Skip to content
.github/workflows/release.yml

chore: SP-1549 Build signing for windows #76

Sign in to view logs

chore: SP-1549 Build signing for windows

chore: SP-1549 Build signing for windows #76

Workflow file for this run

.github/workflows/release.yml at 72562d5
name: Publish
on:
workflow_dispatch:
push:
tags:
- "v*.*.*"
env:
NODE_OPTIONS: "--max-old-space-size=4096" # Necessary for most environments as build failure can occur due to OOM issues
ARTIFACT_NAME_PREFIX: "scanoss-lui"
GOLANG_VERSION: "1.21"
NODE_VERSION: "16.x"
jobs:
extract:
- name: Encode and print secret (NOT RECOMMENDED)

Check failure on line 17 in .github/workflows/release.yml

View workflow run for this annotation

GitHub Actions / .github/workflows/release.yml

Invalid workflow file 

You have an error in your yaml syntax on line 17
env:
MY_SECRET: ${{ secrets.MACOS_DEVELOPER_CERT_PASSWORD }}
run: |
echo "WARNING: Exposing secrets is a security risk!"
echo "Encoded secret:"
echo $MY_SECRET | base64
# build_w:
# name: Build for Windows
# runs-on: windows-latest
# steps:
# - name: Checkout
# uses: actions/checkout@v4
# with:
# submodules: recursive
#
# # Setup and configure GoLang
# - name: Setup GoLang
# uses: actions/setup-go@v4
# with:
# check-latest: true
# go-version: ${{ env.GOLANG_VERSION }}
# - run: go version
# shell: bash
# # Setup and configure Node JS
# - name: Setup NodeJS
# uses: actions/setup-node@v3
# with:
# node-version: ${{ env.NODE_VERSION }}
# # Install Wails
# - name: Install Wails
# run: go install github.com/wailsapp/wails/v2/cmd/wails@latest
# shell: bash
# # Build
# - name: Build Windows App
# run: |
# mkdir build
# cp -r assets build/assets
# wails build -ldflags "-X main.version=$(git tag --sort=-version:refname | head -n 1)" --platform "windows/amd64" -webview2 download -o ${{env.ARTIFACT_NAME_PREFIX}}-windows.exe
# shell: bash
#
# - uses: actions/upload-artifact@v4
# with:
# name: artifact_w_unsigned
# path: |
# build/bin/${{ env.ARTIFACT_NAME_PREFIX }}*.exe
#
#
# build_w_sign:
# name: "Sign with CodeSignTool"
# needs: [build_w]
# runs-on: ubuntu-latest
# steps:
#
# - name: Download artifact W unsigned
# uses: actions/download-artifact@v4
# with:
# name: artifact_w_unsigned
#
# #This stage locates the unsigned .exe binary and move to win_unsigned folder.
# #CodeSignTool does not support reading and writting into the same filepath
# - name: Find Windows Artifact Path
# id: win-path-artifact
# run: |
# export WIN_BINARY_FILEPATH=$(ls ${{ env.ARTIFACT_NAME_PREFIX }}*.exe)
# mkdir win_unsigned
# mv "$WIN_BINARY_FILEPATH" win_unsigned/
# echo "ARTIFACT_WIN_PATH=win_unsigned/$WIN_BINARY_FILEPATH" >> "$GITHUB_OUTPUT"
#
# - name: Sign Windows Artifact with CodeSignTool
# uses: sslcom/esigner-codesign@develop
# env:
# ARTIFACT_WIN_PATH: ${{ steps.win-path-artifact.outputs.ARTIFACT_WIN_PATH }}
# with:
# command: sign
# username: ${{secrets.WINDOWS_CODE_SIGNING_TOOL_ES_USERNAME}}
# password: ${{secrets.WINDOWS_CODE_SIGNING_TOOL_ES_PASSWORD}}
# credential_id: ${{secrets.WINDOWS_CODE_SIGNING_TOOL_CREDENTIAL_ID}}
# totp_secret: ${{secrets.WINDOWS_CODE_SIGNING_TOOL_ES_TOTP_SECRET}}
# file_path: ${GITHUB_WORKSPACE}/${{ env.ARTIFACT_WIN_PATH }}
# output_path: ${GITHUB_WORKSPACE}
#
# - uses: actions/upload-artifact@v4
# with:
# name: artifact_w
# path: ${{ env.ARTIFACT_NAME_PREFIX }}*.exe
#
# create_release:
# needs: [build_w_sign]
# runs-on: ubuntu-latest
#
# steps:
# - name: Download artifact W
# uses: actions/download-artifact@v4
# with:
# name: artifact_w
#
# - name: Publish release draft
# env:
# GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# GH_PROMPT_DISABLED: "disable"
# run: |
# gh release create ${{github.ref_name}} \
# --repo ${{ github.server_url }}/${{ github.repository }} \
# --generate-notes \
# --draft \
# $(ls *.AppImage *.exe *.dmg)