feat(release): publish artifacts to CDN

This commit is contained in:
Jan De Dobbeleer 2024-11-27 11:29:42 +01:00 committed by Jan De Dobbeleer
parent dacdd9cf02
commit ebc7d25922
8 changed files with 175 additions and 167 deletions

View file

@ -1,10 +1,7 @@
name: Windows Store
on:
workflow_dispatch:
inputs:
version:
description: 'The latest version'
required: true
release:
types: [published]
jobs:
microsoft_store:
@ -27,29 +24,29 @@ jobs:
with:
command: update
product-update: '{
"packages":[
{
"packageUrl":"https://github.com/JanDeDobbeleer/oh-my-posh/releases/download/v${{ github.event.inputs.version }}/install-x64.msi",
"languages":["en"],
"architectures":["X64"],
"installerParameters":"/quiet INSTALLER=ws",
"isSilentInstall":false
},
{
"packageUrl":"https://github.com/JanDeDobbeleer/oh-my-posh/releases/download/v${{ github.event.inputs.version }}/install-arm64.msi",
"languages":["en"],
"architectures":["Arm64"],
"installerParameters":"/quiet INSTALLER=ws",
"isSilentInstall":false
},
{
"packageUrl":"https://github.com/JanDeDobbeleer/oh-my-posh/releases/download/v${{ github.event.inputs.version }}/install-x86.msi",
"languages":["en"],
"architectures":["X86"],
"installerParameters":"/quiet INSTALLER=ws",
"isSilentInstall":false
}
]
"packages":[
{
"packageUrl":"https://github.com/JanDeDobbeleer/oh-my-posh/releases/download/${{ github.event.release.tag_name }}/install-x64.msi",
"languages":["en"],
"architectures":["X64"],
"installerParameters":"/quiet INSTALLER=ws",
"isSilentInstall":false
},
{
"packageUrl":"https://github.com/JanDeDobbeleer/oh-my-posh/releases/download/${{ github.event.release.tag_name }}/install-arm64.msi",
"languages":["en"],
"architectures":["Arm64"],
"installerParameters":"/quiet INSTALLER=ws",
"isSilentInstall":false
},
{
"packageUrl":"https://github.com/JanDeDobbeleer/oh-my-posh/releases/download/${{ github.event.release.tag_name }}/install-x86.msi",
"languages":["en"],
"architectures":["X86"],
"installerParameters":"/quiet INSTALLER=ws",
"isSilentInstall":false
}
]
}'
- name: Publish Submission
uses: jandedobbeleer/store-submission@submission-status

View file

@ -1,74 +0,0 @@
name: MSI
on:
release:
types: [published]
jobs:
package:
runs-on: windows-latest
strategy:
matrix:
arch: [x64, arm64, x86]
defaults:
run:
shell: pwsh
working-directory: ${{ github.workspace }}/packages/msi
steps:
- name: Checkout code 👋
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
- name: Install Wix Toolset 🛠
run: dotnet tool install --global wix
- name: Build installer 📦
id: build
env:
AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }}
AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
run: |
$version = $env:GITHUB_REF.TrimStart("refs/tags/v")
./build.ps1 -Architecture ${{ matrix.arch }} -Version $version -Download -Sign
- name: Upload artifacts 🆙
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea
with:
github-token: ${{secrets.GITHUB_TOKEN}}
script: |
console.log('environment', process.versions);
const fs = require('fs').promises;
const { repo: { owner, repo }, sha } = context;
console.log({ owner, repo, sha });
for (let file of await fs.readdir('./packages/msi/out')) {
if (file.indexOf(".msi") < 0) {
continue;
}
console.log('uploading', file);
await github.rest.repos.uploadReleaseAsset({
owner, repo,
release_id: ${{ github.event.release.id }},
name: file,
data: await fs.readFile(`./packages/msi/out/${file}`)
});
}
notify:
runs-on: ubuntu-latest
needs: package
strategy:
matrix:
workflow: [winget, microsoft_store]
steps:
- name: Notify 🙋🏾‍♀️
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea
with:
github-token: ${{ secrets.GH_PAT }}
script: |
await github.request('POST /repos/{owner}/{repo}/actions/workflows/{workflow_id}/dispatches', {
owner: 'jandedobbeleer',
repo: '${{ github.event.repository.name }}',
workflow_id: '${{ matrix.workflow }}.yml',
ref: 'main',
inputs: {"version": process.env.GITHUB_REF.replace('refs/tags/v', '')}
})

View file

@ -5,13 +5,13 @@ on:
branches:
- main
paths:
- 'src/**'
- 'packages/**'
- '.github/workflows/**'
- "src/**"
- "packages/**"
- ".github/workflows/**"
jobs:
changelog:
runs-on: macos-latest
runs-on: ubuntu-latest
outputs:
version: ${{ steps.changelog.outputs.version }}
body: ${{ steps.changelog.outputs.clean_changelog }}
@ -29,6 +29,8 @@ jobs:
output-file: "false"
skip-commit: "true"
skip-on-empty: "true"
skip-tag: "true"
artifacts:
needs: changelog
if: ${{ needs.changelog.outputs.skipped == 'false' }}
@ -36,38 +38,17 @@ jobs:
defaults:
run:
shell: pwsh
working-directory: ${{ github.workspace }}/src
working-directory: ${{ github.workspace }}/build
steps:
- name: Checkout code 👋
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
- name: Install Go 🗳
uses: ./.github/workflows/composite/bootstrap-go
- name: Tag HEAD 😸
run: |
git config --global user.name "GitHub Actions"
git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com"
git tag ${{ needs.changelog.outputs.tag }}
- name: Prerequisites 🔐
run: |
$PSDefaultParameterValues['Out-File:Encoding']='UTF8'
$shaSigningKeyLocation = Join-Path -Path $env:RUNNER_TEMP -ChildPath sha_signing_key.pem
$env:SIGNING_KEY > $shaSigningKeyLocation
Write-Output "SHA_SIGNING_KEY_LOCATION=$shaSigningKeyLocation" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
# install code signing dlib
nuget.exe install Microsoft.Trusted.Signing.Client -Version 1.0.60 -ExcludeVersion -OutputDirectory $env:RUNNER_TEMP
Write-Output "SIGNTOOLDLIB=$env:RUNNER_TEMP/Microsoft.Trusted.Signing.Client/bin/x64/Azure.CodeSigning.Dlib.dll" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
# requires Windows Dev Kit 10.0.22621.0
$signtool = 'C:/Program Files (x86)/Windows Kits/10/bin/10.0.22621.0/x64/signtool.exe'
Write-Output "SIGNTOOL=$signtool" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
# openssl
$openssl = 'C:/Program Files/Git/usr/bin/openssl.exe'
Write-Output "OPENSSL=$openssl" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
- name: Pre Build 😸
env:
SIGNING_KEY: ${{ secrets.SIGNING_KEY }}
run: |
./pre.ps1 -Version ${{ needs.changelog.outputs.version }}
- name: Run GoReleaser 🚀
uses: goreleaser/goreleaser-action@9ed2f89a662bf1735a48bc8557fd212fa902bebf
with:
@ -79,21 +60,85 @@ jobs:
AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }}
AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
- name: Zip theme files 🤐
- name: Post Build 🤐
run: |
$compress = @{
Path = "../themes/*.omp.*"
CompressionLevel = "Fastest"
DestinationPath = "./dist/themes.zip"
}
Compress-Archive @compress
- name: Add hashes 🤫
./post.ps1
- uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
with:
name: build-artifacts
path: |
src/dist/posh-*
src/dist/themes.*
src/dist/checksums.*
msi:
needs:
- changelog
- artifacts
runs-on: windows-latest
strategy:
matrix:
arch: [x64, arm64, x86]
defaults:
run:
shell: pwsh
working-directory: ${{ github.workspace }}/packages/msi
steps:
- name: Checkout code 👋
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
- uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16
with:
name: build-artifacts
path: dist
- name: Install Wix Toolset 🛠
run: dotnet tool install --global wix
- name: Build installer 📦
id: build
env:
AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }}
AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
run: |
Get-ChildItem ./dist -Exclude *.yaml,*.sig | Get-Unique |
Foreach-Object {
$zipHash = Get-FileHash $_.FullName -Algorithm SHA256
$zipHash.Hash | Out-File -Encoding 'UTF8' "./dist/$($_.Name).sha256"
}
$version = '${{ needs.changelog.outputs.version }}'.TrimStart("v")
./build.ps1 -Architecture ${{ matrix.arch }} -Version $version -Copy -Sign
- uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
with:
name: msi-artifact-${{ matrix.arch }}
path: |
packages/msi/out/install-${{ matrix.arch }}.msi
packages/msi/out/install-${{ matrix.arch }}.msi.sha256
cdn:
runs-on: ubuntu-latest
needs:
- changelog
- msi
strategy:
matrix:
arch: [x64, arm64, x86]
steps:
- uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16
with:
name: msi-artifact-${{ matrix.arch }}
- name: Upload MSI to CDN
env:
CDN_CONNECTIONSTRING: ${{ secrets.CDN_CONNECTIONSTRING }}
run: |
az storage blob upload --container-name v${{ needs.changelog.outputs.version }} --file install-${{ matrix.arch }}.msi --connection-string $CDN_CONNECTIONSTRING
az storage blob upload --container-name latest --file install-${{ matrix.arch }}.msi --overwrite true --connection-string $CDN_CONNECTIONSTRING
release:
runs-on: ubuntu-latest
needs:
- changelog
- cdn
steps:
- uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16
with:
merge-multiple: true
- name: Upload version file
env:
CDN_CONNECTIONSTRING: ${{ secrets.CDN_CONNECTIONSTRING }}
run: |
echo v${{ needs.changelog.outputs.version }} > version.txt
az storage blob upload --container-name latest --file version.txt --overwrite true --connection-string $CDN_CONNECTIONSTRING
- name: Release 🎓
uses: softprops/action-gh-release@01570a1f39cb168c169c802c3bceb9e93fb10974
with:
@ -102,6 +147,4 @@ jobs:
fail_on_unmatched_files: true
token: ${{ secrets.GH_PAT }}
files: |
src/dist/posh-*
src/dist/themes.*
src/dist/checksums.*
*

View file

@ -1,10 +1,7 @@
name: Winget
on:
workflow_dispatch:
inputs:
version:
description: 'The latest version'
required: true
release:
types: [published]
jobs:
publish:
@ -20,4 +17,4 @@ jobs:
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
- name: Create manifest and submit PR 📦
run: |
./build.ps1 -Version "${{ github.event.inputs.version }}" -Token $env:WINGETCREATE_TOKEN
./build.ps1 -Version "${{ github.event.release.tag_name }}" -Token $env:WINGETCREATE_TOKEN

16
build/post.ps1 Normal file
View file

@ -0,0 +1,16 @@
# Description: Post build script to compress the themes and generate SHA256 hashes for all files in the dist folder
# Compress all themes
$compress = @{
Path = "../themes/*.omp.*"
CompressionLevel = "Fastest"
DestinationPath = "../src/dist/themes.zip"
}
Compress-Archive @compress
# Generate SHA256 hashes for all files in the dist folder
Get-ChildItem ./dist -Exclude *.yaml, *.sig | Get-Unique |
Foreach-Object {
$zipHash = Get-FileHash $_.FullName -Algorithm SHA256
$zipHash.Hash | Out-File -Encoding 'UTF8' "../src/dist/$($_.Name).sha256"
}

30
build/pre.ps1 Normal file
View file

@ -0,0 +1,30 @@
Param
(
[string]
$Version,
[parameter(Mandatory = $false)]
[string]
$SDKVersion = "10.0.22621.0"
)
git config --global user.name "GitHub Actions"
git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com"
git tag $Version --force
$PSDefaultParameterValues['Out-File:Encoding'] = 'UTF8'
$shaSigningKeyLocation = Join-Path -Path $env:RUNNER_TEMP -ChildPath sha_signing_key.pem
$env:SIGNING_KEY > $shaSigningKeyLocation
Write-Output "SHA_SIGNING_KEY_LOCATION=$shaSigningKeyLocation" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
# install code signing dlib
nuget.exe install Microsoft.Trusted.Signing.Client -Version 1.0.60 -ExcludeVersion -OutputDirectory $env:RUNNER_TEMP
Write-Output "SIGNTOOLDLIB=$env:RUNNER_TEMP/Microsoft.Trusted.Signing.Client/bin/x64/Azure.CodeSigning.Dlib.dll" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
# requires Windows Dev Kit 10.0.22621.0
$signtool = "C:/Program Files (x86)/Windows Kits/10/bin/$SDKVersion/x64/signtool.exe"
Write-Output "SIGNTOOL=$signtool" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
# openssl
$openssl = 'C:/Program Files/Git/usr/bin/openssl.exe'
Write-Output "OPENSSL=$openssl" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append

View file

@ -9,8 +9,8 @@ Param
[parameter(Mandatory = $false)]
[string]
$SDKVersion = "10.0.22621.0",
[switch]$Download,
[switch]$Sign
[switch]$Sign,
[switch]$Copy
)
$PSDefaultParameterValues['Out-File:Encoding'] = 'UTF8'
@ -18,24 +18,23 @@ $PSDefaultParameterValues['Out-File:Encoding'] = 'UTF8'
New-Item -Path "." -Name "dist" -ItemType Directory -ErrorAction SilentlyContinue
New-Item -Path "." -Name "out" -ItemType Directory -ErrorAction SilentlyContinue
if ($Download) {
# download the executable
if ($Copy) {
switch ($Architecture) {
'x86' { $file = "posh-windows-386.exe" }
'x64' { $file = "posh-windows-amd64.exe" }
Default { $file = "posh-windows-$Architecture.exe" }
}
$name = "oh-my-posh.exe"
$url = "https://github.com/jandedobbeleer/oh-my-posh/releases/download/v$Version/$file"
Invoke-WebRequest $url -Out "./dist/$($name)"
# copy the correct architecture to ./dist
Copy-Item -Path "../../dist/$file" -Destination "./dist/oh-my-posh.exe"
}
# variables
$env:VERSION = $Version
# create MSI
$installer = "./out/install-$Architecture.msi"
$fileName = "install-$Architecture.msi"
$installer = "./out/$fileName"
wix build -arch $Architecture -out $installer .\oh-my-posh.wxs
if ($Sign) {

View file

@ -11,42 +11,42 @@ InstallModes:
- silentWithProgress
Installers:
- Architecture: x64
InstallerUrl: https://github.com/JanDeDobbeleer/oh-my-posh/releases/download/v<VERSION>/install-x64.msi
InstallerUrl: https://github.com/JanDeDobbeleer/oh-my-posh/releases/download/<VERSION>/install-x64.msi
InstallerSha256: <HASH-AMD64>
Scope: machine
UpgradeBehavior: install
InstallerSwitches:
Custom: INSTALLER=winget ALLUSERS=1
- Architecture: x64
InstallerUrl: https://github.com/JanDeDobbeleer/oh-my-posh/releases/download/v<VERSION>/install-x64.msi
InstallerUrl: https://github.com/JanDeDobbeleer/oh-my-posh/releases/download/<VERSION>/install-x64.msi
InstallerSha256: <HASH-AMD64>
Scope: user
UpgradeBehavior: install
InstallerSwitches:
Custom: INSTALLER=winget
- Architecture: x86
InstallerUrl: https://github.com/JanDeDobbeleer/oh-my-posh/releases/download/v<VERSION>/install-x86.msi
InstallerUrl: https://github.com/JanDeDobbeleer/oh-my-posh/releases/download/<VERSION>/install-x86.msi
InstallerSha256: <HASH-386>
Scope: machine
UpgradeBehavior: install
InstallerSwitches:
Custom: INSTALLER=winget ALLUSERS=1
- Architecture: x86
InstallerUrl: https://github.com/JanDeDobbeleer/oh-my-posh/releases/download/v<VERSION>/install-x86.msi
InstallerUrl: https://github.com/JanDeDobbeleer/oh-my-posh/releases/download/<VERSION>/install-x86.msi
InstallerSha256: <HASH-386>
Scope: user
UpgradeBehavior: install
InstallerSwitches:
Custom: INSTALLER=winget
- Architecture: arm64
InstallerUrl: https://github.com/JanDeDobbeleer/oh-my-posh/releases/download/v<VERSION>/install-arm64.msi
InstallerUrl: https://github.com/JanDeDobbeleer/oh-my-posh/releases/download/<VERSION>/install-arm64.msi
InstallerSha256: <HASH-ARM64>
Scope: machine
UpgradeBehavior: install
InstallerSwitches:
Custom: INSTALLER=winget ALLUSERS=1
- Architecture: arm64
InstallerUrl: https://github.com/JanDeDobbeleer/oh-my-posh/releases/download/v<VERSION>/install-arm64.msi
InstallerUrl: https://github.com/JanDeDobbeleer/oh-my-posh/releases/download/<VERSION>/install-arm64.msi
InstallerSha256: <HASH-ARM64>
Scope: user
UpgradeBehavior: install