name: Windows_MSI on: workflow_dispatch: jobs: build_windows: runs-on: windows-latest steps: - name: Checkout repository uses: actions/checkout@v4 with: path: pdf4qt - name: Add MakeAppx to PATH shell: pwsh run: | # Define the base path to Windows Kits $basePath = "C:\Program Files (x86)\Windows Kits\10\bin" # Get directories in the base path and sort them by version number $sdkDirs = Get-ChildItem -Path $basePath -Directory | Sort-Object Name -Descending # Find the first directory that contains the MakeAppx.exe $sdkPath = $null foreach ($dir in $sdkDirs) { $path = Join-Path $dir.FullName "x64" if (Test-Path (Join-Path $path "MakeAppx.exe")) { $sdkPath = $path break } } # Add the highest version SDK path to the PATH environment variable if ($sdkPath) { Write-Host "Adding $sdkPath to PATH" echo "PATH=$env:PATH;$sdkPath" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append } else { Write-Error "MakeAppx.exe not found in any Windows SDK directories" } - name: Verify MakeAppx Path shell: pwsh run: | $makeAppxPath = Get-Command MakeAppx.exe | Select-Object -ExpandProperty Definition Write-Host "MakeAppx.exe found at: $makeAppxPath" - name: Setup Variables and Install Keylocker KSP shell: pwsh if: vars.SIGN_MSI == 'true' run: | # Decode the base64-encoded certificate $certificateBase64 = '${{ secrets.SM_CLIENT_CERT_FILE_B64 }}' $certificateBytes = [Convert]::FromBase64String($certificateBase64) $certPath = "$env:GITHUB_WORKSPACE\JM_AuthCert.p12" # Write the certificate to a file [System.IO.File]::WriteAllBytes("$env:GITHUB_WORKSPACE\JM_AuthCert.p12", $certificateBytes) # Compute the hash of the certificate file $hash = Get-FileHash -Path $certPath -Algorithm SHA256 Write-Host "Authorization certificate hash: $($hash.Hash)" # Set GitHub Actions outputs echo "KEYPAIR_NAME=gt-standard-keypair" >> $env:GITHUB_OUTPUT echo "CERTIFICATE_NAME=gt-certificate" >> $env:GITHUB_OUTPUT # Set environment variables echo "SM_HOST=${{ secrets.SM_HOST }}" >> "$env:GITHUB_ENV" echo "SM_API_KEY=${{ secrets.SM_API_KEY }}" >> "$env:GITHUB_ENV" echo "SM_CLIENT_CERT_FILE=$certpath" >> "$env:GITHUB_ENV" echo "SM_CLIENT_CERT_PASSWORD=${{ secrets.SM_CLIENT_CERT_PASSWORD }}" >> "$env:GITHUB_ENV" # Add paths to PATH environment variable echo "C:\Program Files (x86)\Windows Kits\10\App Certification Kit" >> $env:GITHUB_PATH echo "C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.8 Tools" >> $env:GITHUB_PATH echo "C:\Program Files\DigiCert\DigiCert Keylocker Tools" >> $env:GITHUB_PATH # Download and install the Keylocker tools curl -X GET https://one.digicert.com/signingmanager/api-ui/v1/releases/Keylockertools-windows-x64.msi/download -H "x-api-key:${{ secrets.SM_API_KEY }}" -o Keylockertools-windows-x64.msi msiexec /i Keylockertools-windows-x64.msi /quiet /qn - name: Certificates Sync shell: pwsh if: vars.SIGN_MSI == 'true' run: | # Sync certificates smctl windows certsync - name: 'VCPKG: Set up VCPKG' run: | git clone --depth=1 https://github.com/microsoft/vcpkg.git cd vcpkg .\bootstrap-vcpkg.bat -disableMetrics .\vcpkg integrate install set VCPKG_ROOT=${env:GITHUB_WORKSPACE}\vcpkg\ set "VCPKG_BINARY_SOURCES=clear;files,${env:GITHUB_WORKSPACE}\vcpkg\archives,readwrite" - name: 'VCPKG: Cache vcpkg dependencies' uses: actions/cache@v4 with: path: | ./vcpkg/downloads ./vcpkg/packages ./vcpkg/installed ./vcpkg/archives key: ${{ runner.os }}-vcpkg-${{ hashFiles('**/vcpkg.json') }} - name: 'VCPKG: Install project dependencies' run: | .\vcpkg install tbb openssl lcms zlib openjpeg freetype ijg-libjpeg libpng blend2d brotli bzip2 hwloc vcpkg-cmake vcpkg-cmake-config vcpkg-cmake-get-vars --triplet x64-windows working-directory: vcpkg - name: Install Qt uses: jurplel/install-qt-action@v3 with: version: '6.7.2' host: 'windows' target: 'desktop' dir: '${{ github.workspace }}/qt/' install-deps: 'true' modules: 'qtspeech qtmultimedia qtimageformats' cache: 'true' cache-key-prefix: ${{ runner.os }}-qt-672 - name: Find VC Redistributable Directories shell: pwsh run: | # Define the base path to the VC redistributable directories $basePath = "C:\Program Files\Microsoft Visual Studio\2022\*\VC\Redist\MSVC" $arch = "x64" # Find directories that match the pattern for VC redistributables $redistDirs = Get-ChildItem -Path $basePath -Recurse -Directory -Filter "Microsoft.VC*.CRT" | Where-Object { $_.FullName -notmatch "debug_nonredist" -and $_.FullName -match "\\$arch\\" -and $_.FullName -notmatch "onecore" } # Extract the toolset version from the directory names if ($redistDirs) { $firstRedistDir = $redistDirs | Select-Object -First 1 $toolsetVersion = $firstRedistDir.Name -replace '^Microsoft\.VC(\d+)\.CRT$', '$1' Write-Host "Found MSVC Toolset Version: $toolsetVersion" Write-Host "Found MSVC Redistributable Full Path: $firstRedistDir" echo "MSVC_TOOLSET_VERSION=$toolsetVersion" >> $env:GITHUB_ENV echo "VCToolsRedistDir=$($firstRedistDir.Parent.Parent.Parent.FullName)" >> $env:GITHUB_ENV echo "VSCMD_ARG_TGT_ARCH=$arch" >> $env:GITHUB_ENV echo "MSVC_REDISTRIBUTABLES_PATH=$firstRedistDir" >> $env:GITHUB_ENV } else { Write-Error "No valid redistributable directories found." } - name: Build project working-directory: pdf4qt shell: pwsh run: | cmake -B build -S . -DCMAKE_BUILD_TYPE=Release -DCMAKE_VCPKG_BUILD_TYPE=Release -DPDF4QT_INSTALL_QT_DEPENDENCIES=ON -DPDF4QT_INSTALL_DEPENDENCIES=ON -DCMAKE_TOOLCHAIN_FILE="${env:GITHUB_WORKSPACE}\vcpkg\scripts\buildsystems\vcpkg.cmake" -DPDF4QT_QT_ROOT="${env:Qt6_DIR}" -DPDF4QT_INSTALL_MSVC_REDISTRIBUTABLE=ON -DPDF4QT_INSTALL_PREPARE_WIX_INSTALLER=ON -DPDF4QT_INSTALL_TO_USR=ON cmake --build build --config Release -j6 cmake --install build env: VCToolsRedistDir: ${{ env.VCToolsRedistDir }} VSCMD_ARG_TGT_ARCH: ${{ env.VSCMD_ARG_TGT_ARCH }} MSVC_TOOLSET_VERSION: ${{ env.MSVC_TOOLSET_VERSION }} MSVC_REDISTRIBUTABLES_PATH: ${{ env.MSVC_REDISTRIBUTABLES_PATH }} - name: Read version id: get_version shell: pwsh run: | $version = Get-Content -Path ".\pdf4qt\build\version.txt" -Raw $version = $version.Trim() # Odstraní případné prázdné znaky kolem verze Write-Host "Version: $version" echo "pdf4qt_version=$version" >> $env:GITHUB_ENV echo "msipackagefilename=JakubMelka.PDF4QT_${version}.msi" >> $env:GITHUB_ENV Write-Host "MSI package file name: JakubMelka.PDF4QT_${version}.msi" - name: Find WiXUIExtension.dll id: find_wixui_extension shell: pwsh run: | $wixPath = "C:\Program Files (x86)\WiX Toolset v3.*\bin\WiXUIExtension.dll" $wixUIExtensionPath = Get-ChildItem -Path $wixPath -ErrorAction SilentlyContinue | Select-Object -First 1 if ($null -ne $wixUIExtensionPath) { Write-Output "Found WiXUIExtension.dll at: $($wixUIExtensionPath.FullName)" echo "wixuiextpath=$($wixUIExtensionPath.FullName)" >> $env:GITHUB_ENV } else { Write-Error "WiXUIExtension.dll not found in the expected path." } - name: Create MSI Package working-directory: pdf4qt\build\WixInstaller run: | candle -v -d"SolutionDir=." -d"SolutionExt=.sln" -d"SolutionFileName=PDF4QT.sln" -d"SolutionName=PDF4QT" -d"SolutionPath=PDF4QT.sln" -d"Configuration=Release" -d"OutDir=bin\Release\" -d"Platform=x86" -d"ProjectDir=." -d"ProjectExt=.wixproj" -d"ProjectFileName=PDF4QT.wixproj" -d"ProjectName=PDF4QT" -d"ProjectPath=PDF4QT.wixproj" -d"TargetDir=bin\Release\" -d"TargetExt=.msi" -d"TargetFileName=${{ env.msipackagefilename }}" -d"TargetName=PDF4QT" -d"TargetPath=bin\Release\${{ env.msipackagefilename }}" -out obj\Release\ -arch x86 -ext "${{ env.wixuiextpath }}" Product.wxs Light -v -out ${{ github.workspace }}\pdf4qt\build\install\${{ env.msipackagefilename }} -pdbout .\bin\Release\PDF4QT.wixpdb -cultures:null -ext "${{ env.wixuiextpath }}" -contentsfile obj\Release\PDF4QT.wixproj.BindContentsFileListnull.txt -outputsfile obj\Release\PDF4QT.wixproj.BindOutputsFileListnull.txt -builtoutputsfile obj\Release\PDF4QT.wixproj.BindBuiltOutputsFileListnull.txt -wixprojectfile .\PDF4QT.wixproj obj\Release\Product.wixobj - name: Sign MSI Package shell: pwsh if: vars.SIGN_MSI == 'true' run: | signtool.exe sign /sha1 ${{ secrets.SM_CODE_SIGNING_CERT_SHA1_HASH }} /tr http://timestamp.digicert.com /td SHA256 /fd SHA256 "${{ github.workspace }}\pdf4qt\build\install\${{ env.msipackagefilename }}" signtool.exe verify /v /pa "${{ github.workspace }}\pdf4qt\build\install\${{ env.msipackagefilename }}" - name: Create MSIX Package run: | MakeAppx pack /d ".\pdf4qt\build\install\usr\bin" /p ".\pdf4qt\build\install\JakubMelka.PDF4QT_${{ env.pdf4qt_version }}.msix" - name: Sign MSIX Package shell: pwsh if: vars.SIGN_MSI == 'true' run: | signtool.exe sign /sha1 ${{ secrets.SM_CODE_SIGNING_CERT_SHA1_HASH }} /tr http://timestamp.digicert.com /td SHA256 /fd SHA256 ".\pdf4qt\build\install\JakubMelka.PDF4QT_${{ env.pdf4qt_version }}.msix" signtool.exe verify /v /pa ".\pdf4qt\build\install\JakubMelka.PDF4QT_${{ env.pdf4qt_version }}.msix" - name: Upload ZIP directory uses: actions/upload-artifact@v4 with: name: 'PDF4QT-${{ runner.os }}-${{ env.pdf4qt_version }}.zip' path: .\pdf4qt\build\install\usr\bin retention-days: 30 - name: Upload MSIX package uses: actions/upload-artifact@v4 with: name: 'JakubMelka.PDF4QT_${{ env.pdf4qt_version }}.msix' path: .\pdf4qt\build\install\JakubMelka.PDF4QT_${{ env.pdf4qt_version }}.msix retention-days: 30 compression-level: 0 - name: Upload MSI package uses: actions/upload-artifact@v4 with: name: '${{ env.msipackagefilename }}' path: .\pdf4qt\build\install\${{ env.msipackagefilename }} retention-days: 30 compression-level: 0