From 4c55ddef1c3eaa6d7a7468726736106a29dcb4eb Mon Sep 17 00:00:00 2001 From: Elliot Huffman Date: Wed, 13 Apr 2022 15:40:58 -0400 Subject: [PATCH] Merge Workflows Merge separate workflows to a unified workflow. This fixes artifact access issues. --- .github/workflows/Authenticode-Sign.yml | 35 --------------- .github/workflows/Build-Binaries.yml | 57 ++++++++++++++++++++++++- .github/workflows/Build-MSI.yml | 36 ---------------- 3 files changed, 55 insertions(+), 73 deletions(-) delete mode 100644 .github/workflows/Authenticode-Sign.yml delete mode 100644 .github/workflows/Build-MSI.yml diff --git a/.github/workflows/Authenticode-Sign.yml b/.github/workflows/Authenticode-Sign.yml deleted file mode 100644 index b24999f..0000000 --- a/.github/workflows/Authenticode-Sign.yml +++ /dev/null @@ -1,35 +0,0 @@ -# This is a basic workflow to help you get started with Actions - -name: Authenticode Sign - -# Controls when the workflow will run -on: - # Allows you to run this workflow manually from the Actions tab - workflow_dispatch: - -# A workflow run is made up of one or more jobs that can run sequentially or in parallel -jobs: - # This workflow contains a single job called "build" - Authenticode-Sign: - # The type of runner that the job will run on - runs-on: windows-latest - - # Steps represent a sequence of tasks that will be executed as part of the job - steps: - - name: Download the Windows Raw un-packaged exe Artifact - uses: actions/download-artifact@v2 - with: - # Artifact name - name: WindowsRawExe - # Destination path - path: Downloads - - # Runs a single command using the runners shell - - name: Set up .Net CLI - uses: actions/setup-dotnet@v1 - with: - dotnet-version: "6.0.x" - - # Install the Azure Sign Tool for authenticode signing - - name: Install Azure Sign Tool - run: dotnet tool install AzureSignTool diff --git a/.github/workflows/Build-Binaries.yml b/.github/workflows/Build-Binaries.yml index a5152b4..916bed9 100644 --- a/.github/workflows/Build-Binaries.yml +++ b/.github/workflows/Build-Binaries.yml @@ -9,8 +9,7 @@ on: # A workflow run is made up of one or more jobs that can run sequentially or in parallel jobs: - # This workflow contains a single job called "build" - Package-Bins: + Generate-Bins: # The type of runner that the job will run on runs-on: ubuntu-latest @@ -67,3 +66,57 @@ jobs: with: name: LinuxRawBin path: Server/dist/privileged-security-management-server-linux + + Authenticode-Sign: + # This job can't procede if the EXE isn't present to sign + needs: Generate-Bins + + # The type of runner that the job will run on + runs-on: windows-latest + + # Steps represent a sequence of tasks that will be executed as part of the job + steps: + - name: Download the Windows Raw un-packaged exe Artifact + uses: actions/download-artifact@v2 + with: + # Artifact name + name: WindowsRawExe + # Destination path + path: Downloads + + # Runs a single command using the runners shell + - name: Set up .Net CLI + uses: actions/setup-dotnet@v1 + with: + dotnet-version: "6.0.x" + + # Install the Azure Sign Tool for authenticode signing + - name: Install Azure Sign Tool + run: dotnet tool install AzureSignTool + + Package-WindowsInstallers: + # This job can't procede if the EXE hasn't been generated or signed + needs: [Generate-Bins, Authenticode-Sign] + + # The type of runner that the job will run on + runs-on: windows-latest + + # Steps represent a sequence of tasks that will be executed as part of the job + steps: + - name: Download project + uses: actions/checkout@v2 + + - name: Download EXE + uses: actions/download-artifact@v3 + with: + name: WindowsRawExe + path: Server/dist/ + + - name: Build MSI + uses: Caphyon/advinst-github-action@v1.0 + with: + advinst-version: '19.3' + advinst-license: ${{ secrets.ADVANCEDINSTALLER_KEY }} + advinst-enable-automation: 'false' + aip-path: 'Privileged Security Management.aip' + aip-build-name: 'MSI' \ No newline at end of file diff --git a/.github/workflows/Build-MSI.yml b/.github/workflows/Build-MSI.yml deleted file mode 100644 index c169287..0000000 --- a/.github/workflows/Build-MSI.yml +++ /dev/null @@ -1,36 +0,0 @@ -# This is a basic workflow to help you get started with Actions - -name: Build MSI - -# Controls when the workflow will run -on: - # Allows you to run this workflow manually from the Actions tab - workflow_dispatch: - -# A workflow run is made up of one or more jobs that can run sequentially or in parallel -jobs: - # This workflow contains a single job called "build" - build: - # The type of runner that the job will run on - runs-on: windows-latest - - # Steps represent a sequence of tasks that will be executed as part of the job - steps: - - name: Download project - uses: actions/checkout@v2 - - - name: Download EXE - uses: actions/download-artifact@v3 - with: - name: WindowsRawExe - path: Server/dist/ - - - - name: Build MSI - uses: Caphyon/advinst-github-action@v1.0 - with: - advinst-version: '19.3' - advinst-license: ${{ secrets.ADVANCEDINSTALLER_KEY }} - advinst-enable-automation: 'false' - aip-path: 'Privileged Security Management.aip' - aip-build-name: 'MSI'