Merge remote-tracking branch 'origin/main' #489
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build | |
| on: | |
| push: | |
| branches: | |
| - main | |
| paths-ignore: | |
| - '__version__.py' # Ignore commits that only update the version file | |
| pull_request: | |
| jobs: | |
| bump_version: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| new_tag: ${{ steps.tag_version.outputs.new_tag }} | |
| new_version: ${{ steps.tag_version.outputs.new_version }} | |
| steps: | |
| - name: Bump version and push tag | |
| id: tag_version | |
| uses: mathieudutour/[email protected] | |
| with: | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Print version output | |
| run: echo "Version output is ${{ steps.tag_version.outputs.new_version }}" | |
| update_version: | |
| runs-on: ubuntu-latest | |
| needs: bump_version | |
| steps: | |
| - uses: actions/checkout@v2 | |
| with: | |
| fetch-depth: 0 | |
| - name: Update version file | |
| run: echo "__version__ = '${{ needs.bump_version.outputs.new_version }}'" > /home/runner/work/rewst_remote_agent/rewst_remote_agent/__version__.py | |
| - name: Commit and push version file | |
| run: | | |
| git config --local user.email "[email protected]" | |
| git config --local user.name "Rewst GitHub Actions" | |
| git add /home/runner/work/rewst_remote_agent/rewst_remote_agent/__version__.py | |
| git commit -m "Update version to ${{ needs.bump_version.outputs.new_version }} [skip ci]" | |
| git push --force-with-lease origin main | |
| build: | |
| needs: update_version | |
| runs-on: ${{ matrix.os }} | |
| if: "!contains(github.event.head_commit.message, 'skip ci')" | |
| strategy: | |
| matrix: | |
| os: [ubuntu-latest, macos-latest, windows-latest] | |
| python-version: ["3.12"] | |
| steps: | |
| - uses: actions/checkout@v2 | |
| - name: Set up Python ${{ matrix.python-version }} | |
| uses: actions/setup-python@v2 | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| - name: Print calculated version | |
| run: echo "Calculated version is ${{ steps.tag_version.outputs.new_version }}" | |
| - name: Print new version | |
| run: echo "New version is ${{ needs.bump_version.outputs.new_version }}" | |
| - name: Write MS Version file (Windows) | |
| if: matrix.os == 'windows-latest' | |
| shell: pwsh | |
| run: .\.github\workflows\Write-VersionFile.ps1 | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install -r requirements.txt | |
| - name: Install PyInstaller | |
| run: pip install pyinstaller | |
| - name: Run build script (Windows) | |
| if: matrix.os == 'windows-latest' | |
| shell: cmd | |
| run: .github\workflows\build.bat | |
| - name: Run build script (Ubuntu Linux) | |
| if: matrix.os == 'ubuntu-latest' | |
| run: | | |
| chmod +x .github/workflows/build.sh | |
| .github/workflows/build.sh | |
| - name: Upload Executable (Linux) | |
| if: matrix.os == 'ubuntu-latest' | |
| uses: actions/upload-artifact@v2 | |
| with: | |
| name: linux-latest-asset | |
| path: | | |
| ./dist/rewst_remote_agent | |
| ./dist/rewst_service_manager | |
| ./dist/rewst_agent_config | |
| - name: Run build script (MacOS) | |
| if: matrix.os == 'macos-latest' | |
| run: | | |
| chmod +x .github/workflows/build.sh | |
| .github/workflows/build.sh | |
| - name: Upload Executable (MacOS) | |
| if: matrix.os == 'macos-latest' | |
| uses: actions/upload-artifact@v2 | |
| with: | |
| name: macos-latest-asset | |
| path: | | |
| ./dist/rewst_remote_agent | |
| ./dist/rewst_service_manager | |
| ./dist/rewst_agent_config | |
| - name: See where we are in Linux | |
| if: matrix.os == 'ubuntu-latest' | |
| run: | | |
| find . | |
| pwd | |
| - name: Sign with SSL.com CodeSignTool | |
| if: matrix.os == 'windows-latest' | |
| shell: pwsh | |
| run: | | |
| .\.github\workflows\ssl_com_sign_binaries.ps1 -username '${{ secrets.SSL_COM_USERNAME }}' -password '${{ secrets.SSL_COM_PASSWORD }}' -credentialId '${{ secrets.SSL_COM_CREDENTIAL_ID }}' -totpSecret '${{ secrets.SSL_COM_OTP }}' | |
| - name: Generate Checksums (Windows) | |
| if: matrix.os == 'windows-latest' | |
| run: | | |
| Get-FileHash -Path ./dist/signed/rewst_windows_service.exe -Algorithm SHA256 | Format-List | Out-File -FilePath ./dist/signed/rewst_windows_service.exe.sha256 | |
| Get-FileHash -Path ./dist/signed/rewst_remote_agent.exe -Algorithm SHA256 | Format-List | Out-File -FilePath ./dist/signed/rewst_remote_agent.exe.sha256 | |
| Get-FileHash -Path ./dist/signed/rewst_remote_agent.exe -Algorithm SHA256 | Format-List | Out-File -FilePath ./dist/signed/rewst_agent_config.exe.sha256 | |
| Get-FileHash -Path ./dist/signed/rewst_remote_agent.exe -Algorithm SHA256 | Format-List | Out-File -FilePath ./dist/signed/rewst_service_manager.exe.sha256 | |
| - name: Upload Signed Executable (Windows) | |
| if: matrix.os == 'windows-latest' | |
| uses: actions/upload-artifact@v2 | |
| with: | |
| name: windows-latest-signed-asset | |
| path: | | |
| ./dist/signed/rewst_windows_service.exe | |
| ./dist/signed/rewst_service_manager.exe | |
| ./dist/signed/rewst_remote_agent.exe | |
| ./dist/signed/rewst_agent_config.exe | |
| ./dist/signed/rewst_windows_service.exe.sha256 | |
| ./dist/signed/rewst_service_manager.exe.sha256 | |
| ./dist/signed/rewst_remote_agent.exe.sha256 | |
| ./dist/signed/rewst_agent_config.exe.sha256 | |
| release: | |
| needs: [ bump_version, build ] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v2 | |
| - name: Create Release | |
| id: create_release | |
| uses: actions/create-release@v1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| tag_name: ${{ needs.bump_version.outputs.new_tag }} | |
| release_name: Release ${{ needs.bump_version.outputs.new_tag }} | |
| draft: false | |
| prerelease: false | |
| - name: Download all assets | |
| uses: actions/download-artifact@v2 | |
| # Windows | |
| - name: Upload Release Assets - Windows (rewst_windows_service) | |
| uses: actions/upload-release-asset@v1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| upload_url: ${{ steps.create_release.outputs.upload_url }} | |
| asset_path: ./windows-latest-signed-asset/rewst_windows_service.exe | |
| asset_name: rewst_windows_service.win.exe | |
| asset_content_type: application/octet-stream | |
| - name: Upload Release Assets - Windows (rewst_remote_agent) | |
| uses: actions/upload-release-asset@v1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| upload_url: ${{ steps.create_release.outputs.upload_url }} | |
| asset_path: ./windows-latest-signed-asset/rewst_remote_agent.exe | |
| asset_name: rewst_remote_agent.win.exe | |
| asset_content_type: application/octet-stream | |
| - name: Upload Release Assets - Windows (rewst_service_manager) | |
| uses: actions/upload-release-asset@v1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| upload_url: ${{ steps.create_release.outputs.upload_url }} | |
| asset_path: ./windows-latest-signed-asset/rewst_service_manager.exe | |
| asset_name: rewst_service_manager.win.exe | |
| asset_content_type: application/octet-stream | |
| - name: Upload Release Assets - Windows (rewst_agent_config) | |
| uses: actions/upload-release-asset@v1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| upload_url: ${{ steps.create_release.outputs.upload_url }} | |
| asset_path: ./windows-latest-signed-asset/rewst_agent_config.exe | |
| asset_name: rewst_agent_config.win.exe | |
| asset_content_type: application/octet-stream | |
| - name: Upload Checksum File - Windows (rewst_windows_service) | |
| uses: actions/upload-release-asset@v1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| upload_url: ${{ steps.create_release.outputs.upload_url }} | |
| asset_path: ./windows-latest-signed-asset/rewst_windows_service.exe.sha256 | |
| asset_name: rewst_windows_service.win.exe.sha256 | |
| asset_content_type: text/plain | |
| - name: Upload Checksum File - Windows (rewst_remote_agent) | |
| uses: actions/upload-release-asset@v1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| upload_url: ${{ steps.create_release.outputs.upload_url }} | |
| asset_path: ./windows-latest-signed-asset/rewst_remote_agent.exe.sha256 | |
| asset_name: rewst_remote_agent.win.exe.sha256 | |
| asset_content_type: text/plain | |
| - name: Upload Checksum File - Windows (rewst_service_manager) | |
| uses: actions/upload-release-asset@v1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| upload_url: ${{ steps.create_release.outputs.upload_url }} | |
| asset_path: ./windows-latest-signed-asset/rewst_service_manager.exe.sha256 | |
| asset_name: rewst_service_manager.win.exe.sha256 | |
| asset_content_type: text/plain | |
| - name: Upload Checksum File - Windows (rewst_agent_config) | |
| uses: actions/upload-release-asset@v1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| upload_url: ${{ steps.create_release.outputs.upload_url }} | |
| asset_path: ./windows-latest-signed-asset/rewst_agent_config.exe.sha256 | |
| asset_name: rewst_agent_config.win.exe.sha256 | |
| asset_content_type: text/plain | |
| # Linux | |
| - name: Upload Release Assets - Linux (rewst_remote_agent) | |
| uses: actions/upload-release-asset@v1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| upload_url: ${{ steps.create_release.outputs.upload_url }} | |
| asset_path: ./linux-latest-asset/rewst_remote_agent | |
| asset_name: rewst_remote_agent.linux.bin | |
| asset_content_type: application/octet-stream | |
| - name: Upload Release Assets - Linux (rewst_service_manager) | |
| uses: actions/upload-release-asset@v1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| upload_url: ${{ steps.create_release.outputs.upload_url }} | |
| asset_path: ./linux-latest-asset/rewst_service_manager | |
| asset_name: rewst_service_manager.linux.bin | |
| asset_content_type: application/octet-stream | |
| - name: Upload Release Assets - Linux (rewst_agent_config) | |
| uses: actions/upload-release-asset@v1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| upload_url: ${{ steps.create_release.outputs.upload_url }} | |
| asset_path: ./linux-latest-asset/rewst_agent_config | |
| asset_name: rewst_agent_config.linux.bin | |
| asset_content_type: application/octet-stream | |
| # MacOS | |
| - name: Upload Release Assets - MacOS (rewst_remote_agent) | |
| uses: actions/upload-release-asset@v1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| upload_url: ${{ steps.create_release.outputs.upload_url }} | |
| asset_path: ./macos-latest-asset/rewst_remote_agent | |
| asset_name: rewst_remote_agent.macos.bin | |
| asset_content_type: application/octet-stream | |
| - name: Upload Release Assets - MacOS (rewst_service_manager) | |
| uses: actions/upload-release-asset@v1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| upload_url: ${{ steps.create_release.outputs.upload_url }} | |
| asset_path: ./macos-latest-asset/rewst_service_manager | |
| asset_name: rewst_service_manager.macos.bin | |
| asset_content_type: application/octet-stream | |
| - name: Upload Release Assets - MacOS (rewst_agent_config) | |
| uses: actions/upload-release-asset@v1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| upload_url: ${{ steps.create_release.outputs.upload_url }} | |
| asset_path: ./macos-latest-asset/rewst_agent_config | |
| asset_name: rewst_agent_config.macos.bin | |
| asset_content_type: application/octet-stream |