Skip to content

feat(wsl): support detection of current system has virtualization ena… #23

feat(wsl): support detection of current system has virtualization ena…

feat(wsl): support detection of current system has virtualization ena… #23

Workflow file for this run

name: Release
on:
push:
tags:
- "v*.*.*"
permissions:
contents: write
id-token: write
packages: read
jobs:
release:
runs-on: windows-latest
steps:
- name: Configure R2 Credentials
run: |
aws configure set aws_access_key_id ${{ secrets.R2_OOMOL_STATIC_S3_AK }}
aws configure set aws_secret_access_key ${{ secrets.R2_OOMOL_STATIC_S3_SK }}
aws configure set region auto
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Set up Go
uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
with:
go-version: 1.21.3
- name: Setup Code Signing (1/2)
env:
SM_CLIENT_CERT_FILE_B64: ${{ secrets.SM_CLIENT_CERT_FILE_B64 }}
run: |
CERTIFICATE_PATH=$RUNNER_TEMP/certificate.p12
echo "$SM_CLIENT_CERT_FILE_B64" | base64 --decode > $CERTIFICATE_PATH
echo "SM_CLIENT_CERT_FILE=$CERTIFICATE_PATH" >> "$GITHUB_ENV"
echo "SM_HOST=${{ secrets.SM_HOST }}" >> "$GITHUB_ENV"
echo "SM_API_KEY=${{ secrets.SM_API_KEY }}" >> "$GITHUB_ENV"
echo "SM_CLIENT_CERT_PASSWORD=${{ secrets.SM_CLIENT_CERT_PASSWORD }}" >> "$GITHUB_ENV"
echo "C:\Program Files (x86)\Windows Kits\10\App Certification Kit" >> $GITHUB_PATH
echo "C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.8 Tools" >> $GITHUB_PATH
echo "C:\Program Files\DigiCert\DigiCert Keylocker Tools" >> $GITHUB_PATH
shell: bash
- name: Setup Code Signing (2/2)
run: |
curl -X GET https://one.digicert.com/signingmanager/api-ui/v1/releases/Keylockertools-windows-x64.msi/download -H "x-api-key:%SM_API_KEY%" -o Keylockertools-windows-x64.msi
msiexec /i Keylockertools-windows-x64.msi /quiet /qn
smksp_cert_sync.exe
shell: cmd
- name: Build
run: make build
- name: Sign
run: |
signtool.exe sign /sha1 ${{ secrets.SM_CODE_SIGNING_CERT_SHA1_HASH }} /tr http://timestamp.digicert.com /td SHA256 /fd SHA256 ./out/ovm-amd64.exe
signtool.exe verify /v /pa ./out/ovm-amd64.exe
- name: Release
uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 # v0.1.15
with:
files: |
out/*
generate_release_notes: true
draft: false
prerelease: false
fail_on_unmatched_files: true
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Get Tag Name
shell: bash
run: echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
- name: Upload To S3
shell: bash
run: |
aws s3 cp \
--endpoint-url ${{ secrets.R2_OOMOL_STATIC_S3_ENDPOINT }} \
./out \
s3://oomol-static/ovm-resources/ovm-win/$RELEASE_VERSION \
--recursive --exclude "*" --include "*.exe"