Skip to content

Pre-Release WinUtil #130

Pre-Release WinUtil

Pre-Release WinUtil #130

Workflow file for this run

name: Pre-Release WinUtil
permissions:
contents: write
actions: read
on:
workflow_dispatch: # Manual trigger added
jobs:
build-runspace:
runs-on: windows-latest
env:
CERTIFICATE_BASE64: ${{ secrets.CERTIFICATE_BASE64 }}
steps:
- name: Checkout Repository
uses: actions/checkout@v4
- name: Compile project
shell: pwsh
run: |
Set-ExecutionPolicy Bypass -Scope Process -Force; ./Compile.ps1
continue-on-error: false # Directly fail the job on error, removing the need for a separate check
- name: Set Version to Todays Date
id: extract_version
run: |
$version = (Get-Date -Format "yy.MM.dd")
echo "VERSION=$version" >> $env:GITHUB_ENV
shell: pwsh
- name: Create Tag
id: create_tag
run: |
$tagExists = git tag -l $env:VERSION
if ($tagExists -eq "") {
git tag $env:VERSION
if ($LASTEXITCODE -ne 0) {
Write-Error "Failed to create tag $env:VERSION"
exit 1
}
git push origin $env:VERSION
if ($LASTEXITCODE -ne 0) {
Write-Error "Failed to push tag $env:VERSION"
exit 1
}
} else {
Write-Host "Tag $env:VERSION already exists, skipping tag creation"
}
shell: pwsh
- name: Create and import code signing certificate
shell: pwsh
run: |
[System.IO.File]::WriteAllBytes("$env:USERPROFILE\code-signing-cert.pfx", [System.Convert]::FromBase64String("$env:CERTIFICATE_BASE64"))
Import-PfxCertificate -FilePath "$env:USERPROFILE\code-signing-cert.pfx" -CertStoreLocation Cert:\CurrentUser\My
- name: Code sign winutil.ps1
shell: pwsh
run: |
$cert = Get-ChildItem -Path Cert:\CurrentUser\My -CodeSigningCert | Select-Object -First 1
if ($null -eq $cert) { throw "Code signing certificate not found" }
Set-AuthenticodeSignature -FilePath ./winutil.ps1 -Certificate $cert
- name: Verify code signature
shell: pwsh
run: |
$signature = Get-AuthenticodeSignature -FilePath ./winutil.ps1
if ($signature.Status -ne 'Valid') { throw "Code signing failed" }
- name: Upload winutil.ps1 as artifact
uses: actions/upload-artifact@v4
with:
name: winutil
path: ./winutil.ps1
- name: Get latest release tag
id: get_latest_release
run: |
git fetch --tags --force
$latestTag = git for-each-ref --sort=-creatordate --format '%(refname:short)' refs/tags --count 1
if ($LASTEXITCODE -ne 0 -or [string]::IsNullOrEmpty($latestTag)) {
Write-Error "Failed to get latest tag. Error code: $LASTEXITCODE"
exit 1
}
Write-Host "Latest tag: $latestTag"
echo "LATEST_TAG=$latestTag" >> $env:GITHUB_ENV
shell: pwsh
- name: Generate Release Notes
id: generate_notes
uses: release-drafter/release-drafter@v5
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
config-name: release-drafter.yml
version: ${{ env.version }}
tag: ${{ env.LATEST_TAG }}
- name: Prepare Release Body
id: prepare_body
run: |
$newChanges = @'
${{ steps.generate_notes.outputs.body }}
'@
$formattedChanges = "Changes since ${{ env.LATEST_TAG }}:`n`n$newChanges"
$encodedChanges = [Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes($formattedChanges))
echo "body=$encodedChanges" >> $env:GITHUB_OUTPUT
shell: pwsh
- name: Create and Upload Release
id: create_release
uses: softprops/action-gh-release@v2
with:
tag_name: ${{ env.version }}
name: Pre-Release ${{ env.version }}
body: |
${{ '{{' }} fromJson(format('"{0}"', steps.prepare_body.outputs.body)) | base64decode {{ '}}' }}
![GitHub Downloads (specific asset, specific tag)](https://img.shields.io/github/downloads/ChrisTitusTech/winutil/${{ env.VERSION }}/winutil.ps1)
append_body: false
files: ./winutil.ps1
prerelease: true
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}