Skip to content

release-obfuscator-cli #18

release-obfuscator-cli

release-obfuscator-cli #18

name: release-obfuscator-cli
on:
workflow_dispatch:
env:
PROJECT: Dax.Vpax.Obfuscator.CLI
jobs:
publish-release:
runs-on: windows-latest # windows is required for code signing (AzureSignTool)
permissions:
contents: write
steps:
- name: checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: setup dotnet
uses: actions/setup-dotnet@v4
with:
global-json-file: global.json
- name: nbgv
uses: dotnet/[email protected]
id: nbgv
with:
path: src/${{ env.PROJECT }}
- name: dotnet publish
run: dotnet publish 'src/${{ env.PROJECT }}/${{ env.PROJECT }}.csproj' -o . -c Release -r win-x86 --sc -p:PublishSingleFile=true
- name: dotnet tool install AzureSignTool
run: dotnet tool install --no-cache --global AzureSignTool
- name: code signing
shell: cmd
run: |
azuresigntool sign ^
-kvu "${{ secrets.CODESIGNING_VAULT_URL }}" ^
-kvt "${{ secrets.CODESIGNING_TENANT_ID }}" ^
-kvi "${{ secrets.CODESIGNING_CLIENT_ID }}" ^
-kvs "${{ secrets.CODESIGNING_CLIENT_SECRET }}" ^
-kvc "${{ secrets.CODESIGNING_CERTIFICATE }}" ^
-tr "http://timestamp.digicert.com" ^
-v "vpax-obfuscator.exe"
- name: git tag
run: |
git config user.name github-actions[bot]
git config user.email 41898282+github-actions[bot]@users.noreply.github.com # from 'https://api.github.com/users/github-actions[bot]'
git tag -a $RELEASE_TAG -m $RELEASE_TAG
git push origin $RELEASE_TAG --tags
env:
RELEASE_TAG: ${{ env.PROJECT }}_${{ steps.nbgv.outputs.SemVer2 }}
- name: gh release create
shell: bash
run: |
PRERELEASE_FLAG=$([[ "${{ steps.nbgv.outputs.PrereleaseVersion }}" != "" ]] && echo "--prerelease" || echo "")
gh release create ${{ env.RELEASE_TAG }} 'vpax-obfuscator.exe#Obfuscator CLI x86 net6.0' --title ${{ env.RELEASE_TAG }} --generate-notes --draft $PRERELEASE_FLAG
env:
RELEASE_TAG: ${{ env.PROJECT }}_${{ steps.nbgv.outputs.SemVer2 }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}