forked from rehlds/ReAPI
-
Notifications
You must be signed in to change notification settings - Fork 0
318 lines (273 loc) · 11.1 KB
/
Copy pathbuild.yml
File metadata and controls
318 lines (273 loc) · 11.1 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
name: C/C++ CI
on:
push:
branches: [master]
paths-ignore:
- '**.md'
- '.github/**'
pull_request:
types: [opened, reopened, synchronize]
release:
types: [published]
workflow_dispatch:
jobs:
windows:
name: 'Windows'
runs-on: windows-2025
env:
solution: 'msvc/reapi.sln'
buildPlatform: 'Win32'
buildRelease: 'Release'
steps:
- name: Configure
run: git config --global --add safe.directory "$GITHUB_WORKSPACE"
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Setup MSBuild
uses: microsoft/setup-msbuild@v2
# TODO: add support of 141_xp toolchain at VS2022+
# - name: Install v140, v141 and v142 toolsets
# shell: cmd
# run: |
# "C:\Program Files (x86)\Microsoft Visual Studio\Installer\vs_installer.exe" modify ^
# --installPath "C:\Program Files\Microsoft Visual Studio\2022\Enterprise" ^
# --add Microsoft.VisualStudio.Component.WindowsXP ^
# --add Microsoft.VisualStudio.Component.VC.v140 ^
# --add Microsoft.VisualStudio.Component.VC.v140.x86.x64 ^
# --add Microsoft.VisualStudio.Component.VC.v140.xp ^
# --add Microsoft.VisualStudio.Component.VC.140.CRT ^
# --add Microsoft.VisualStudio.Component.VC.v141 ^
# --add Microsoft.VisualStudio.Component.VC.v141.x86.x64 ^
# --add Microsoft.VisualStudio.Component.VC.v141.xp ^
# --add Microsoft.VisualStudio.Component.VC.v142 ^
# --add Microsoft.VisualStudio.Component.VC.v142.x86.x64 ^
# --quiet --norestart
- name: Select PlatformToolset
id: select_toolset
shell: pwsh
run: |
$vswhere = "${env:ProgramFiles(x86)}\Microsoft Visual Studio\Installer\vswhere.exe"
$vs2019 = & $vswhere -products * -version "[16.0,17.0)" -property installationPath -latest
$vs2022 = & $vswhere -products * -version "[17.0,)" -property installationPath -latest
if ($vs2019) {
"toolset=v140_xp" >> $env:GITHUB_OUTPUT
Write-Host "Selected v140_xp toolset"
} elseif ($vs2022) {
"toolset=v143" >> $env:GITHUB_OUTPUT
Write-Host "Selected v143 toolset"
} else {
Write-Error "No suitable Visual Studio installation found"
exit 1
}
- name: Build
run: |
$toolset = '${{ steps.select_toolset.outputs.toolset }}'
msbuild ${{ env.solution }} -p:Configuration="${{ env.buildRelease }}" /t:Clean,Build /p:Platform=${{ env.buildPlatform }} /p:PlatformToolset=$toolset /p:XPDeprecationWarning=false
- name: Get rcedit from chocolatey
shell: pwsh
run: |
choco install rcedit -y
- name: Move files
run: |
mkdir publish\debug
mkdir publish\addons\amxmodx\modules
move msvc\${{ env.buildRelease }}\reapi_amxx.dll publish\addons\amxmodx\modules\reapi_amxx.dll
move msvc\${{ env.buildRelease }}\reapi_amxx.pdb publish\debug\reapi_amxx.pdb
- name: Get app version
id: get_version
shell: pwsh
run: |
$versionFile = "reapi/version/appversion.h"
if (-not (Test-Path $versionFile)) {
Write-Error "Version file not found: $versionFile"
exit 1
}
$content = Get-Content $versionFile
foreach ($line in $content) {
if ($line -match '^\s*#define\s+APP_VERSION\s+"([^"]+)"') {
$version = $matches[1]
"version=$version" >> $env:GITHUB_OUTPUT
Write-Host "Found version: $version"
exit 0
}
}
Write-Error "APP_VERSION not found in file"
exit 1
- name: Show version
run: echo "Version is ${{ steps.get_version.outputs.version }}"
- name: Edit resources at windows binaries
run: |
rcedit ${{ github.workspace }}\publish\addons\amxmodx\modules\reapi_amxx.dll --set-version-string CompanyName "ReHLDS Dev Team" --set-version-string LegalCopyright "Copyright 2025 ReHLDS DevTeam" --set-icon reapi/msvc/icon.ico
shell: "pwsh"
- name: Import PFX and sign
if: github.event_name != 'pull_request'
env:
KEY_PFX_PASS: ${{ secrets.KEY_PFX_PASS }}
# https://github.com/actions/runner-images/blob/main/images/windows/Windows2025-Readme.md
run: |
$pfxBase64 = "${{ secrets.KEY_PFX_B64 }}"
[IO.File]::WriteAllBytes("${{ github.workspace }}\signing-cert.pfx", [Convert]::FromBase64String($pfxBase64))
certutil -f -p "${{ secrets.KEY_PFX_PASS }}" -importPFX "${{ github.workspace }}\signing-cert.pfx"
& 'C:\Program Files (x86)\Windows Kits\10\bin\10.0.26100.0\x86\signtool.exe' sign /a /f "${{ github.workspace }}\signing-cert.pfx" /p $env:KEY_PFX_PASS /d "ReAPI - AMX Mod X module, using API regamedll & rehlds" /du "https://rehlds.dev/" /tr "http://timestamp.digicert.com" /td sha256 /fd sha256 /v ${{ github.workspace }}\publish\addons\amxmodx\modules\reapi_amxx.dll
Remove-Item -Recurse -Force "${{ github.workspace }}\signing-cert.pfx"
shell: "pwsh"
- name: Deploy artifacts
uses: actions/upload-artifact@v4
with:
name: win32
path: publish/*
linux:
name: 'Linux'
runs-on: ubuntu-24.04
container: debian:11-slim
outputs:
app-version: ${{ steps.app-version.outputs.version }}
steps:
- name: Check dependencies
run: |
dpkg --add-architecture i386
apt-get update
apt-get install -y \
gcc-multilib g++-multilib \
build-essential \
libc6-dev libc6-dev-i386 \
git cmake rsync \
g++ gcc
- name: Configure
run: git config --global --add safe.directory "$GITHUB_WORKSPACE"
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: GPG Import
run: |
echo "${{ secrets.PUB_ASC }}" > "${{ secrets.PUB_ASC_FILE }}"
echo "${{ secrets.KEY_ASC }}" > "${{ secrets.KEY_ASC_FILE }}"
# Import the public key
gpg --batch --yes --import "${{ secrets.PUB_ASC_FILE }}"
if [[ $? -ne 0 ]]; then
echo "Error: Failed to import the public key"
exit 1
fi
# Import the private key
gpg --batch --yes --import "${{ secrets.KEY_ASC_FILE }}"
if [[ $? -ne 0 ]]; then
echo "Error: Failed to import the private key"
exit 2
fi
# Extract the fingerprint of the imported public key
GPG_LINUX_FINGERPRINT=$(gpg --list-keys --with-colons | grep '^fpr' | head -n 1 | cut -d: -f10)
# Check if the fingerprint was extracted
if [[ -z "$GPG_LINUX_FINGERPRINT" ]]; then
echo "Error: Failed to extract the fingerprint of the key"
exit 3
fi
# Set the trust level for the key
echo "$GPG_LINUX_FINGERPRINT:6:" | gpg --batch --import-ownertrust
if [ $? -ne 0 ]; then
echo "Error: Failed to set trust for the key $GPG_LINUX_FINGERPRINT"
exit 4
fi
echo "Key $GPG_LINUX_FINGERPRINT successfully imported and trusted"
gpg --list-keys
#export for global use
echo "GPG_LINUX_FINGERPRINT=$GPG_LINUX_FINGERPRINT" >> $GITHUB_ENV
shell: bash
if: github.event_name != 'pull_request'
- name: Build
run: |
rm -rf build && CC=gcc CXX=g++ cmake -B build && cmake --build build -j8
- name: Reading appversion.h
id: app-version
run: |
if [ -e "reapi/version/appversion.h" ]; then
APP_VERSION=$(cat "reapi/version/appversion.h" | grep -wi '#define APP_VERSION_STRD' | sed -e 's/#define APP_VERSION_STRD[ \t\r\n\v\f]\+\(.*\)/\1/i' -e 's/\r//g')
if [ $? -ne 0 ]; then
APP_VERSION=""
else
# Remove quotes
APP_VERSION=$(echo $APP_VERSION | xargs)
echo "APP_VERSION=${APP_VERSION}" >> $GITHUB_ENV
fi
fi
echo "version=${APP_VERSION}" >> "$GITHUB_OUTPUT"
shell: bash
- name: Prepare AMXX
run: |
mkdir -p publish/addons/amxmodx/modules
rsync -a reapi/extra/amxmodx/ publish/addons/amxmodx/
rsync -a reapi/version/reapi_version.inc publish/addons/amxmodx/scripting/include/
- name: Move files
run: |
mv build/reapi/reapi_amxx_i386.so publish/addons/amxmodx/modules/reapi_amxx_i386.so
- name: Run GLIBC/ABI version compat test
run: |
binaries=(
"publish/addons/amxmodx/modules/reapi_amxx_i386.so"
)
bash ./reapi/version/glibc_test.sh ${binaries[@]}
if [[ $? -ne 0 ]]; then
exit 1 # Assertion failed
fi
shell: bash
- name: Deploy artifacts
uses: actions/upload-artifact@v4
id: upload-job
with:
name: linux32
path: publish/*
publish:
name: 'Publish'
runs-on: ubuntu-latest
needs: [windows, linux]
steps:
- name: Deploying linux artifacts
uses: actions/download-artifact@v4
with:
name: linux32
- name: Deploying windows artifacts
uses: actions/download-artifact@v4
with:
name: win32
- name: Packaging binaries
id: packaging-job
if: |
github.event_name == 'release' &&
github.event.action == 'published' &&
startsWith(github.ref, 'refs/tags/')
run: |
# new runner, niw signs
echo "${{ secrets.PUB_ASC }}" > "${{ secrets.PUB_ASC_FILE }}"
echo "${{ secrets.KEY_ASC }}" > "${{ secrets.KEY_ASC_FILE }}"
gpg --batch --yes --import "${{ secrets.PUB_ASC_FILE }}"
gpg --batch --yes --import "${{ secrets.KEY_ASC_FILE }}"
GPG_LINUX_FINGERPRINT=$(gpg --list-keys --with-colons | grep '^fpr' | head -n 1 | cut -d: -f10)
echo "$GPG_LINUX_FINGERPRINT:6:" | gpg --batch --import-ownertrust
echo "GPG_LINUX_FINGERPRINT=$GPG_LINUX_FINGERPRINT" >> $GITHUB_ENV
sign_file() {
local file=$1
gpg --batch --yes --detach-sign --armor -u "$GPG_LINUX_FINGERPRINT" "$file"
if [ $? -ne 0 ]; then
echo "Error: Failed to sign $file"
exit 2
fi
echo "$file signed successfully."
}
# Pack and sign final archive
7z a -tzip reapi-bin-${{ needs.linux.outputs.app-version }}.zip addons/
sign_file "reapi-bin-${{ needs.linux.outputs.app-version }}.zip"
- name: Publish artifacts
uses: softprops/action-gh-release@v2
id: publish-job
if: |
startsWith(github.ref, 'refs/tags/') &&
steps.packaging-job.outcome == 'success'
with:
files: |
*.zip
*.7z
*.asc
env:
GITHUB_TOKEN: ${{ secrets.API_TOKEN }}