From 86881db47b0251d50d4376533f2bf197fd07a4ab Mon Sep 17 00:00:00 2001 From: Sam Baker <72452805+sbaker-devolutions@users.noreply.github.com> Date: Fri, 22 Mar 2024 11:04:22 -0400 Subject: [PATCH] Update package.yml --- .github/workflows/package.yml | 662 +++++++++++++++++----------------- 1 file changed, 331 insertions(+), 331 deletions(-) diff --git a/.github/workflows/package.yml b/.github/workflows/package.yml index 8e55a4c96..067deaf21 100644 --- a/.github/workflows/package.yml +++ b/.github/workflows/package.yml @@ -115,337 +115,337 @@ jobs: $Version = Get-Content VERSION -TotalCount 1 echo "version=$Version" >> $Env:GITHUB_OUTPUT - codesign: - name: Codesign - runs-on: ${{ matrix.runner }} - environment: publish-prod - needs: preflight - strategy: - matrix: - project: [ jetsocat, devolutions-gateway ] - os: [ windows, macos, linux ] - include: - - os: windows - runner: windows-2022 - - os: macos - runner: macos-latest - - os: linux - runner: ubuntu-20.04 - exclude: - - project: devolutions-gateway - os: macos - - steps: - - name: Checkout ${{ github.repository }} - uses: actions/checkout@v4 - with: - ref: ${{ needs.preflight.outputs.commit }} - - - name: Download artifacts - shell: pwsh - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: | - $Destination = Join-Path ${{ runner.temp }} ${{ matrix.project }} - gh run download ${{ needs.preflight.outputs.run }} -n ${{ matrix.project }} -D "$Destination" - - ## Delete the files that we won't operate on to prevent them being re-uploaded - ## This ensures consistency of the artifact since we are operating in a matrix - - name: Manage artifacts - shell: pwsh - run: | - $Destination = Join-Path ${{ runner.temp }} ${{ matrix.project }} - $Exclusions = @('${{ matrix.os }}', 'Powershell') - Get-ChildItem "$Destination" -Exclude $Exclusions | Remove-Item -Recurse - - - name: Install AzureSignTool - if: matrix.os == 'windows' - run: | - dotnet tool install --global AzureSignTool - - - name: Configure certificates (macOS) - if: matrix.os == 'macos' - env: - DEVELOPER_ID_CERTIFICATE: ${{ secrets.APPLE_APP_DEV_ID_APP_CERTIFICATE }} - DEVELOPER_ID_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_APP_DEV_ID_APP_CERTIFICATE_PASSWORD }} - run: | - KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db - KEYCHAIN_PASSWORD=Price2011 - - DEVELOPER_ID_CERTIFICATE_PATH=$RUNNER_TEMP/dev_id_cert.p12 - echo -n "$DEVELOPER_ID_CERTIFICATE" | base64 --decode --output $DEVELOPER_ID_CERTIFICATE_PATH - - security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH - security set-keychain-settings -lut 21600 $KEYCHAIN_PATH - security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH - - security import $DEVELOPER_ID_CERTIFICATE_PATH -P "$DEVELOPER_ID_CERTIFICATE_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH - security list-keychain -d user -s $KEYCHAIN_PATH - - - name: Configure runner (Windows) - if: matrix.os == 'windows' - run: | - echo "C:\Program Files (x86)\Windows Kits\10\bin\10.0.17763.0\x64" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append - - $WixToolsetItem = Get-ChildItem -Path "C:\Program Files (x86)\" -Filter "WiX Toolset v*" | Select-Object -First 1 - echo "C:\Program Files (x86)\$($WixToolsetItem.Name)\bin" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append - - - name: Sign executables - if: matrix.os == 'windows' || matrix.os == 'macos' - shell: pwsh - run: | - $Pattern = switch ('${{ matrix.project }}') { - 'devolutions-gateway' { 'DevolutionsGateway_*.exe' } - 'jetsocat' { 'jetsocat_*' } - } - Get-ChildItem -Path ${{ runner.temp }} -Recurse -Include "$Pattern" | % { - if ('${{ matrix.os }}' -Eq 'windows') { - $Params = @('sign', - '-kvt', '${{ secrets.AZURE_TENANT_ID }}', - '-kvu', '${{ secrets.CODE_SIGNING_KEYVAULT_URL }}', - '-kvi', '${{ secrets.CODE_SIGNING_CLIENT_ID }}', - '-kvs', '${{ secrets.CODE_SIGNING_CLIENT_SECRET }}', - '-kvc', '${{ secrets.CODE_SIGNING_CERTIFICATE_NAME }}', - '-tr', '${{ vars.CODE_SIGNING_TIMESTAMP_SERVER }}', - '-v') - AzureSignTool @Params $_.FullName - } elseif ('${{ matrix.os }}' -Eq 'macos') { - $SignCmd = $(@( - 'codesign', - '--timestamp', - '--options=runtime', - '-s', '"Developer ID Application: Devolutions inc. (N592S9ASDB)"', - '-v', - $_.FullName - )) -Join ' ' - Write-Host $SignCmd - Invoke-Expression $SignCmd - } else { - echo "::debug::nothing to do for ${{ matrix.os }}" - } - } - - - name: Download web client artifacts - if: matrix.os == 'windows' && matrix.project == 'devolutions-gateway' - shell: pwsh - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: | - $Destination = Join-Path "webapp" "client" - gh run download ${{ needs.preflight.outputs.run }} -n webapp-client -D "$Destination" - - - name: Add msbuild to PATH - if: matrix.os == 'windows' && matrix.project == 'devolutions-gateway' - uses: microsoft/setup-msbuild@v2 - - - name: Regenerate MSI - if: matrix.project == 'devolutions-gateway' && matrix.os == 'windows' - shell: pwsh - run: | - $PackageRoot = Join-Path ${{ runner.temp }} devolutions-gateway - $Env:DGATEWAY_EXECUTABLE = Get-ChildItem -Path $PackageRoot -Recurse -Include '*DevolutionsGateway*.exe' | Select -First 1 - $Env:DGATEWAY_PSMODULE_PATH = Join-Path $PackageRoot PowerShell DevolutionsGateway - $Env:DGATEWAY_WEBCLIENT_PATH = Join-Path "webapp" "client" | Resolve-Path - - Get-ChildItem -Path (Join-Path $PackageRoot PowerShell "*.zip") -Recurse | % { - Remove-Item $_.FullName -Force - } - - ./ci/tlk.ps1 package -PackageOption generate - - - name: Sign msi runtime - if: matrix.project == 'devolutions-gateway' && matrix.os == 'windows' - shell: pwsh - working-directory: package/WindowsManaged/Release - run: | - Get-ChildItem -Path .\* -Include "*.exe" | % { - $Params = @('sign', - '-kvt', '${{ secrets.AZURE_TENANT_ID }}', - '-kvu', '${{ secrets.CODE_SIGNING_KEYVAULT_URL }}', - '-kvi', '${{ secrets.CODE_SIGNING_CLIENT_ID }}', - '-kvs', '${{ secrets.CODE_SIGNING_CLIENT_SECRET }}', - '-kvc', '${{ secrets.CODE_SIGNING_CERTIFICATE_NAME }}', - '-tr', '${{ vars.CODE_SIGNING_TIMESTAMP_SERVER }}', - '-v') - AzureSignTool @Params $_.FullName - } - - - name: Repackage - if: matrix.project == 'devolutions-gateway' && matrix.os == 'windows' - shell: pwsh - run: | - $PackageRoot = Join-Path ${{ runner.temp }} devolutions-gateway - $Env:DGATEWAY_PACKAGE = Get-ChildItem -Path $PackageRoot -Recurse -Include '*DevolutionsGateway*.msi' | Where-Object { $_.Name -NotLike "*legacy*"} | Select -First 1 - - ./ci/tlk.ps1 package -PackageOption assemble - - - name: Sign packages - if: matrix.project == 'devolutions-gateway' && matrix.os == 'windows' - shell: pwsh - run: | - Get-ChildItem -Path ${{ runner.temp }} -Recurse -Include '*.msi' | % { - $Params = @('sign', - '-kvt', '${{ secrets.AZURE_TENANT_ID }}', - '-kvu', '${{ secrets.CODE_SIGNING_KEYVAULT_URL }}', - '-kvi', '${{ secrets.CODE_SIGNING_CLIENT_ID }}', - '-kvs', '${{ secrets.CODE_SIGNING_CLIENT_SECRET }}', - '-kvc', '${{ secrets.CODE_SIGNING_CERTIFICATE_NAME }}', - '-tr', '${{ vars.CODE_SIGNING_TIMESTAMP_SERVER }}', - '-d', 'Devolutions Gateway', - '-v') - AzureSignTool @Params $_.FullName - } - - - name: Verification - if: matrix.os == 'windows' || matrix.os == 'macos' - shell: pwsh - run: | - $RootPath = Join-Path ${{ runner.temp }} ${{ matrix.project }} ${{ matrix.os }} - if ('${{ matrix.os }}' -Eq 'windows') { - Get-ChildItem -Path $RootPath -Recurse -Include ('*.exe', '*.msi') | % { - signtool verify /pa "$($_.FullName)" - if ($LastExitCode -Ne 0) { - echo "::error::failed to verify the signature of $($_.FullName)" - exit 1 - } - } - } elseif ('${{ matrix.os }}' -Eq 'macos') { - Get-ChildItem -Path $RootPath -Recurse -Include 'jetsocat_*' | % { - codesign -dvvv "$($_.FullName)" - if ($LastExitCode -Ne 0) { - echo "::error::failed to verify the signature of $($_.FullName)" - exit 1 - } - } - } - - - name: Upload artifacts - uses: actions/upload-artifact@v4 - with: - name: ${{ matrix.project }}-${{ matrix.os }} - path: ${{ runner.temp }}/${{ matrix.project }} - if-no-files-found: error - - devolutions-gateway-merge: - name: Merge Artifacts - runs-on: ubuntu-latest - needs: [preflight, codesign] - - steps: - - name: Download Artifacts - uses: actions/download-artifact@v4 - with: - pattern: devolutions-gateway-* - merge-multiple: true - - - name: Upload Artifacts - uses: actions/upload-artifact@v4 - with: - path: ${{ github.workspace }}/**/* - name: devolutions-gateway - overwrite: true - - jetsocat-merge: - name: Merge Artifacts - runs-on: ubuntu-latest - needs: [preflight, codesign] - - steps: - - name: Download Artifacts - uses: actions/download-artifact@v4 - with: - pattern: jetsocat-* - merge-multiple: true - - - name: Upload Artifacts - uses: actions/upload-artifact@v4 - with: - path: ${{ github.workspace }}/**/* - name: jetsocat - overwrite: true - - web-app: - name: Web App - runs-on: ubuntu-latest - needs: [preflight] - - steps: - - name: Download artifacts - shell: pwsh - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: gh run download ${{ needs.preflight.outputs.run }} -n webapp-client -R $Env:GITHUB_REPOSITORY -D webapp-client - - - name: Create tarball - run: tar -czvf devolutions_gateway_webapp_${{ needs.preflight.outputs.version }}.tar.gz webapp-client - - - name: Upload artifacts - uses: actions/upload-artifact@v4 - with: - name: webapp-client - path: devolutions_gateway_webapp_${{ needs.preflight.outputs.version }}.tar.gz - if-no-files-found: error - overwrite: true - - nuget: - name: Nuget - runs-on: ubuntu-latest - needs: [preflight, codesign, jetsocat-merge] - - steps: - - name: Checkout ${{ github.repository }} - uses: actions/checkout@v4 - with: - ref: ${{ needs.preflight.outputs.commit }} - - - name: Download artifacts - uses: actions/download-artifact@v4 - with: - name: jetsocat - path: jetsocat/nuget/bin - - - name: Rename artifacts - shell: pwsh - working-directory: jetsocat/nuget/bin - run: | - # Backward compatibility with prior nuspec versions - Get-ChildItem -Directory -Recurse "x86_64" | Rename-Item -NewName "x64" - - # Remove version number and architecture from binary name - Get-ChildItem -File -Recurse | Rename-Item -NewName "jetsocat" - cd windows - Get-ChildItem -File -Recurse | Rename-Item -NewName "jetsocat.exe" - - - name: Set package metadata - shell: pwsh - working-directory: jetsocat/nuget - run: | - $Version = '${{ github.event.inputs.jetsocat-nuget-version }}' - if ([string]::IsNullOrWhitespace($Version)) { - $Version = Get-Date -Format "yyyy.M.d" - } - - $Nuspec = (Resolve-Path "Devolutions.Jetsocat.nuspec") - $Xml = [xml] (Get-Content $Nuspec) - Select-Xml -xml $Xml -XPath //package/metadata/version | % { $_.Node.'#text' = "$Version" } - Select-Xml -xml $Xml -XPath //package/metadata/description | % { $_.Node.'#text' = "Websocket toolkit for jet protocol related operations" } - $Xml.Save($Nuspec) - - - name: Build package - shell: pwsh - working-directory: jetsocat/nuget - run: | - Install-Module -Name ZipIt -Force - & 'nuget' 'pack' 'Devolutions.Jetsocat.nuspec' - $NugetPackage = (Get-Item ".\*.nupkg" | Select-Object -First 1) | Resolve-Path -Relative - Set-ZipItUnixFilePermissions $NugetPackage -FilePattern "native/jetsocat$" -FilePermissions "r-xr-xr-x" - - - name: Upload artifact - uses: actions/upload-artifact@v4 - with: - name: jetsocat-nuget - path: jetsocat/nuget/*.nupkg - if-no-files-found: error + # codesign: + # name: Codesign + # runs-on: ${{ matrix.runner }} + # environment: publish-prod + # needs: preflight + # strategy: + # matrix: + # project: [ jetsocat, devolutions-gateway ] + # os: [ windows, macos, linux ] + # include: + # - os: windows + # runner: windows-2022 + # - os: macos + # runner: macos-latest + # - os: linux + # runner: ubuntu-20.04 + # exclude: + # - project: devolutions-gateway + # os: macos + + # steps: + # - name: Checkout ${{ github.repository }} + # uses: actions/checkout@v4 + # with: + # ref: ${{ needs.preflight.outputs.commit }} + + # - name: Download artifacts + # shell: pwsh + # env: + # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + # run: | + # $Destination = Join-Path ${{ runner.temp }} ${{ matrix.project }} + # gh run download ${{ needs.preflight.outputs.run }} -n ${{ matrix.project }} -D "$Destination" + + # ## Delete the files that we won't operate on to prevent them being re-uploaded + # ## This ensures consistency of the artifact since we are operating in a matrix + # - name: Manage artifacts + # shell: pwsh + # run: | + # $Destination = Join-Path ${{ runner.temp }} ${{ matrix.project }} + # $Exclusions = @('${{ matrix.os }}', 'Powershell') + # Get-ChildItem "$Destination" -Exclude $Exclusions | Remove-Item -Recurse + + # - name: Install AzureSignTool + # if: matrix.os == 'windows' + # run: | + # dotnet tool install --global AzureSignTool + + # - name: Configure certificates (macOS) + # if: matrix.os == 'macos' + # env: + # DEVELOPER_ID_CERTIFICATE: ${{ secrets.APPLE_APP_DEV_ID_APP_CERTIFICATE }} + # DEVELOPER_ID_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_APP_DEV_ID_APP_CERTIFICATE_PASSWORD }} + # run: | + # KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db + # KEYCHAIN_PASSWORD=Price2011 + + # DEVELOPER_ID_CERTIFICATE_PATH=$RUNNER_TEMP/dev_id_cert.p12 + # echo -n "$DEVELOPER_ID_CERTIFICATE" | base64 --decode --output $DEVELOPER_ID_CERTIFICATE_PATH + + # security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH + # security set-keychain-settings -lut 21600 $KEYCHAIN_PATH + # security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH + + # security import $DEVELOPER_ID_CERTIFICATE_PATH -P "$DEVELOPER_ID_CERTIFICATE_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH + # security list-keychain -d user -s $KEYCHAIN_PATH + + # - name: Configure runner (Windows) + # if: matrix.os == 'windows' + # run: | + # echo "C:\Program Files (x86)\Windows Kits\10\bin\10.0.17763.0\x64" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append + + # $WixToolsetItem = Get-ChildItem -Path "C:\Program Files (x86)\" -Filter "WiX Toolset v*" | Select-Object -First 1 + # echo "C:\Program Files (x86)\$($WixToolsetItem.Name)\bin" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append + + # - name: Sign executables + # if: matrix.os == 'windows' || matrix.os == 'macos' + # shell: pwsh + # run: | + # $Pattern = switch ('${{ matrix.project }}') { + # 'devolutions-gateway' { 'DevolutionsGateway_*.exe' } + # 'jetsocat' { 'jetsocat_*' } + # } + # Get-ChildItem -Path ${{ runner.temp }} -Recurse -Include "$Pattern" | % { + # if ('${{ matrix.os }}' -Eq 'windows') { + # $Params = @('sign', + # '-kvt', '${{ secrets.AZURE_TENANT_ID }}', + # '-kvu', '${{ secrets.CODE_SIGNING_KEYVAULT_URL }}', + # '-kvi', '${{ secrets.CODE_SIGNING_CLIENT_ID }}', + # '-kvs', '${{ secrets.CODE_SIGNING_CLIENT_SECRET }}', + # '-kvc', '${{ secrets.CODE_SIGNING_CERTIFICATE_NAME }}', + # '-tr', '${{ vars.CODE_SIGNING_TIMESTAMP_SERVER }}', + # '-v') + # AzureSignTool @Params $_.FullName + # } elseif ('${{ matrix.os }}' -Eq 'macos') { + # $SignCmd = $(@( + # 'codesign', + # '--timestamp', + # '--options=runtime', + # '-s', '"Developer ID Application: Devolutions inc. (N592S9ASDB)"', + # '-v', + # $_.FullName + # )) -Join ' ' + # Write-Host $SignCmd + # Invoke-Expression $SignCmd + # } else { + # echo "::debug::nothing to do for ${{ matrix.os }}" + # } + # } + + # - name: Download web client artifacts + # if: matrix.os == 'windows' && matrix.project == 'devolutions-gateway' + # shell: pwsh + # env: + # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + # run: | + # $Destination = Join-Path "webapp" "client" + # gh run download ${{ needs.preflight.outputs.run }} -n webapp-client -D "$Destination" + + # - name: Add msbuild to PATH + # if: matrix.os == 'windows' && matrix.project == 'devolutions-gateway' + # uses: microsoft/setup-msbuild@v2 + + # - name: Regenerate MSI + # if: matrix.project == 'devolutions-gateway' && matrix.os == 'windows' + # shell: pwsh + # run: | + # $PackageRoot = Join-Path ${{ runner.temp }} devolutions-gateway + # $Env:DGATEWAY_EXECUTABLE = Get-ChildItem -Path $PackageRoot -Recurse -Include '*DevolutionsGateway*.exe' | Select -First 1 + # $Env:DGATEWAY_PSMODULE_PATH = Join-Path $PackageRoot PowerShell DevolutionsGateway + # $Env:DGATEWAY_WEBCLIENT_PATH = Join-Path "webapp" "client" | Resolve-Path + + # Get-ChildItem -Path (Join-Path $PackageRoot PowerShell "*.zip") -Recurse | % { + # Remove-Item $_.FullName -Force + # } + + # ./ci/tlk.ps1 package -PackageOption generate + + # - name: Sign msi runtime + # if: matrix.project == 'devolutions-gateway' && matrix.os == 'windows' + # shell: pwsh + # working-directory: package/WindowsManaged/Release + # run: | + # Get-ChildItem -Path .\* -Include "*.exe" | % { + # $Params = @('sign', + # '-kvt', '${{ secrets.AZURE_TENANT_ID }}', + # '-kvu', '${{ secrets.CODE_SIGNING_KEYVAULT_URL }}', + # '-kvi', '${{ secrets.CODE_SIGNING_CLIENT_ID }}', + # '-kvs', '${{ secrets.CODE_SIGNING_CLIENT_SECRET }}', + # '-kvc', '${{ secrets.CODE_SIGNING_CERTIFICATE_NAME }}', + # '-tr', '${{ vars.CODE_SIGNING_TIMESTAMP_SERVER }}', + # '-v') + # AzureSignTool @Params $_.FullName + # } + + # - name: Repackage + # if: matrix.project == 'devolutions-gateway' && matrix.os == 'windows' + # shell: pwsh + # run: | + # $PackageRoot = Join-Path ${{ runner.temp }} devolutions-gateway + # $Env:DGATEWAY_PACKAGE = Get-ChildItem -Path $PackageRoot -Recurse -Include '*DevolutionsGateway*.msi' | Where-Object { $_.Name -NotLike "*legacy*"} | Select -First 1 + + # ./ci/tlk.ps1 package -PackageOption assemble + + # - name: Sign packages + # if: matrix.project == 'devolutions-gateway' && matrix.os == 'windows' + # shell: pwsh + # run: | + # Get-ChildItem -Path ${{ runner.temp }} -Recurse -Include '*.msi' | % { + # $Params = @('sign', + # '-kvt', '${{ secrets.AZURE_TENANT_ID }}', + # '-kvu', '${{ secrets.CODE_SIGNING_KEYVAULT_URL }}', + # '-kvi', '${{ secrets.CODE_SIGNING_CLIENT_ID }}', + # '-kvs', '${{ secrets.CODE_SIGNING_CLIENT_SECRET }}', + # '-kvc', '${{ secrets.CODE_SIGNING_CERTIFICATE_NAME }}', + # '-tr', '${{ vars.CODE_SIGNING_TIMESTAMP_SERVER }}', + # '-d', 'Devolutions Gateway', + # '-v') + # AzureSignTool @Params $_.FullName + # } + + # - name: Verification + # if: matrix.os == 'windows' || matrix.os == 'macos' + # shell: pwsh + # run: | + # $RootPath = Join-Path ${{ runner.temp }} ${{ matrix.project }} ${{ matrix.os }} + # if ('${{ matrix.os }}' -Eq 'windows') { + # Get-ChildItem -Path $RootPath -Recurse -Include ('*.exe', '*.msi') | % { + # signtool verify /pa "$($_.FullName)" + # if ($LastExitCode -Ne 0) { + # echo "::error::failed to verify the signature of $($_.FullName)" + # exit 1 + # } + # } + # } elseif ('${{ matrix.os }}' -Eq 'macos') { + # Get-ChildItem -Path $RootPath -Recurse -Include 'jetsocat_*' | % { + # codesign -dvvv "$($_.FullName)" + # if ($LastExitCode -Ne 0) { + # echo "::error::failed to verify the signature of $($_.FullName)" + # exit 1 + # } + # } + # } + + # - name: Upload artifacts + # uses: actions/upload-artifact@v4 + # with: + # name: ${{ matrix.project }}-${{ matrix.os }} + # path: ${{ runner.temp }}/${{ matrix.project }} + # if-no-files-found: error + + # devolutions-gateway-merge: + # name: Merge Artifacts + # runs-on: ubuntu-latest + # needs: [preflight, codesign] + + # steps: + # - name: Download Artifacts + # uses: actions/download-artifact@v4 + # with: + # pattern: devolutions-gateway-* + # merge-multiple: true + + # - name: Upload Artifacts + # uses: actions/upload-artifact@v4 + # with: + # path: ${{ github.workspace }}/**/* + # name: devolutions-gateway + # overwrite: true + + # jetsocat-merge: + # name: Merge Artifacts + # runs-on: ubuntu-latest + # needs: [preflight, codesign] + + # steps: + # - name: Download Artifacts + # uses: actions/download-artifact@v4 + # with: + # pattern: jetsocat-* + # merge-multiple: true + + # - name: Upload Artifacts + # uses: actions/upload-artifact@v4 + # with: + # path: ${{ github.workspace }}/**/* + # name: jetsocat + # overwrite: true + + # web-app: + # name: Web App + # runs-on: ubuntu-latest + # needs: [preflight] + + # steps: + # - name: Download artifacts + # shell: pwsh + # env: + # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + # run: gh run download ${{ needs.preflight.outputs.run }} -n webapp-client -R $Env:GITHUB_REPOSITORY -D webapp-client + + # - name: Create tarball + # run: tar -czvf devolutions_gateway_webapp_${{ needs.preflight.outputs.version }}.tar.gz webapp-client + + # - name: Upload artifacts + # uses: actions/upload-artifact@v4 + # with: + # name: webapp-client + # path: devolutions_gateway_webapp_${{ needs.preflight.outputs.version }}.tar.gz + # if-no-files-found: error + # overwrite: true + + # nuget: + # name: Nuget + # runs-on: ubuntu-latest + # needs: [preflight, codesign, jetsocat-merge] + + # steps: + # - name: Checkout ${{ github.repository }} + # uses: actions/checkout@v4 + # with: + # ref: ${{ needs.preflight.outputs.commit }} + + # - name: Download artifacts + # uses: actions/download-artifact@v4 + # with: + # name: jetsocat + # path: jetsocat/nuget/bin + + # - name: Rename artifacts + # shell: pwsh + # working-directory: jetsocat/nuget/bin + # run: | + # # Backward compatibility with prior nuspec versions + # Get-ChildItem -Directory -Recurse "x86_64" | Rename-Item -NewName "x64" + + # # Remove version number and architecture from binary name + # Get-ChildItem -File -Recurse | Rename-Item -NewName "jetsocat" + # cd windows + # Get-ChildItem -File -Recurse | Rename-Item -NewName "jetsocat.exe" + + # - name: Set package metadata + # shell: pwsh + # working-directory: jetsocat/nuget + # run: | + # $Version = '${{ github.event.inputs.jetsocat-nuget-version }}' + # if ([string]::IsNullOrWhitespace($Version)) { + # $Version = Get-Date -Format "yyyy.M.d" + # } + + # $Nuspec = (Resolve-Path "Devolutions.Jetsocat.nuspec") + # $Xml = [xml] (Get-Content $Nuspec) + # Select-Xml -xml $Xml -XPath //package/metadata/version | % { $_.Node.'#text' = "$Version" } + # Select-Xml -xml $Xml -XPath //package/metadata/description | % { $_.Node.'#text' = "Websocket toolkit for jet protocol related operations" } + # $Xml.Save($Nuspec) + + # - name: Build package + # shell: pwsh + # working-directory: jetsocat/nuget + # run: | + # Install-Module -Name ZipIt -Force + # & 'nuget' 'pack' 'Devolutions.Jetsocat.nuspec' + # $NugetPackage = (Get-Item ".\*.nupkg" | Select-Object -First 1) | Resolve-Path -Relative + # Set-ZipItUnixFilePermissions $NugetPackage -FilePattern "native/jetsocat$" -FilePermissions "r-xr-xr-x" + + # - name: Upload artifact + # uses: actions/upload-artifact@v4 + # with: + # name: jetsocat-nuget + # path: jetsocat/nuget/*.nupkg + # if-no-files-found: error generate-sbom: name: Upload SBOM