Build #30
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build | |
| permissions: | |
| contents: read # Default to secure | |
| on: | |
| pull_request: | |
| branches: | |
| - master | |
| paths: | |
| - 'Src/**' | |
| - 'Localization/**' | |
| - '.github/workflows/build.yml' | |
| workflow_dispatch: # allows manual trigger for main/master | |
| jobs: | |
| build: | |
| runs-on: windows-2022 | |
| outputs: | |
| new_version: ${{ steps.versioning.outputs.NEW_VERSION }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v6 | |
| with: | |
| fetch-depth: 0 # Essential to see all tags | |
| - name: Prepare version | |
| id: versioning | |
| shell: pwsh | |
| run: | | |
| # Fetch latest tag | |
| $latestTag = git describe --tags --abbrev=0 2>$null | |
| if ($latestTag -notmatch '^v\d+\.\d+\.\d+$') { | |
| Write-Error "Error: Could not find a valid vX.Y.Z tag in history. Found: '$latestTag'" | |
| exit 1 | |
| } | |
| # Parse and Increment | |
| $version = [version]$latestTag.Substring(1) | |
| $baseVersion = "$($version.Major).$($version.Minor).$($version.Build + 1)" | |
| # Handle PR Suffix | |
| if ("${{ github.event_name }}" -eq "pull_request") { | |
| $shortSha = "${{ github.event.pull_request.head.sha }}".Substring(0, 7) | |
| $finalVersion = "$baseVersion-pr-$shortSha" | |
| } else { | |
| $finalVersion = $baseVersion | |
| } | |
| # Export | |
| "NEW_VERSION=$finalVersion" | Out-File -FilePath $env:GITHUB_OUTPUT -Append | |
| Write-Host "Building version: $finalVersion" | |
| - name: Build binaries | |
| shell: cmd | |
| env: | |
| CS_VERSION: ${{ steps.versioning.outputs.NEW_VERSION }} | |
| run: Src\Setup\BuildBinaries.bat | |
| - name: Upload binaries | |
| if: github.event_name == 'workflow_dispatch' && github.ref == 'refs/heads/master' # Only manual master builds | |
| id: upload-binaries | |
| uses: actions/upload-artifact@v7 | |
| with: | |
| name: Binaries | |
| path: | | |
| Src/Setup/Output/ | |
| !Src/Setup/Output/*.skin | |
| !Src/Setup/Output/*.skin7 | |
| !Src/Setup/Output/*.zip | |
| retention-days: 1 | |
| - name: Sign binaries with SignPath | |
| if: github.event_name == 'workflow_dispatch' && github.ref == 'refs/heads/master' # Only manual master builds | |
| uses: signpath/github-action-submit-signing-request@v2 | |
| with: | |
| api-token: '${{ secrets.SIGNPATH_API_TOKEN }}' | |
| organization-id: 'b34b60e3-e5bf-4a6e-a13c-dcf641b4362c' | |
| project-slug: 'Open-Shell-Menu' | |
| signing-policy-slug: 'test-signing' | |
| artifact-configuration-slug: 'Binaries' | |
| github-artifact-id: '${{ steps.upload-binaries.outputs.artifact-id }}' | |
| wait-for-completion: true | |
| output-artifact-directory: 'Src/Setup/Output/' | |
| - name: Build installers | |
| shell: cmd | |
| env: | |
| CS_VERSION: ${{ steps.versioning.outputs.NEW_VERSION }} | |
| run: Src\Setup\_BuildEnglish.bat | |
| - name: Upload installers | |
| if: github.event_name == 'workflow_dispatch' && github.ref == 'refs/heads/master' # Only manual master builds | |
| id: upload-installers | |
| uses: actions/upload-artifact@v7 | |
| with: | |
| name: MSI | |
| path: | | |
| Src/Setup/Temp/*.msi | |
| retention-days: 1 | |
| - name: Sign installers with SignPath | |
| if: github.event_name == 'workflow_dispatch' && github.ref == 'refs/heads/master' # Only manual master builds | |
| uses: signpath/github-action-submit-signing-request@v2 | |
| with: | |
| api-token: '${{ secrets.SIGNPATH_API_TOKEN }}' | |
| organization-id: 'b34b60e3-e5bf-4a6e-a13c-dcf641b4362c' | |
| project-slug: 'Open-Shell-Menu' | |
| signing-policy-slug: 'test-signing' | |
| artifact-configuration-slug: 'Installers' | |
| github-artifact-id: '${{ steps.upload-installers.outputs.artifact-id }}' | |
| wait-for-completion: true | |
| output-artifact-directory: 'Src/Setup/Temp/' | |
| - name: Build setup and symbols | |
| shell: cmd | |
| env: | |
| CS_VERSION: ${{ steps.versioning.outputs.NEW_VERSION }} | |
| run: Src\Setup\BuildArchives.bat | |
| - name: Upload symbols | |
| uses: actions/upload-artifact@v7 | |
| with: | |
| path: | | |
| Src/Setup/Final/OpenShellSymbols*.7z | |
| archive: false | |
| - name: Upload utility | |
| uses: actions/upload-artifact@v7 | |
| with: | |
| path: | | |
| Src/Setup/Final/Utility.exe | |
| archive: false | |
| - name: Upload setup | |
| id: upload-setup | |
| uses: actions/upload-artifact@v7 | |
| with: | |
| path: | | |
| Src/Setup/Final/OpenShellSetup*.exe | |
| archive: false | |
| - name: Sign setup with SignPath | |
| if: github.event_name == 'workflow_dispatch' && github.ref == 'refs/heads/master' # Only manual master builds | |
| uses: signpath/github-action-submit-signing-request@v2 | |
| with: | |
| api-token: '${{ secrets.SIGNPATH_API_TOKEN }}' | |
| organization-id: 'b34b60e3-e5bf-4a6e-a13c-dcf641b4362c' | |
| project-slug: 'Open-Shell-Menu' | |
| signing-policy-slug: 'test-signing' | |
| github-artifact-id: '${{ steps.upload-setup.outputs.artifact-id }}' | |
| wait-for-completion: true | |
| skip-decompress: true | |
| output-artifact-directory: 'Src/Setup/Final/' | |
| # `overwrite: true` doesn't work with `archive: false`, so we have to delete the original first | |
| # https://github.com/actions/upload-artifact/issues/769 | |
| # https://github.com/actions/upload-artifact/issues/785 | |
| - name: Delete setup | |
| if: github.event_name == 'workflow_dispatch' && github.ref == 'refs/heads/master' # Only manual master builds | |
| uses: geekyeggo/delete-artifact@v6 | |
| with: | |
| name: OpenShellSetup*.exe | |
| - name: Upload setup (signed) | |
| if: github.event_name == 'workflow_dispatch' && github.ref == 'refs/heads/master' # Only manual master builds | |
| uses: actions/upload-artifact@v7 | |
| with: | |
| path: | | |
| Src/Setup/Final/OpenShellSetup*.exe | |
| archive: false | |
| overwrite: true | |
| release: | |
| if: github.event_name == 'workflow_dispatch' && github.ref == 'refs/heads/master' # Only manual master builds | |
| needs: build | |
| runs-on: ubuntu-latest # Cheaper/faster than windows for just uploading | |
| permissions: | |
| contents: write # Elevate permissions ONLY for this job | |
| steps: | |
| - name: Download setup | |
| uses: actions/download-artifact@v8 | |
| with: | |
| pattern: OpenShellSetup*.exe | |
| - name: Download symbols | |
| uses: actions/download-artifact@v8 | |
| with: | |
| pattern: OpenShellSymbols*.7z | |
| - name: Download utility | |
| uses: actions/download-artifact@v8 | |
| with: | |
| pattern: Utility.exe | |
| - name: Create GitHub Release | |
| uses: softprops/action-gh-release@v3 | |
| with: | |
| tag_name: v${{ needs.build.outputs.new_version }} | |
| name: ${{ needs.build.outputs.new_version }} | |
| generate_release_notes: true | |
| prerelease: true | |
| files: | | |
| OpenShellSetup*.exe | |
| OpenShellSymbols_*.7z | |
| Utility.exe | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |