Pre-Release WinUtil #152
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Pre-Release WinUtil | |
permissions: | |
contents: write | |
actions: read | |
on: | |
workflow_dispatch: # Manual trigger added | |
jobs: | |
build-runspace: | |
runs-on: windows-latest | |
env: | |
CERTIFICATE_BASE64: ${{ secrets.CERTIFICATE_BASE64 }} | |
steps: | |
- name: Checkout Repository | |
uses: actions/checkout@v4 | |
- name: Compile project | |
shell: pwsh | |
run: | | |
Set-ExecutionPolicy Bypass -Scope Process -Force; ./Compile.ps1 | |
continue-on-error: false # Directly fail the job on error, removing the need for a separate check | |
- name: Set Version to Todays Date | |
id: extract_version | |
run: | | |
$version = (Get-Date -Format "yy.MM.dd") | |
echo "VERSION=$version" >> $env:GITHUB_ENV | |
shell: pwsh | |
- name: Create Tag | |
id: create_tag | |
run: | | |
$tagExists = git tag -l $env:VERSION | |
if ($tagExists -eq "") { | |
git tag $env:VERSION | |
if ($LASTEXITCODE -ne 0) { | |
Write-Error "Failed to create tag $env:VERSION" | |
exit 1 | |
} | |
git push origin $env:VERSION | |
if ($LASTEXITCODE -ne 0) { | |
Write-Error "Failed to push tag $env:VERSION" | |
exit 1 | |
} | |
} else { | |
Write-Host "Tag $env:VERSION already exists, skipping tag creation" | |
} | |
shell: pwsh | |
- name: Create and import code signing certificate | |
shell: pwsh | |
run: | | |
[System.IO.File]::WriteAllBytes("$env:USERPROFILE\code-signing-cert.pfx", [System.Convert]::FromBase64String("$env:CERTIFICATE_BASE64")) | |
Import-PfxCertificate -FilePath "$env:USERPROFILE\code-signing-cert.pfx" -CertStoreLocation Cert:\CurrentUser\My | |
- name: Code sign winutil.ps1 | |
shell: pwsh | |
run: | | |
$cert = Get-ChildItem -Path Cert:\CurrentUser\My -CodeSigningCert | Select-Object -First 1 | |
if ($null -eq $cert) { throw "Code signing certificate not found" } | |
Set-AuthenticodeSignature -FilePath ./winutil.ps1 -Certificate $cert -TimeStampServer "http://timestamp.digicert.com" | |
- name: Verify code signature | |
shell: pwsh | |
run: | | |
$signature = Get-AuthenticodeSignature -FilePath ./winutil.ps1 | |
if ($signature.Status -ne 'Valid') { throw "Code signing failed" } | |
- name: Upload winutil.ps1 as artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: winutil | |
path: ./winutil.ps1 | |
- name: Generate Release Notes | |
id: generate_notes | |
uses: release-drafter/release-drafter@v6 | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
with: | |
config-name: release-drafter.yml | |
version: ${{ env.VERSION }} # Pass the version variable | |
- name: Create and Upload Release | |
id: create_release | |
uses: softprops/action-gh-release@v2 | |
with: | |
tag_name: ${{ env.VERSION }} | |
name: Pre-Release ${{ env.VERSION }} | |
body: | | |
${{ steps.generate_notes.outputs.body }} | |
![GitHub Downloads (specific asset, specific tag)](https://img.shields.io/github/downloads/ChrisTitusTech/winutil/${{ env.VERSION }}/winutil.ps1) | |
append_body: false | |
files: ./winutil.ps1 | |
prerelease: true | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |