-
Notifications
You must be signed in to change notification settings - Fork 19
124 lines (100 loc) · 3.49 KB
/
build.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
name: build
on:
push:
branches:
- develop
- main
workflow_dispatch:
jobs:
build-windows:
uses: ./.github/workflows/windows.yml
build-linux:
uses: ./.github/workflows/linux.yml
build-osx:
uses: ./.github/workflows/osx.yml
build-synology:
uses: ./.github/workflows/synology.yml
generate-signatures:
env:
PRIVATE_KEY: ${{ secrets.PRIVATE_KEY }}
runs-on: ubuntu-latest
needs: [build-windows, build-linux, build-osx, build-synology]
steps:
- name: Download build artifacts
uses: actions/download-artifact@v3
- name: Generate signatures
run: |
mkdir -p builds
mv nzbget-windows-installers/* builds || true
mv nzbget-linux-installers/* builds || true
mv nzbget-osx-installers/* builds || true
mv nzbget-synology-packages/* builds || true
cd builds
VERSION=$(ls | grep bin-windows-setup | cut -d - -f 2)
if [ "$GITHUB_REF_NAME" != "main" ]; then VERSION="$VERSION-testing"; fi
SIGS_FILE="nzbget-$VERSION.sig.txt"
echo "Generating $SIGS_FILE ..."
echo
echo "nzbget_signatures({" | tee $SIGS_FILE
echo | tee -a $SIGS_FILE
for FILE in *.exe *.run *.zip *.spk; do
[ -f $FILE ] || continue
MD5=$(openssl dgst -md5 $FILE | cut -d ' ' -f 2)
SHA1=$(openssl dgst -sha1 $FILE | cut -d ' ' -f 2)
SHA256=$(openssl dgst -rsa-sha256 $FILE | cut -d ' ' -f 2)
RSASHA256=$(openssl dgst -rsa-sha256 -sign <(echo "$PRIVATE_KEY") $FILE | hexdump -ve '1/1 "%.2x"')
echo "\"MD5($FILE)\" : \"$MD5\"," | tee -a $SIGS_FILE
echo "\"SHA1($FILE)\" : \"$SHA1\"," | tee -a $SIGS_FILE
echo "\"SHA256($FILE)\" : \"$SHA256\"," | tee -a $SIGS_FILE
echo "\"RSA-SHA256($FILE)\" : \"$RSASHA256\"," | tee -a $SIGS_FILE
echo | tee -a $SIGS_FILE
done
echo "\"\" : \"\"});" | tee -a $SIGS_FILE
cd ..
echo
echo "Done."
- name: Upload build artifacts with signatures
uses: actions/upload-artifact@v3
with:
name: nzbget-installers
path: builds/*
retention-days: 5
- name: Delete unneded platform-specific artifacts
uses: geekyeggo/delete-artifact@v2
with:
name: |
nzbget-windows-installers
nzbget-linux-installers
nzbget-osx-installers
nzbget-synology-packages
make-testing-release:
runs-on: [self-hosted, linux]
needs: [generate-signatures]
permissions:
contents: write
if: github.ref_name == 'develop'
steps:
- name: Delete tag and release
uses: dev-drprasad/delete-tag-and-release@v0.2.1
with:
delete_release: true
tag_name: testing
env:
GITHUB_TOKEN: ${{ github.token }}
- name: Download build artifacts
uses: actions/download-artifact@v3
- name: Create latest artifacts
run: |
cp $(find nzbget-installers/ -name *linux.run) nzbget-installers/nzbget-latest-testing-bin-linux.run
cp $(find nzbget-installers/ -name *windows-setup.exe) nzbget-installers/nzbget-latest-testing-bin-windows-setup.exe
- name: Make release
uses: ncipollo/release-action@v1
with:
artifacts: "nzbget-installers/*"
generateReleaseNotes: true
tag: testing
allowUpdates: true
prerelease: true
- name: Update website info
run: |
bash /build/update-release-info.sh