diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 8cca952..7079a72 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -2,18 +2,21 @@ name: C/C++ CI on: push: + branches: [master] paths-ignore: - '**.md' + - '.github/**' pull_request: types: [opened, reopened, synchronize] release: types: [published] + workflow_dispatch: jobs: windows: name: 'Windows' - runs-on: windows-2019 + runs-on: windows-2025 env: solution: 'msvc/reunion.sln' @@ -22,23 +25,107 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 - name: Setup MSBuild - uses: microsoft/setup-msbuild@v1.1.3 - with: - vs-version: '16.8' + uses: microsoft/setup-msbuild@v2 + +# TODO: add support of 141_xp toolchain at VS2022+ +# - name: Install v140, v141 and v142 toolsets +# shell: cmd +# run: | +# "C:\Program Files (x86)\Microsoft Visual Studio\Installer\vs_installer.exe" modify ^ +# --installPath "C:\Program Files\Microsoft Visual Studio\2022\Enterprise" ^ +# --add Microsoft.VisualStudio.Component.WindowsXP ^ +# --add Microsoft.VisualStudio.Component.VC.v140 ^ +# --add Microsoft.VisualStudio.Component.VC.v140.x86.x64 ^ +# --add Microsoft.VisualStudio.Component.VC.v140.xp ^ +# --add Microsoft.VisualStudio.Component.VC.140.CRT ^ +# --add Microsoft.VisualStudio.Component.VC.v141 ^ +# --add Microsoft.VisualStudio.Component.VC.v141.x86.x64 ^ +# --add Microsoft.VisualStudio.Component.VC.v141.xp ^ +# --add Microsoft.VisualStudio.Component.VC.v142 ^ +# --add Microsoft.VisualStudio.Component.VC.v142.x86.x64 ^ +# --quiet --norestart + + - name: Select PlatformToolset + id: select_toolset + shell: pwsh + run: | + $vswhere = "${env:ProgramFiles(x86)}\Microsoft Visual Studio\Installer\vswhere.exe" + $vs2019 = & $vswhere -products * -version "[16.0,17.0)" -property installationPath -latest + $vs2022 = & $vswhere -products * -version "[17.0,)" -property installationPath -latest + + if ($vs2019) { + "toolset=v140_xp" >> $env:GITHUB_OUTPUT + Write-Host "Selected v140_xp toolset" + } elseif ($vs2022) { + "toolset=v143" >> $env:GITHUB_OUTPUT + Write-Host "Selected v143 toolset" + } else { + Write-Error "No suitable Visual Studio installation found" + exit 1 + } - name: Build run: | - msbuild ${{ env.solution }} -p:Configuration="${{ env.buildRelease }}" /t:Clean,Build /p:Platform=${{ env.buildPlatform }} /p:PlatformToolset=v140_xp /p:XPDeprecationWarning=false + $toolset = '${{ steps.select_toolset.outputs.toolset }}' + msbuild ${{ env.solution }} -p:Configuration="${{ env.buildRelease }}" /t:Clean,Build /p:Platform=${{ env.buildPlatform }} /p:PlatformToolset=$toolset /p:XPDeprecationWarning=false - name: Move files run: | - mkdir publish\bin\Windows - move msvc\${{ env.buildRelease }}\reunion_mm.dll publish\bin\Windows\reunion_mm.dll + mkdir publish\addons\reunion + move msvc\${{ env.buildRelease }}\reunion_mm.dll publish\addons\reunion\reunion_mm.dll + + - name: Get app version + id: get_version + shell: pwsh + run: | + $versionFile = "reunion/version/appversion.h" + if (-not (Test-Path $versionFile)) { + Write-Error "Version file not found: $versionFile" + exit 1 + } + + $content = Get-Content $versionFile + foreach ($line in $content) { + if ($line -match '^\s*#define\s+APP_VERSION\s+"([^"]+)"') { + $version = $matches[1] + "version=$version" >> $env:GITHUB_OUTPUT + Write-Host "Found version: $version" + exit 0 + } + } + Write-Error "APP_VERSION not found in file" + exit 1 + + - name: Show version + run: echo "Version is ${{ steps.get_version.outputs.version }}" + + - name: Get rcedit from chocolatey + shell: pwsh + run: | + choco install rcedit -y + + - name: Edit resources at windows binaries + run: | + rcedit ${{ github.workspace }}\publish\addons\reunion\reunion_mm.dll --set-version-string ProductName "ReUnion - reunion_mm.dll" --set-file-version "${{ steps.get_version.outputs.version }}" --set-product-version "${{ steps.get_version.outputs.version }}" --set-version-string FileDescription "Reunion - is a continuation of the DProto project adapted for ReHLDS., Commit: $env:GITHUB_SHA" --set-version-string "Comments" "Metamod plugin that allows protocol 47 and 48 non-steam clients to connect to ReHLDS servers, Commit: $env:GITHUB_SHA" --set-version-string CompanyName "ReHLDS Dev Team" --set-version-string LegalCopyright "Copyright 2025 Valve, ReHLDS DevTeam" --set-icon reunion/msvc/icon.ico + shell: "pwsh" + + - name: Import PFX and sign + if: github.event_name != 'pull_request' + env: + KEY_PFX_PASS: ${{ secrets.KEY_PFX_PASS }} + # https://github.com/actions/runner-images/blob/main/images/windows/Windows2025-Readme.md + run: | + $pfxBase64 = "${{ secrets.KEY_PFX_B64 }}" + [IO.File]::WriteAllBytes("${{ github.workspace }}\signing-cert.pfx", [Convert]::FromBase64String($pfxBase64)) + certutil -f -p "${{ secrets.KEY_PFX_PASS }}" -importPFX "${{ github.workspace }}\signing-cert.pfx" + & 'C:\Program Files (x86)\Windows Kits\10\bin\10.0.26100.0\x86\signtool.exe' sign /a /f "${{ github.workspace }}\signing-cert.pfx" /p $env:KEY_PFX_PASS /d "ReUnion - reunion_mm.dll" /du "https://rehlds.dev/" /tr "http://timestamp.digicert.com" /td sha256 /fd sha256 /v ${{ github.workspace }}\publish\addons\reunion\reunion_mm.dll + Remove-Item -Recurse -Force "${{ github.workspace }}\signing-cert.pfx" + shell: "pwsh" - name: Deploy artifacts uses: actions/upload-artifact@v4 @@ -48,23 +135,75 @@ jobs: linux: name: 'Linux' - runs-on: ubuntu-20.04 + runs-on: ubuntu-24.04 + container: debian:11-slim outputs: app-version: ${{ steps.app-version.outputs.version }} steps: + - name: Install dependencies + run: | + dpkg --add-architecture i386 + apt-get update + apt-get install -y \ + gcc-multilib g++-multilib \ + build-essential \ + libc6-dev libc6-dev-i386 \ + git cmake rsync \ + g++ gcc + + - name: Configure + run: git config --global --add safe.directory "$GITHUB_WORKSPACE" + - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 - - name: Check dependencies + - name: GPG Import run: | - sudo dpkg --add-architecture i386 - sudo apt-get update - sudo apt-get install -y gcc-multilib g++-multilib + echo "${{ secrets.PUB_ASC }}" > "${{ secrets.PUB_ASC_FILE }}" + echo "${{ secrets.KEY_ASC }}" > "${{ secrets.KEY_ASC_FILE }}" - - name: Build + # Import the public key + gpg --batch --yes --import "${{ secrets.PUB_ASC_FILE }}" + if [[ $? -ne 0 ]]; then + echo "Error: Failed to import the public key" + exit 1 + fi + + # Import the private key + gpg --batch --yes --import "${{ secrets.KEY_ASC_FILE }}" + if [[ $? -ne 0 ]]; then + echo "Error: Failed to import the private key" + exit 2 + fi + + # Extract the fingerprint of the imported public key + GPG_LINUX_FINGERPRINT=$(gpg --list-keys --with-colons | grep '^fpr' | head -n 1 | cut -d: -f10) + + # Check if the fingerprint was extracted + if [[ -z "$GPG_LINUX_FINGERPRINT" ]]; then + echo "Error: Failed to extract the fingerprint of the key" + exit 3 + fi + + # Set the trust level for the key + echo "$GPG_LINUX_FINGERPRINT:6:" | gpg --batch --import-ownertrust + if [ $? -ne 0 ]; then + echo "Error: Failed to set trust for the key $GPG_LINUX_FINGERPRINT" + exit 4 + fi + + echo "Key $GPG_LINUX_FINGERPRINT successfully imported and trusted" + gpg --list-keys + + #export for global use + echo "GPG_LINUX_FINGERPRINT=$GPG_LINUX_FINGERPRINT" >> $GITHUB_ENV + shell: bash + if: github.event_name != 'pull_request' + + - name: Build using GCC Compiler run: | rm -rf build && CC=gcc CXX=g++ cmake -B build && cmake --build build -j8 @@ -78,6 +217,7 @@ jobs: else # Remove quotes APP_VERSION=$(echo $APP_VERSION | xargs) + echo "APP_VERSION=${APP_VERSION}" >> $GITHUB_ENV fi fi echo "version=${APP_VERSION}" >> "$GITHUB_OUTPUT" @@ -85,16 +225,16 @@ jobs: - name: Move files run: | - mkdir -p publish/bin/Linux + mkdir -p publish/addons/reunion publish/addons/amxmodx/scripting publish/src rsync -a reunion/dist/ publish/ --exclude=*.tpl - rsync -a reunion/src/reunion_api.h publish/public/ - rsync -a reunion/extra/ publish/amxx/ - mv build/reunion/reunion_mm_i386.so publish/bin/Linux/reunion_mm_i386.so + rsync -a reunion/src/reunion_api.h publish/src/ + rsync -a reunion/extra/ publish/addons/amxmodx/scripting/ + mv build/reunion/reunion_mm_i386.so publish/addons/reunion/reunion_mm_i386.so - name: Run GLIBC/ABI version compat test run: | binaries=( - "publish/bin/Linux/reunion_mm_i386.so" + "publish/addons/reunion/reunion_mm_i386.so" ) bash ./reunion/version/glibc_test.sh ${binaries[@]} if [[ $? -ne 0 ]]; then @@ -128,7 +268,29 @@ jobs: - name: Packaging id: packaging-job run: | + + # new runner, niw signs + echo "${{ secrets.PUB_ASC }}" > "${{ secrets.PUB_ASC_FILE }}" + echo "${{ secrets.KEY_ASC }}" > "${{ secrets.KEY_ASC_FILE }}" + gpg --batch --yes --import "${{ secrets.PUB_ASC_FILE }}" + gpg --batch --yes --import "${{ secrets.KEY_ASC_FILE }}" + GPG_LINUX_FINGERPRINT=$(gpg --list-keys --with-colons | grep '^fpr' | head -n 1 | cut -d: -f10) + echo "$GPG_LINUX_FINGERPRINT:6:" | gpg --batch --import-ownertrust + echo "GPG_LINUX_FINGERPRINT=$GPG_LINUX_FINGERPRINT" >> $GITHUB_ENV + + sign_file() { + local file=$1 + gpg --batch --yes --detach-sign --armor -u "$GPG_LINUX_FINGERPRINT" "$file" + if [ $? -ne 0 ]; then + echo "Error: Failed to sign $file" + exit 2 + fi + echo "$file signed successfully." + } + + # Pack and sign final archive 7z a -tzip reunion-${{ needs.linux.outputs.app-version }}.zip . + sign_file "reunion-${{ needs.linux.outputs.app-version }}.zip" - name: Publish artifacts uses: actions/upload-artifact@v4 @@ -136,6 +298,8 @@ jobs: name: reunion-${{ needs.linux.outputs.app-version }} path: | *.zip + *.7z + *.asc - name: Release artifacts uses: softprops/action-gh-release@v1 @@ -148,5 +312,7 @@ jobs: with: files: | *.zip + *.7z + *.asc env: GITHUB_TOKEN: ${{ secrets.API_TOKEN }} diff --git a/reunion/msvc/icon.ico b/reunion/msvc/icon.ico new file mode 100644 index 0000000..8b080d2 Binary files /dev/null and b/reunion/msvc/icon.ico differ diff --git a/reunion/version/appversion.bat b/reunion/version/appversion.bat index 9c76884..a27f80a 100644 --- a/reunion/version/appversion.bat +++ b/reunion/version/appversion.bat @@ -20,13 +20,32 @@ set commitURL= set commitCount=0 set branch_name=master -for /f "delims=" %%a in ('wmic OS Get localdatetime ^| find "."') do set "dt=%%a" -set "YYYY=%dt:~0,4%" -set "MM=%dt:~4,2%" -set "DD=%dt:~6,2%" -set "hour=%dt:~8,2%" -set "min=%dt:~10,2%" -set "sec=%dt:~12,2%" +for /f "tokens=*" %%i in ('powershell -NoProfile -Command ^ + "$now = Get-Date; Write-Output ('{0:yyyy}|{0:MM}|{0:dd}|{0:HH}|{0:mm}|{0:ss}' -f $now)"') do ( + for /f "tokens=1-6 delims=|" %%a in ("%%i") do ( + set "YYYY=%%a" + set "MM=%%b" + set "DD=%%c" + set "hour=%%d" + set "min=%%e" + set "sec=%%f" + ) +) + +echo YYYY=%YYYY% +echo MM=%MM% +echo DD=%DD% +echo hour=%hour% +echo min=%min% +echo sec=%sec% + +:: for /f "delims=" %%a in ('wmic OS Get localdatetime ^| find "."') do set "dt=%%a" +:: set "YYYY=%dt:~0,4%" +:: set "MM=%dt:~4,2%" +:: set "DD=%dt:~6,2%" +:: set "hour=%dt:~8,2%" +:: set "min=%dt:~10,2%" +:: set "sec=%dt:~12,2%" :: :: Remove leading zero from MM (e.g 09 > 9)