-
Notifications
You must be signed in to change notification settings - Fork 80
294 lines (292 loc) · 12.9 KB
/
create-release.yml
File metadata and controls
294 lines (292 loc) · 12.9 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
name: Release
on:
push:
tags: ['v*']
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
APP_DESCRIPTION: Dev Proxy is an API simulator that helps you effortlessly test your app beyond the happy path.
APP_PUBLISHER: Dev Proxy
APP_DESCRIPTION_URL: https://aka.ms/devproxy
jobs:
publish_binaries:
name: Publish binaries
runs-on: [windows-latest]
environment:
name: gh_releases
permissions:
id-token: write
contents: read
strategy:
matrix:
architecture:
- win-x64
- win-x86
- linux-x64
- linux-arm64
- osx-x64
env:
release: 'dev-proxy-${{ matrix.architecture }}-${{ github.ref_name }}'
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Setup .NET
uses: actions/setup-dotnet@c2fa09f4bde5ebb9d1777cf28262a3eb3db3ced7 # v5.2.0
with:
dotnet-version: 10.0.x
- name: Rename executable for beta
if: contains(github.ref_name, '-beta')
run: |
pushd
cd ./DevProxy
$content = Get-Content DevProxy.csproj
$content -replace '<AssemblyName>devproxy</AssemblyName>', '<AssemblyName>devproxy-beta</AssemblyName>' | Set-Content DevProxy.csproj
popd
- name: Set newVersionNotification for beta
if: contains(github.ref_name, '-beta')
run: |
pushd
cd ./DevProxy
$content = Get-Content devproxyrc.json
$content -replace '"newVersionNotification": "stable"', '"newVersionNotification": "beta"' | Set-Content devproxyrc.json
popd
- name: Publish ${{ matrix.architecture }}
run: dotnet publish ./DevProxy/DevProxy.csproj -c Release -p:PublishSingleFile=true -p:InformationalVersion=$("${{ github.ref_name }}".Substring(1)) -r ${{ matrix.architecture }} --self-contained -o ./${{ env.release }}
- name: Build plugins
run: dotnet build ./DevProxy.Plugins/DevProxy.Plugins.csproj -p:InformationalVersion=$("${{ github.ref_name }}".Substring(1)) -c Release -r ${{ matrix.architecture }} --no-self-contained
- name: Build abstractions
if: matrix.architecture == 'win-x64'
run: dotnet build ./DevProxy.Abstractions/DevProxy.Abstractions.csproj -p:InformationalVersion=$("${{ github.ref_name }}".Substring(1)) -c Release --no-self-contained
- name: Add plugins to output
run: cp ./DevProxy/bin/Release/net10.0/${{ matrix.architecture }}/plugins ./${{ env.release }} -r
- name: Remove unnecessary files
run: |
pushd
cd ./${{ env.release }}
Get-ChildItem -Filter *.pdb -Recurse | Remove-Item
Get-ChildItem -Filter *.deps.json -Recurse | Remove-Item
Get-ChildItem -Filter *.runtimeconfig.json -Recurse | Remove-Item
Get-ChildItem -Filter *.staticwebassets.endpoints.json -Recurse | Remove-Item
Get-ChildItem -Filter web.config -Recurse | Remove-Item
popd
- name: Install Sign CLI tool
run: dotnet tool install --tool-path . sign --version 0.9.1-beta.25181.2
- name: Azure CLI Login
uses: azure/login@a457da9ea143d694b1b9c7c869ebb04ebe844ef5 # v2.3.0
with:
client-id: ${{ secrets.DOTNET_APPLICATION_ID }}
tenant-id: ${{ secrets.DOTNET_TENANT_ID }}
allow-no-subscriptions: true
- name: Sign binaries
if: contains(matrix.architecture, 'win-')
working-directory: ./${{ env.release }}
shell: pwsh
run: >
../sign code azure-key-vault
**/DevProxy*
--publisher-name "${{ env.APP_PUBLISHER }}"
--description "${{ env.APP_DESCRIPTION }}"
--description-url "${{ env.APP_DESCRIPTION_URL }}"
--azure-key-vault-tenant-id "${{ secrets.DOTNET_TENANT_ID }}"
--azure-key-vault-client-id "${{ secrets.DOTNET_APPLICATION_ID }}"
--azure-key-vault-certificate "${{ secrets.DOTNET_CERTIFICATE_NAME }}"
--azure-key-vault-url "${{ secrets.DOTNET_VAULT_URL }}"
--timestamp-url http://timestamp.digicert.com
--verbosity Debug
- name: Archive release ${{ env.release }}
uses: thedoctor0/zip-release@b57d897cb5d60cb78b51a507f63fa184cfe35554 # master
with:
filename: '../${{ env.release }}.zip'
directory: './${{ env.release }}'
- name: Release SHA256 hash
run: |
$(Get-FileHash ./${{ env.release }}.zip -Algorithm SHA256).Hash
- name: Upload release
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
with:
name: binaries-${{ env.release }}
path: ./${{ env.release }}.zip
- name: Sign abstractions
if: matrix.architecture == 'win-x64'
shell: pwsh
run: >
./sign code azure-key-vault
./DevProxy.Abstractions/bin/Release/net10.0/DevProxy.Abstractions.dll
--publisher-name "${{ env.APP_PUBLISHER }}"
--description "${{ env.APP_DESCRIPTION }}"
--description-url "${{ env.APP_DESCRIPTION_URL }}"
--azure-key-vault-tenant-id "${{ secrets.DOTNET_TENANT_ID }}"
--azure-key-vault-client-id "${{ secrets.DOTNET_APPLICATION_ID }}"
--azure-key-vault-certificate "${{ secrets.DOTNET_CERTIFICATE_NAME }}"
--azure-key-vault-url "${{ secrets.DOTNET_VAULT_URL }}"
--timestamp-url http://timestamp.digicert.com
--verbosity Debug
- name: Archive abstractions
if: matrix.architecture == 'win-x64'
uses: thedoctor0/zip-release@b57d897cb5d60cb78b51a507f63fa184cfe35554 # master
with:
filename: '../../../../DevProxy.Abstractions-${{ github.ref_name }}.zip'
directory: './DevProxy.Abstractions/bin/Release/net10.0'
exclusions: '*.json'
- name: Upload abstractions
if: matrix.architecture == 'win-x64'
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
with:
name: binaries-dev-proxy-abstractions-${{ github.ref_name }}
path: ./DevProxy.Abstractions-${{ github.ref_name }}.zip
- name: Add installer icon
if: contains(matrix.architecture, 'win-')
run: |
if ('${{ github.ref_name }}'.Contains('beta')) {
cp ./media/icon-beta.ico ./${{ env.release }}
} else {
cp ./media/icon.ico ./${{ env.release }}
}
- name: Update version in beta installer
if: contains(matrix.architecture, 'win-') && contains(github.ref_name, '-beta')
run: |
$content = Get-Content ./install-beta.iss
$content -replace '#define MyAppVersion .*', "#define MyAppVersion `"$("${{ github.ref_name }}".Substring(1))`"" | Set-Content ./install-beta.iss
- name: Set installer file name
id: installer
if: contains(matrix.architecture, 'win-')
run: |
if ('${{ github.ref_name }}'.Contains('beta')) {
Write-Output "filename=install-beta.iss" >> $env:GITHUB_OUTPUT
} else {
Write-Output "filename=install.iss" >> $env:GITHUB_OUTPUT
}
- name: Add install file
if: contains(matrix.architecture, 'win-')
run: cp ./${{ steps.installer.outputs.filename }} ./${{ env.release }}
- name: Build Installer
if: contains(matrix.architecture, 'win-')
run: |
winget install --id JRSoftware.InnoSetup -e -s winget
$env:path += ";$env:LOCALAPPDATA/Programs/Inno Setup 6"
ISCC.exe ${{ steps.installer.outputs.filename }} /F"dev-proxy-installer-${{ matrix.architecture }}-${{ github.ref_name }}"
working-directory: ./${{ env.release }}
- name: Sign installer
if: contains(matrix.architecture, 'win-')
working-directory: ./${{ env.release }}
shell: pwsh
run: >
../sign code azure-key-vault
./dev-proxy-installer-*.exe
--publisher-name "${{ env.APP_PUBLISHER }}"
--description "${{ env.APP_DESCRIPTION }}"
--description-url "${{ env.APP_DESCRIPTION_URL }}"
--azure-key-vault-tenant-id "${{ secrets.DOTNET_TENANT_ID }}"
--azure-key-vault-client-id "${{ secrets.DOTNET_APPLICATION_ID }}"
--azure-key-vault-certificate "${{ secrets.DOTNET_CERTIFICATE_NAME }}"
--azure-key-vault-url "${{ secrets.DOTNET_VAULT_URL }}"
--timestamp-url http://timestamp.digicert.com
--verbosity Debug
- name: Upload Installer
if: contains(matrix.architecture, 'win-')
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
with:
name: installer-dev-proxy-${{ github.ref_name }}-${{ matrix.architecture }}
path: ./${{ env.release }}/dev-proxy-installer-${{ matrix.architecture }}-${{ github.ref_name }}.exe
- name: Installer SHA256 hash
if: contains(matrix.architecture, 'win-')
run: |
$(Get-FileHash ./${{ env.release }}/dev-proxy-installer-${{ matrix.architecture }}-${{ github.ref_name }}.exe -Algorithm SHA256).Hash
create_release:
name: Create Release
needs: [publish_binaries]
environment:
name: gh_releases
runs-on: [windows-latest]
permissions:
contents: write
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0
with:
path: output
- name: Release
uses: anton-yurchenko/git-release@ec9c5b5c36b27eaffc628785b9183eae54601200 # v6.0.0
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
DRAFT_RELEASE: "false"
PRE_RELEASE: "false"
CHANGELOG_FILE: "CHANGELOG.md"
ALLOW_EMPTY_CHANGELOG: "true"
with:
args: |
output/binaries-*/*.zip
output/installer-*/*.exe
deploy_docker:
name: Publish Docker image
runs-on: ubuntu-latest
needs: [create_release]
permissions:
contents: read
packages: write
attestations: write
id-token: write
steps:
- name: Checkout repository
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
# Required for multi-platform images
- name: Set up QEMU
uses: docker/setup-qemu-action@ce360397dd3f832beb865e1373c09c0e9f86d70a # v4.0.0
# Required for multi-platform images
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
with:
driver-opts: image=moby/buildkit:latest
- name: Log in to the Container registry
uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6.0.0
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
flavor: |
latest=false
tags: |
type=semver,pattern={{version}}
type=raw,value=latest,enable=${{ !contains(github.ref_name, '-beta') }}
type=raw,value=beta,enable=${{ contains(github.ref_name, '-beta') }}
labels: |
org.opencontainers.image.description=${{ env.APP_DESCRIPTION }}
annotations: |
org.opencontainers.image.description=${{ env.APP_DESCRIPTION }}
- name: Build and push Docker image
if: "!contains(github.ref_name, '-beta')"
id: push
uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0
with:
context: .
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
annotations: ${{ steps.meta.outputs.annotations }}
platforms: linux/amd64,linux/arm64
build-args: |
DEVPROXY_VERSION=${{ steps.meta.outputs.version }}
- name: Build and push beta Docker image
if: contains(github.ref_name, '-beta')
id: push_beta
uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0
with:
context: .
file: ./Dockerfile_beta
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
annotations: ${{ steps.meta.outputs.annotations }}
platforms: linux/amd64,linux/arm64
build-args: |
DEVPROXY_VERSION=${{ steps.meta.outputs.version }}
- name: Generate artifact attestation
uses: actions/attest-build-provenance@v4
with:
subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
subject-digest: ${{ steps.push.outputs.digest || steps.push_beta.outputs.digest }}
push-to-registry: true