get-FileHash $_.FullName -Algorithm SHA256
$zipHash.Hash | Out-File -Encoding 'UTF8' "../src/dist/$($_.Name).sha256"
}

30
build/pre.ps1 Normal file
View file

@ -0,0 +1,30 @@
Param
(
[string]
$Version,
[parameter(Mandatory = $false)]
[string]
$SDKVersion = "10.0.22621.0"
)
git config --global user.name "GitHub Actions"
git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com"
git tag $Version --force
$PSDefaultParameterValues['Out-File:Encoding'] = 'UTF8'
$shaSigningKeyLocation = Join-Path -Path $env:RUNNER_TEMP -ChildPath sha_signing_key.pem
$env:SIGNING_KEY > $shaSigningKeyLocation
Write-Output "SHA_SIGNING_KEY_LOCATION=$shaSigningKeyLocation" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
# install code signing dlib
nuget.exe install Microsoft.Trusted.Signing.Client -Version 1.0.60 -ExcludeVersion -OutputDirectory $env:RUNNER_TEMP
Write-Output "SIGNTOOLDLIB=$env:RUNNER_TEMP/Microsoft.Trusted.Signing.Client/bin/x64/Azure.CodeSigning.Dlib.dll" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
# requires Windows Dev Kit 10.0.22621.0
$signtool = "C:/Program Files (x86)/Windows Kits/10/bin/$SDKVersion/x64/signtool.exe"
Write-Output "SIGNTOOL=$signtool" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
# openssl
$openssl = 'C:/Program Files/Git/usr/bin/openssl.exe'
Write-Output "OPENSSL=$openssl" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append

View file

@ -9,8 +9,8 @@ Param
[parameter(Mandatory = $false)] [parameter(Mandatory = $false)]
[string] [string]
$SDKVersion = "10.0.22621.0", $SDKVersion = "10.0.22621.0",
[switch]$Download, [switch]$Sign,
[switch]$Sign [switch]$Copy
) )
$PSDefaultParameterValues['Out-File:Encoding'] = 'UTF8' $PSDefaultParameterValues['Out-File:Encoding'] = 'UTF8'
@ -18,24 +18,23 @@ $PSDefaultParameterValues['Out-File:Encoding'] = 'UTF8'
New-Item -Path "." -Name "dist" -ItemType Directory -ErrorAction SilentlyContinue New-Item -Path "." -Name "dist" -ItemType Directory -ErrorAction SilentlyContinue
New-Item -Path "." -Name "out" -ItemType Directory -ErrorAction SilentlyContinue New-Item -Path "." -Name "out" -ItemType Directory -ErrorAction SilentlyContinue
if ($Download) { if ($Copy) {
# download the executable
switch ($Architecture) { switch ($Architecture) {
'x86' { $file = "posh-windows-386.exe" } 'x86' { $file = "posh-windows-386.exe" }
'x64' { $file = "posh-windows-amd64.exe" } 'x64' { $file = "posh-windows-amd64.exe" }
Default { $file = "posh-windows-$Architecture.exe" } Default { $file = "posh-windows-$Architecture.exe" }
} }
$name = "oh-my-posh.exe" # copy the correct architecture to ./dist
$url = "https://github.com/jandedobbeleer/oh-my-posh/releases/download/v$Version/$file" Copy-Item -Path "../../dist/$file" -Destination "./dist/oh-my-posh.exe"
Invoke-WebRequest $url -Out "./dist/$($name)"
} }
# variables # variables
$env:VERSION = $Version $env:VERSION = $Version
# create MSI # create MSI
$installer = "./out/install-$Architecture.msi" $fileName = "install-$Architecture.msi"
$installer = "./out/$fileName"
wix build -arch $Architecture -out $installer .\oh-my-posh.wxs wix build -arch $Architecture -out $installer .\oh-my-posh.wxs
if ($Sign) { if ($Sign) {

View file

@ -11,42 +11,42 @@ InstallModes:
- silentWithProgress - silentWithProgress
Installers: Installers:
- Architecture: x64 - Architecture: x64
InstallerUrl: https://github.com/JanDeDobbeleer/oh-my-posh/releases/download/v<VERSION>/install-x64.msi InstallerUrl: https://github.com/JanDeDobbeleer/oh-my-posh/releases/download/<VERSION>/install-x64.msi
InstallerSha256: <HASH-AMD64> InstallerSha256: <HASH-AMD64>
Scope: machine Scope: machine
UpgradeBehavior: install UpgradeBehavior: install
InstallerSwitches: InstallerSwitches:
Custom: INSTALLER=winget ALLUSERS=1 Custom: INSTALLER=winget ALLUSERS=1
- Architecture: x64 - Architecture: x64
InstallerUrl: https://github.com/JanDeDobbeleer/oh-my-posh/releases/download/v<VERSION>/install-x64.msi InstallerUrl: https://github.com/JanDeDobbeleer/oh-my-posh/releases/download/<VERSION>/install-x64.msi
InstallerSha256: <HASH-AMD64> InstallerSha256: <HASH-AMD64>
Scope: user Scope: user
UpgradeBehavior: install UpgradeBehavior: install
InstallerSwitches: InstallerSwitches:
Custom: INSTALLER=winget Custom: INSTALLER=winget
- Architecture: x86 - Architecture: x86
InstallerUrl: https://github.com/JanDeDobbeleer/oh-my-posh/releases/download/v<VERSION>/install-x86.msi InstallerUrl: https://github.com/JanDeDobbeleer/oh-my-posh/releases/download/<VERSION>/install-x86.msi
InstallerSha256: <HASH-386> InstallerSha256: <HASH-386>
Scope: machine Scope: machine
UpgradeBehavior: install UpgradeBehavior: install
InstallerSwitches: InstallerSwitches:
Custom: INSTALLER=winget ALLUSERS=1 Custom: INSTALLER=winget ALLUSERS=1
- Architecture: x86 - Architecture: x86
InstallerUrl: https://github.com/JanDeDobbeleer/oh-my-posh/releases/download/v<VERSION>/install-x86.msi InstallerUrl: https://github.com/JanDeDobbeleer/oh-my-posh/releases/download/<VERSION>/install-x86.msi
InstallerSha256: <HASH-386> InstallerSha256: <HASH-386>
Scope: user Scope: user
UpgradeBehavior: install UpgradeBehavior: install
InstallerSwitches: InstallerSwitches:
Custom: INSTALLER=winget Custom: INSTALLER=winget
- Architecture: arm64 - Architecture: arm64
InstallerUrl: https://github.com/JanDeDobbeleer/oh-my-posh/releases/download/v<VERSION>/install-arm64.msi InstallerUrl: https://github.com/JanDeDobbeleer/oh-my-posh/releases/download/<VERSION>/install-arm64.msi
InstallerSha256: <HASH-ARM64> InstallerSha256: <HASH-ARM64>
Scope: machine Scope: machine
UpgradeBehavior: install UpgradeBehavior: install
InstallerSwitches: InstallerSwitches:
Custom: INSTALLER=winget ALLUSERS=1 Custom: INSTALLER=winget ALLUSERS=1
- Architecture: arm64 - Architecture: arm64
InstallerUrl: https://github.com/JanDeDobbeleer/oh-my-posh/releases/download/v<VERSION>/install-arm64.msi InstallerUrl: https://github.com/JanDeDobbeleer/oh-my-posh/releases/download/<VERSION>/install-arm64.msi
InstallerSha256: <HASH-ARM64> InstallerSha256: <HASH-ARM64>
Scope: user Scope: user
UpgradeBehavior: install UpgradeBehavior: install