-
-
Notifications
You must be signed in to change notification settings - Fork 47
152 lines (131 loc) · 5.29 KB
/
build.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
name: Build
on:
workflow_dispatch:
inputs:
release:
description: 'Release'
required: true
default: false
type: boolean
push:
branches: [ "master" ]
pull_request:
branches: [ "master" ]
release:
types: [created]
env:
CARGO_TERM_COLOR: always
jobs:
build:
permissions: write-all
runs-on: windows-2022
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Rust cache
uses: Swatinem/rust-cache@v2
with:
workspaces: "rust -> target"
key: ${{ (github.event_name == 'release' || inputs.release) && 'prod' || 'dev' }}
- name: Install cargo-make
uses: baptiste0928/cargo-install@v3
with:
crate: cargo-make
- name: Install cargo-target-dir
uses: baptiste0928/cargo-install@v3
with:
crate: cargo-target-dir
git: https://github.com/MolotovCherry/cargo-target-dir
- name: Install cargo-wix
if: github.event_name == 'release'
uses: baptiste0928/cargo-install@v3
with:
crate: cargo-wix
- name: Export Private Certificate
if: github.event_name != 'pull_request'
env:
PRIVATE_KEY: ${{ secrets.PRIVATE_KEY }}
run: |
$env:PRIVATE_KEY | Out-File -FilePath private.txt
certutil -decode private.txt private.pfx
- name: Export PR Private Certificate
if: github.event_name == 'pull_request'
run: cp .github/workflows/build_res/pr.pfx private.pfx
- name: Export Public Certificate
env:
PRIVATE_KEY_PASSWORD: ${{ github.event_name == 'pull_request' && '1234' || secrets.PRIVATE_KEY_PASSWORD }}
run: |
Get-PfxCertificate -FilePath private.pfx -Password (ConvertTo-SecureString -String "${{ env.PRIVATE_KEY_PASSWORD }}" -AsPlainText -Force) | Export-Certificate -FilePath DriverCertificate.cer -type CERT
- name: Setup python version
uses: actions/setup-python@v5
with:
python-version: '3.12'
- name: Build
env:
PRIVATE_KEY_PASSWORD: ${{ github.event_name == 'pull_request' && '1234' || secrets.PRIVATE_KEY_PASSWORD }}
RELEASE: ${{ (github.event_name == 'release' || inputs.release) && 'prod' || 'dev' }}
working-directory: rust
run: cargo make -p $env:RELEASE build
- name: Prepare Artifact Upload
if: github.event_name != 'release'
run: |
# copy any required files to . so artifact upload files are in top level
Get-ChildItem -Path `
"rust/target/output/*.exe", `
"rust/target/output/*.cat", `
"rust/target/output/*.dll", `
"rust/target/output/*.inf", `
"rust/target/output/*.pyd", `
"installer/install-cert.bat", `
"installer/files/*.reg" `
| ForEach-Object { Copy-Item -Path $_.FullName -Destination "." }
- name: Upload Artifacts
if: github.event_name != 'release'
uses: actions/upload-artifact@v4
with:
name: driver
path: |
*.exe
*.cat
*.dll
*.inf
*.pyd
DriverCertificate.cer
install-cert.bat
- name: Set release version
if: github.event_name == 'release'
run: |
$tagName = "${{ github.event.release.tag_name }}"
$version = $tagName.TrimStart('v')
echo "RELEASE_VERSION=$version" | Out-File -FilePath $env:GITHUB_ENV -Append
# package with wix
- name: Create installer
if: github.event_name == 'release'
working-directory: rust
run: |
cargo wix -p virtual-display-driver -i ${{ env.RELEASE_VERSION }} --nocapture -I ../installer/main.wxs -o target\output -C -ext -C WixDifxAppExtension -L -ext -L WixDifxAppExtension -L "C:\Program Files (x86)\WiX Toolset v3.11\bin\difxapp_x64.wixlib"
- name: Sign installer
if: github.event_name == 'release'
shell: cmd
env:
PRIVATE_KEY_PASSWORD: ${{ github.event_name == 'pull_request' && '1234' || secrets.PRIVATE_KEY_PASSWORD }}
run: |
call "%ProgramFiles%\Microsoft Visual Studio\2022\Enterprise\Common7\Tools\VsDevCmd.bat"
signtool sign /a /fd SHA256 /v /f private.pfx /p ${{ env.PRIVATE_KEY_PASSWORD }} /t http://timestamp.digicert.com rust/target/output/*.msi
- name: Zip up install package
if: github.event_name == 'release'
run: |
Get-ChildItem -Path DriverCertificate.cer, install-cert.bat, rust/target/output/*.msi | Compress-Archive -CompressionLevel Optimal -DestinationPath "virtual-desktop-driver-installer-x64.zip"
- name: Zip up portable package
if: github.event_name == 'release'
run: |
Get-ChildItem -Path DriverCertificate.cer, install-cert.bat, *.inf, *.dll, *.cat, *.exe, *.pyd, *.reg | Compress-Archive -CompressionLevel Optimal -DestinationPath "virtual-desktop-driver-portable-x64.zip"
- name: Attach assets to release
if: github.event_name == 'release'
uses: xresloader/upload-to-github-release@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
file: "*.zip"
draft: false
release_id: ${{ github.event.release.id }}