win sign #2

Workflow file for this run

.github/workflows/release.yaml at 6919cbd

	name: Release Flow

	on:
	push:
	tags:
	- 'v..*'

	jobs:
	build-agent-runner:
	runs-on: ${{ matrix.os }}
	strategy:
	matrix:
	os: [windows-latest]
	#, macos-14, macos-14-large ]
	defaults:
	run:
	shell: bash
	steps:
	- uses: actions/checkout@v3
	# Set up Python with setup-python action and add it to PATH
	- uses: actions/setup-python@v5
	id: setup-python
	with:
	python-version: "3.10"

	- name: Add Python to PATH
	run: \|
	echo "${{ steps.setup-python.outputs.python-path }}" >> $GITHUB_PATH

	- name: Install and configure Poetry
	run: pip install poetry

	- name: Build Agent Runner
	run: \|
	make build-agent-runner

	- name: rename the file
	if: runner.os != 'Windows'
	run: \|
	export FILENAME=`echo -n agent_runner_${{runner.os}}_${{runner.arch}}\|tr '[:upper:]' '[:lower:]'`
	echo "FILENAME=$FILENAME" >> $GITHUB_ENV;
	mv dist/agent_runner_bin dist/${FILENAME}

	- name: prepare sign things
	if: runner.os == 'Windows'
	run: \|
	echo Setup Certificate
	echo "${{secrets.SM_CLIENT_CERT_FILE_B64 }}" \| base64 --decode > /d/Certificate_pkcs12.p12
	echo "Set Variables!"
	echo "::set-output name=version::${GITHUB_REF#refs/tags/v}"
	echo "SM_HOST=${{ secrets.SM_HOST }}" >> "$GITHUB_ENV"
	echo "SM_API_KEY=${{ secrets.SM_API_KEY }}" >> "$GITHUB_ENV"
	echo "SM_KEY_PAIR_ALIAS=${{ secrets.SM_KEY_PAIR_ALIAS }}" >> "$GITHUB_ENV"
	echo "SM_CLIENT_CERT_FILE=D:\\Certificate_pkcs12.p12" >> "$GITHUB_ENV"
	echo "SM_CLIENT_CERT_PASSWORD=${{ secrets.SM_CLIENT_CERT_PASSWORD }}" >> "$GITHUB_ENV"
	echo "C:\Program Files (x86)\Windows Kits\10\App Certification Kit" >> $GITHUB_PATH
	echo "C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.8 Tools" >> $GITHUB_PATH
	echo "C:\Program Files\DigiCert\DigiCert One Signing Manager Tools" >> $GITHUB_PATH
	shell: bash

	- name: Setup SSM KSP on windows latest
	if: runner.os == 'Windows'
	run: \|
	curl -X GET https://one.digicert.com/signingmanager/api-ui/v1/releases/smtools-windows-x64.msi/download -H "x-api-key:%SM_API_KEY%" -o smtools-windows-x64.msi
	msiexec /i smtools-windows-x64.msi /quiet /qn
	smksp_registrar.exe list
	smctl.exe keypair ls
	C:\Windows\System32\certutil.exe -csp "DigiCert Signing Manager KSP" -key -user
	smksp_cert_sync.exe

	- name: sign the file
	if: runner.os == 'Windows'
	run: \|
	"C:\\Program Files\\DigiCert\\DigiCert One Signing Manager Tools\\smctl.exe" sign --keypair-alias=${{ secrets.SM_KEY_PAIR_ALIAS }} --input "dist/agent_runner_bin.exe"

	- name: rename the file
	if: runner.os == 'Windows'
	run: \|
	export FILENAME=`echo -n agent_runner_${{runner.os}}_${{runner.arch}}.exe\|tr '[:upper:]' '[:lower:]'`
	echo "FILENAME=$FILENAME" >> $GITHUB_ENV;
	mv dist/agent_runner_bin.exe dist/${FILENAME}

	- name: Upload Release Assets Windows
	uses: actions/upload-artifact@v4
	with:
	name: ${{env.FILENAME}}
	path: dist/${{env.FILENAME}}

	upload-assets:
	needs: build-agent-runner
	runs-on: ubuntu-latest
	steps:
	- name: Download artifacts
	uses: actions/download-artifact@v4
	with:
	name: agent_runner_macos_x64
	path: ./dist/

	- name: Download artifacts
	uses: actions/download-artifact@v4
	with:
	name: agent_runner_macos_arm64
	path: ./dist/
	- name: Download artifacts
	uses: actions/download-artifact@v4
	with:
	name: agent_runner_windows_x64.exe
	path: ./dist/
	- name: List files
	run: ls ./dist/
	- name: Publish Release
	uses: softprops/action-gh-release@v2
	if: startsWith(github.ref, 'refs/tags/')
	with:
	files: \|
	./dist/agent_runner*

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

win sign #2

Workflow file

win sign #2

Jobs

Run details

Workflow file for this run