Merge pull request #132 from MolotovCherry/dependabot/cargo/rust/serd… #571
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build | |
on: | |
workflow_dispatch: | |
inputs: | |
release: | |
description: 'Release' | |
required: true | |
default: false | |
type: boolean | |
push: | |
branches: [ "master" ] | |
pull_request: | |
branches: [ "master" ] | |
release: | |
types: [created] | |
env: | |
CARGO_TERM_COLOR: always | |
jobs: | |
build: | |
permissions: write-all | |
runs-on: windows-2022 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Rust cache | |
uses: Swatinem/rust-cache@v2 | |
with: | |
workspaces: "rust -> target" | |
key: ${{ (github.event_name == 'release' || inputs.release) && 'prod' || 'dev' }} | |
- name: Install cargo-make | |
uses: baptiste0928/cargo-install@v3 | |
with: | |
crate: cargo-make | |
- name: Install cargo-target-dir | |
uses: baptiste0928/cargo-install@v3 | |
with: | |
crate: cargo-target-dir | |
git: https://github.com/MolotovCherry/cargo-target-dir | |
- name: Install cargo-wix | |
if: github.event_name == 'release' | |
uses: baptiste0928/cargo-install@v3 | |
with: | |
crate: cargo-wix | |
- name: Export Private Certificate | |
if: github.event_name != 'pull_request' | |
env: | |
PRIVATE_KEY: ${{ secrets.PRIVATE_KEY }} | |
run: | | |
$env:PRIVATE_KEY | Out-File -FilePath private.txt | |
certutil -decode private.txt private.pfx | |
- name: Export PR Private Certificate | |
if: github.event_name == 'pull_request' | |
run: cp .github/workflows/build_res/pr.pfx private.pfx | |
- name: Export Public Certificate | |
env: | |
PRIVATE_KEY_PASSWORD: ${{ github.event_name == 'pull_request' && '1234' || secrets.PRIVATE_KEY_PASSWORD }} | |
run: | | |
Get-PfxCertificate -FilePath private.pfx -Password (ConvertTo-SecureString -String "${{ env.PRIVATE_KEY_PASSWORD }}" -AsPlainText -Force) | Export-Certificate -FilePath DriverCertificate.cer -type CERT | |
- name: Setup python version | |
uses: actions/setup-python@v5 | |
with: | |
python-version: '3.12' | |
- name: Build | |
env: | |
PRIVATE_KEY_PASSWORD: ${{ github.event_name == 'pull_request' && '1234' || secrets.PRIVATE_KEY_PASSWORD }} | |
RELEASE: ${{ (github.event_name == 'release' || inputs.release) && 'prod' || 'dev' }} | |
working-directory: rust | |
run: cargo make -p $env:RELEASE build | |
- name: Prepare Artifact Upload | |
if: github.event_name != 'release' | |
run: | | |
# copy any required files to . so artifact upload files are in top level | |
Get-ChildItem -Path ` | |
"rust/target/output/*.exe", ` | |
"rust/target/output/*.cat", ` | |
"rust/target/output/*.dll", ` | |
"rust/target/output/*.inf", ` | |
"rust/target/output/*.pyd", ` | |
"installer/install-cert.bat", ` | |
"installer/files/*.reg" ` | |
| ForEach-Object { Copy-Item -Path $_.FullName -Destination "." } | |
- name: Upload Artifacts | |
if: github.event_name != 'release' | |
uses: actions/upload-artifact@v4 | |
with: | |
name: driver | |
path: | | |
*.exe | |
*.cat | |
*.dll | |
*.inf | |
*.pyd | |
DriverCertificate.cer | |
install-cert.bat | |
- name: Set release version | |
if: github.event_name == 'release' | |
run: | | |
$tagName = "${{ github.event.release.tag_name }}" | |
$version = $tagName.TrimStart('v') | |
echo "RELEASE_VERSION=$version" | Out-File -FilePath $env:GITHUB_ENV -Append | |
# package with wix | |
- name: Create installer | |
if: github.event_name == 'release' | |
working-directory: rust | |
run: | | |
cargo wix -p virtual-display-driver -i ${{ env.RELEASE_VERSION }} --nocapture -I ../installer/main.wxs -o target\output -C -ext -C WixDifxAppExtension -L -ext -L WixDifxAppExtension -L "C:\Program Files (x86)\WiX Toolset v3.11\bin\difxapp_x64.wixlib" | |
- name: Sign installer | |
if: github.event_name == 'release' | |
shell: cmd | |
env: | |
PRIVATE_KEY_PASSWORD: ${{ github.event_name == 'pull_request' && '1234' || secrets.PRIVATE_KEY_PASSWORD }} | |
run: | | |
call "%ProgramFiles%\Microsoft Visual Studio\2022\Enterprise\Common7\Tools\VsDevCmd.bat" | |
signtool sign /a /fd SHA256 /v /f private.pfx /p ${{ env.PRIVATE_KEY_PASSWORD }} /t http://timestamp.digicert.com rust/target/output/*.msi | |
- name: Zip up install package | |
if: github.event_name == 'release' | |
run: | | |
Get-ChildItem -Path DriverCertificate.cer, install-cert.bat, rust/target/output/*.msi | Compress-Archive -CompressionLevel Optimal -DestinationPath "virtual-desktop-driver-installer-x64.zip" | |
- name: Zip up portable package | |
if: github.event_name == 'release' | |
run: | | |
Get-ChildItem -Path DriverCertificate.cer, install-cert.bat, *.inf, *.dll, *.cat, *.exe, *.pyd, *.reg | Compress-Archive -CompressionLevel Optimal -DestinationPath "virtual-desktop-driver-portable-x64.zip" | |
- name: Attach assets to release | |
if: github.event_name == 'release' | |
uses: xresloader/upload-to-github-release@v1 | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
with: | |
file: "*.zip" | |
draft: false | |
release_id: ${{ github.event.release.id }} |