Skip to content

Signing CD Action

Signing CD Action #159

Workflow file for this run

name: FlexBridge CI/CD
on:
push:
branches: ["develop", "master"]
pull_request:
branches: ["develop", "master"]
workflow_dispatch:
inputs:
releaseType:
description: 'Alpha, Beta, Stable used to stamp release artifacts'
required: true
default: 'Alpha'
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
jobs:
build_and_test:
env:
CROWDIN_API_KEY: ${{ secrets.CROWDIN_API_KEY }}
FILESTOSIGNLATER: "${{ github.workspace }}\\filesToSign"
teamcity_build_checkoutDir: ${{ github.workspace }}
name: Build Debug and run Tests
runs-on: windows-latest
steps:
- name: Checkout Files
uses: actions/checkout@v4
id: checkout
with:
fetch-depth: 0
submodules: true
- name: Download 461 targeting pack
uses: suisei-cn/actions-download-file@818d6b7dc8fe73f2f924b6241f2b1134ca1377d9 # 1.6.0
id: downloadfile # Remember to give an ID if you need the output filename
with:
url: "https://download.microsoft.com/download/F/1/D/F1DEB8DB-D277-4EF9-9F48-3A65D4D8F965/NDP461-DevPack-KB3105179-ENU.exe"
target: public/
- name: Install targeting pack
shell: cmd
working-directory: public
run: NDP461-DevPack-KB3105179-ENU.exe /q
- name: Add msbuild to PATH
uses: microsoft/setup-msbuild@v2
# We need the dotnet runtime to execute overcrowdin
- name: Setup dotnet
uses: actions/setup-dotnet@v4
with:
dotnet-version:
8.0.x
if: github.event_name != 'pull_request'
- name: Downgrade Wix Toolset - remove when runner has 3.14.2
shell: cmd
run: choco install wixtoolset --version 3.11.2 --allow-downgrade --force
# If we are just doing a CI build we don't need real localizations, but the location must exist
- name: Add Fake Localizations for CI
shell: bash
run: echo > DistFiles/localizations/empty.xlf
if: github.event_name == 'pull_request'
- name: Install Latest Overcrowdin
shell: cmd
run: dotnet tool install -g overcrowdin
if: github.event_name != 'pull_request'
- name: Restore L10n Packages
shell: cmd
run: |
cd l10n
msbuild l10n.proj /t:restore
if: github.event_name != 'pull_request'
- name: Get Latest L10ns
shell: cmd
run: |
cd l10n
msbuild l10n.proj /t:GetLatestL10ns;CopyL10nsToDistFiles
if: github.event_name != 'pull_request'
- name: Restore Build Tasks & Packages
id: package_restore
shell: cmd
run: msbuild build\FLExBridge.proj /t:RestoreBuildTasks;RestorePackages
- name: Build & Test
id: build_and_test_step
shell: cmd
run: msbuild build\FLExBridge.proj /t:Test /p:Configuration=Release
# All the following are used only when building an installer after a merge
- name: Build Msi
id: build_msi
shell: cmd
run: |
msbuild build/FLExBridge.proj /t:CleanMasterOutputDir;PreparePublishingArtifactsInternal;BuildProductBaseMsi /p:UploadFolder=${{ inputs.environment || 'Alpha' }}
if: github.event_name != 'pull_request'
- name: Prepare for msi signing
shell: bash
run: |
echo "FILES_TO_SIGN=$(cat $FILESTOSIGNLATER)" >> $GITHUB_OUTPUT
id: gathered_files
if: github.event_name != 'pull_request'
- name: upload-unsigned-msi
id: upload-unsigned
uses: actions/upload-artifact@v4
with:
name: FlexBridge-unsigned.msi
path: ${{ steps.gathered_files.outputs.FILES_TO_SIGN }}
if-no-files-found: error
overwrite: true
if: github.event_name != 'pull_request'
- name: upload-msi
id: upload
uses: actions/upload-artifact@v4
with:
name: FlexBridge.msi
path: ${{ steps.gathered_files.outputs.FILES_TO_SIGN }}
if-no-files-found: error
overwrite: true
if: github.event_name != 'pull_request'
sign-installer:
name: Sign FlexBridge Installer
needs: build_and_test
if: github.event_name != 'pull_request'
uses: sillsdev/codesign/.github/workflows/sign.yml@v2
with:
artifact: FlexBridge.msi
secrets:
certificate: ${{ secrets.CODESIGN_LSDEVSECTIGOEV }}