-
Notifications
You must be signed in to change notification settings - Fork 1
130 lines (128 loc) · 4.45 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
name: Continuous Integration
on: [push, pull_request]
jobs:
build:
name: Build - ${{matrix.compiler}} ${{matrix.arch}}
runs-on: windows-2022
strategy:
matrix:
arch: [x86, x64]
compiler: [msvc, clang]
exclude:
- arch: x86
compiler: clang
steps:
- name: Fetch code-signing key
id: fetch-key
env:
CODE_SIGNING_PFX_BASE64: ${{ secrets.CODE_SIGNING_KEY_PFX_BASE64 }}
if: github.event_name == 'push'
run: |
if ($Env:CODE_SIGNING_PFX_BASE64 -eq "") {
Write-Host "No code signing key in env var."
Add-Content $Env:GITHUB_OUTPUT "HAVE_KEY=false"
} else {
$pfxPath="${{runner.temp}}\MyCert.pfx"
[System.Convert]::FromBase64String($Env:CODE_SIGNING_PFX_BASE64) | Set-Content $pfxPath -AsByteStream
Add-Content $Env:GITHUB_OUTPUT "HAVE_KEY=true"
Add-Content $Env:GITHUB_OUTPUT "PATH=$pfxPath"
}
- uses: actions/checkout@v4
with:
path: source
fetch-depth: 0
- name: Fetch submodules
working-directory: source
run: git submodule update --init
- uses: ilammy/msvc-dev-cmd@0b201ec74fa43914dc39ae48a89fd1d8cb592756
with:
arch: ${{matrix.arch}}
- name: Build
id: build
working-directory: source
run: |
$args = @()
if ("${{matrix.compiler}}" -eq "clang") {
$args += "-Clang"
}
if ("${{github.ref_type}}" -eq "tag") {
$tag = "${{github.ref_name}}" -replace '^v',''
$args += @("-Version","$tag.${{github.run_number}}")
} else {
$args += @("-Version","0.0.0.${{github.run_number}}")
}
powershell .\build.ps1 @args
if ($LastExitCode -ne 0) {
exit $LastExitCode;
}
Copy-Item install.ps1 out\
Copy-Item wrap.ps1 out\
# If we pass the source locations, we end up with the `out\` prefix in the zip file for the other files
Copy-Item README.md out\
Copy-Item LICENSE out\
Copy-Item OXRTracing.wprp out\
- name: Sign DLLs and scripts
working-directory: source\out
if: ${{steps.fetch-key.outputs.HAVE_KEY == 'true' }}
run: |
$to_sign = Get-ChildItem "*.dll","*.ps1"
function Sign-File {
param ($FilePath)
# Known path for the GitHub Actions windows 2022 runner, may need updating
& 'C:\Program Files (x86)\Windows Kits\10\bin\10.0.19041.0\x86\signtool.exe' `
sign `
/t http://timestamp.digicert.com `
/fd SHA256 `
/f "${{steps.fetch-key.outputs.PATH}}" `
$FilePath
}
foreach ($file in $to_sign) {
Sign-File $file.FullName
}
- name: Attach files to build
uses: actions/upload-artifact@v4
with:
name: OpenXR-Tracing-${{matrix.compiler}}-${{matrix.arch}}-GHA-${{github.run_number}}
path: |
source/out/README.md
source/out/LICENSE
source/out/OXRTracing.wprp
source/out/*.dll
source/out/*.ps1
source/out/*.json
release:
name: Create draft release
needs: [build]
if: github.ref_type == 'tag'
runs-on: windows-2022
permissions:
contents: write
steps:
- name: Download build artifacts
uses: actions/download-artifact@v4
with:
path: ${{runner.temp}}/artifacts
- name: Display downloaded files
run: Get-ChildItem -Recurse
working-directory: ${{runner.temp}}/artifacts
- name: Create zips
id: zips
working-directory: ${{runner.temp}}/artifacts
run: |
foreach ($dir in Get-ChildItem -Directory) {
Push-Location $dir
$out_name = $dir.Name -Replace '-GHA-.*','-${{github.ref_name}}.zip'
Compress-Archive `
-Path * `
-DestinationPath ..\$out_name
Pop-Location
}
$dir_path= (Get-Location).Path -replace '\\','/'
Add-Content $Env:GITHUB_OUTPUT "DIR_PATH=$dir_path"
- name: Create draft release
id: create-release
uses: softprops/action-gh-release@9d7c94cfd0a1f3ed45544c887983e9fa900f0564
with:
draft: true
files: |
${{ steps.zips.outputs.DIR_PATH }}/*.zip