Skip to content

Suupport to only report on missing licences #44

Suupport to only report on missing licences

Suupport to only report on missing licences #44

Workflow file for this run

name: 'Deploy Main to PsGallery'
on:
push:
pull_request:
branches: dev
env:
ARTIFACT_NAME: PowerShell.Workflows.ScriptSigning
jobs:
sign_scripts:
name: Deploy to PS Gallery
runs-on: windows-2019
steps:
- name: Import code signing certificate
shell: powershell
run: |
$pfxCertFilePath = Join-Path -Path $PSScriptRoot -ChildPath "CodeSigningCertificate.pfx"
Set-Content -Value $([System.Convert]::FromBase64String($env:BASE64_PFX)) -Path $pfxCertFilePath -Encoding Byte
$codeSigningCert = Import-PfxCertificate -FilePath $pfxCertFilePath -Password $($env:PFX_PASSWORD | ConvertTo-SecureString -AsPlainText -Force) -CertStoreLocation Cert:\CurrentUser\My
env:
BASE64_PFX: ${{ secrets.BASE64_PFX }}
PFX_PASSWORD: ${{ secrets.PFX_PASSWORD }}
- name: Check out repository
uses: actions/checkout@v4
with:
ref: ${{ github.head_ref }} # checkout the correct branch name
fetch-depth: 0 # fetch the whole repo history
- name: Sign PowerShell scripts
shell: powershell
run: |
# remove git dir from checked out repo
Get-ChildItem -Path "." -Filter ".git*" -Force | ForEach-Object {Remove-Item -Path $_.FullName -Recurse -Force}
$scripts = Get-ChildItem -Path ./public -Filter "*.ps1" -Recurse -ErrorAction Stop
# load cert
$codeSigningCert = Get-ChildItem Cert:\CurrentUser\My -CodeSigningCert | Select-Object -First 1
foreach ($script in $scripts) {
try {
$scriptContent = Get-Content -Path $script.FullName
Write-Output "Signing script `"$($script.Name)`" with certificate `"$($codeSigningCert.Thumbprint)`""
# sign script
$null = Set-AuthenticodeSignature -Certificate $codeSigningCert -FilePath $script.FullName -TimestampServer "http://timestamp.comodoca.com/rfc3161"
}
catch {
Write-Error $_
}
}
- name: Build Module
shell: powershell
run: ./build_scripts/build.ps1
- name: Test Module
shell: powershell
run: Test-ModuleManifest -Path ".\UcmPSTools.psd1"
- name: Publish Dev Module
if: ${{ github.ref == 'refs/heads/dev' }}
shell: powershell
env:
PSGALLERYAPIKEY: ${{ secrets.PSGALLERYAPIKEY }}
run: |
#Set PreRelease Flag
$PSDContent = Get-Content -Path ./UcmPSTools.psd1 -Raw
$PSDContent = $PSDContent -replace "<PreReleaseToken>", "alpha"
$PSDContent | Set-Content -Path ./UcmPSTools.psd1
Publish-Module -NuGetApiKey $env:PSGALLERYAPIKEY -path ./
- name: Publish RC Module
if: ${{ github.ref == 'refs/heads/rc' }}
shell: powershell
env:
PSGALLERYAPIKEY: ${{ secrets.PSGALLERYAPIKEY }}
run: |
#Set PreRelease Flag
$PSDContent = Get-Content -Path ./UcmPSTools.psd1 -Raw
$PSDContent = $PSDContent -replace "<PreReleaseToken>", "ReleaseCandidate"
$PSDContent | Set-Content -Path ./UcmPSTools.psd1
Publish-Module -NuGetApiKey $env:PSGALLERYAPIKEY -path ./
- name: Publish Public Module
if: ${{ github.ref == 'refs/heads/main' }}
shell: powershell
env:
PSGALLERYAPIKEY: ${{ secrets.PSGALLERYAPIKEY }}
run: |
#remove pre-release flags from PSD1
$PSDContent = Get-Content -Path ./UcmPSTools.psd1 -Raw
$PSDContent = $PSDContent -replace "Prerelease = '<PreReleaseToken>'", ""
$PSDContent | Set-Content -Path ./UcmPSTools.psd1
Publish-Module -NuGetApiKey $env:PSGALLERYAPIKEY -path ./