1
0
mirror of https://github.com/bitwarden/browser.git synced 2024-11-09 09:51:02 +01:00
bitwarden-browser/.github/workflows/build-and-sign.yml

113 lines
3.5 KiB
YAML

name: Build & Sign
on:
workflow_dispatch:
jobs:
windows:
runs-on: windows-latest
environment: test
steps:
- name: Set up dotnet
uses: actions/setup-dotnet@v1
with:
dotnet-version: "3.1.x"
- name: Set up Node
uses: actions/setup-node@v1
with:
node-version: '10.x'
- name: Set Node options
run: echo "NODE_OPTIONS=--max_old_space_size=4096" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
shell: pwsh
- name: Print environment
run: |
node --version
npm --version
dotnet --version
- name: Install AST
shell: pwsh
run: |
cd $HOME
git clone https://github.com/vcsjones/AzureSignTool.git
cd AzureSignTool
$latest_head = $(git rev-parse HEAD)[0..9] -join ""
$latest_version = "0.0.0-g$latest_head"
Write-Host "--------"
Write-Host "git commit - $(git rev-parse HEAD)"
Write-Host "latest_head - $latest_head"
Write-Host "PACKAGE VERSION TO BUILD - $latest_version"
Write-Host "--------"
dotnet restore
dotnet pack --output ./nupkg
dotnet tool install --global --ignore-failed-sources --add-source ./nupkg --version $latest_version azuresigntool
cd $HOME
- name: Test AST
run: azuresigntool sign --help
- name: Checkout repo
uses: actions/checkout@v2
- name: Load package version
run: ./.github/scripts/load-version.ps1
shell: pwsh
- name: Install Node dependencies
run: npm install
- name: Run linter
run: npm run lint
- name: Build application
run: |
npm run build
npm run clean:dist
- name: Build & Sign
run: npx electron-builder --win --x64 --ia32 -p never -c.win.certificateSubjectName=\"Bitwarden Inc\"
env:
CSC_LINK: ${{ secrets.EB_SIGNING_CERT_IDENTIFIER_URL }}
CSC_KEY_PASSWORD: ${{ secrets.EB_SIGNING_CERT_KEY }}
SIGNING_VAULT_URL: ${{ secrets.SIGNING_VAULT_URL }}
SIGNING_CLIENT_ID: ${{ secrets.SIGNING_CLIENT_ID }}
SIGNING_TENANT_ID: ${{ secrets.SIGNING_TENANT_ID }}
SIGNING_CLIENT_SECRET: ${{ secrets.SIGNING_CLIENT_SECRET }}
SIGNING_CERT_NAME: ${{ secrets.SIGNING_CERT_NAME }}
SECRET_TEST: ${{ secrets.SECRET_TEST }}
#- name: Upload portable exe artifact
# if: github.ref == 'refs/heads/master' || github.event_name == 'release'
# uses: actions/upload-artifact@v2
# with:
# name: Bitwarden-Portable-${{ env.PACKAGE_VERSION }}.exe
# path: ./dist/Bitwarden-Portable-${{ env.PACKAGE_VERSION }}.exe
#- name: Upload installer exe artifact
# if: github.ref == 'refs/heads/master' || github.event_name == 'release'
# uses: actions/upload-artifact@v2
# with:
# name: Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe
# path: ./dist/nsis-web/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe
#- name: Upload release assets
# if: github.event_name == 'release'
# run: |
# hub release edit `
# -a ./dist/chocolatey/bitwarden.${{ env.PACKAGE_VERSION }}.nupkg `
# -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx `
# -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx `
# -m "$($env:RELEASE_TAG_NAME.TrimStart('v'))" `
# $env:RELEASE_TAG_NAME
# shell: pwsh
# env:
# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# RELEASE_TAG_NAME: ${{ github.event.release.tag_name }}