build-installer #38

Workflow file for this run

.github/workflows/build-installer.yml at beca9c4

	name: build-installer

	on:
	workflow_dispatch:

	jobs:
	build-drivers:
	uses: ./.github/workflows/build-drivers.yml
	permissions:
	id-token: write
	contents: read
	attestations: write
	secrets: inherit

	build-guestagent:
	uses: ./.github/workflows/build-guestagent.yml
	permissions:
	id-token: write
	contents: read
	attestations: write
	secrets: inherit

	build-installer:
	needs:
	- build-drivers
	- build-guestagent
	runs-on: windows-latest
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	- name: Download drivers
	uses: actions/download-artifact@v4
	with:
	name: drivers-signed
	path: installer/output/
	- name: Download guest agent
	uses: actions/download-artifact@v4
	with:
	name: guestagent-signed
	path: xen-guest-agent/target/release/
	- name: Add MSBuild
	uses: microsoft/setup-msbuild@v2
	- name: Configure branding
	run: .\scripts\branding-ci.ps1 -AddSigner -OutFile .\branding.ps1
	env:
	VENDOR_NAME: ${{vars.VENDOR_NAME}}
	PRODUCT_NAME: ${{vars.PRODUCT_NAME}}
	VENDOR_PREFIX: ${{vars.VENDOR_PREFIX}}
	COPYRIGHT: ${{vars.COPYRIGHT}}
	PackageVersions_Product: ${{vars.PackageVersions_Product}}.${{github.run_number}}
	PackageVersions_xenbus: ${{vars.PackageVersions_xenbus}}.${{github.run_number}}
	PackageVersions_xencons: ${{vars.PackageVersions_xencons}}.${{github.run_number}}
	PackageVersions_xenhid: ${{vars.PackageVersions_xenhid}}.${{github.run_number}}
	PackageVersions_xeniface: ${{vars.PackageVersions_xeniface}}.${{github.run_number}}
	PackageVersions_xennet: ${{vars.PackageVersions_xennet}}.${{github.run_number}}
	PackageVersions_xenvbd: ${{vars.PackageVersions_xenvbd}}.${{github.run_number}}
	PackageVersions_xenvif: ${{vars.PackageVersions_xenvif}}.${{github.run_number}}
	PackageVersions_xenvkbd: ${{vars.PackageVersions_xenvkbd}}.${{github.run_number}}
	PackageVersions_XenClean: ${{vars.PackageVersions_XenClean}}.${{github.run_number}}
	PackageVersions_XenBootFix: ${{vars.PackageVersions_XenBootFix}}.${{github.run_number}}
	PackageVersions_XenGuestAgent: ${{vars.PackageVersions_XenGuestAgent}}.${{github.run_number}}
	MSI_UPGRADE_CODE_X86: ${{vars.MSI_UPGRADE_CODE_X86}}
	MSI_UPGRADE_CODE_X64: ${{vars.MSI_UPGRADE_CODE_X64}}
	# Signer cert must be injected here since unlike the drivers/guestagent,
	# we can't externally sign the installer package
	SIGNER_PFX_BASE64: ${{secrets.SIGNER_PFX_BASE64}}
	- name: Build installer
	id: build
	# this workflow is always testsigned, so -ExportCertificate is appropriate
	run: .\build-installer.ps1 -Configuration Release -Platform x64 -ExportSymbols -ExportExtras -ExportCertificate
	env:
	# The username doesn't matter, just insert a random user here
	NuGetPackageSourceCredentials_xcpng: Username=xcp-ng;Password=${{secrets.GITHUB_TOKEN}}
	- name: Clean up certificates
	if: always()
	run: Remove-Item Cert:\CurrentUser\My\* -ErrorAction SilentlyContinue
	- name: Upload installer
	id: upload
	uses: actions/upload-artifact@v4
	with:
	path: output/
	name: installer
	- name: Upload XenClean
	uses: actions/upload-artifact@v4
	with:
	path: output/${{steps.build.outputs.ReleaseTag}}/package/XenClean/
	name: XenClean
	outputs:
	subject-name: installer
	subject-digest: sha256:${{steps.upload.outputs.artifact-digest}}

	attest-installer:
	needs: [build-installer]
	uses: ./.github/workflows/attest.yml
	permissions:
	id-token: write
	contents: read
	attestations: write
	with:
	subject-name: ${{needs.build-installer.outputs.subject-name}}
	subject-digest: ${{needs.build-installer.outputs.subject-digest}}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

build-installer #38

Workflow file

build-installer #38

Uh oh!

Jobs

Run details

Workflow file for this run