name: Release (Windows) on: workflow_call: inputs: is_tag: required: true type: string jobs: windows: strategy: fail-fast: false matrix: include: - arch: x86 host: x86 - arch: x64 host: x64 - arch: arm64 host: x64_arm64 name: Windows (${{ matrix.arch }}) runs-on: windows-latest steps: - name: Download source uses: actions/download-artifact@v3 with: name: internal-source - name: Unpack source shell: bash run: | tar -xf source.tar.gz --strip-components=1 - name: Install dependencies shell: bash run: | choco install pandoc - name: Prepare cache key id: key shell: powershell run: | # Work around caching failure with GNU tar New-Item -Type Junction -Path vcpkg -Target c:\vcpkg Write-Output "image=$env:ImageOS-$env:ImageVersion" >> $env:GITHUB_OUTPUT - name: Enable vcpkg cache uses: actions/cache@v3 with: path: vcpkg/installed key: ${{ steps.key.outputs.image }}-vcpkg-${{ matrix.arch }}-0 # Increase the number whenever dependencies are modified restore-keys: | ${{ steps.key.outputs.image }}-vcpkg-${{ matrix.arch }} - name: Prepare vcpkg shell: bash run: | vcpkg install --triplet=${{ matrix.arch }}-windows-static \ liblzma \ libpng \ lzo \ zlib \ # EOF - name: Install MSVC problem matcher uses: ammaraskar/msvc-problem-matcher@master - name: Configure developer command prompt for tools uses: ilammy/msvc-dev-cmd@v1 with: arch: x64 - name: Build tools shell: bash run: | mkdir build-host cd build-host echo "::group::CMake" cmake ${GITHUB_WORKSPACE} \ -GNinja \ -DOPTION_TOOLS_ONLY=ON \ -DCMAKE_BUILD_TYPE=RelWithDebInfo \ # EOF echo "::endgroup::" echo "::group::Build" cmake --build . --target tools echo "::endgroup::" - name: Configure developer command prompt for ${{ matrix.arch }} uses: ilammy/msvc-dev-cmd@v1 with: arch: ${{ matrix.host }} - name: Import code signing certificate shell: powershell # If this is run on a fork, there may not be a certificate set up - continue in this case continue-on-error: true run: | $tempFile = [System.IO.Path]::GetTempFileName() $bytes = [System.Convert]::FromBase64String($env:WINDOWS_CERTIFICATE_P12) [IO.File]::WriteAllBytes($tempFile, $bytes) $pwd = ConvertTo-SecureString $env:WINDOWS_CERTIFICATE_PASSWORD -AsPlainText -Force Import-PfxCertificate -FilePath $tempFile -CertStoreLocation Cert:\CurrentUser\My -Password $pwd Remove-Item $tempFile env: WINDOWS_CERTIFICATE_P12: ${{ secrets.WINDOWS_CERTIFICATE_P12 }} WINDOWS_CERTIFICATE_PASSWORD: ${{ secrets.WINDOWS_CERTIFICATE_PASSWORD }} - name: Build (with installer) if: inputs.is_tag == 'true' shell: bash run: | mkdir build cd build echo "::group::CMake" cmake ${GITHUB_WORKSPACE} \ -GNinja \ -DVCPKG_TARGET_TRIPLET=${{ matrix.arch }}-windows-static \ -DCMAKE_TOOLCHAIN_FILE="c:\vcpkg\scripts\buildsystems\vcpkg.cmake" \ -DOPTION_USE_NSIS=ON \ -DHOST_BINARY_DIR=${GITHUB_WORKSPACE}/build-host \ -DCMAKE_BUILD_TYPE=RelWithDebInfo \ -DWINDOWS_CERTIFICATE_COMMON_NAME="${WINDOWS_CERTIFICATE_COMMON_NAME}" \ # EOF echo "::endgroup::" echo "::group::Build" cmake --build . --target openttd echo "::endgroup::" env: WINDOWS_CERTIFICATE_COMMON_NAME: ${{ secrets.WINDOWS_CERTIFICATE_COMMON_NAME }} - name: Build (without installer) if: inputs.is_tag != 'true' shell: bash run: | mkdir build cd build echo "::group::CMake" cmake ${GITHUB_WORKSPACE} \ -GNinja \ -DVCPKG_TARGET_TRIPLET=${{ matrix.arch }}-windows-static \ -DCMAKE_TOOLCHAIN_FILE="c:\vcpkg\scripts\buildsystems\vcpkg.cmake" \ -DHOST_BINARY_DIR=${GITHUB_WORKSPACE}/build-host \ -DCMAKE_BUILD_TYPE=RelWithDebInfo \ -DWINDOWS_CERTIFICATE_COMMON_NAME="${WINDOWS_CERTIFICATE_COMMON_NAME}" \ # EOF echo "::endgroup::" echo "::group::Build" cmake --build . --target openttd echo "::endgroup::" env: WINDOWS_CERTIFICATE_COMMON_NAME: ${{ secrets.WINDOWS_CERTIFICATE_COMMON_NAME }} - name: Create bundles shell: bash run: | cd ${GITHUB_WORKSPACE}/build echo "::group::Run CPack" cpack echo "::endgroup::" echo "::group::Prepare PDB to be bundled" PDB=$(ls bundles/*.zip | cut -d/ -f2 | sed 's/.zip$/.pdb/') cp openttd.pdb bundles/${PDB} xz -9 bundles/${PDB} echo "::endgroup::" echo "::group::Cleanup" # Remove the sha256 files CPack generates; we will do this ourself at # the end of this workflow. rm -f bundles/*.sha256 echo "::endgroup::" - name: Sign installer if: inputs.is_tag == 'true' shell: bash # If this is run on a fork, there may not be a certificate set up - continue in this case continue-on-error: true run: | cd ${GITHUB_WORKSPACE}/build/bundles ../../os/windows/sign.bat *.exe "${WINDOWS_CERTIFICATE_COMMON_NAME}" env: WINDOWS_CERTIFICATE_COMMON_NAME: ${{ secrets.WINDOWS_CERTIFICATE_COMMON_NAME }} - name: Store bundles uses: actions/upload-artifact@v3 with: name: openttd-windows-${{ matrix.arch }} path: build/bundles retention-days: 5