Added binary signing to the CI/CD pipeline & updated readme #18
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build .NET Application | |
on: | |
push: | |
branches: [ "main" ] | |
pull_request: | |
branches: [ "main" ] | |
jobs: | |
build: | |
strategy: | |
matrix: | |
configuration: [Release] | |
runs-on: windows-latest # For a list of available runner types, refer to | |
# https://help.github.com/en/actions/reference/workflow-syntax-for-github-actions#jobsjob_idruns-on | |
env: | |
Solution_Name: QPlayer # Replace with your solution name, i.e. MyWpfApp.sln. | |
Project_Directory: QPlayer # Replace with the Wap project directory relative to the solution, i.e. MyWpfApp.Package. | |
Project_Path: QPlayer/QPlayer.csproj # Replace with the path to your Wap project, i.e. MyWpf.App.Package\MyWpfApp.Package.wapproj. | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
# Install the .NET Core workload | |
- name: Install .NET Core | |
uses: actions/setup-dotnet@v3 | |
with: | |
dotnet-version: 6.0.x | |
# Add MSBuild to the PATH: https://github.com/microsoft/setup-msbuild | |
- name: Setup MSBuild.exe | |
uses: microsoft/[email protected] | |
# Execute all unit tests in the solution | |
# - name: Execute unit tests | |
# run: dotnet test | |
# Restore the application to populate the obj folder with RuntimeIdentifiers | |
- name: Restore the application | |
run: msbuild $env:Solution_Name /t:Restore /p:Configuration=$env:Configuration | |
env: | |
Configuration: ${{ matrix.configuration }} | |
# Decode the base 64 encoded pfx and save the Signing_Certificate | |
- name: Decode the pfx | |
run: | | |
$pfx_cert_byte = [System.Convert]::FromBase64String("${{ secrets.Base64_Encoded_Pfx }}") | |
$certificatePath = Join-Path -Path $env:Project_Directory -ChildPath GitHubActionsWorkflow.pfx | |
[IO.File]::WriteAllBytes("$certificatePath", $pfx_cert_byte) | |
# Create the app package by building and packaging the Windows Application Packaging project | |
- name: Create the app package | |
run: msbuild $env:Project_Path /p:Configuration=$env:Configuration /p:PublishProfile=$env:PublishProfileDir /p:PublishDir="publish/" /target:publish # /p:PackageCertificateKeyFile=GitHubActionsWorkflow.pfx /p:PackageCertificatePassword=${{ secrets.Pfx_Key }} | |
env: | |
PublishProfileDir: "/QPlayer/Properties/PublishProfiles/ClickOnceProfile.pubxml" | |
Configuration: ${{ matrix.configuration }} | |
# Sign the assembly | |
- name: Sign the assembly | |
run: | | |
signtool sign /f GitHubActionsWorkflow.pfx /p ${{ secrets.Pfx_Key }} $env:Project_Directory\publish\QPlayer.dll | |
signtool sign /f GitHubActionsWorkflow.pfx /p ${{ secrets.Pfx_Key }} $env:Project_Directory\publish\QPlayer.exe | |
# Remove the pfx | |
- name: Remove the pfx | |
run: Remove-Item -path $env:Project_Directory\GitHubActionsWorkflow.pfx | |
# Compress build artifacts | |
- name: Compress build artifacts | |
run: Compress-Archive $env:Project_Directory\publish\* -DestinationPath $env:Project_Directory\QPlayer-release.zip | |
# Upload the build artifacts | |
- name: Upload build artifacts | |
uses: actions/upload-artifact@v3 | |
with: | |
name: ReleaseBinaries | |
path: ${{ env.Project_Directory }}\QPlayer-release.zip | |
create-release: | |
needs: build | |
name: "Create Release" | |
runs-on: "ubuntu-latest" | |
permissions: | |
contents: write | |
steps: | |
- name: Download release binaries | |
uses: actions/download-artifact@v3 | |
with: | |
name: ReleaseBinaries | |
- uses: "marvinpinto/action-automatic-releases@latest" | |
with: | |
repo_token: "${{ secrets.GITHUB_TOKEN }}" | |
automatic_release_tag: "latest" | |
prerelease: true | |
title: "Development Build" | |
files: QPlayer-release.zip |