Skip to content

Commit a905739

Browse files
jakub-kockajakub-kocka
committed
ci: Change of not signing the Installer after build
1 parent 437b2c7 commit a905739

File tree

4 files changed

+82
-8
lines changed

4 files changed

+82
-8
lines changed

.github/workflows/build-installer.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -44,7 +44,7 @@ jobs:
4444
build-installer-offline:
4545
name: Build Offline Installer
4646
if: inputs.installer_type == 'offline'
47-
uses: espressif/idf-installer/.github/workflows/build-offline-installer.yml@main
47+
uses: espressif/idf-installer/.github/workflows/build-offline-installer.yml@change/not_signing_releases
4848
with:
4949
esp_idf_version: ${{ inputs.esp_idf_version }}
5050
secrets: inherit

.github/workflows/build-offline-installer.yml

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -44,7 +44,7 @@ jobs:
4444
CERTIFICATE: ${{ secrets.CERTIFICATE }}
4545
CERTIFICATE_PASSWORD: ${{ secrets.CERTIFICATE_PASSWORD }}
4646
shell: pwsh
47-
run: .\Build-Installer.ps1 -InstallerType offline -OfflineBranch v${{ env.IDF_BRANCH }}
47+
run: .\Build-Installer.ps1 -InstallerType offline -SignInstaller $false -OfflineBranch v${{ env.IDF_BRANCH }}
4848

4949
- name: Create Release
5050
id: create_release
@@ -54,12 +54,12 @@ jobs:
5454
with:
5555
tag_name: ${{ env.VERSION }}
5656
release_name: Release ${{ env.VERSION }}
57-
draft: false
58-
prerelease: false
57+
draft: true
58+
prerelease: true
5959

6060
- name: Get installer size and store it to file
6161
run: |
62-
echo $(Get-ItemProperty -Path .\build\esp-idf-tools-setup-offline-signed.exe | Select-Object -ExpandProperty Length) > variables.txt
62+
echo $(Get-ItemProperty -Path .\build\esp-idf-tools-setup-offline-unsigned.exe | Select-Object -ExpandProperty Length) > variables.txt
6363
echo "Instaler size from variable is $(Get-Content variables.txt)"
6464
- name: Upload artifacts of installer size
6565
uses: actions/upload-artifact@v4
@@ -74,7 +74,7 @@ jobs:
7474
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
7575
with:
7676
upload_url: ${{ steps.create_release.outputs.upload_url }}
77-
asset_path: ./build/esp-idf-tools-setup-offline-signed.exe
77+
asset_path: ./build/esp-idf-tools-setup-offline-unsigned.exe
7878
asset_name: esp-idf-tools-setup-${{ env.VERSION }}.exe
7979
asset_content_type: application/octet-stream
8080

@@ -85,4 +85,4 @@ jobs:
8585
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
8686
AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
8787
shell: pwsh
88-
run: aws s3 cp --acl=public-read --no-progress ./build/esp-idf-tools-setup-offline-signed.exe s3://${{ secrets.DL_BUCKET }}/dl/idf-installer/esp-idf-tools-setup-${{ env.VERSION }}.exe
88+
run: aws s3 cp --acl=public-read --no-progress ./build/esp-idf-tools-setup-offline-unsigned.exe s3://${{ secrets.DL_BUCKET }}/dl/idf-installer/esp-idf-tools-setup-${{ env.VERSION }}.exe

.github/workflows/re-upload_release_to_dl_esp.yml

Lines changed: 73 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,73 @@
1+
name: re-upload_release_to_dl_esp
2+
3+
on:
4+
workflow_dispatch:
5+
inputs:
6+
release_tag:
7+
type: string
8+
description: 'Release Tag'
9+
required: true
10+
pull_request:
11+
types: [opened, synchronize, reopened]
12+
13+
jobs:
14+
re-upload:
15+
runs-on: ubuntu-latest
16+
# Run on manual trigger or PR events
17+
if: github.event_name == 'workflow_dispatch' || github.event_name == 'pull_request'
18+
steps:
19+
- name: Checkout repository
20+
uses: actions/checkout@v4
21+
22+
- name: Parse release tag from input or use default
23+
id: get-tag
24+
run: |
25+
if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then
26+
TAG="${{ github.event.inputs.release_tag }}"
27+
else
28+
# For PR triggers, use this tag
29+
TAG="offline-5.4.3"
30+
echo "PR trigger detected, using default tag: $TAG"
31+
fi
32+
echo "release_tag=$TAG" >> $GITHUB_OUTPUT
33+
echo "Using release tag: $TAG"
34+
35+
- name: Download Release Asset
36+
id: download-asset
37+
env:
38+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
39+
RELEASE_NAME: ${{ steps.get-tag.outputs.release_tag }}
40+
run: |
41+
# Get the release by name/tag
42+
echo "Fetching release: $RELEASE_NAME"
43+
gh release download "$RELEASE_NAME" \
44+
--pattern "esp-idf-tools-setup-*.exe" \
45+
--dir ./build/ \
46+
--repo ${{ github.repository }}
47+
48+
# Find the downloaded file and set as output
49+
ASSET_FILE=$(find ./build/ -name "esp-idf-tools-setup-*.exe" -type f | head -n1)
50+
echo "Downloaded asset: $ASSET_FILE"
51+
echo "asset_path=$ASSET_FILE" >> $GITHUB_OUTPUT
52+
53+
# Extract version from filename for later use
54+
FILENAME=$(basename "$ASSET_FILE")
55+
VERSION=$(echo "$FILENAME" | sed -n 's/esp-idf-tools-setup-\(.*\)\.exe/\1/p')
56+
echo "version=$VERSION" >> $GITHUB_OUTPUT
57+
echo "Extracted version: $VERSION"
58+
59+
- name: Upload Release Asset To dl.espressif.com
60+
id: upload-release-asset-espressif
61+
env:
62+
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
63+
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
64+
AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
65+
run: |
66+
ASSET_PATH="${{ steps.download-asset.outputs.asset_path }}"
67+
VERSION="${{ steps.download-asset.outputs.version }}"
68+
69+
echo "Uploading $ASSET_PATH to S3..."
70+
aws s3 cp --acl=public-read --no-progress "$ASSET_PATH" \
71+
s3://${{ secrets.DL_BUCKET }}/dl/idf-installer/esp-idf-tools-setup-$VERSION.exe
72+
73+
echo "Upload completed successfully!"

Build-Installer.ps1

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -635,7 +635,8 @@ if (0 -eq $LASTEXITCODE) {
635635
}
636636

637637
if ($true -eq $SignInstaller) {
638-
SignInstaller
638+
# SignInstaller
639+
"Leaving installer unsigned."
639640
} else {
640641
"Signing installer disabled by command line option. Leaving installer unsigned."
641642
}

0 commit comments

Comments
 (0)