From e126f0fc47f9e13d079d28f0d4dc7365ec48f2c8 Mon Sep 17 00:00:00 2001
From: AndrewMusser <andrew@loupe.team>
Date: Thu, 25 Jul 2024 11:18:41 -0400
Subject: [PATCH] Bring back in the rest of the workflow

---
 .github/workflows/release.yml | 52 ++++++++++++++++++++++++++++++++---
 1 file changed, 48 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 42fbff8..96ffdbd 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -4,7 +4,7 @@ run-name: Publish LPM Installer ${{ github.ref_name }}
 on:
   push:
     tags:
-      - test*
+      - v*
 
 jobs:
   release-installer:
@@ -24,9 +24,53 @@ jobs:
 
       - name: Download Inno Setup installer
         run: Invoke-WebRequest -Uri "https://jrsoftware.org/download.php/is.exe" -OutFile "is.exe"
-
       - name: Install Inno Setup silently
         run: .\is.exe /verysilent /dir="C:\Program Files\InnoSetup"
 
-      - name: Run iscc against .iss file
-        run: iscc .\utils\Setup.iss
\ No newline at end of file
+      - name: Create the EXE Installer
+        working-directory: ./utils
+        run: ./BuildInstaller.bat
+
+      - name: Code Signing Setup - Setup Certificate
+        shell: bash
+        run: echo "${{secrets.SM_CLIENT_CERT_FILE_B64 }}" | base64 --decode > /d/Certificate_pkcs12.p12
+
+      - name: Code Signing Setup - add to path
+        shell: bash
+        run: |
+          echo "C:\Program Files (x86)\Windows Kits\10\App Certification Kit" >> $GITHUB_PATH
+          echo "C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.8 Tools" >> $GITHUB_PATH
+          echo "C:\Program Files\DigiCert\DigiCert One Signing Manager Tools" >> $GITHUB_PATH
+
+      - name: Code Signing Setup - Setup SSM KSP on windows latest
+        shell: cmd
+        run: |
+          curl -X GET https://one.digicert.com/signingmanager/api-ui/v1/releases/smtools-windows-x64.msi/download -H "x-api-key:%SM_API_KEY%" -o smtools-windows-x64.msi
+          msiexec /i smtools-windows-x64.msi /quiet /qn
+          smksp_registrar.exe list
+          smctl.exe keypair ls
+          C:\Windows\System32\certutil.exe -csp "DigiCert Signing Manager KSP" -key -user
+          smksp_cert_sync.exe
+
+      - name: Code Signing Setup - Sign using Signtool
+        run: |
+          signtool.exe sign /sha1 ${{ secrets.SM_CODE_SIGNING_CERT_SHA1_HASH }} /tr http://timestamp.digicert.com /td SHA256 /fd SHA256 "./build/LPM-Setup.exe"
+          signtool.exe verify /v /pa "./build/LPM-Setup.exe"
+
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v4.0.2
+        with:
+          aws-region: us-west-2
+          aws-access-key-id: ${{ secrets.LPM_S3_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.LPM_S3_SECRET_ACCESS_KEY }}
+
+      - name: Upload Installer to S3
+        run: |
+          aws s3 cp ./build/LPM-Setup.exe s3://loupe-lpm-assets/releases/latest/LPM-Setup.exe
+          aws s3 cp ./build/LPM-Setup.exe s3://loupe-lpm-assets/releases/${{ github.ref_name }}/LPM-Setup.exe
+
+
+
+
+
+