a #24
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| push: | |
| tags: | |
| - "v*" | |
| permissions: | |
| contents: write | |
| jobs: | |
| release: | |
| runs-on: windows-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up Python | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: "3.x" | |
| cache: "pip" | |
| - name: Install dependencies | |
| run: pip install -r requirements.txt | |
| - name: Run tests | |
| run: | | |
| # Run your test suite here | |
| # For example: python -m unittest discover tests/ | |
| - name: Download PyInstaller source | |
| run: | | |
| git clone --depth 1 https://github.com/pyinstaller/pyinstaller.git | |
| cd pyinstaller | |
| git submodule update --init --recursive | |
| - name: Build PyInstaller bootloader | |
| run: | | |
| cd pyinstaller/bootloader | |
| python ./waf --gcc all | |
| cd ../.. | |
| - name: Install rebuilt PyInstaller | |
| run: | | |
| cd pyinstaller | |
| pip install . | |
| cd .. | |
| - name: Build Windows executable | |
| run: | | |
| pyinstaller --onefile --name=robco-terminal --add-data "src/assets;assets" --add-data "src/handlers/ai_personalities;handlers/ai_personalities" --add-data "src/narrative/yaml;narrative/yaml" src/app/main.py | |
| - name: Install Windows SDK | |
| uses: microsoft/[email protected] | |
| - name: Sign executable | |
| env: | |
| CERTIFICATE_BASE64: ${{ secrets.CERTIFICATE_BASE64 }} | |
| CERTIFICATE_PASSWORD: ${{ secrets.CERTIFICATE_PASSWORD }} | |
| run: | | |
| $bytes = [Convert]::FromBase64String($env:CERTIFICATE_BASE64) | |
| [IO.File]::WriteAllBytes("certificate.pfx", $bytes) | |
| & 'C:\Program Files (x86)\Windows Kits\10\bin\10.0.22000.0\x64\signtool.exe' sign /f certificate.pfx /p $env:CERTIFICATE_PASSWORD /fd SHA256 /tr http://timestamp.digicert.com /td SHA256 ./dist/robco-terminal.exe | |
| - name: Verify SHA256 Checksum | |
| id: compute_checksum | |
| run: | | |
| $sha256 = Get-FileHash -Path ./dist/robco-terminal.exe -Algorithm SHA256 | |
| echo "sha256=$($sha256.Hash)" >> $env:GITHUB_OUTPUT | |
| - name: Create Release | |
| id: create_release | |
| uses: actions/create-release@v1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| tag_name: ${{ github.ref_name }} | |
| release_name: Release ${{ github.ref_name }} | |
| draft: false | |
| prerelease: false | |
| body: | | |
| ## Release Notes | |
| - **Build**: Packaged with PyInstaller. | |
| - **Signing**: Signed using a self-signed certificate. Expect warnings, but you can still run it. | |
| - **Verification**: Check the SHA256 hash below to verify integrity. | |
| **SHA256 Checksum**: `${{ steps.compute_checksum.outputs.sha256 }}` | |
| - name: VirusTotal Scan | |
| uses: crazy-max/ghaction-virustotal@v4 | |
| with: | |
| update_release_body: true | |
| vt_api_key: ${{ secrets.VT_API_KEY }} | |
| files: | | |
| ./dist/robco-terminal.exe | |
| - name: Upload Release Asset | |
| id: upload-release-asset | |
| uses: actions/upload-release-asset@v1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| upload_url: ${{ steps.create_release.outputs.upload_url }} | |
| asset_path: ./dist/robco-terminal.exe | |
| asset_name: robco-terminal.exe | |
| asset_content_type: application/exe |