|
|
@@ -0,0 +1,196 @@
|
|
|
+name: Build Windows Debug Installer
|
|
|
+
|
|
|
+on:
|
|
|
+ workflow_dispatch:
|
|
|
+ inputs:
|
|
|
+ version:
|
|
|
+ description: 'Version'
|
|
|
+ required: false
|
|
|
+
|
|
|
+env:
|
|
|
+ JAVA_VERSION: 19
|
|
|
+ JAVA_DIST: 'zulu'
|
|
|
+ JAVA_CACHE: 'maven'
|
|
|
+
|
|
|
+defaults:
|
|
|
+ run:
|
|
|
+ shell: bash
|
|
|
+
|
|
|
+jobs:
|
|
|
+ get-version:
|
|
|
+ uses: ./.github/workflows/get-version.yml
|
|
|
+ with:
|
|
|
+ version: ${{ inputs.version }}
|
|
|
+
|
|
|
+ build-msi:
|
|
|
+ name: Build .msi Installer
|
|
|
+ runs-on: windows-latest
|
|
|
+ needs: [get-version]
|
|
|
+ env:
|
|
|
+ LOOPBACK_ALIAS: 'cryptomator-vault'
|
|
|
+ steps:
|
|
|
+ - uses: actions/checkout@v3
|
|
|
+ - name: Setup Java
|
|
|
+ uses: actions/setup-java@v3
|
|
|
+ with:
|
|
|
+ distribution: ${{ env.JAVA_DIST }}
|
|
|
+ java-version: ${{ env.JAVA_VERSION }}
|
|
|
+ java-package: 'jdk+fx'
|
|
|
+ cache: ${{ env.JAVA_CACHE }}
|
|
|
+ - name: Ensure major jfx version in pom equals in jdk
|
|
|
+ shell: pwsh
|
|
|
+ run: |
|
|
|
+ $jfxPomVersion = (&mvn help:evaluate "-Dexpression=javafx.version" -q -DforceStdout) -split "\."
|
|
|
+ $jfxJdkVersion = ((Get-Content -path "${env:JAVA_HOME}/lib/javafx.properties" | Where-Object {$_ -like 'javafx.version=*' }) -replace '.*=','') -split "\."
|
|
|
+ if ($jfxPomVersion[0] -ne $jfxJdkVersion[0]) {
|
|
|
+ Write-Error "Major part of JavaFX version in pom($($jfxPomVersion[0])) does not match the version in JDK($($jfxJdkVersion[0])) "
|
|
|
+ exit 1
|
|
|
+ }
|
|
|
+ - name: Set version
|
|
|
+ run : mvn versions:set -DnewVersion=${{ needs.get-version.outputs.semVerStr }}
|
|
|
+ - name: Run maven
|
|
|
+ run: mvn -B clean package -Pdependency-check,win -DskipTests
|
|
|
+ - name: Patch target dir
|
|
|
+ run: |
|
|
|
+ cp LICENSE.txt target
|
|
|
+ cp target/cryptomator-*.jar target/mods
|
|
|
+ - name: Run jlink
|
|
|
+ run: >
|
|
|
+ ${JAVA_HOME}/bin/jlink
|
|
|
+ --verbose
|
|
|
+ --output runtime
|
|
|
+ --module-path "${JAVA_HOME}/jmods"
|
|
|
+ --add-modules java.base,java.desktop,java.instrument,java.logging,java.naming,java.net.http,java.scripting,java.sql,java.xml,javafx.base,javafx.graphics,javafx.controls,javafx.fxml,jdk.unsupported,jdk.crypto.ec,jdk.accessibility,jdk.management.jfr
|
|
|
+ --strip-native-commands
|
|
|
+ --no-header-files
|
|
|
+ --no-man-pages
|
|
|
+ --strip-debug
|
|
|
+ --compress=1
|
|
|
+ - name: Run jpackage
|
|
|
+ run: >
|
|
|
+ ${JAVA_HOME}/bin/jpackage
|
|
|
+ --verbose
|
|
|
+ --type app-image
|
|
|
+ --runtime-image runtime
|
|
|
+ --input target/libs
|
|
|
+ --module-path target/mods
|
|
|
+ --module org.cryptomator.desktop/org.cryptomator.launcher.Cryptomator
|
|
|
+ --dest appdir
|
|
|
+ --name Cryptomator
|
|
|
+ --vendor "Skymatic GmbH"
|
|
|
+ --copyright "(C) 2016 - 2023 Skymatic GmbH"
|
|
|
+ --app-version "${{ needs.get-version.outputs.semVerNum }}.${{ needs.get-version.outputs.revNum }}"
|
|
|
+ --win-console
|
|
|
+ --java-options "--enable-preview"
|
|
|
+ --java-options "--enable-native-access=org.cryptomator.jfuse.win"
|
|
|
+ --java-options "-Xss5m"
|
|
|
+ --java-options "-Xmx256m"
|
|
|
+ --java-options "-Dcryptomator.appVersion=\"${{ needs.get-version.outputs.semVerStr }}\""
|
|
|
+ --java-options "-Dfile.encoding=\"utf-8\""
|
|
|
+ --java-options "-Dcryptomator.logDir=\"~/AppData/Roaming/Cryptomator\""
|
|
|
+ --java-options "-Dcryptomator.pluginDir=\"~/AppData/Roaming/Cryptomator/Plugins\""
|
|
|
+ --java-options "-Dcryptomator.settingsPath=\"~/AppData/Roaming/Cryptomator/settings.json\""
|
|
|
+ --java-options "-Dcryptomator.p12Path=\"~/AppData/Roaming/Cryptomator/key.p12\""
|
|
|
+ --java-options "-Dcryptomator.ipcSocketPath=\"~/AppData/Roaming/Cryptomator/ipc.socket\""
|
|
|
+ --java-options "-Dcryptomator.mountPointsDir=\"~/Cryptomator\""
|
|
|
+ --java-options "-Dcryptomator.loopbackAlias=\"${{ env.LOOPBACK_ALIAS }}\""
|
|
|
+ --java-options "-Dcryptomator.showTrayIcon=true"
|
|
|
+ --java-options "-Dcryptomator.buildNumber=\"msi-${{ needs.get-version.outputs.revNum }}-dbg\""
|
|
|
+ --java-options "-Dcryptomator.integrationsWin.autoStartShellLinkName=\"Cryptomator\""
|
|
|
+ --java-options "-Dcryptomator.integrationsWin.keychainPaths=\"~/AppData/Roaming/Cryptomator/keychain.json\""
|
|
|
+ --java-options "-Djavafx.verbose=true"
|
|
|
+ --resource-dir dist/win/resources
|
|
|
+ --icon dist/win/resources/Cryptomator.ico
|
|
|
+ - name: Patch Application Directory
|
|
|
+ run: |
|
|
|
+ cp dist/win/contrib/* appdir/Cryptomator
|
|
|
+ - name: Set LOOPBACK_ALIAS in patchWebDAV.bat
|
|
|
+ shell: pwsh
|
|
|
+ run: |
|
|
|
+ $patchScript = "appdir\Cryptomator\patchWebDAV.bat"
|
|
|
+ try {
|
|
|
+ (Get-Content $patchScript ) -replace '::REPLACE ME', "SET LOOPBACK_ALIAS=`"${{ env.LOOPBACK_ALIAS}}`"" | Set-Content $patchScript
|
|
|
+ } catch {
|
|
|
+ Write-Host "Failed to set LOOPBACK_ALIAS for patchWebDAV.bat"
|
|
|
+ exit 1
|
|
|
+ }
|
|
|
+ - name: Fix permissions
|
|
|
+ run: |
|
|
|
+ attrib -r appdir/Cryptomator/Cryptomator.exe
|
|
|
+ shell: pwsh
|
|
|
+ - name: Extract integrations DLL for code signing
|
|
|
+ shell: pwsh
|
|
|
+ run: gci ./appdir/Cryptomator/app/mods/ -File integrations-win-*.jar | ForEach-Object {Set-Location -Path $_.Directory; jar --file=$($_.FullName) --extract integrations.dll }
|
|
|
+ - name: Codesign
|
|
|
+ uses: skymatic/code-sign-action@v2
|
|
|
+ with:
|
|
|
+ certificate: ${{ secrets.WIN_CODESIGN_P12_BASE64 }}
|
|
|
+ password: ${{ secrets.WIN_CODESIGN_P12_PW }}
|
|
|
+ certificatesha1: 5FC94CE149E5B511E621F53A060AC67CBD446B3A
|
|
|
+ description: Cryptomator
|
|
|
+ timestampUrl: 'http://timestamp.digicert.com'
|
|
|
+ folder: appdir/Cryptomator
|
|
|
+ recursive: true
|
|
|
+ - name: Repack signed DLL into jar
|
|
|
+ shell: pwsh
|
|
|
+ run: |
|
|
|
+ gci ./appdir/Cryptomator/app/mods/ -File integrations-win-*.jar | ForEach-Object {Set-Location -Path $_.Directory; jar --file=$($_.FullName) --update integrations.dll; Remove-Item integrations.dll}
|
|
|
+ - name: Generate license for MSI
|
|
|
+ run: >
|
|
|
+ mvn -B license:add-third-party
|
|
|
+ "-Dlicense.thirdPartyFilename=license.rtf"
|
|
|
+ "-Dlicense.outputDirectory=dist/win/resources"
|
|
|
+ "-Dlicense.fileTemplate=dist/win/resources/licenseTemplate.ftl"
|
|
|
+ "-Dlicense.includedScopes=compile"
|
|
|
+ "-Dlicense.excludedGroups=^org\.cryptomator"
|
|
|
+ "-Dlicense.failOnMissing=true"
|
|
|
+ "-Dlicense.licenseMergesUrl=file:///${{ github.workspace }}/license/merges"
|
|
|
+ shell: pwsh
|
|
|
+ - name: Create MSI
|
|
|
+ run: >
|
|
|
+ ${JAVA_HOME}/bin/jpackage
|
|
|
+ --verbose
|
|
|
+ --type msi
|
|
|
+ --win-upgrade-uuid bda45523-42b1-4cae-9354-a45475ed4775
|
|
|
+ --app-image appdir/Cryptomator
|
|
|
+ --dest installer
|
|
|
+ --name Cryptomator
|
|
|
+ --vendor "Skymatic GmbH"
|
|
|
+ --copyright "(C) 2016 - 2023 Skymatic GmbH"
|
|
|
+ --app-version "${{ needs.get-version.outputs.semVerNum }}.${{ needs.get-version.outputs.revNum}}"
|
|
|
+ --win-menu
|
|
|
+ --win-dir-chooser
|
|
|
+ --win-shortcut-prompt
|
|
|
+ --win-update-url "https:\\cryptomator.org"
|
|
|
+ --win-menu-group Cryptomator
|
|
|
+ --resource-dir dist/win/resources
|
|
|
+ --license-file dist/win/resources/license.rtf
|
|
|
+ --file-associations dist/win/resources/FAvaultFile.properties
|
|
|
+ env:
|
|
|
+ JP_WIXWIZARD_RESOURCES: ${{ github.workspace }}/dist/win/resources # requires abs path, used in resources/main.wxs
|
|
|
+ - name: Codesign MSI
|
|
|
+ uses: skymatic/code-sign-action@v2
|
|
|
+ with:
|
|
|
+ certificate: ${{ secrets.WIN_CODESIGN_P12_BASE64 }}
|
|
|
+ password: ${{ secrets.WIN_CODESIGN_P12_PW }}
|
|
|
+ certificatesha1: 5FC94CE149E5B511E621F53A060AC67CBD446B3A
|
|
|
+ description: Cryptomator Installer
|
|
|
+ timestampUrl: 'http://timestamp.digicert.com'
|
|
|
+ folder: installer
|
|
|
+ - name: Add possible alpha/beta tags to installer name
|
|
|
+ run: mv installer/Cryptomator-*.msi Cryptomator-${{ needs.get-version.outputs.semVerStr }}-x64.msi
|
|
|
+ - name: Create detached GPG signature with key 615D449FE6E6A235
|
|
|
+ run: |
|
|
|
+ echo "${GPG_PRIVATE_KEY}" | gpg --batch --quiet --import
|
|
|
+ echo "${GPG_PASSPHRASE}" | gpg --batch --quiet --passphrase-fd 0 --pinentry-mode loopback -u 615D449FE6E6A235 --detach-sign -a Cryptomator-*.msi
|
|
|
+ env:
|
|
|
+ GPG_PRIVATE_KEY: ${{ secrets.RELEASES_GPG_PRIVATE_KEY }}
|
|
|
+ GPG_PASSPHRASE: ${{ secrets.RELEASES_GPG_PASSPHRASE }}
|
|
|
+ - name: Upload artifacts
|
|
|
+ uses: actions/upload-artifact@v3
|
|
|
+ with:
|
|
|
+ name: msi
|
|
|
+ path: |
|
|
|
+ Cryptomator-*.msi
|
|
|
+ Cryptomator-*.asc
|
|
|
+ if-no-files-found: error
|
Armin Schrenk