Patch Installer #272
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Patch Installer | |
| # Builds the FieldWorks Patch Installer on the specified `base_release` | |
| # If `make_release` is true, uploads installers to https://flex-updates.s3.amazonaws.com/?prefix=jobs/FieldWorks-Win-all-Release-Patch. | |
| # Saves the build log as an artifact of the workflow run. | |
| # Note: FW_BUILD_NUMBER is higher than GITHUB_RUN_NUMBER because it needs to be higher than the build number on artifacts from our previous system. | |
| # Note: FW_BUILD_NUMBER must be higher for patches than their base so that the patch is considered an upgrade. | |
| on: | |
| push: | |
| branches: ["main"] | |
| schedule: | |
| # Runs every Monday at 03:30 UTC (which is 8:30pm MST/PDT Sunday evening) | |
| - cron: "30 3 * * 1" | |
| workflow_dispatch: | |
| inputs: | |
| fw_ref: | |
| description: "Commit-ish (branch, tag, SHA) to checkout for the main repository" | |
| required: false | |
| default: "" | |
| helps_ref: | |
| description: "Commit-ish for helps repository" | |
| required: false | |
| default: "develop" | |
| localizations_ref: | |
| description: "Commit-ish for localization repository" | |
| required: false | |
| default: "develop" | |
| lcm_ref: | |
| description: "Commit-ish for liblcm repository" | |
| required: false | |
| default: "master" | |
| # default should be changed to the most recent base release for the release cycle. | |
| # After 9.3 is stable, base_release can be computed from base_build_number, but they need to be independent for bootstrapping patches | |
| # on Jenkins-built bases. | |
| base_release: | |
| description: "The github release for the base build artifacts (separate only for bootstrapping; should be removed after 9.3 is the stable)" | |
| default: "build-1379" # When updating this, update base_build_number and their fallbacks below, too. | |
| base_build_number: | |
| description: "The base build number" | |
| required: false | |
| default: '1379' | |
| make_release: | |
| description: "Should the release be pushed to s3 - use false for test builds" | |
| required: false | |
| default: "true" | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| debug_build_and_test: | |
| permissions: | |
| contents: read | |
| env: | |
| CROWDIN_API_KEY: ${{ secrets.FLEX_CROWDIN_API }} | |
| LcmRootDir: ${{ github.workspace }}/Localizations/LCM | |
| FILESTOSIGNLATER: ./signExternally | |
| GH_TOKEN: ${{ github.token }} | |
| BASE_BUILD_NUMBER: ${{ inputs.base_build_number || '1379' }} | |
| name: Build Debug and run Tests | |
| runs-on: windows-latest | |
| steps: | |
| - name: Compute build number for archival | |
| id: build_number | |
| run: | | |
| $lastJenkins = 2000 # The last patch build from jenkins, rounded to the next hundred | |
| $githubRun = $env:GITHUB_RUN_NUMBER | |
| $combined = $lastJenkins + $githubRun | |
| echo "Calculated build number: $combined" | |
| echo "FW_BUILD_NUMBER=$combined" >> $env:GITHUB_ENV | |
| echo "BuildVersionSegment=$combined" >> $env:GITHUB_ENV | |
| - name: Checkout Files | |
| uses: actions/checkout@v4 | |
| id: checkout | |
| with: | |
| ref: ${{ github.event.inputs.fw_ref || github.ref }} | |
| fetch-depth: 0 | |
| - name: Checkout Helps | |
| uses: actions/checkout@v4 | |
| id: helps-checkout | |
| with: | |
| repository: "sillsdev/FwHelps" | |
| ref: ${{ github.event.inputs.helps_ref || 'develop' }} | |
| fetch-depth: 0 | |
| path: "DistFiles/Helps" | |
| - name: Checkout Localizations | |
| uses: actions/checkout@v4 | |
| id: loc-checkout | |
| with: | |
| repository: "sillsdev/FwLocalizations" | |
| ref: ${{ github.event.inputs.localizations_ref || 'develop' }} | |
| fetch-depth: 0 | |
| path: "Localizations" | |
| - name: Checkout liblcm | |
| uses: actions/checkout@v4 | |
| id: liblcm-checkout | |
| with: | |
| repository: "sillsdev/liblcm" | |
| ref: ${{ github.event.inputs.lcm_ref || 'master' }} | |
| fetch-depth: 0 | |
| path: "Localizations/LCM" | |
| - name: Download .NET 481 targeting pack | |
| uses: suisei-cn/actions-download-file@818d6b7dc8fe73f2f924b6241f2b1134ca1377d9 # 1.6.0 | |
| id: downloadfile # Remember to give an ID if you need the output filename | |
| with: | |
| url: "https://download.microsoft.com/download/8/1/8/81877d8b-a9b2-4153-9ad2-63a6441d11dd/NDP481-DevPack-ENU.exe" | |
| target: public/ | |
| - name: Install .NET 481 targeting pack | |
| shell: cmd | |
| working-directory: public | |
| run: NDP481-DevPack-ENU.exe /q | |
| - name: Setup dotnet | |
| uses: actions/setup-dotnet@v4 | |
| with: | |
| dotnet-version: | | |
| 3.1.x | |
| 5.0.x | |
| - name: Install Overcrowdin | |
| shell: cmd | |
| run: | | |
| dotnet tool update -g overcrowdin || dotnet tool install -g overcrowdin | |
| - name: Add NETFX tools to PATH | |
| shell: powershell | |
| run: | | |
| 'C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.8.1 Tools' | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append | |
| - name: Setup MSBuild | |
| uses: microsoft/setup-msbuild@v2 | |
| - name: Import Base Build Artifacts | |
| shell: pwsh | |
| run: | | |
| $release = "${{ inputs.base_release || 'build-1379' }}" | |
| $repo = "${{ github.repository }}" | |
| Write-Host "Downloading artifacts for release $release from $repo" | |
| # Download BuildDir.zip | |
| gh release download $release --repo $repo --pattern "BuildDir.zip" --dir base-artifacts | |
| if (-not (Test-Path "base-artifacts/BuildDir.zip")) { | |
| throw "BuildDir.zip not found in release '$release'." | |
| } | |
| # Download ProcRunner.zip | |
| gh release download $release --repo $repo --pattern "ProcRunner.zip" --dir base-artifacts | |
| if (-not (Test-Path "base-artifacts/ProcRunner.zip")) { | |
| throw "ProcRunner.zip not found in release '$release'." | |
| } | |
| # Expand BuildDir.zip into BuildDir | |
| Expand-Archive -Path "base-artifacts/BuildDir.zip" -DestinationPath "BuildDir" -Force | |
| Write-Host "Expanded BuildDir.zip -> ./BuildDir" | |
| # Ensure ProcRunner target path exists | |
| $procTarget = "FLExInstaller/Shared/ProcRunner/ProcRunner/bin/Release/net48" | |
| if (-not (Test-Path $procTarget)) { | |
| New-Item -ItemType Directory -Path $procTarget -Force | Out-Null | |
| } | |
| # Expand ProcRunner.zip into the exact net48 folder | |
| Expand-Archive -Path "base-artifacts/ProcRunner.zip" -DestinationPath $procTarget -Force | |
| Write-Host "Expanded ProcRunner.zip -> $procTarget" | |
| # Write out the properties file (a first build on a system requires a prompt response otherwise) | |
| # and set an OS feature in the registry that will allow Wix v3 to use temporary files without error | |
| - name: Prepare for build | |
| shell: powershell | |
| run: | | |
| $ErrorActionPreference = 'Stop' | |
| # Define paths and the key/value to set | |
| $regPaths = @( | |
| "HKLM:\SOFTWARE\Microsoft\.NETFramework\AppContext", | |
| "HKLM:\SOFTWARE\WOW6432Node\Microsoft\.NETFramework\AppContext" | |
| ) | |
| $valueName = "Switch.System.DisableTempFileCollectionDirectoryFeature" | |
| $expectedValue = "true" | |
| foreach ($path in $regPaths) { | |
| Write-Host "Adding or updating registry value in $path..." | |
| if (-not (Test-Path $path)) { | |
| New-Item -Path $path -Force | Out-Null | |
| } | |
| New-ItemProperty -Path $path -Name $valueName -Value $expectedValue -Type String -Force | |
| } | |
| - name: Build Debug and run tests | |
| id: build_installer | |
| shell: powershell | |
| run: | | |
| $ErrorActionPreference = 'Stop' | |
| Get-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\.NETFramework\AppContext" | |
| # Build patch installer (uses traversal build internally via Installer.targets) | |
| dotnet restore FieldWorks.sln /p:NoWarn=NU1903 /p:DisableWarnForInvalidRestoreProjects=true | |
| msbuild Build/InstallerBuild.proj /t:BuildPatchInstaller /p:Configuration=Debug /p:Platform=x64 /p:config=release /p:action=test /p:desktopNotAvailable=true /m /v:d /bl | Tee-Object -FilePath Build/build.log | |
| if ($LASTEXITCODE -ne 0) { exit $LASTEXITCODE } | |
| Set-Location BuildDir | |
| - name: Scan Debug Build Output | |
| shell: powershell | |
| working-directory: Build | |
| run: | | |
| $results = Select-String -Path "build.log" -Pattern "^\s*[1-9][0-9]* Error\(s\)" | |
| if ($results) { | |
| foreach ($result in $results) { | |
| Write-Host "Found errors in build.log $($result.LineNumber): $($result.Line)" -ForegroundColor red | |
| } | |
| exit 1 | |
| } else { | |
| Write-Host "No errors found" -ForegroundColor green | |
| exit 0 | |
| } | |
| - name: Find patch installer | |
| id: find_patch | |
| shell: pwsh | |
| run: | | |
| $patch = Get-ChildItem -Path BuildDir -Filter "FieldWorks_*.msp" | Select-Object -First 1 | |
| if (-not $patch) { throw "Patch (.msp) file not found in BuildDir" } | |
| $patchPath = $patch.FullName | |
| "patch_file=$patchPath" >> $env:GITHUB_OUTPUT | |
| - name: Sign Patch | |
| if: github.event_name != 'pull_request' | |
| uses: sillsdev/codesign/trusted-signing-action@v3 | |
| with: | |
| credentials: ${{ secrets.TRUSTED_SIGNING_CREDENTIALS }} | |
| files-folder: BuildDir | |
| files-folder-filter: "*.msp" | |
| description: "FieldWorks Patch Installer" | |
| description-url: "https://software.sil.org/fieldworks/" | |
| - name: Configure AWS credentials | |
| # Use inputs if defined but default to true | |
| if: ${{ (inputs.make_release || 'true') == 'true' }} | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: us-east-1 | |
| - name: Upload Patch to S3 | |
| # Use inputs if defined but default to true | |
| if: ${{ (inputs.make_release || 'true') == 'true' }} | |
| shell: pwsh | |
| run: | | |
| $patchPath = "${{ steps.find_patch.outputs.patch_file }}" | |
| if (-not (Test-Path $patchPath)) { | |
| throw "Patch file not found at $patchPath" | |
| } | |
| $patchFile = Split-Path $patchPath -Leaf | |
| $s3Key = "jobs/FieldWorks-Win-all-Release-Patch/$($env:FW_BUILD_NUMBER)/$patchFile" | |
| aws s3 cp $patchPath "s3://flex-updates/$s3Key" | |
| Write-Host "Uploaded to s3://flex-updates/$s3Key" | |
| - name: Upload Build Logs | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| if-no-files-found: warn | |
| name: build-logs | |
| path: | | |
| Build/*.log | |
| Build/*.binlog |