build: Remove not windows related jobs #673
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: GLPI Agent Packaging | |
| # Set publish_development_build to "yes" to publish development builds as pre-release | |
| # Set number_of_development_build_to_keep to the number of development build to keep | |
| # Set number_of_nightly_build_to_keep to the number of nightly release to keep | |
| # Set number_of_nightly_build_to_keep to 0 to not publish nightly builds | |
| env: | |
| publish_development_build: no | |
| number_of_development_build_to_keep: 3 | |
| number_of_nightly_build_to_keep: 3 | |
| macosx_notarize_support: yes | |
| on: | |
| push: | |
| pull_request: | |
| branches: | |
| - develop | |
| schedule: | |
| - cron: '10 1 * * *' | |
| workflow_dispatch: | |
| inputs: | |
| nightly: | |
| description: 'Nightly publishing' | |
| required: true | |
| default: true | |
| type: boolean | |
| jobs: | |
| setup-release: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| version: ${{ steps.set-version.outputs.version }} | |
| upload_url: ${{ steps.create-tagged-release.outputs.upload_url }} | |
| create-release: ${{ steps.set-version.outputs.create-release }} | |
| tag_name: ${{ steps.set-version.outputs.tag_name }} | |
| build: ${{ steps.set-version.outputs.build }} | |
| releaseid: ${{ steps.create-tagged-release.outputs.id }} | |
| user-name: ${{ steps.set-version.outputs.user-name }} | |
| user-email: ${{ steps.set-version.outputs.user-email }} | |
| win32-signing: ${{ steps.set-version.outputs.win32-signing }} | |
| macosx-signing: ${{ steps.set-version.outputs.macosx-signing }} | |
| macosx-notarization: ${{ steps.set-version.outputs.macosx-notarization }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set version | |
| id: set-version | |
| run: | | |
| if [ "${{ vars.WIN32_SIGNING }}" == "no" ]; then | |
| echo "win32-signing=no" >>$GITHUB_OUTPUT | |
| elif [ -n "$CODESIGN_COMMAND" ]; then | |
| echo "win32-signing=alt" >>$GITHUB_OUTPUT | |
| elif [ -n "$CST_USERNAME" ]; then | |
| echo "win32-signing=cst" >>$GITHUB_OUTPUT | |
| else | |
| echo "win32-signing=no" >>$GITHUB_OUTPUT | |
| fi | |
| if [ -n "$APPSIGNID" -a -n "$INSTSIGNID" ]; then | |
| echo "macosx-signing=yes" >>$GITHUB_OUTPUT | |
| if [ "${{ env.macosx_notarize_support }}" == "yes" -a "${{ vars.MACOSX_NOTARIZE }}" != "no" ]; then | |
| NOTARIZE="yes" | |
| else | |
| NOTARIZE="no" | |
| fi | |
| else | |
| echo "macosx-signing=no" >>$GITHUB_OUTPUT | |
| NOTARIZE="no" | |
| fi | |
| if [ -z "${GITHUB_REF##*refs/tags/*}" ]; then | |
| # Abort publishing if MACOSX_SIGNING variable was set to "no" | |
| if [ "${{ vars.MACOSX_SIGNING }}" == "no" -a -n "$APPSIGNID" -a -n "$INSTSIGNID" ]; then | |
| echo "MACOSX_SIGNING has been disabled in GH variables. Fix it before publishing." >&2 | |
| exit 1 | |
| fi | |
| # Abort publishing if MACOSX_NOTARIZE variable was set to "no" | |
| if [ "${{ vars.MACOSX_NOTARIZE }}" == "no" -a "$NOTARIZE" == "yes" ]; then | |
| echo "MACOSX_NOTARIZE has been disabled in GH variables. Fix it before publishing." >&2 | |
| exit 1 | |
| fi | |
| VERSION="${GITHUB_REF#*refs/tags/}" | |
| echo "New release on $VERSION $tag" | |
| echo "create-release=yes" >>$GITHUB_OUTPUT | |
| echo "build=yes" >>$GITHUB_OUTPUT | |
| echo "tag_name=$VERSION" >>$GITHUB_OUTPUT | |
| else | |
| VERSION=$(perl -Ilib -MGLPI::Agent::Version -e 'print $GLPI::Agent::Version::VERSION') | |
| VERSION=${VERSION%-dev}-git${GITHUB_SHA:0:8} | |
| if [ "${{ github.event_name }}" = "schedule" -o "${{ inputs.nightly }}" = "true" -o "${{ env.publish_development_build }}" = "yes" ]; then | |
| if [ "${{ github.event_name }}" = "schedule" -o "${{ inputs.nightly }}" = "true" ]; then | |
| TYPE=nightly | |
| if [ -z "$PUBLISHING_TOKEN" ]; then | |
| echo "No PUBLISHING_TOKEN defined to publish GLPI-Agent nightly builds" | |
| echo "create-release=no" >>$GITHUB_OUTPUT | |
| echo "build=no" >>$GITHUB_OUTPUT | |
| exit 0 | |
| elif gh api /repos/{owner}/glpi-project.github.io/git/refs/tags/glpi-agent-development-$VERSION --silent 2>/dev/null; then | |
| echo "GLPI-Agent v$VERSION still published as development build" | |
| echo "create-release=no" >>$GITHUB_OUTPUT | |
| echo "build=no" >>$GITHUB_OUTPUT | |
| exit 0 | |
| fi | |
| else | |
| TYPE=development | |
| fi | |
| SKIP_NIGHTLY="${{ env.number_of_nightly_build_to_keep }} $TYPE" | |
| # For nightly, we also check if we had any commit during the last 24 hours unless it is a manually forced run for which INPUT_NIGHTLY should be set | |
| if [ -z "$INPUT_NIGHTLY" -a "$SKIP_NIGHTLY" = "0 nightly" -o -z "$( git rev-list -n 1 --after="24 hours" ${{ github.sha }} )" ]; then | |
| echo "No nightly release needed" | |
| echo "create-release=no" >>$GITHUB_OUTPUT | |
| echo "build=no" >>$GITHUB_OUTPUT | |
| else | |
| echo "New $TYPE release as $VERSION version" | |
| echo "create-release=${{ env.publish_development_build }}" >>$GITHUB_OUTPUT | |
| echo "build=yes" >>$GITHUB_OUTPUT | |
| echo "tag_name=$TYPE-$VERSION" >>$GITHUB_OUTPUT | |
| fi | |
| else | |
| echo "Just building $VERSION version" | |
| echo "create-release=no" >>$GITHUB_OUTPUT | |
| echo "build=yes" >>$GITHUB_OUTPUT | |
| echo "tag_name=development-$VERSION" >>$GITHUB_OUTPUT | |
| NOTARIZE="no" | |
| fi | |
| fi | |
| echo "version=$VERSION" >>$GITHUB_OUTPUT | |
| case "${VERSION#*-}" in | |
| $VERSION) | |
| echo "revname=v$VERSION" >>$GITHUB_OUTPUT | |
| echo "prerelease=false" >>$GITHUB_OUTPUT | |
| ;; | |
| test*) | |
| echo "revname=v${VERSION%-test*} Test release ${VERSION#*-test}" >>$GITHUB_OUTPUT | |
| echo "prerelease=true" >>$GITHUB_OUTPUT | |
| ;; | |
| beta*) | |
| echo "revname=v${VERSION%-beta*} Beta release ${VERSION#*-beta}" >>$GITHUB_OUTPUT | |
| echo "prerelease=true" >>$GITHUB_OUTPUT | |
| ;; | |
| *) | |
| echo "revname=v$VERSION Development release" >>$GITHUB_OUTPUT | |
| echo "prerelease=true" >>$GITHUB_OUTPUT | |
| ;; | |
| esac | |
| # Check if MacOSX packaging notarization is required | |
| echo "macosx-notarization=$NOTARIZE" >>$GITHUB_OUTPUT | |
| # Set user and mail for nightly release | |
| echo "user-name=$(git log --format='%an' HEAD^!)" >>$GITHUB_OUTPUT | |
| echo "user-email=$(git log --format='%ae' HEAD^!)" >>$GITHUB_OUTPUT | |
| shell: bash | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| PUBLISHING_TOKEN: ${{ secrets.PUBLISHING_TOKEN }} | |
| CODESIGN_COMMAND: ${{ secrets.CODESIGN_COMMAND }} | |
| CST_USERNAME: ${{ secrets.CST_USERNAME }} | |
| APPSIGNID: ${{ vars.MACOSX_APPSIGNID }} | |
| INSTSIGNID: ${{ vars.MACOSX_INSTSIGNID }} | |
| - name: Generate release description | |
| id: github-release-body | |
| if: ${{ steps.set-version.outputs.create-release == 'yes' }} | |
| run: | | |
| tools/github-release-description.sh --version ${{ steps.set-version.outputs.version }} --tag ${{ steps.set-version.outputs.tag_name }} | |
| shell: bash | |
| - name: Create Tagged Release | |
| id: create-tagged-release | |
| uses: ncipollo/release-action@v1 | |
| if: ${{ steps.set-version.outputs.create-release == 'yes' }} | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token | |
| with: | |
| tag: ${{ steps.set-version.outputs.tag_name }} | |
| name: GLPI Agent ${{ steps.set-version.outputs.revname }} | |
| bodyFile: release-description.md | |
| draft: true | |
| prerelease: ${{ steps.set-version.outputs.prerelease }} | |
| windows-packaging: | |
| runs-on: windows-latest | |
| strategy: | |
| matrix: | |
| arch: [ x64 ] | |
| if: ${{ needs.setup-release.outputs.build == 'yes' }} | |
| needs: setup-release | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Create folders for cached datas | |
| run: | | |
| mkdir C:\Strawberry-perl-for-GLPI-Agent_build\download | |
| mkdir C:\Strawberry-perl-for-GLPI-Agent_build\restore | |
| shell: cmd | |
| - name: Restore points cache | |
| uses: actions/cache@v4 | |
| id: built-perl-cache | |
| with: | |
| path: | | |
| C:/Strawberry-perl-for-GLPI-Agent_build/restore | |
| key: windows-packaging-perl-cache-${{ matrix.arch }}-${{ hashFiles('contrib\windows\glpi-agent-extlibs-build.pl', 'contrib\windows\glpi-agent-packaging.pl', 'contrib\windows\packaging\*') }} | |
| - name: Restore ca.dll points cache | |
| uses: actions/cache@v4 | |
| id: built-ca-dll-cache | |
| with: | |
| path: contrib/windows/packaging/tools/ca/ca.dll | |
| key: windows-packaging-ca-dll-cache-${{ matrix.arch }}-${{ hashFiles('contrib\windows\glpi-agent-extlibs-build.pl', 'contrib\windows\packaging\ToolchainBuildJob.pm', 'contrib\windows\packaging\CustomActionDllBuildJob.pm', 'contrib\windows\packaging\tools\ca\Makefile', 'contrib\windows\packaging\tools\ca\dll\*') }} | |
| - name: Restore Toolchain points cache | |
| uses: actions/cache@v4 | |
| id: built-extlibs-cache | |
| if: steps.built-perl-cache.outputs.cache-hit != 'true' || steps.built-ca-dll-cache.outputs.cache-hit != 'true' | |
| with: | |
| path: | | |
| C:/Strawberry-perl-for-GLPI-Agent_build/download/winlibs*.zip | |
| C:/Strawberry-perl-for-GLPI-Agent_build/download/extlibs.zip | |
| key: windows-packaging-extlibs-cache-${{ matrix.arch }}-${{ hashFiles('contrib\windows\glpi-agent-extlibs-build.pl', 'contrib\windows\packaging\ToolchainBuildJob.pm', 'contrib\windows\packaging\*.patch') }} | |
| - name: List files in cached paths | |
| if: success() || failure() | |
| run: | | |
| dir C:\Strawberry-perl-for-GLPI-Agent_build\download | |
| dir C:\Strawberry-perl-for-GLPI-Agent_build\restore | |
| dir contrib\windows\packaging\tools\ca | |
| shell: cmd | |
| - name: Restore required perl libraries cache | |
| uses: actions/cache@v4 | |
| id: perl-site-cache | |
| with: | |
| path: | | |
| C:\Strawberry\perl\site\lib | |
| C:\Strawberry\perl\site\bin | |
| key: built-perl-windows-packaging-perl-site-cache-${{ matrix.arch }}-${{ hashFiles('contrib\windows\glpi-agent-extlibs-build.pl', 'contrib\windows\glpi-agent-packaging.pl', 'contrib\windows\packaging\*') }} | |
| - name: Update environment | |
| run: | | |
| echo 'C:\Strawberry\perl\bin' >> $GITHUB_PATH | |
| echo 'C:\Strawberry\perl\site\bin' >> $GITHUB_PATH | |
| echo 'C:\Strawberry\c\bin' >> $GITHUB_PATH | |
| shell: bash | |
| - name: Show environment | |
| run: | | |
| echo "PATH=%PATH%" | |
| perl --version | |
| perl -V | |
| shell: cmd | |
| - name: Install Module::Install | |
| if: steps.perl-site-cache.outputs.cache-hit != 'true' | |
| run: cpan -T Module::Install | |
| shell: cmd | |
| - name: Prepare Makefile | |
| run: perl Makefile.PL | |
| shell: cmd | |
| - name: Install latest Perl::Dist::Strawberry from github | |
| if: steps.perl-site-cache.outputs.cache-hit != 'true' | |
| run: | | |
| cpanm --notest --verbose https://github.com/StrawberryPerl/Perl-Dist-Strawberry.git@f5195c0d072eba9a529c5d8fef6475395c5e0abb | |
| shell: cmd | |
| - name: Build Extlibs with Perl Toolchain | |
| if: steps.built-perl-cache.outputs.cache-hit != 'true' && steps.built-extlibs-cache.outputs.cache-hit != 'true' | |
| run: | | |
| perl contrib\windows\glpi-agent-extlibs-build.pl --arch ${{ matrix.arch }} | |
| shell: cmd | |
| - name: Build ca.dll with Perl Toolchain | |
| if: steps.built-ca-dll-cache.outputs.cache-hit != 'true' | |
| run: | | |
| perl contrib\windows\glpi-agent-extlibs-build.pl --arch ${{ matrix.arch }} --cadll | |
| shell: cmd | |
| - name: Build package | |
| run: | | |
| perl contrib\windows\glpi-agent-packaging.pl --arch ${{ matrix.arch }} | |
| shell: cmd | |
| - name: MSI Signing (CST) | |
| if: ${{ needs.setup-release.outputs.win32-signing == 'cst' }} | |
| run: | | |
| perl tools\msi-signing.pl "C:\Strawberry-perl-for-GLPI-Agent_build" "GLPI-Agent-${{ needs.setup-release.outputs.version }}-${{ matrix.arch }}.msi" | |
| shell: cmd | |
| env: | |
| CST_USERNAME: ${{ secrets.CST_USERNAME }} | |
| CST_PASSWORD: ${{ secrets.CST_PASSWORD }} | |
| CST_SECRET: ${{ secrets.CST_SECRET }} | |
| CST_CREDENTIALID: ${{ secrets.CST_CREDENTIALID }} | |
| - name: MSI Signing (ALT) | |
| if: ${{ needs.setup-release.outputs.win32-signing == 'alt' }} | |
| run: | | |
| cd "C:\\Strawberry-perl-for-GLPI-Agent_build" | |
| umask 0077 | |
| mkdir ~/.ssh | |
| echo "$CODESIGN_KNOWNHOST" > ~/.ssh/known_hosts | |
| echo "$CODESIGN_PRIVATE" > private.key | |
| umask 0002 | |
| MSI="GLPI-Agent-${{ needs.setup-release.outputs.version }}-${{ matrix.arch }}.msi" | |
| cat "output\\$MSI" | $CODESIGN_COMMAND codesign "$MSI" > "$MSI" | |
| rm -f private.key ~/.ssh/known_hosts "output\\$MSI" | |
| mv -vf "$MSI" "output\\$MSI" | |
| shell: bash | |
| env: | |
| CODESIGN_KNOWNHOST: ${{ secrets.CODESIGN_KNOWNHOST }} | |
| CODESIGN_COMMAND: ${{ secrets.CODESIGN_COMMAND }} | |
| CODESIGN_PRIVATE: ${{ secrets.CODESIGN_PRIVATE }} | |
| - name: List generated files | |
| if: success() || failure() | |
| run: | | |
| dir C:\Strawberry-perl-for-GLPI-Agent_build\output | |
| shell: cmd | |
| - name: Upload windows built artifacts | |
| if: success() || failure() | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: Windows-Build-${{ matrix.arch }} | |
| path: C:\Strawberry-perl-for-GLPI-Agent_build\output | |
| - name: Upload debug MSI-Build artifacts | |
| if: failure() #success() || failure() # Only enable on failure or when debugging is required | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: MSI-Build-Debug-${{ matrix.arch }} | |
| path: C:\Strawberry-perl-for-GLPI-Agent_build\build\msi | |
| - name: VirusTotal Scan | |
| uses: crazy-max/ghaction-virustotal@v4 | |
| if: ${{ needs.setup-release.outputs.create-release == 'yes' || startsWith(needs.setup-release.outputs.tag_name, 'nightly') }} | |
| with: | |
| vt_api_key: ${{ secrets.VT_API_KEY }} | |
| files: | | |
| C:\Strawberry-perl-for-GLPI-Agent_build\output\GLPI-Agent-${{ needs.setup-release.outputs.version }}-${{ matrix.arch }}.msi | |
| C:\Strawberry-perl-for-GLPI-Agent_build\output\glpi-agent-${{ needs.setup-release.outputs.version }}-${{ matrix.arch }}.zip | |
| - name: VirusTotal Report Analysis | |
| if: ${{ vars.VT_SKIP_REPORT_ANALYSIS != 'yes' && ( needs.setup-release.outputs.create-release == 'yes' || startsWith(needs.setup-release.outputs.tag_name, 'nightly') ) }} | |
| run: | | |
| perl tools\virustotal-report-analysis.pl --path C:\Strawberry-perl-for-GLPI-Agent_build\output GLPI-Agent-${{ needs.setup-release.outputs.version }}-${{ matrix.arch }}.msi glpi-agent-${{ needs.setup-release.outputs.version }}-${{ matrix.arch }}.zip | |
| shell: cmd | |
| env: | |
| VT_API_KEY: ${{ secrets.VT_API_KEY }} | |
| - name: Upload VirusTotal Report | |
| if: ${{ vars.VT_SKIP_REPORT_ANALYSIS != 'yes' && ( needs.setup-release.outputs.create-release == 'yes' || startsWith(needs.setup-release.outputs.tag_name, 'nightly') ) }} | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: VirusTotal-Report-${{ matrix.arch }} | |
| path: C:\Strawberry-perl-for-GLPI-Agent_build\output\*.json | |
| - name: Upload Portable Archive Asset | |
| id: upload-portable-archive-asset | |
| if: ${{ needs.setup-release.outputs.create-release == 'yes' }} | |
| uses: shogo82148/actions-upload-release-asset@v1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| upload_url: ${{ needs.setup-release.outputs.upload_url }} | |
| asset_path: C:\Strawberry-perl-for-GLPI-Agent_build\output\GLPI-Agent-${{ needs.setup-release.outputs.version }}-${{ matrix.arch }}.zip | |
| asset_name: GLPI-Agent-${{ needs.setup-release.outputs.version }}-${{ matrix.arch }}.zip | |
| asset_content_type: application/zip | |
| - name: Upload MSI Installer Asset | |
| id: upload-msi-asset | |
| if: ${{ needs.setup-release.outputs.create-release == 'yes' }} | |
| uses: shogo82148/actions-upload-release-asset@v1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| upload_url: ${{ needs.setup-release.outputs.upload_url }} | |
| asset_path: C:\Strawberry-perl-for-GLPI-Agent_build\output\GLPI-Agent-${{ needs.setup-release.outputs.version }}-${{ matrix.arch }}.msi | |
| asset_name: GLPI-Agent-${{ needs.setup-release.outputs.version }}-${{ matrix.arch }}.msi | |
| asset_content_type: application/x-msi |