Update continuous-integration.yml #221
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| tags: | |
| - 'v*' | |
| workflow_dispatch: | |
| jobs: | |
| build: | |
| runs-on: windows-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| configuration: [Release] | |
| arch: [x64, arm64] | |
| outputs: | |
| x64_hashReleaseInstaller: ${{ steps.hash.outputs.hashRelease_x64 }} | |
| # x64_hashDebugInstaller: ${{ steps.hash.outputs.hashDebug_x64 }} | |
| arm64_hashReleaseInstaller: ${{ steps.hash.outputs.hashRelease_arm64 }} | |
| # arm64_hashDebugInstaller: ${{ steps.hash.outputs.hashDebug_arm64 }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: microsoft/setup-msbuild@v2 | |
| - name: vcpkg build | |
| id: vcpkg | |
| uses: johnwason/vcpkg-action@v6 | |
| with: | |
| manifest-dir: ${{ github.workspace }} # Set to directory containing vcpkg.json | |
| # pkgs: nlohmann-json boost-asio boost-optional boost-utility boost-date-time boost-beast wintoast openssl | |
| triplet: ${{ matrix.arch }}-windows-static | |
| token: ${{ github.token }} | |
| github-binarycache: true | |
| - run: vcpkg integrate install | |
| - run: msbuild /p:VcpkgEnableManifest=true /Restore LGTVCompanion.sln | |
| env: | |
| Configuration: ${{ matrix.configuration }} | |
| Platform: ${{ matrix.arch }} | |
| - name: Generate hash | |
| id: hash | |
| shell: bash | |
| run: | | |
| echo "hash${{ matrix.configuration }}_${{ matrix.arch }}=$( sha256sum 'LGTV Companion Setup/bin/${{ matrix.arch }}/${{ matrix.configuration }}/LGTV Companion Setup ${{ matrix.arch }}.msi' | base64 -w0 )" >> "$GITHUB_OUTPUT" | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: LGTVCompanion-Output-${{ matrix.configuration }}-${{ matrix.arch }} | |
| path: ${{ matrix.arch }}/${{ matrix.configuration }}/ | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: LGTVCompanion-Setup-${{ matrix.configuration }}-${{ matrix.arch }} | |
| path: LGTV Companion Setup/bin/${{ matrix.arch }}/${{ matrix.configuration }}/ | |
| combine_hashes: | |
| needs: [build] | |
| runs-on: ubuntu-latest | |
| outputs: | |
| hashes: ${{ steps.hashes.outputs.hashes }} | |
| env: | |
| HASHES: ${{ toJSON(needs.build.outputs) }} | |
| steps: | |
| - id: hashes | |
| shell: bash | |
| run: | | |
| echo "$HASHES" | jq -r '.[] | @base64d' | sed "/^$/d" > hashes.txt | |
| echo "hashes=$(cat hashes.txt | base64 -w0)" >> "$GITHUB_OUTPUT" | |
| provenance: | |
| needs: [combine_hashes] | |
| if: startsWith(github.ref, 'refs/tags/') | |
| permissions: | |
| actions: read # To read the workflow path. | |
| id-token: write # To sign the provenance. | |
| contents: write # To add assets to a release. | |
| uses: slsa-framework/slsa-github-generator/.github/workflows/[email protected] | |
| with: | |
| base64-subjects: "${{ needs.combine_hashes.outputs.hashes }}" | |
| provenance-name: LGTV Companion Setup | |
| draft-release: false | |
| upload-assets: false # Optional: Upload to a new release | |
| release: | |
| needs: [build, provenance] | |
| runs-on: ubuntu-latest | |
| if: startsWith(github.ref, 'refs/tags/') | |
| permissions: | |
| contents: write # To add assets to a release. | |
| steps: | |
| - name: Download x64 Installer | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: LGTVCompanion-Setup-Release-x64 | |
| - name: Download arm64 Installer | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: LGTVCompanion-Setup-Release-arm64 | |
| - name: Download Provenance | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: LGTV Companion Setup.intoto.jsonl | |
| - name: Upload assets | |
| uses: softprops/action-gh-release@v2 | |
| with: | |
| files: | | |
| LGTV Companion Setup x64.msi | |
| LGTV Companion Setup arm64.msi | |
| LGTV Companion Setup.intoto.jsonl | |
| draft: true | |
| generate_release_notes: true |