Skip to content

Fix: loading of the certificate occurs even when CertCheck is disable… #267

Fix: loading of the certificate occurs even when CertCheck is disable…

Fix: loading of the certificate occurs even when CertCheck is disable… #267

Workflow file for this run

name: build
on:
push:
branches:
- develop
- main
workflow_dispatch:
jobs:
build-windows:
uses: ./.github/workflows/windows.yml
build-linux:
uses: ./.github/workflows/linux.yml
build-android:
uses: ./.github/workflows/android.yml
build-freebsd:
uses: ./.github/workflows/freebsd.yml
build-osx:
uses: ./.github/workflows/osx.yml
permissions:
actions: write
secrets: inherit
build-linux-pkg:
uses: ./.github/workflows/linux-pkg.yml
with:
external_call: true
needs: [build-linux]
permissions:
actions: write
repack-qnap:
uses: ./.github/workflows/qnap-repack.yml
with:
external_call: true
needs: [build-linux]
permissions:
actions: write
generate-signatures:
env:
PRIVATE_KEY: ${{ secrets.PRIVATE_KEY }}
runs-on: ubuntu-22.04
needs: [build-windows, build-linux, build-osx, build-android, build-freebsd, repack-qnap, build-linux-pkg]
permissions:
actions: write
steps:
- name: Download build artifacts
uses: actions/download-artifact@v4
- name: Generate signatures
run: |
mkdir -p builds
mv nzbget-windows-installers/* builds || true
mv nzbget-linux-installers/* builds || true
mv nzbget-android-installers/* builds || true
mv nzbget-freebsd-installers/* builds || true
mv nzbget-osx-installers/* builds || true
mv nzbget-qnap-packages/* builds || true
mv nzbget-deb-packages/* builds || true
mv nzbget-rpm-packages/* builds || true
cd builds
VERSION=$(ls | grep bin-windows-setup | cut -d - -f 2)
if [ "$GITHUB_REF_NAME" != "main" ]; then VERSION="$VERSION-testing"; fi
SIGS_FILE="nzbget-$VERSION.sig.txt"
echo "Generating $SIGS_FILE ..."
echo
echo "nzbget_signatures({" | tee $SIGS_FILE
echo | tee -a $SIGS_FILE
for FILE in *.exe *.run *.zip *.spk *.qpkg *.deb *.rpm *.dmg; do
[ -f $FILE ] || continue
MD5=$(openssl dgst -md5 $FILE | cut -d ' ' -f 2)
SHA1=$(openssl dgst -sha1 $FILE | cut -d ' ' -f 2)
SHA256=$(openssl dgst -rsa-sha256 $FILE | cut -d ' ' -f 2)
RSASHA256=$(openssl dgst -rsa-sha256 -sign <(echo "$PRIVATE_KEY") $FILE | hexdump -ve '1/1 "%.2x"')
echo "\"MD5($FILE)\" : \"$MD5\"," | tee -a $SIGS_FILE
echo "\"SHA1($FILE)\" : \"$SHA1\"," | tee -a $SIGS_FILE
echo "\"SHA256($FILE)\" : \"$SHA256\"," | tee -a $SIGS_FILE
echo "\"RSA-SHA256($FILE)\" : \"$RSASHA256\"," | tee -a $SIGS_FILE
echo | tee -a $SIGS_FILE
done
echo "\"\" : \"\"});" | tee -a $SIGS_FILE
cd ..
echo
echo "Done."
- name: Upload build artifacts with signatures
uses: actions/upload-artifact@v4
with:
name: nzbget-installers
path: builds/*
retention-days: 5
- name: Delete unneeded platform-specific artifacts
uses: geekyeggo/delete-artifact@v4
with:
name: |
nzbget-windows-installers
nzbget-linux-installers
nzbget-android-installers
nzbget-freebsd-installers
nzbget-osx-installers
nzbget-qnap-packages
- name: Delete unneeded linux packages artifacts
uses: geekyeggo/delete-artifact@v4
with:
name: |
nzbget-deb-packages
nzbget-rpm-packages
make-testing-release:
runs-on: [self-hosted, nzbget-linux]
needs: [generate-signatures]
permissions:
contents: write
if: github.ref_name == 'develop'
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Delete tag and release
uses: dev-drprasad/delete-tag-and-release@v0.2.1
with:
delete_release: true
tag_name: testing
env:
GITHUB_TOKEN: ${{ github.token }}
- name: Download build artifacts
uses: actions/download-artifact@v4
- name: Create latest artifacts
run: |
cp $(find nzbget-installers/ -name *linux.run) nzbget-installers/nzbget-latest-testing-bin-linux.run
cp $(find nzbget-installers/ -name *windows-setup.exe) nzbget-installers/nzbget-latest-testing-bin-windows-setup.exe
- name: Make release
uses: ncipollo/release-action@v1
with:
artifacts: "nzbget-installers/*"
generateReleaseNotes: true
tag: testing
allowUpdates: true
prerelease: true
- name: Update website info
run: |
bash /build/update-release-info.sh