GitHubSync update - release-4.33 #2898
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| push: | |
| branches: | |
| - master | |
| - release-* | |
| tags: | |
| - '[0-9]+.[0-9]+.[0-9]+' | |
| - '[0-9]+.[0-9]+.[0-9]+-*' | |
| pull_request: | |
| workflow_dispatch: | |
| env: | |
| DOTNET_NOLOGO: true | |
| jobs: | |
| release: | |
| if: ${{ github.actor != 'dependabot[bot]' }} | |
| runs-on: windows-2022 | |
| steps: | |
| - name: Check for secrets | |
| env: | |
| SECRETS_AVAILABLE: ${{ secrets.SECRETS_AVAILABLE }} | |
| shell: pwsh | |
| run: exit $(If ($env:SECRETS_AVAILABLE -eq 'true') { 0 } Else { 1 }) | |
| - name: Checkout | |
| uses: actions/[email protected] | |
| with: | |
| fetch-depth: 0 | |
| - name: Setup .NET SDK | |
| uses: actions/[email protected] | |
| with: | |
| dotnet-version: 6.0.x | |
| - name: Add msbuild to PATH | |
| uses: microsoft/[email protected] | |
| - name: Build | |
| run: msbuild src -p:Configuration=Release -restore -m -verbosity:minimal | |
| - name: Sign NuGet packages | |
| uses: Particular/[email protected] | |
| with: | |
| client-id: ${{ secrets.AZURE_KEY_VAULT_CLIENT_ID }} | |
| tenant-id: ${{ secrets.AZURE_KEY_VAULT_TENANT_ID }} | |
| client-secret: ${{ secrets.AZURE_KEY_VAULT_CLIENT_SECRET }} | |
| certificate-name: ${{ secrets.AZURE_KEY_VAULT_CERTIFICATE_NAME }} | |
| - name: Create PowerShell module catalog | |
| run: New-FileCatalog -Path deploy\PowerShellModules\Particular.ServiceControl.Management -CatalogFilePath deploy\PowerShellModules\Particular.ServiceControl.Management\Particular.ServiceControl.Management.cat -CatalogVersion 2.0 | |
| - name: Install AzureSignTool | |
| run: dotnet tool install --global azuresigntool | |
| - name: Sign PowerShell module | |
| run: | | |
| AzureSignTool sign ` | |
| --file-digest sha256 ` | |
| --timestamp-rfc3161 http://timestamp.digicert.com ` | |
| --azure-key-vault-url https://particularcodesigning.vault.azure.net ` | |
| --azure-key-vault-client-id ${{ secrets.AZURE_KEY_VAULT_CLIENT_ID }} ` | |
| --azure-key-vault-tenant-id ${{ secrets.AZURE_KEY_VAULT_TENANT_ID }} ` | |
| --azure-key-vault-client-secret ${{ secrets.AZURE_KEY_VAULT_CLIENT_SECRET }} ` | |
| --azure-key-vault-certificate ${{ secrets.AZURE_KEY_VAULT_CERTIFICATE_NAME }} ` | |
| deploy\PowerShellModules\Particular.ServiceControl.Management\Particular.ServiceControl.Management.cat | |
| - name: Zip PowerShell module | |
| run: | | |
| New-Item assets\PowerShellModules -ItemType Directory | |
| Compress-Archive -Path deploy\PowerShellModules\Particular.ServiceControl.Management\* -DestinationPath assets\PowerShellModules\Particular.ServiceControl.Management.zip | |
| - name: Setup Advanced Installer | |
| run: | | |
| $version = "20.2.1" | |
| choco install advanced-installer --version=$version | |
| & "C:\Program Files (x86)\Caphyon\Advanced Installer $version\bin\x86\AdvancedInstaller.com" /register ${{ secrets.ADVANCED_INSTALLER_LICENSE_KEY }} | |
| - name: Prepare AIP file | |
| run: | | |
| $content = Get-Content -Raw -Path src/Setup/ServiceControl.aip | |
| $content = $content -replace "replace-tenant-id", "${{ secrets.AZURE_KEY_VAULT_TENANT_ID }}" -replace "replace-app-id", "${{ secrets.AZURE_KEY_VAULT_CLIENT_ID }}" -replace "replace-cert-name", "${{ secrets.AZURE_KEY_VAULT_CERTIFICATE_NAME }}" | |
| Set-Content src/Setup/ServiceControl.aip $content | |
| - name: Build Windows installer | |
| env: | |
| AZURE_KEY_VAULT_CLIENT_SECRET: ${{ secrets.AZURE_KEY_VAULT_CLIENT_SECRET }} | |
| run: dotnet build src/Setup --configuration Release | |
| - name: Publish assets | |
| uses: actions/[email protected] | |
| with: | |
| name: assets | |
| path: assets/* | |
| retention-days: 1 | |
| - name: Publish NuGet packages | |
| uses: actions/[email protected] | |
| with: | |
| name: nugets | |
| path: nugets/* | |
| retention-days: 1 | |
| - name: Publish zips | |
| uses: actions/[email protected] | |
| with: | |
| name: zips | |
| path: zip/* | |
| retention-days: 1 | |
| - name : Verify release artifact counts | |
| shell: pwsh | |
| run: | | |
| $assetsCount = (Get-ChildItem -Recurse -File assets).Count | |
| $nugetsCount = (Get-ChildItem -Recurse -File nugets).Count | |
| $zipCount = (Get-ChildItem -Recurse -File zip).Count | |
| $expectedAssetsCount = 2 | |
| $expectedNugetsCount = 1 | |
| $expectedZipCount = 3 | |
| if ($assetsCount -ne $expectedAssetsCount) | |
| { | |
| Write-Host Assets: Expected $expectedAssetsCount but found $assetsCount | |
| exit -1 | |
| } | |
| if ($nugetsCount -ne $expectedNugetsCount) | |
| { | |
| Write-Host Nugets: Expected $expectedNugetsCount but found $nugetsCount | |
| exit -1 | |
| } | |
| if ($expectedZipCount -ne $zipCount) | |
| { | |
| Write-Host Zips: Expected $expectedZipCount but found $zipCount | |
| exit -1 | |
| } | |
| - name: Deploy | |
| if: ${{ github.event_name == 'push' && github.ref_type == 'tag' }} | |
| # Does not follow standard practice of targeting explicit versions because configuration is tightly coupled to Octopus Deploy configuration | |
| uses: Particular/push-octopus-package-action@main | |
| with: | |
| octopus-deploy-api-key: ${{ secrets.OCTOPUS_DEPLOY_API_KEY }} |