ci: vendor signtool.exe and add automated release scripts

.github/workflows/build.yml

@@ -2,18 +2,13 @@ name: build
 on:
   push:
     branches:
-      - "*"
-    tags:
-      - "*"
+      - "**"
   pull_request:
 jobs:
-  # ISO
   extract:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v2
-        with:
-          fetch-depth: 0
 
       - name: Set up Docker Buildx
         id: buildx
@@ -22,23 +17,25 @@ jobs:
       - name: Build
         run: make build
 
-      - name: Install git-chglog
-        run: |
-          brew tap git-chglog/git-chglog
-          brew install git-chglog
-
-      - name: Generate Changelog
-        run: |
-          make changelog
-          cat docs/changelog.md
-
       - name: Upload ISO
         uses: actions/upload-artifact@v2
         with:
           name: virtio-win.iso
           path: docker/build/virtio-win.iso
           retention-days: 7
 
+      - name: Upload VERSION.txt
+        uses: actions/upload-artifact@v2
+        with:
+          name: VERSION.txt
+          path: docker/build/VERSION.txt
+          retention-days: 7
+
+      - name: Files
+        run: |
+          ls -alh docker/build/
+          cat docker/build/VERSION.txt
+
   verify:
     runs-on: windows-latest
     defaults:
@@ -47,6 +44,8 @@ jobs:
     needs:
       - extract
     steps:
+      - uses: actions/checkout@v2
+
       - name: Download ISO
         uses: actions/download-artifact@v2
         with:
@@ -55,15 +54,59 @@ jobs:
       - name: Mount ISO
         run: |
           Write-Host "Mounting ISO Image"
-          Mount-DiskImage -StorageType ISO -ImagePath virtio-win.iso
-          Get-DiskImage virtio-win.iso | Get-Volume
-
-      - name: Verify Ballon Driver
-        run:
-          Signtool verify /pa /v /c D:\Balloon\w10\amd64\balloon.cat D:\Balloon\w10\amd64\balloon.sys
-        continue-on-error: true
-
-      - name: Verify VIOSCSI Driver
-        run:
-          Signtool verify /pa /v /c D:\vioscsi\w10\amd64\vioscsi.cat D:\Balloon\w10\amd64\vioscsi.sys
-        continue-on-error: true
+
+          Mount-DiskImage -StorageType ISO -ImagePath ${env:GITHUB_WORKSPACE}\virtio-win.iso
+          Get-DiskImage ${env:GITHUB_WORKSPACE}\virtio-win.iso | Get-Volume
+
+      - name: Get Mountpoint
+        run: |
+          Write-Host "Export Drive Letter"
+          $IsoMountDriveLetter = (Get-DiskImage ${env:GITHUB_WORKSPACE}\virtio-win.iso | Get-Volume).DriveLetter
+          echo "ISO_MOUNTPOINT=$IsoMountDriveLetter" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
+
+      - name: Verify ballon driver
+        run: tools\signtool.exe verify /pa /v /c ${env:ISO_MOUNTPOINT}:\Balloon\w10\amd64\balloon.cat ${env:ISO_MOUNTPOINT}:\Balloon\w10\amd64\balloon.sys
+
+      - name: Verify vioscsi driver
+        run: tools\signtool.exe verify /pa /v /c ${env:ISO_MOUNTPOINT}:\vioscsi\w10\amd64\vioscsi.cat ${env:ISO_MOUNTPOINT}:\vioscsi\w10\amd64\vioscsi.sys
+
+  # Release if current latest tag differes from downloaded one
+  # Do only if on master branch
+  release:
+    runs-on: ubuntu-latest
+    if: github.ref == 'refs/heads/master'
+    permissions:
+      contents: write
+    needs:
+      - extract
+      - verify
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+
+      - name: Download ISO
+        uses: actions/download-artifact@v2
+        with:
+          path: docker/build/
+          name: virtio-win.iso
+
+      - name: Download VERSION.txt
+        uses: actions/download-artifact@v2
+        with:
+          path: docker/build/
+          name: VERSION.txt
+
+      - name: Install git-chglog
+        run: |
+          brew tap git-chglog/git-chglog
+          brew install git-chglog
+
+      - name: Release if necessary
+        run: |
+          ls -alh docker/build
+          ls -alh docker/build/VERSION.txt
+          ls -alh docker/build/virtio-win.iso
+          ./tools/release.sh
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.gitignore

@@ -98,11 +98,11 @@ release-notes.md
 *.deb
 *.rpm
 *.apk
-*.iso
 
 ### Project Specific ###
 downloads/
 config/
 build/
 dist/
 docs/changelog.md
+*.iso

Makefile

@@ -1,5 +1,4 @@
 SHELL := /bin/bash
-DOCKER_BUILDKIT  := 1
 export REPO_ROOT := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
 
 # GitHub
@@ -16,19 +15,14 @@ PROJECT_LICENSE  := GPLv3
 # Include makefiles
 include $(REPO_ROOT)/makefiles/help.mk
 
-# Enforce BUILDKIT
-ifneq ($(DOCKER_BUILDKIT),1)
-$(error ✖ DOCKER_BUILDKIT!=1. Docker Buildkit cannot be disabled on this repo!)
-endif
-
 .PHONY: shellcheck
 shellcheck: ## Runs shellcheck
 	@bash $(REPO_ROOT)/scripts/shellcheck.sh $(shell find $(REPO_ROOT)/root/etc/ -type f -executable)
 
 .PHONY: build
 build: clean ## Build ISO
 	@mkdir -p $(REPO_ROOT)/docker/build
-	docker build  \
+	DOCKER_BUILDKIT=1 docker build  \
 		--tag ghcr.io/tprasadtp/virtio-whql \
 		--output type=local,dest=$(REPO_ROOT)/docker/build \
 		--file $(REPO_ROOT)/docker/Dockerfile \

README.md

@@ -2,16 +2,15 @@
 
 # VirtIO WHQL Drivers
 
-- `virtio` drivers for Windows.
-- These are signed by Microsoft and are sourced from CentOS stream repository (Might switch to Rocky 8 in the future)
-- Kept updated by repology+renovatebot+GitHub Actions
-
-<!-- CI Badges -->
-
 [![build](https://github.com/tprasadtp/virtio-whql/actions/workflows/build.yml/badge.svg)](https://github.com/tprasadtp/virtio-whql/actions/workflows/build.yml)
-[![release](https://github.com/tprasadtp/virtio-whql/actions/workflows/release.yml/badge.svg)](https://github.com/tprasadtp/virtio-whql/actions/workflows/release.yml)
 [![releases](https://img.shields.io/github/v/tag/tprasadtp/virtio-whql?label=version&sort=semver&logo=semver&color=7f50a6&labelColor=3a3a3a)](https://github.com/tprasadtp/virtio-whql/releases/latest)
-[![license](https://img.shields.io/github/license/tprasadtp/virtio-whql?logo=github&labelColor=3A3A3A)](https://github.com/tprasadtp/virtio-whql/blob/master/LICENSE)
 ![analytics](https://ga-beacon.prasadt.com/UA-101760811-3/github/virtio-whql)
 
+
+- `virtio` drivers for Windows.
+- These are signed by Microsoft and are sourced from CentOS stream repository
+- Kept updated by `repology+renovatebot+GitHub-Actions`
+
+<!-- CI Badges -->
+
 [releases]: https://github.com/tprasadtp/virtio-whql/releases/latest

docker/Dockerfile

@@ -15,8 +15,9 @@ RUN --mount=type=cache,target=/download/cache \
     virtio-win-"${VIRTIO_WIN_VERSION}" \
     && cd /download/extract \
     && rpm2cpio "/download/cache/virtio-win-${VIRTIO_WIN_VERSION}.noarch.rpm" | cpio -idmv \
+    && echo "$VIRTIO_WIN_VERSION" > /build/VERSION.txt \
     && cp /download/extract/usr/share/virtio-win/virtio-win.iso /build/virtio-win.iso
 
 # Copy from build/extract statge
 FROM scratch AS export-stage
-COPY --from=virtio-base-image /build/virtio-win.iso /
+COPY --from=virtio-base-image /build/ /

makefiles/help.mk

@@ -114,13 +114,14 @@ endif
 
 
 # Validate Auto Populated variables are not empty
+# GIT_BRANCH is an exception as on CI systems it can be empty
+# Due to shalow cloning and detached head
 # -------------------------------------
 $(call check_defined, \
 	BUILD_NUMBER \
 	BUILD_SYSTEM \
 	BUILD_HOST \
 	GIT_COMMIT \
-	GIT_BRANCH \
 	GIT_COMMIT_SHORT \
 	GIT_COMMIT_TIMESTAMP, \
 	Auto-populated Variable)

tools/release.sh

@@ -0,0 +1,42 @@
+#!/bin/bash
+
+set -euo pipefail
+
+if [[ ! -e docker/build/VERSION.txt ]]; then
+    echo "Error! VERSION.txt not found!"
+    exit 1
+fi
+
+CURRENT_VERSION=$(cat docker/build/VERSION.txt | tr -dc '[:print:]')
+
+if [[ -z $CURRENT_VERSION ]]; then
+    echo "Error! Current VERSION.txt file is empty!"
+    exit 1
+fi
+
+LATEST_RELEASE="$(gh api repos/:owner/:repo/releases/latest --jq '.tag_name')"
+
+if [[ -z $LATEST_RELEASE ]]; then
+    echo "Error! Failed to get current latest tag!"
+    exit 1
+fi
+
+if [[ $CURRENT_VERSION == "$LATEST_RELEASE" ]]; then
+    echo "All Good! Latest reease is same as extracted!"
+else
+    echo "Current Version: $CURRENT_VERSION"
+    echo "Latest Release: $LATEST_RELEASE"
+
+    echo "Create: Tag"
+    git tag "$CURRENT_VERSION"
+
+    echo "Create: Changelog"
+    make changelog
+
+    echo "Create: GH-Release"
+    gh release create \
+        --notes-file docs/changelog.md \
+        --title "$CURRENT_VERSION" \
+        "$CURRENT_VERSION" \
+        docker/build/virtio-win.iso
+fi