name: Build & Sign on: workflow_dispatch: jobs: windows: runs-on: windows-latest environment: test steps: - name: Set up dotnet uses: actions/setup-dotnet@v1 with: dotnet-version: "3.1.x" - name: Set up Node uses: actions/setup-node@v1 with: node-version: '10.x' - name: Set Node options run: echo "NODE_OPTIONS=--max_old_space_size=4096" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append shell: pwsh - name: Print environment run: | node --version npm --version dotnet --version - name: Install AST shell: pwsh run: | cd $HOME git clone https://github.com/vcsjones/AzureSignTool.git cd AzureSignTool $latest_head = $(git rev-parse HEAD)[0..9] -join "" $latest_version = "0.0.0-g$latest_head" Write-Host "--------" Write-Host "git commit - $(git rev-parse HEAD)" Write-Host "latest_head - $latest_head" Write-Host "PACKAGE VERSION TO BUILD - $latest_version" Write-Host "--------" dotnet restore dotnet pack --output ./nupkg dotnet tool install --global --ignore-failed-sources --add-source ./nupkg --version $latest_version azuresigntool cd $HOME - name: Test AST run: azuresigntool sign --help - name: Checkout repo uses: actions/checkout@v2 - name: Load package version run: ./.github/scripts/load-version.ps1 shell: pwsh - name: Install Node dependencies run: npm install - name: Run linter run: npm run lint - name: Build application run: | npm run build npm run clean:dist - name: Build & Sign shell: pwsh run: npx electron-builder --win --x64 --ia32 -p never -c.win.certificateSubjectName=''Bitwarden Inc'' env: CSC_LINK: ${{ secrets.EB_SIGNING_CERT_IDENTIFIER_URL }} CSC_KEY_PASSWORD: ${{ secrets.EB_SIGNING_CERT_KEY }} SIGNING_VAULT_URL: ${{ secrets.SIGNING_VAULT_URL }} SIGNING_CLIENT_ID: ${{ secrets.SIGNING_CLIENT_ID }} SIGNING_TENANT_ID: ${{ secrets.SIGNING_TENANT_ID }} SIGNING_CLIENT_SECRET: ${{ secrets.SIGNING_CLIENT_SECRET }} SIGNING_CERT_NAME: ${{ secrets.SIGNING_CERT_NAME }} SECRET_TEST: ${{ secrets.SECRET_TEST }} #- name: Upload portable exe artifact # if: github.ref == 'refs/heads/master' || github.event_name == 'release' # uses: actions/upload-artifact@v2 # with: # name: Bitwarden-Portable-${{ env.PACKAGE_VERSION }}.exe # path: ./dist/Bitwarden-Portable-${{ env.PACKAGE_VERSION }}.exe #- name: Upload installer exe artifact # if: github.ref == 'refs/heads/master' || github.event_name == 'release' # uses: actions/upload-artifact@v2 # with: # name: Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe # path: ./dist/nsis-web/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe #- name: Upload release assets # if: github.event_name == 'release' # run: | # hub release edit ` # -a ./dist/chocolatey/bitwarden.${{ env.PACKAGE_VERSION }}.nupkg ` # -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx ` # -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx ` # -m "$($env:RELEASE_TAG_NAME.TrimStart('v'))" ` # $env:RELEASE_TAG_NAME # shell: pwsh # env: # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # RELEASE_TAG_NAME: ${{ github.event.release.tag_name }}