release-obfuscator-cli #21
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: release-obfuscator-cli | |
| on: | |
| workflow_dispatch: | |
| env: | |
| PROJECT: Dax.Vpax.Obfuscator.CLI | |
| jobs: | |
| publish-release: | |
| runs-on: windows-latest # windows is required for code signing (AzureSignTool) | |
| permissions: | |
| contents: write | |
| steps: | |
| - name: checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: setup dotnet | |
| uses: actions/setup-dotnet@v4 | |
| with: | |
| global-json-file: global.json | |
| - name: nbgv | |
| uses: dotnet/[email protected] | |
| id: nbgv | |
| with: | |
| path: src/${{ env.PROJECT }} | |
| - name: dotnet publish | |
| run: dotnet publish 'src/${{ env.PROJECT }}/${{ env.PROJECT }}.csproj' -o . -c Release -r win-x86 --sc -p:PublishSingleFile=true | |
| - name: dotnet tool install AzureSignTool | |
| run: dotnet tool install --no-cache --global AzureSignTool | |
| - name: code signing | |
| shell: cmd | |
| run: | | |
| azuresigntool sign ^ | |
| -kvu "${{ secrets.CODESIGNING_VAULT_URL }}" ^ | |
| -kvt "${{ secrets.CODESIGNING_TENANT_ID }}" ^ | |
| -kvi "${{ secrets.CODESIGNING_CLIENT_ID }}" ^ | |
| -kvs "${{ secrets.CODESIGNING_CLIENT_SECRET }}" ^ | |
| -kvc "${{ secrets.CODESIGNING_CERTIFICATE }}" ^ | |
| -tr "http://timestamp.digicert.com" ^ | |
| -v "vpax-obfuscator.exe" | |
| - name: git tag | |
| run: | | |
| git config user.name github-actions[bot] | |
| git config user.email 41898282+github-actions[bot]@users.noreply.github.com # from 'https://api.github.com/users/github-actions[bot]' | |
| git tag -a $RELEASE_TAG -m $RELEASE_TAG | |
| git push origin $RELEASE_TAG --tags | |
| env: | |
| RELEASE_TAG: ${{ env.PROJECT }}_${{ steps.nbgv.outputs.SemVer2 }} | |
| - name: gh release create | |
| shell: bash | |
| run: | | |
| PRERELEASE_FLAG=$([[ "${{ steps.nbgv.outputs.PrereleaseVersion }}" != "" ]] && echo "--prerelease" || echo "") | |
| gh release create ${{ env.RELEASE_TAG }} 'vpax-obfuscator.exe#Obfuscator CLI x86 net6.0' --title ${{ env.RELEASE_TAG }} --generate-notes --draft $PRERELEASE_FLAG | |
| env: | |
| RELEASE_TAG: ${{ env.PROJECT }}_${{ steps.nbgv.outputs.SemVer2 }} | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |