Skip to content

Commit

Permalink
Attempt to use other cert & passphrase
Browse files Browse the repository at this point in the history
Signed-off-by: Michael Gardner <[email protected]>
  • Loading branch information
Michael-Gardner committed Jan 19, 2024
1 parent 7a3955b commit 29a00e6
Showing 1 changed file with 60 additions and 61 deletions.
121 changes: 60 additions & 61 deletions .github/workflows/build-assets.yml
Original file line number Diff line number Diff line change
Expand Up @@ -92,37 +92,37 @@ jobs:
strategy:
matrix:
include:
- os: ubuntu-22.04
- os: ubuntu-22.04
name: k8s
container: true
#- os: ubuntu-22.04
#- os: ubuntu-22.04
# name: k8s
# container: true
- os: ubuntu-22.04
name: docs
documentation: true
- os: ubuntu-20.04
- os: centos-8
- os: centos-7
cmake_options_extra: "-DVCPKG_TARGET_TRIPLET=x64-centos-7-dynamic"
- os: amazonlinux
cmake_options_extra: "-DVCPKG_TARGET_TRIPLET=x64-amazonlinux-dynamic"
- os: ubuntu-22.04
name: LN k8s
ln: true
container: true
- os: ubuntu-22.04
name: LN
ln: true
- os: ubuntu-20.04
name: LN
ln: true
- os: centos-8
name: LN
cmake_options_extra: ""
ln: true
- os: centos-7
name: LN
cmake_options_extra: "-DVCPKG_TARGET_TRIPLET=x64-centos-7-dynamic"
ln: true
#- os: ubuntu-20.04
#- os: centos-8
#- os: centos-7
# cmake_options_extra: "-DVCPKG_TARGET_TRIPLET=x64-centos-7-dynamic"
#- os: amazonlinux
# cmake_options_extra: "-DVCPKG_TARGET_TRIPLET=x64-amazonlinux-dynamic"
#- os: ubuntu-22.04
# name: LN k8s
# ln: true
# container: true
#- os: ubuntu-22.04
# name: LN
# ln: true
#- os: ubuntu-20.04
# name: LN
# ln: true
# - os: centos-8
# name: LN
# cmake_options_extra: ""
# ln: true
# - os: centos-7
# name: LN
# cmake_options_extra: "-DVCPKG_TARGET_TRIPLET=x64-centos-7-dynamic"
# ln: true
fail-fast: false

steps:
Expand Down Expand Up @@ -384,11 +384,11 @@ jobs:
sudo: ""
cmake_config_options: '-T host=x64 -A x64 -DUSE_OPTIONAL=OFF -DCLIENTTOOLS_ONLY=ON -DUSE_AZURE=OFF -DUSE_CASSANDRA=OFF -DUSE_JAVA=OFF -DUSE_OPENLDAP=OFF'
cmake_build_options: "--config Release --parallel $NUMBER_OF_PROCESSORS"
- os: "macos-12"
mono: "mono"
sudo: "sudo"
cmake_config_options: "-DCMAKE_BUILD_TYPE=Release -DUSE_OPTIONAL=OFF -DCLIENTTOOLS_ONLY=ON -DUSE_AZURE=OFF -DUSE_CASSANDRA=OFF -DUSE_JAVA=OFF -DUSE_OPENLDAP=OFF"
cmake_build_options: "--parallel $(nproc)"
#- os: "macos-12"
# mono: "mono"
# sudo: "sudo"
# cmake_config_options: "-DCMAKE_BUILD_TYPE=Release -DUSE_OPTIONAL=OFF -DCLIENTTOOLS_ONLY=ON -DUSE_AZURE=OFF -DUSE_CASSANDRA=OFF -DUSE_JAVA=OFF -DUSE_OPENLDAP=OFF"
# cmake_build_options: "--parallel $(nproc)"
fail-fast: false

runs-on: ${{ matrix.os }}
Expand Down Expand Up @@ -428,20 +428,17 @@ jobs:
path: ./LN

- name: "Create code signing"
if: ${{ contains(matrix.os,'windows') }}
shell: "pwsh"
env:
SIGN_CERT: ${{ secrets.SIGN_CERT }}
SIGN_PW: ${{ secrets.SIGN_PW }}
run: |
mkdir -p ./sign
cd sign
$pfxPath = "hpcc_code_signing.pfx"
$encodedBytes = [System.Convert]::FromBase64String($env:SIGN_CERT)
$encodedBytes = [System.Convert]::FromBase64String("${{ secrets.SIGNING_CERTIFICATE }}")
$currentDirectory = Get-Location
$certificatePath = Join-Path -Path $currentDirectory -ChildPath $pfxPath
[IO.File]::WriteAllBytes("$certificatePath", $encodedBytes)
echo ${env:SIGN_PW} > passphrase.txt
CertUtil -p ${env:SIGN_PW} hpcc_code_signing.pfx
CertUtil -p ${{ secrets.SIGNING_CERTIFICATE_PASSPHRASE }} hpcc_code_signing.pfx
- name: "vcpkg Bootstrap"
shell: "bash"
Expand All @@ -466,13 +463,12 @@ jobs:
cmake -S ./HPCC-Platform -B ./build ${{ matrix.cmake_config_options }}
cmake --build ./build ${{ matrix.cmake_build_options }} --target package
- name: Sign Packages
- name: Sign Windows Package
if: ${{ contains(matrix.os,'windows') }}
shell: "pwsh"
env:
SIGN_PW: ${{ secrets.SIGN_PW }}
run: |
cd ./build
C:\"Program Files (x86)"\"Microsoft SDKs"\ClickOnce\SignTool\signtool.exe sign /debug /f ../sign/hpcc_code_signing.pfx /p $env:SIGN_PW /t http://timestamp.digicert.com /fd SHA256 hpccsystems-clienttools*.exe
C:\"Program Files (x86)"\"Microsoft SDKs"\ClickOnce\SignTool\signtool.exe sign /debug /f ../sign/hpcc_code_signing.pfx /p ${{ secrets.SIGNING_CERTIFICATE_PASSPHRASE }} /t http://timestamp.digicert.com /fd SHA256 hpccsystems-clienttools*.exe
- name: Upload Assets
uses: ncipollo/[email protected]
Expand All @@ -490,13 +486,12 @@ jobs:
cmake -S ./LN -B ./build ${{ matrix.cmake_config_options }}
cmake --build ./build ${{ matrix.cmake_build_options }} --target package
- name: Sign LN Package
- name: Sign LN Windows Package
if: ${{ contains(matrix.os,'windows') }}
shell: "pwsh"
env:
SIGN_PW: ${{ secrets.SIGN_PW }}
run: |
cd ./build
C:\"Program Files (x86)"\"Microsoft SDKs"\ClickOnce\SignTool\signtool.exe sign /debug /f ../sign/hpcc_code_signing.pfx /p $env:SIGN_PW /t http://timestamp.digicert.com /fd SHA256 hpccsystems-clienttools*.exe
C:\"Program Files (x86)"\"Microsoft SDKs"\ClickOnce\SignTool\signtool.exe sign /debug /f ../sign/hpcc_code_signing.pfx /p ${{ secrets.SIGNING_CERTIFICATE_PASSPHRASE }} /t http://timestamp.digicert.com /fd SHA256 hpccsystems-clienttools*.exe
- name: Upload LN Assets
uses: ncipollo/[email protected]
Expand All @@ -519,7 +514,8 @@ jobs:

build-bare-metal-eclide:
name: Build Bare Metal ECLIDE
needs: [ preamble, build-docker, build-bare-metal ]
needs: [ preamble ]
#needs: [ preamble, build-docker, build-bare-metal ]
runs-on: "windows-2022"
steps:
- name: Print vars
Expand Down Expand Up @@ -548,13 +544,22 @@ jobs:
run: |
choco install html-help-workshop
mkdir -p ./ECLIDE/docs }}
- name: "Fetch artifact dependencies"
uses: actions/download-artifact@v4
with:
pattern: "*-EN_US.zip,*-PT_BR.zip"
merge-multiple: true
- name: "Show dir"
shell: "bash"
run: ls -la

- name: "Create EN_US CHM file"
shell: "bash"
run: |
dep_tag="${{ needs.preamble.outputs.community_tag }}"
hpcc_version="${{ needs.preamble.outputs.hpcc_version }}"
curl -sL -o html_help_EN_US.zip https://github.com/hpcc-systems/HPCC-Platform/releases/download/${dep_tag}/html_help_EN_US-${hpcc_version}.zip
curl -sL -o html_help_EN_US.zip https://github.com/${{ github.repository_owner }}/HPCC-Platform/releases/download/${{ needs.preamble.outputs.community_tag }}/html_help_EN_US-${{ needs.preamble.outputs.hpcc_version }}.zip
7z x html_help_EN_US.zip
mv html_help html_help_EN_US
cd html_help_EN_US
Expand All @@ -569,7 +574,7 @@ jobs:
run: |
dep_tag="${{ needs.preamble.outputs.community_tag }}"
hpcc_version="${{ needs.preamble.outputs.hpcc_version }}"
curl -sL -o html_help_PT_BR.zip https://github.com/hpcc-systems/HPCC-Platform/releases/download/${dep_tag}/html_help_PT_BR-${hpcc_version}.zip
curl -sL -o html_help_PT_BR.zip https://github.com/${{ github.repository_owner }}/HPCC-Platform/releases/download/${dep_tag}/html_help_PT_BR-${hpcc_version}.zip
7z x html_help_PT_BR.zip
mv html_help html_help_PT_BR
cd html_help_PT_BR
Expand All @@ -586,23 +591,19 @@ jobs:
mkdir HPCC-Platform
cd HPCC-Platform
dep_tag="${{ needs.preamble.outputs.community_tag }}"
curl -sL -o hpccsystems-clienttools-${dep_tag}Windows-x86_64.exe https://github.com/hpcc-systems/HPCC-Platform/releases/download/${dep_tag}/hpccsystems-clienttools-${dep_tag}Windows-x86_64.exe
curl -sL -o hpccsystems-clienttools-${dep_tag}Windows-x86_64.exe https://github.com/${{ github.repository_owner }}/HPCC-Platform/releases/download/${dep_tag}/hpccsystems-clienttools-${dep_tag}Windows-x86_64.exe
- name: "Create code sining"
- name: "Load code signing"
shell: "pwsh"
env:
SIGN_CERT: ${{ secrets.SIGN_CERT }}
SIGN_PW: ${{ secrets.SIGN_PW }}
run: |
mkdir -p ./sign
cd sign
$pfxPath = "hpcc_code_signing.pfx"
$encodedBytes = [System.Convert]::FromBase64String($env:SIGN_CERT)
$encodedBytes = [System.Convert]::FromBase64String("${{ secrets.SIGNING_CERTIFICATE }}")
$currentDirectory = Get-Location
$certificatePath = Join-Path -Path $currentDirectory -ChildPath $pfxPath
[IO.File]::WriteAllBytes("$certificatePath", $encodedBytes)
echo ${env:SIGN_PW} > passphrase.txt
CertUtil -p ${env:SIGN_PW} hpcc_code_signing.pfx
CertUtil -p ${{ secrets.SIGNING_CERTIFICATE_PASSPHRASE }} hpcc_code_signing.pfx
- name: "Build ECLIDE"
run: |
Expand All @@ -614,11 +615,9 @@ jobs:
- name: Sign ECLIDE Package
shell: "pwsh"
env:
SIGN_PW: ${{ secrets.SIGN_PW }}
run: |
cd ./ECLIDE/build
C:\"Program Files (x86)"\"Microsoft SDKs"\ClickOnce\SignTool\signtool.exe sign /debug /f ../../sign/hpcc_code_signing.pfx /p $env:SIGN_PW /t http://timestamp.digicert.com /fd SHA256 hpccsystems-eclide*.exe
C:\"Program Files (x86)"\"Microsoft SDKs"\ClickOnce\SignTool\signtool.exe sign /debug /f ../../sign/hpcc_code_signing.pfx /p ${{ secrets.SIGNING_CERTIFICATE_PASSPHRASE}} /t http://timestamp.digicert.com /fd SHA256 hpccsystems-eclide*.exe
- name: Upload Assets
uses: ncipollo/[email protected]
Expand Down

0 comments on commit 29a00e6

Please sign in to comment.