diff --git a/.github/workflows/execute-release.yml b/.github/workflows/execute-release.yml index 72a1afd9..74c647f2 100644 --- a/.github/workflows/execute-release.yml +++ b/.github/workflows/execute-release.yml @@ -255,36 +255,36 @@ jobs: steps: - uses: actions/checkout@v3 -# - name: Install protoc -# run: choco install protoc -# -# - name: Setup Python -# uses: actions/setup-python@v2 -# with: -# python-version: "3.x" -# -# - uses: actions-rs/toolchain@v1 -# with: -# toolchain: stable -# components: rustfmt -# override: true + - name: Install protoc + run: choco install protoc + + - name: Setup Python + uses: actions/setup-python@v2 + with: + python-version: "3.x" + + - uses: actions-rs/toolchain@v1 + with: + toolchain: stable + components: rustfmt + override: true - name: Show Cargo Version run: | cat Cargo.toml shell: bash -# - name: Build -# id: build -# env: -# VERSION: ${{ needs.release.outputs.version }} -# run: | -# rustup target add x86_64-pc-windows-gnu -# cargo build --release --target x86_64-pc-windows-gnu -# -# echo "::set-output name=momento_binary_path::.\target\x86_64-pc-windows-gnu\release\momento.exe" -# $distributableFile64Prefix = "momento-cli-$env:VERSION.windows_x64" -# echo "::set-output name=distributable_file_prefix::$distributableFile64Prefix" + - name: Build + id: build + env: + VERSION: ${{ needs.release.outputs.version }} + run: | + rustup target add x86_64-pc-windows-gnu + cargo build --release --target x86_64-pc-windows-gnu + + echo "::set-output name=momento_binary_path::.\target\x86_64-pc-windows-gnu\release\momento.exe" + $distributableFile64Prefix = "momento-cli-$env:VERSION.windows_x64" + echo "::set-output name=distributable_file_prefix::$distributableFile64Prefix" - name: Write client auth certificate file id: write_client_auth_cert @@ -296,22 +296,22 @@ jobs: Set-Content $p12Path -Value $encodedBytes -AsByteStream; echo "p12_path=$p12Path" >> $ENV:GITHUB_OUTPUT -# - name: Download digicert smtools -# env: -# SM_API_KEY: ${{ secrets.CODE_SIGNING_API_KEY }} -# run: | -# curl -X GET https://one.digicert.com/signingmanager/api-ui/v1/releases/smtools-windows-x64.msi/download -H "x-api-key:%SM_API_KEY%" -o smtools-windows-x64.msi -# shell: cmd -# -# - name: Install digicert smtools -# run: | -# $procMain = Start-Process "msiexec" "/i smtools-windows-x64.msi /qn /l*! msi_install.log" -NoNewWindow -PassThru -# echo $null >> msi_install.log -# $procLog = Start-Process "powershell" "Get-Content -Path msi_install.log -Wait" -NoNewWindow -PassThru -# $procMain.WaitForExit() -# $procLog.Kill() -# shell: powershell -# + - name: Download digicert smtools + env: + SM_API_KEY: ${{ secrets.CODE_SIGNING_API_KEY }} + run: | + curl -X GET https://one.digicert.com/signingmanager/api-ui/v1/releases/smtools-windows-x64.msi/download -H "x-api-key:%SM_API_KEY%" -o smtools-windows-x64.msi + shell: cmd + + - name: Install digicert smtools + run: | + $procMain = Start-Process "msiexec" "/i smtools-windows-x64.msi /qn /l*! msi_install.log" -NoNewWindow -PassThru + echo $null >> msi_install.log + $procLog = Start-Process "powershell" "Get-Content -Path msi_install.log -Wait" -NoNewWindow -PassThru + $procMain.WaitForExit() + $procLog.Kill() + shell: powershell + - name: Add digicert tools to path run: | echo "C:\Program Files (x86)\Windows Kits\10\App Certification Kit" >> $GITHUB_PATH @@ -323,26 +323,26 @@ jobs: run: | echo %path% shell: cmd -# -# - name: List digicert dir -# run: | -# dir "C:\Program Files\DigiCert\DigiCert One Signing Manager Tools" -# shell: cmd -# -# - name: Verify KSP Registration -# env: -# SM_HOST: ${{ secrets.CODE_SIGNING_HOST }} -# SM_API_KEY: ${{ secrets.CODE_SIGNING_API_KEY }} -# SM_CLIENT_CERT_FILE: "${{ steps.write_client_auth_cert.outputs.p12_path }}" -# SM_CLIENT_CERT_PASSWORD: ${{ secrets.CODE_SIGNING_CERT_PASSWORD }} -# run: | -# dir -# smksp_registrar.exe list -# smctl.exe keypair ls -# C:\Windows\System32\certutil.exe -csp "DigiCert Signing Manager KSP" -key -user -# smksp_cert_sync.exe -# smctl healthcheck -# shell: cmd + + - name: List digicert dir + run: | + dir "C:\Program Files\DigiCert\DigiCert One Signing Manager Tools" + shell: cmd + + - name: Verify KSP Registration + env: + SM_HOST: ${{ secrets.CODE_SIGNING_HOST }} + SM_API_KEY: ${{ secrets.CODE_SIGNING_API_KEY }} + SM_CLIENT_CERT_FILE: "${{ steps.write_client_auth_cert.outputs.p12_path }}" + SM_CLIENT_CERT_PASSWORD: ${{ secrets.CODE_SIGNING_CERT_PASSWORD }} + run: | + dir + smksp_registrar.exe list + smctl.exe keypair ls + C:\Windows\System32\certutil.exe -csp "DigiCert Signing Manager KSP" -key -user + smksp_cert_sync.exe + smctl healthcheck + shell: cmd - name: Sign Momento binary env: @@ -352,8 +352,6 @@ jobs: SM_CLIENT_CERT_FILE: "${{ steps.write_client_auth_cert.outputs.p12_path }}" SM_CLIENT_CERT_PASSWORD: ${{ secrets.CODE_SIGNING_CERT_PASSWORD }} run: | - echo "HERE IS THE SIGNTOOL PATH:" - echo $env:SIGNTOOL_PATH signtool.exe sign /sha1 ${{ secrets.CODE_SIGNING_CERT_SHA1_HASH }} /tr http://timestamp.digicert.com /td SHA256 /fd SHA256 $env:MOMENTO_BINARY_PATH signtool.exe verify /v /pa $env:MOMENTO_BINARY_PATH @@ -397,8 +395,6 @@ jobs: SM_CLIENT_CERT_FILE: "${{ steps.write_client_auth_cert.outputs.p12_path }}" SM_CLIENT_CERT_PASSWORD: ${{ secrets.CODE_SIGNING_CERT_PASSWORD }} run: | - echo "HERE IS THE SIGNTOOL PATH:" - echo $env:SIGNTOOL_PATH signtool.exe sign /sha1 ${{ secrets.CODE_SIGNING_CERT_SHA1_HASH }} /tr http://timestamp.digicert.com /td SHA256 /fd SHA256 $env:MSI_PATH signtool.exe verify /v /pa $env:MSI_PATH