Merge remote-tracking branch 'origin/main' #497
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build | ||
| on: | ||
| push: | ||
| branches: | ||
| - main | ||
| paths-ignore: | ||
| - '__version__.py' # Ignore commits that only update the version file | ||
| pull_request: | ||
| jobs: | ||
| bump_version: | ||
| runs-on: ubuntu-latest | ||
| outputs: | ||
| new_tag: ${{ steps.tag_version.outputs.new_tag }} | ||
| new_version: ${{ steps.tag_version.outputs.new_version }} | ||
| steps: | ||
| - name: Bump version and push tag | ||
| id: tag_version | ||
| uses: mathieudutour/[email protected] | ||
| with: | ||
| github_token: ${{ secrets.GITHUB_TOKEN }} | ||
| - name: Print version output | ||
| run: echo "Version output is ${{ steps.tag_version.outputs.new_version }}" | ||
| update_version: | ||
| runs-on: ubuntu-latest | ||
| needs: bump_version | ||
| steps: | ||
| - uses: actions/checkout@v2 | ||
| with: | ||
| fetch-depth: 0 | ||
| - name: Update version file | ||
| run: echo "__version__ = '${{ needs.bump_version.outputs.new_version }}'" > /home/runner/work/rewst_remote_agent/rewst_remote_agent/__version__.py | ||
| - name: Commit and push version file | ||
| run: | | ||
| git config --local user.email "[email protected]" | ||
| git config --local user.name "Rewst GitHub Actions" | ||
| git add /home/runner/work/rewst_remote_agent/rewst_remote_agent/__version__.py | ||
| git commit -m "Update version to ${{ needs.bump_version.outputs.new_version }} [skip ci]" | ||
| git push --force-with-lease origin main | ||
| build: | ||
| needs: update_version | ||
| runs-on: ${{ matrix.os }} | ||
| if: "!contains(github.event.head_commit.message, 'skip ci')" | ||
| strategy: | ||
| matrix: | ||
| os: [ubuntu-latest, macos-latest, windows-latest] | ||
| python-version: ["3.12"] | ||
| steps: | ||
| - uses: actions/checkout@v2 | ||
| - name: Set up Python ${{ matrix.python-version }} | ||
| uses: actions/setup-python@v2 | ||
| with: | ||
| python-version: ${{ matrix.python-version }} | ||
| - name: Print calculated version | ||
| run: echo "Calculated version is ${{ steps.tag_version.outputs.new_version }}" | ||
| - name: Print new version | ||
| run: echo "New version is ${{ needs.bump_version.outputs.new_version }}" | ||
| - name: Prepare RPM Spec File | ||
| run: | | ||
| sed -e "s/%VERSION%/${{ needs.bump_version.outputs.new_version }}/g" .github/templates/rewst_remote_agent.spec.template > rewst_remote_agent.spec | ||
| # Append generated changelog to spec file | ||
| echo "%changelog" >> rewst_remote_agent.spec | ||
| cat CHANGELOG.md >> rewst_remote_agent.spec | ||
| - name: Write MS Version file (Windows) | ||
| if: matrix.os == 'windows-latest' | ||
| shell: pwsh | ||
| run: .\.github\workflows\Write-VersionFile.ps1 | ||
| - name: Install dependencies | ||
| run: | | ||
| python -m pip install --upgrade pip | ||
| pip install -r requirements.txt | ||
| - name: Install PyInstaller | ||
| run: pip install pyinstaller | ||
| - name: Run build script (Windows) | ||
| if: matrix.os == 'windows-latest' | ||
| shell: cmd | ||
| run: .github\workflows\build.bat | ||
| - name: Run build script (Ubuntu Linux) | ||
| if: matrix.os == 'ubuntu-latest' | ||
| run: | | ||
| chmod +x .github/workflows/build.sh | ||
| .github/workflows/build.sh | ||
| - name: Upload Executable (Linux) | ||
| if: matrix.os == 'ubuntu-latest' | ||
| uses: actions/upload-artifact@v2 | ||
| with: | ||
| name: linux-latest-asset | ||
| path: | | ||
| ./dist/rewst_remote_agent | ||
| ./dist/rewst_service_manager | ||
| ./dist/rewst_agent_config | ||
| - name: Run build script (MacOS) | ||
| if: matrix.os == 'macos-latest' | ||
| run: | | ||
| chmod +x .github/workflows/build.sh | ||
| .github/workflows/build.sh | ||
| - name: Upload Executable (MacOS) | ||
| if: matrix.os == 'macos-latest' | ||
| uses: actions/upload-artifact@v2 | ||
| with: | ||
| name: macos-latest-asset | ||
| path: | | ||
| ./dist/rewst_remote_agent | ||
| ./dist/rewst_service_manager | ||
| ./dist/rewst_agent_config | ||
| - name: See where we are in Linux | ||
| if: matrix.os == 'ubuntu-latest' | ||
| run: | | ||
| find . | ||
| pwd | ||
| - name: Sign with SSL.com CodeSignTool | ||
| if: matrix.os == 'windows-latest' | ||
| shell: pwsh | ||
| run: | | ||
| .\.github\workflows\ssl_com_sign_binaries.ps1 -username '${{ secrets.SSL_COM_USERNAME }}' -password '${{ secrets.SSL_COM_PASSWORD }}' -credentialId '${{ secrets.SSL_COM_CREDENTIAL_ID }}' -totpSecret '${{ secrets.SSL_COM_OTP }}' | ||
| - name: Generate Checksums (Windows) | ||
| if: matrix.os == 'windows-latest' | ||
| run: | | ||
| Get-FileHash -Path ./dist/signed/rewst_windows_service.exe -Algorithm SHA256 | Format-List | Out-File -FilePath ./dist/signed/rewst_windows_service.exe.sha256 | ||
| Get-FileHash -Path ./dist/signed/rewst_remote_agent.exe -Algorithm SHA256 | Format-List | Out-File -FilePath ./dist/signed/rewst_remote_agent.exe.sha256 | ||
| Get-FileHash -Path ./dist/signed/rewst_agent_config.exe -Algorithm SHA256 | Format-List | Out-File -FilePath ./dist/signed/rewst_agent_config.exe.sha256 | ||
| Get-FileHash -Path ./dist/signed/rewst_service_manager.exe -Algorithm SHA256 | Format-List | Out-File -FilePath ./dist/signed/rewst_service_manager.exe.sha256 | ||
| - name: Upload Signed Executable (Windows) | ||
| if: matrix.os == 'windows-latest' | ||
| uses: actions/upload-artifact@v2 | ||
| with: | ||
| name: windows-latest-signed-asset | ||
| path: | | ||
| ./dist/signed/rewst_windows_service.exe | ||
| ./dist/signed/rewst_service_manager.exe | ||
| ./dist/signed/rewst_remote_agent.exe | ||
| ./dist/signed/rewst_agent_config.exe | ||
| ./dist/signed/rewst_windows_service.exe.sha256 | ||
| ./dist/signed/rewst_service_manager.exe.sha256 | ||
| ./dist/signed/rewst_remote_agent.exe.sha256 | ||
| ./dist/signed/rewst_agent_config.exe.sha256 | ||
| rpmbuild: | ||
| runs-on: ubuntu-latest | ||
| strategy: | ||
| matrix: | ||
| centos-version: [7, 8, 9] | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v2 | ||
| - name: Build RPM in CentOS Container | ||
| uses: docker://centos:${{ matrix.centos-version }} | ||
|
Check failure on line 169 in .github/workflows/build.yml
|
||
| with: | ||
| args: | | ||
| yum install -y rpm-build | ||
| rpmbuild -ba rewst_remote_agent.spec --define "_sourcedir ${{ github.workspace }}" --define "_rpmdir ${{ github.workspace }}/rpms" | ||
| - name: Archive RPM Package | ||
| uses: actions/upload-artifact@v2 | ||
| with: | ||
| name: rpm-package-centos${{ matrix.centos-version }} | ||
| path: ./rpms/**/*.rpm | ||
| release: | ||
| needs: [ bump_version, build ] | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - uses: actions/checkout@v2 | ||
| - name: Create Release | ||
| id: create_release | ||
| uses: actions/create-release@v1 | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| with: | ||
| tag_name: ${{ needs.bump_version.outputs.new_tag }} | ||
| release_name: Release ${{ needs.bump_version.outputs.new_tag }} | ||
| draft: false | ||
| prerelease: false | ||
| - name: Download all assets | ||
| uses: actions/download-artifact@v2 | ||
| # Windows | ||
| - name: Upload Release Assets - Windows (rewst_windows_service) | ||
| uses: actions/upload-release-asset@v1 | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| with: | ||
| upload_url: ${{ steps.create_release.outputs.upload_url }} | ||
| asset_path: ./windows-latest-signed-asset/rewst_windows_service.exe | ||
| asset_name: rewst_windows_service.win.exe | ||
| asset_content_type: application/octet-stream | ||
| - name: Upload Release Assets - Windows (rewst_remote_agent) | ||
| uses: actions/upload-release-asset@v1 | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| with: | ||
| upload_url: ${{ steps.create_release.outputs.upload_url }} | ||
| asset_path: ./windows-latest-signed-asset/rewst_remote_agent.exe | ||
| asset_name: rewst_remote_agent.win.exe | ||
| asset_content_type: application/octet-stream | ||
| - name: Upload Release Assets - Windows (rewst_service_manager) | ||
| uses: actions/upload-release-asset@v1 | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| with: | ||
| upload_url: ${{ steps.create_release.outputs.upload_url }} | ||
| asset_path: ./windows-latest-signed-asset/rewst_service_manager.exe | ||
| asset_name: rewst_service_manager.win.exe | ||
| asset_content_type: application/octet-stream | ||
| - name: Upload Release Assets - Windows (rewst_agent_config) | ||
| uses: actions/upload-release-asset@v1 | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| with: | ||
| upload_url: ${{ steps.create_release.outputs.upload_url }} | ||
| asset_path: ./windows-latest-signed-asset/rewst_agent_config.exe | ||
| asset_name: rewst_agent_config.win.exe | ||
| asset_content_type: application/octet-stream | ||
| - name: Upload Checksum File - Windows (rewst_windows_service) | ||
| uses: actions/upload-release-asset@v1 | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| with: | ||
| upload_url: ${{ steps.create_release.outputs.upload_url }} | ||
| asset_path: ./windows-latest-signed-asset/rewst_windows_service.exe.sha256 | ||
| asset_name: rewst_windows_service.win.exe.sha256 | ||
| asset_content_type: text/plain | ||
| - name: Upload Checksum File - Windows (rewst_remote_agent) | ||
| uses: actions/upload-release-asset@v1 | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| with: | ||
| upload_url: ${{ steps.create_release.outputs.upload_url }} | ||
| asset_path: ./windows-latest-signed-asset/rewst_remote_agent.exe.sha256 | ||
| asset_name: rewst_remote_agent.win.exe.sha256 | ||
| asset_content_type: text/plain | ||
| - name: Upload Checksum File - Windows (rewst_service_manager) | ||
| uses: actions/upload-release-asset@v1 | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| with: | ||
| upload_url: ${{ steps.create_release.outputs.upload_url }} | ||
| asset_path: ./windows-latest-signed-asset/rewst_service_manager.exe.sha256 | ||
| asset_name: rewst_service_manager.win.exe.sha256 | ||
| asset_content_type: text/plain | ||
| - name: Upload Checksum File - Windows (rewst_agent_config) | ||
| uses: actions/upload-release-asset@v1 | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| with: | ||
| upload_url: ${{ steps.create_release.outputs.upload_url }} | ||
| asset_path: ./windows-latest-signed-asset/rewst_agent_config.exe.sha256 | ||
| asset_name: rewst_agent_config.win.exe.sha256 | ||
| asset_content_type: text/plain | ||
| # Linux | ||
| - name: Upload Release Assets - Linux (rewst_remote_agent) | ||
| uses: actions/upload-release-asset@v1 | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| with: | ||
| upload_url: ${{ steps.create_release.outputs.upload_url }} | ||
| asset_path: ./linux-latest-asset/rewst_remote_agent | ||
| asset_name: rewst_remote_agent.linux.bin | ||
| asset_content_type: application/octet-stream | ||
| - name: Upload Release Assets - Linux (rewst_service_manager) | ||
| uses: actions/upload-release-asset@v1 | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| with: | ||
| upload_url: ${{ steps.create_release.outputs.upload_url }} | ||
| asset_path: ./linux-latest-asset/rewst_service_manager | ||
| asset_name: rewst_service_manager.linux.bin | ||
| asset_content_type: application/octet-stream | ||
| - name: Upload Release Assets - Linux (rewst_agent_config) | ||
| uses: actions/upload-release-asset@v1 | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| with: | ||
| upload_url: ${{ steps.create_release.outputs.upload_url }} | ||
| asset_path: ./linux-latest-asset/rewst_agent_config | ||
| asset_name: rewst_agent_config.linux.bin | ||
| asset_content_type: application/octet-stream | ||
| # MacOS | ||
| - name: Upload Release Assets - MacOS (rewst_remote_agent) | ||
| uses: actions/upload-release-asset@v1 | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| with: | ||
| upload_url: ${{ steps.create_release.outputs.upload_url }} | ||
| asset_path: ./macos-latest-asset/rewst_remote_agent | ||
| asset_name: rewst_remote_agent.macos.bin | ||
| asset_content_type: application/octet-stream | ||
| - name: Upload Release Assets - MacOS (rewst_service_manager) | ||
| uses: actions/upload-release-asset@v1 | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| with: | ||
| upload_url: ${{ steps.create_release.outputs.upload_url }} | ||
| asset_path: ./macos-latest-asset/rewst_service_manager | ||
| asset_name: rewst_service_manager.macos.bin | ||
| asset_content_type: application/octet-stream | ||
| - name: Upload Release Assets - MacOS (rewst_agent_config) | ||
| uses: actions/upload-release-asset@v1 | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| with: | ||
| upload_url: ${{ steps.create_release.outputs.upload_url }} | ||
| asset_path: ./macos-latest-asset/rewst_agent_config | ||
| asset_name: rewst_agent_config.macos.bin | ||
| asset_content_type: application/octet-stream | ||
