Skip to content

Commit

Permalink
Attempt to use other cert & passphrase
Browse files Browse the repository at this point in the history 
Signed-off-by: Michael Gardner <[email protected]>
  • Loading branch information
@Michael-Gardner
Michael-Gardner committed Jan 22, 2024
1 parent 7a3955b commit 818ac89
Showing 1 changed file with 94 additions and 76 deletions.
170 changes: 94 additions & 76 deletions .github/workflows/build-assets.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,37 +92,37 @@ jobs:
strategy:
matrix:
include:
- os: ubuntu-22.04
- os: ubuntu-22.04
name: k8s
container: true
#- os: ubuntu-22.04
#- os: ubuntu-22.04
# name: k8s
# container: true
- os: ubuntu-22.04
name: docs
documentation: true
- os: ubuntu-20.04
- os: centos-8
- os: centos-7
cmake_options_extra: "-DVCPKG_TARGET_TRIPLET=x64-centos-7-dynamic"
- os: amazonlinux
cmake_options_extra: "-DVCPKG_TARGET_TRIPLET=x64-amazonlinux-dynamic"
- os: ubuntu-22.04
name: LN k8s
ln: true
container: true
- os: ubuntu-22.04
name: LN
ln: true
- os: ubuntu-20.04
name: LN
ln: true
- os: centos-8
name: LN
cmake_options_extra: ""
ln: true
- os: centos-7
name: LN
cmake_options_extra: "-DVCPKG_TARGET_TRIPLET=x64-centos-7-dynamic"
ln: true
#- os: ubuntu-20.04
#- os: centos-8
#- os: centos-7
# cmake_options_extra: "-DVCPKG_TARGET_TRIPLET=x64-centos-7-dynamic"
#- os: amazonlinux
# cmake_options_extra: "-DVCPKG_TARGET_TRIPLET=x64-amazonlinux-dynamic"
#- os: ubuntu-22.04
# name: LN k8s
# ln: true
# container: true
#- os: ubuntu-22.04
# name: LN
# ln: true
#- os: ubuntu-20.04
# name: LN
# ln: true
# - os: centos-8
# name: LN
# cmake_options_extra: ""
# ln: true
# - os: centos-7
# name: LN
# cmake_options_extra: "-DVCPKG_TARGET_TRIPLET=x64-centos-7-dynamic"
# ln: true
fail-fast: false

steps:
Expand Down Expand Up @@ -234,6 +234,17 @@ jobs:
docker run --rm --mount ${{ needs.preamble.outputs.mount_platform }} --mount ${{ needs.preamble.outputs.mount_build }} ${{ steps.vars.outputs.docker_tag_candidate_base }} "cd /hpcc-dev/build/Release/docs/EN_US && zip ALL_HPCC_DOCS_EN_US-${{ needs.preamble.outputs.community_tag }}.zip *.pdf"
docker run --rm --mount ${{ needs.preamble.outputs.mount_platform }} --mount ${{ needs.preamble.outputs.mount_build }} ${{ steps.vars.outputs.docker_tag_candidate_base }} "cd /hpcc-dev/build/Release/docs/PT_BR && zip ALL_HPCC_DOCS_PT_BR-${{ needs.preamble.outputs.community_tag }}.zip *.pdf"
- name: Upload Artifacts for ECLIDE build
if: ${{ !matrix.ln && !matrix.container && matrix.documentation }}
uses: actions/upload-artifact@v4
with:
name: html-help-documents
path: |
${{ needs.preamble.outputs.folder_build }}/docs/EN_US/EclipseHelp/*.zip
${{ needs.preamble.outputs.folder_build }}/docs/EN_US/HTMLHelp/*.zip
${{ needs.preamble.outputs.folder_build }}/docs/PT_BR/HTMLHelp/*.zip
compression-level: 0

- name: Upload Assets (community)
if: ${{ !matrix.ln }}
uses: ncipollo/[email protected]
Expand Down Expand Up @@ -384,11 +395,11 @@ jobs:
sudo: ""
cmake_config_options: '-T host=x64 -A x64 -DUSE_OPTIONAL=OFF -DCLIENTTOOLS_ONLY=ON -DUSE_AZURE=OFF -DUSE_CASSANDRA=OFF -DUSE_JAVA=OFF -DUSE_OPENLDAP=OFF'
cmake_build_options: "--config Release --parallel $NUMBER_OF_PROCESSORS"
- os: "macos-12"
mono: "mono"
sudo: "sudo"
cmake_config_options: "-DCMAKE_BUILD_TYPE=Release -DUSE_OPTIONAL=OFF -DCLIENTTOOLS_ONLY=ON -DUSE_AZURE=OFF -DUSE_CASSANDRA=OFF -DUSE_JAVA=OFF -DUSE_OPENLDAP=OFF"
cmake_build_options: "--parallel $(nproc)"
#- os: "macos-12"
# mono: "mono"
# sudo: "sudo"
# cmake_config_options: "-DCMAKE_BUILD_TYPE=Release -DUSE_OPTIONAL=OFF -DCLIENTTOOLS_ONLY=ON -DUSE_AZURE=OFF -DUSE_CASSANDRA=OFF -DUSE_JAVA=OFF -DUSE_OPENLDAP=OFF"
# cmake_build_options: "--parallel $(nproc)"
fail-fast: false

runs-on: ${{ matrix.os }}
Expand Down Expand Up @@ -428,20 +439,17 @@ jobs:
path: ./LN

- name: "Create code signing"
if: ${{ contains(matrix.os,'windows') }}
shell: "pwsh"
env:
SIGN_CERT: ${{ secrets.SIGN_CERT }}
SIGN_PW: ${{ secrets.SIGN_PW }}
run: |
mkdir -p ./sign
cd sign
$pfxPath = "hpcc_code_signing.pfx"
$encodedBytes = [System.Convert]::FromBase64String($env:SIGN_CERT)
$encodedBytes = [System.Convert]::FromBase64String("${{ secrets.SIGNING_CERTIFICATE }}")
$currentDirectory = Get-Location
$certificatePath = Join-Path -Path $currentDirectory -ChildPath $pfxPath
[IO.File]::WriteAllBytes("$certificatePath", $encodedBytes)
echo ${env:SIGN_PW} > passphrase.txt
CertUtil -p ${env:SIGN_PW} hpcc_code_signing.pfx
CertUtil -p ${{ secrets.SIGNING_CERTIFICATE_PASSPHRASE }} hpcc_code_signing.pfx
- name: "vcpkg Bootstrap"
shell: "bash"
Expand All @@ -466,13 +474,20 @@ jobs:
cmake -S ./HPCC-Platform -B ./build ${{ matrix.cmake_config_options }}
cmake --build ./build ${{ matrix.cmake_build_options }} --target package
- name: Sign Packages
- name: Sign Windows Package
if: ${{ contains(matrix.os,'windows') }}
shell: "pwsh"
env:
SIGN_PW: ${{ secrets.SIGN_PW }}
run: |
cd ./build
C:\"Program Files (x86)"\"Microsoft SDKs"\ClickOnce\SignTool\signtool.exe sign /debug /f ../sign/hpcc_code_signing.pfx /p $env:SIGN_PW /t http://timestamp.digicert.com /fd SHA256 hpccsystems-clienttools*.exe
C:\"Program Files (x86)"\"Microsoft SDKs"\ClickOnce\SignTool\signtool.exe sign /debug /f ../sign/hpcc_code_signing.pfx /p ${{ secrets.SIGNING_CERTIFICATE_PASSPHRASE }} /t http://timestamp.digicert.com /fd SHA256 hpccsystems-clienttools*.exe
- name: Upload Artifact for ECLIDE build
if: ${{ contains(matrix.os, 'windows') }}
uses: actions/upload-artifact@v4
with:
name: Windows-Clienttools
path: ./build/hpccsystems-clienttools*.exe
compression-level: 0

- name: Upload Assets
uses: ncipollo/[email protected]
Expand All @@ -490,13 +505,12 @@ jobs:
cmake -S ./LN -B ./build ${{ matrix.cmake_config_options }}
cmake --build ./build ${{ matrix.cmake_build_options }} --target package
- name: Sign LN Package
- name: Sign LN Windows Package
if: ${{ contains(matrix.os,'windows') }}
shell: "pwsh"
env:
SIGN_PW: ${{ secrets.SIGN_PW }}
run: |
cd ./build
C:\"Program Files (x86)"\"Microsoft SDKs"\ClickOnce\SignTool\signtool.exe sign /debug /f ../sign/hpcc_code_signing.pfx /p $env:SIGN_PW /t http://timestamp.digicert.com /fd SHA256 hpccsystems-clienttools*.exe
C:\"Program Files (x86)"\"Microsoft SDKs"\ClickOnce\SignTool\signtool.exe sign /debug /f ../sign/hpcc_code_signing.pfx /p ${{ secrets.SIGNING_CERTIFICATE_PASSPHRASE }} /t http://timestamp.digicert.com /fd SHA256 hpccsystems-clienttools*.exe
- name: Upload LN Assets
uses: ncipollo/[email protected]
Expand Down Expand Up @@ -548,61 +562,67 @@ jobs:
run: |
choco install html-help-workshop
mkdir -p ./ECLIDE/docs }}
- name: "Fetch html artifacts"
uses: actions/download-artifact@v4
with:
name: html-help-documents
merge-multiple: true

- name: "Fetch clienttools artifact"
uses: actions/download-artifact@v4
with:
name: Windows-Clienttools
merge-multiple: true

- name: "Show dir"
shell: "bash"
run: ls -la

- name: "Create EN_US CHM file"
shell: "bash"
run: |
dep_tag="${{ needs.preamble.outputs.community_tag }}"
hpcc_version="${{ needs.preamble.outputs.hpcc_version }}"
curl -sL -o html_help_EN_US.zip https://github.com/hpcc-systems/HPCC-Platform/releases/download/${dep_tag}/html_help_EN_US-${hpcc_version}.zip
7z x html_help_EN_US.zip
mv html_help html_help_EN_US
html_doc=$(find . -type f -name "html_help_EN_US-*")
echo "$html_doc"
mkdir html_help_EN_US
7z x $html_doc -ohtml_help_EN_US
ls -la
cd html_help_EN_US
ls -la
pwd
# Chocolate install a package but it is not in PATH variable. Use path full of hhc.exe
# hhc.exe return non-zero. Appending "true" to work-around
C:/"Program Files (x86)"/"HTML Help Workshop"/hhc.exe htmlhelp.hhp || true
ls -la
find . -type f -name "htmlhelp.chm"
mv htmlhelp.chm ECLReference.chm
cp ECLReference.chm ../ECLIDE/docs/
- name: "Create PT_BR CHM file"
shell: "bash"
run: |
dep_tag="${{ needs.preamble.outputs.community_tag }}"
hpcc_version="${{ needs.preamble.outputs.hpcc_version }}"
curl -sL -o html_help_PT_BR.zip https://github.com/hpcc-systems/HPCC-Platform/releases/download/${dep_tag}/html_help_PT_BR-${hpcc_version}.zip
7z x html_help_PT_BR.zip
mv html_help html_help_PT_BR
html_doc=$(find . -type f -name "html_help_PT_BR-*")
mkdir html_help_PT_BR
7z x $html_doc -ohtml_help_PT_BR
cd html_help_PT_BR
ls -la
# Chocolate install a package but it is not in PATH variable. Use path full of hhc.exe
# hhc.exe return non-zero. Appending "true" to work-around
C:/"Program Files (x86)"/"HTML Help Workshop"/hhc.exe htmlhelp.hhp || true
mv htmlhelp.chm ECLReference_PT_BR.chm
cp ECLReference_PT_BR.chm ../ECLIDE/docs/
- name: "Fetch Clienttools package"
shell: "bash"
run: |
cd ./ECLIDE
mkdir HPCC-Platform
cd HPCC-Platform
dep_tag="${{ needs.preamble.outputs.community_tag }}"
curl -sL -o hpccsystems-clienttools-${dep_tag}Windows-x86_64.exe https://github.com/hpcc-systems/HPCC-Platform/releases/download/${dep_tag}/hpccsystems-clienttools-${dep_tag}Windows-x86_64.exe
- name: "Create code sining"
- name: "Load code signing"
shell: "pwsh"
env:
SIGN_CERT: ${{ secrets.SIGN_CERT }}
SIGN_PW: ${{ secrets.SIGN_PW }}
run: |
mkdir -p ./sign
cd sign
$pfxPath = "hpcc_code_signing.pfx"
$encodedBytes = [System.Convert]::FromBase64String($env:SIGN_CERT)
$encodedBytes = [System.Convert]::FromBase64String("${{ secrets.SIGNING_CERTIFICATE }}")
$currentDirectory = Get-Location
$certificatePath = Join-Path -Path $currentDirectory -ChildPath $pfxPath
[IO.File]::WriteAllBytes("$certificatePath", $encodedBytes)
echo ${env:SIGN_PW} > passphrase.txt
CertUtil -p ${env:SIGN_PW} hpcc_code_signing.pfx
CertUtil -p ${{ secrets.SIGNING_CERTIFICATE_PASSPHRASE }} hpcc_code_signing.pfx
- name: "Build ECLIDE"
run: |
Expand All @@ -614,11 +634,9 @@ jobs:
- name: Sign ECLIDE Package
shell: "pwsh"
env:
SIGN_PW: ${{ secrets.SIGN_PW }}
run: |
cd ./ECLIDE/build
C:\"Program Files (x86)"\"Microsoft SDKs"\ClickOnce\SignTool\signtool.exe sign /debug /f ../../sign/hpcc_code_signing.pfx /p $env:SIGN_PW /t http://timestamp.digicert.com /fd SHA256 hpccsystems-eclide*.exe
C:\"Program Files (x86)"\"Microsoft SDKs"\ClickOnce\SignTool\signtool.exe sign /debug /f ../../sign/hpcc_code_signing.pfx /p ${{ secrets.SIGNING_CERTIFICATE_PASSPHRASE}} /t http://timestamp.digicert.com /fd SHA256 hpccsystems-eclide*.exe
- name: Upload Assets
uses: ncipollo/[email protected]
Expand Down

0 comments on commit 818ac89

Please sign in to comment.