mirror of
https://github.com/rehlds/rehlds.git
synced 2024-12-27 07:05:43 +03:00
renamed ENVS
This commit is contained in:
parent
a0c03e9dc3
commit
103648f25f
60
.github/workflows/build.yml
vendored
60
.github/workflows/build.yml
vendored
@ -91,20 +91,20 @@ jobs:
|
||||
|
||||
- name: Import PFX and sign
|
||||
env:
|
||||
REHLDS_KEY_PFX_PASS: ${{ secrets.REHLDS_KEY_PFX_PASS}}
|
||||
KEY_PFX_PASS: ${{ secrets.KEY_PFX_PASS}}
|
||||
run: |
|
||||
$pfxBase64 = "${{ secrets.REHLDS_KEY_PFX_B64 }}"
|
||||
$pfxBase64 = "${{ secrets.KEY_PFX_B64 }}"
|
||||
[IO.File]::WriteAllBytes("${{ github.workspace }}\signing-cert.pfx", [Convert]::FromBase64String($pfxBase64))
|
||||
certutil -f -p "${{ secrets.REHLDS_KEY_PFX_PASS }}" -importPFX "${{ github.workspace }}\signing-cert.pfx"
|
||||
& 'C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x86\signtool.exe' sign /a /f "${{ github.workspace }}\signing-cert.pfx" /p $env:REHLDS_KEY_PFX_PASS /d "ReHLDS" /du "https://rehlds.dev/" /tr "http://timestamp.digicert.com" /td sha512 /fd sha512 /v ${{ github.workspace }}\publish\bin\win32\hlds.exe
|
||||
& 'C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x86\signtool.exe' sign /a /f "${{ github.workspace }}\signing-cert.pfx" /p $env:REHLDS_KEY_PFX_PASS /d "reHLTV" /du "https://rehlds.dev/" /tr "http://timestamp.digicert.com" /td sha512 /fd sha512 /v ${{ github.workspace }}\publish\bin\win32\hltv.exe
|
||||
& 'C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x86\signtool.exe' sign /a /f "${{ github.workspace }}\signing-cert.pfx" /p $env:REHLDS_KEY_PFX_PASS /d "ReHLDS - swds.dll" /du "https://rehlds.dev/" /tr "http://timestamp.digicert.com" /td sha512 /fd sha512 /v ${{ github.workspace }}\publish\tests\swds.dll
|
||||
& 'C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x86\signtool.exe' sign /a /f "${{ github.workspace }}\signing-cert.pfx" /p $env:REHLDS_KEY_PFX_PASS /d "ReHLDS - swds.dll" /du "https://rehlds.dev/" /tr "http://timestamp.digicert.com" /td sha512 /fd sha512 /v ${{ github.workspace }}\publish\bin\win32\swds.dll
|
||||
& 'C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x86\signtool.exe' sign /a /f "${{ github.workspace }}\signing-cert.pfx" /p $env:REHLDS_KEY_PFX_PASS /d "ReHLDS - core.dll" /du "https://rehlds.dev/" /tr "http://timestamp.digicert.com" /td sha512 /fd sha512 /v ${{ github.workspace }}\publish\bin\win32\core.dll
|
||||
& 'C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x86\signtool.exe' sign /a /f "${{ github.workspace }}\signing-cert.pfx" /p $env:REHLDS_KEY_PFX_PASS /d "ReHLDS - proxy.dll" /du "https://rehlds.dev/" /tr "http://timestamp.digicert.com" /td sha512 /fd sha512 /v ${{ github.workspace }}\publish\bin\win32\proxy.dll
|
||||
& 'C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x86\signtool.exe' sign /a /f "${{ github.workspace }}\signing-cert.pfx" /p $env:REHLDS_KEY_PFX_PASS /d "ReHLDS - demoplayer.dll" /du "https://rehlds.dev/" /tr "http://timestamp.digicert.com" /td sha512 /fd sha512 /v ${{ github.workspace }}\publish\bin\win32\demoplayer.dll
|
||||
& 'C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x86\signtool.exe' sign /a /f "${{ github.workspace }}\signing-cert.pfx" /p $env:REHLDS_KEY_PFX_PASS /d "ReHLDS - filesystem_stdio.dll" /du "https://rehlds.dev/" /tr "http://timestamp.digicert.com" /td sha512 /fd sha512 /v ${{ github.workspace }}\publish\bin\win32\filesystem_stdio.dll
|
||||
& 'C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x86\signtool.exe' sign /a /f "${{ github.workspace }}\signing-cert.pfx" /p $env:REHLDS_KEY_PFX_PASS /d "ReHLDS - director.dll" /du "https://rehlds.dev/" /tr "http://timestamp.digicert.com" /td sha512 /fd sha512 /v ${{ github.workspace }}\publish\bin\win32\valve\dlls\director.dll
|
||||
certutil -f -p "${{ secrets.KEY_PFX_PASS }}" -importPFX "${{ github.workspace }}\signing-cert.pfx"
|
||||
& 'C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x86\signtool.exe' sign /a /f "${{ github.workspace }}\signing-cert.pfx" /p $env:KEY_PFX_PASS /d "ReHLDS" /du "https://rehlds.dev/" /tr "http://timestamp.digicert.com" /td sha512 /fd sha512 /v ${{ github.workspace }}\publish\bin\win32\hlds.exe
|
||||
& 'C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x86\signtool.exe' sign /a /f "${{ github.workspace }}\signing-cert.pfx" /p $env:KEY_PFX_PASS /d "reHLTV" /du "https://rehlds.dev/" /tr "http://timestamp.digicert.com" /td sha512 /fd sha512 /v ${{ github.workspace }}\publish\bin\win32\hltv.exe
|
||||
& 'C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x86\signtool.exe' sign /a /f "${{ github.workspace }}\signing-cert.pfx" /p $env:KEY_PFX_PASS /d "ReHLDS - swds.dll" /du "https://rehlds.dev/" /tr "http://timestamp.digicert.com" /td sha512 /fd sha512 /v ${{ github.workspace }}\publish\tests\swds.dll
|
||||
& 'C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x86\signtool.exe' sign /a /f "${{ github.workspace }}\signing-cert.pfx" /p $env:KEY_PFX_PASS /d "ReHLDS - swds.dll" /du "https://rehlds.dev/" /tr "http://timestamp.digicert.com" /td sha512 /fd sha512 /v ${{ github.workspace }}\publish\bin\win32\swds.dll
|
||||
& 'C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x86\signtool.exe' sign /a /f "${{ github.workspace }}\signing-cert.pfx" /p $env:KEY_PFX_PASS /d "ReHLDS - core.dll" /du "https://rehlds.dev/" /tr "http://timestamp.digicert.com" /td sha512 /fd sha512 /v ${{ github.workspace }}\publish\bin\win32\core.dll
|
||||
& 'C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x86\signtool.exe' sign /a /f "${{ github.workspace }}\signing-cert.pfx" /p $env:KEY_PFX_PASS /d "ReHLDS - proxy.dll" /du "https://rehlds.dev/" /tr "http://timestamp.digicert.com" /td sha512 /fd sha512 /v ${{ github.workspace }}\publish\bin\win32\proxy.dll
|
||||
& 'C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x86\signtool.exe' sign /a /f "${{ github.workspace }}\signing-cert.pfx" /p $env:KEY_PFX_PASS /d "ReHLDS - demoplayer.dll" /du "https://rehlds.dev/" /tr "http://timestamp.digicert.com" /td sha512 /fd sha512 /v ${{ github.workspace }}\publish\bin\win32\demoplayer.dll
|
||||
& 'C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x86\signtool.exe' sign /a /f "${{ github.workspace }}\signing-cert.pfx" /p $env:KEY_PFX_PASS /d "ReHLDS - filesystem_stdio.dll" /du "https://rehlds.dev/" /tr "http://timestamp.digicert.com" /td sha512 /fd sha512 /v ${{ github.workspace }}\publish\bin\win32\filesystem_stdio.dll
|
||||
& 'C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x86\signtool.exe' sign /a /f "${{ github.workspace }}\signing-cert.pfx" /p $env:KEY_PFX_PASS /d "ReHLDS - director.dll" /du "https://rehlds.dev/" /tr "http://timestamp.digicert.com" /td sha512 /fd sha512 /v ${{ github.workspace }}\publish\bin\win32\valve\dlls\director.dll
|
||||
Remove-Item -Recurse -Force "${{ github.workspace }}\signing-cert.pfx"
|
||||
shell: "pwsh"
|
||||
|
||||
@ -176,44 +176,44 @@ jobs:
|
||||
|
||||
- name: GPG Import
|
||||
run: |
|
||||
echo "${{ secrets.REHLDS_PUB_ASC }}" > "${{ secrets.REHLDS_PUB_ASC_FILE }}"
|
||||
echo "${{ secrets.REHLDS_KEY_ASC }}" > "${{ secrets.REHLDS_KEY_ASC_FILE }}"
|
||||
echo "${{ secrets.PUB_ASC }}" > "${{ secrets.PUB_ASC_FILE }}"
|
||||
echo "${{ secrets.KEY_ASC }}" > "${{ secrets.KEY_ASC_FILE }}"
|
||||
|
||||
# Import the public key
|
||||
gpg --batch --yes --import "${{ secrets.REHLDS_PUB_ASC_FILE }}"
|
||||
gpg --batch --yes --import "${{ secrets.PUB_ASC_FILE }}"
|
||||
if [[ $? -ne 0 ]]; then
|
||||
echo "Error: Failed to import the public key"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Import the private key
|
||||
gpg --batch --yes --import "${{ secrets.REHLDS_KEY_ASC_FILE }}"
|
||||
gpg --batch --yes --import "${{ secrets.KEY_ASC_FILE }}"
|
||||
if [[ $? -ne 0 ]]; then
|
||||
echo "Error: Failed to import the private key"
|
||||
exit 2
|
||||
fi
|
||||
|
||||
# Extract the fingerprint of the imported public key
|
||||
REHLDS_LINUX_FINGERPRINT=$(gpg --list-keys --with-colons | grep '^fpr' | head -n 1 | cut -d: -f10)
|
||||
GPG_LINUX_FINGERPRINT=$(gpg --list-keys --with-colons | grep '^fpr' | head -n 1 | cut -d: -f10)
|
||||
|
||||
# Check if the fingerprint was extracted
|
||||
if [[ -z "$REHLDS_LINUX_FINGERPRINT" ]]; then
|
||||
if [[ -z "$GPG_LINUX_FINGERPRINT" ]]; then
|
||||
echo "Error: Failed to extract the fingerprint of the key"
|
||||
exit 3
|
||||
fi
|
||||
|
||||
# Set the trust level for the key
|
||||
echo "$REHLDS_LINUX_FINGERPRINT:6:" | gpg --batch --import-ownertrust
|
||||
echo "$GPG_LINUX_FINGERPRINT:6:" | gpg --batch --import-ownertrust
|
||||
if [ $? -ne 0 ]; then
|
||||
echo "Error: Failed to set trust for the key $REHLDS_LINUX_FINGERPRINT"
|
||||
echo "Error: Failed to set trust for the key $GPG_LINUX_FINGERPRINT"
|
||||
exit 4
|
||||
fi
|
||||
|
||||
echo "Key $REHLDS_LINUX_FINGERPRINT successfully imported and trusted"
|
||||
echo "Key $GPG_LINUX_FINGERPRINT successfully imported and trusted"
|
||||
gpg --list-keys
|
||||
|
||||
#export for global use
|
||||
echo "REHLDS_LINUX_FINGERPRINT=$REHLDS_LINUX_FINGERPRINT" >> $GITHUB_ENV
|
||||
echo "GPG_LINUX_FINGERPRINT=$GPG_LINUX_FINGERPRINT" >> $GITHUB_ENV
|
||||
shell: bash
|
||||
|
||||
- name: Build and Run unittests
|
||||
@ -330,17 +330,17 @@ jobs:
|
||||
run: |
|
||||
|
||||
# new runner, niw signs
|
||||
echo "${{ secrets.REHLDS_PUB_ASC }}" > "${{ secrets.REHLDS_PUB_ASC_FILE }}"
|
||||
echo "${{ secrets.REHLDS_KEY_ASC }}" > "${{ secrets.REHLDS_KEY_ASC_FILE }}"
|
||||
gpg --batch --yes --import "${{ secrets.REHLDS_PUB_ASC_FILE }}"
|
||||
gpg --batch --yes --import "${{ secrets.REHLDS_KEY_ASC_FILE }}"
|
||||
REHLDS_LINUX_FINGERPRINT=$(gpg --list-keys --with-colons | grep '^fpr' | head -n 1 | cut -d: -f10)
|
||||
echo "$REHLDS_LINUX_FINGERPRINT:6:" | gpg --batch --import-ownertrust
|
||||
echo "REHLDS_LINUX_FINGERPRINT=$REHLDS_LINUX_FINGERPRINT" >> $GITHUB_ENV
|
||||
echo "${{ secrets.PUB_ASC }}" > "${{ secrets.PUB_ASC_FILE }}"
|
||||
echo "${{ secrets.KEY_ASC }}" > "${{ secrets.KEY_ASC_FILE }}"
|
||||
gpg --batch --yes --import "${{ secrets.PUB_ASC_FILE }}"
|
||||
gpg --batch --yes --import "${{ secrets.KEY_ASC_FILE }}"
|
||||
GPG_LINUX_FINGERPRINT=$(gpg --list-keys --with-colons | grep '^fpr' | head -n 1 | cut -d: -f10)
|
||||
echo "$GPG_LINUX_FINGERPRINT:6:" | gpg --batch --import-ownertrust
|
||||
echo "GPG_LINUX_FINGERPRINT=$GPG_LINUX_FINGERPRINT" >> $GITHUB_ENV
|
||||
|
||||
sign_file() {
|
||||
local file=$1
|
||||
gpg --batch --yes --detach-sign --armor -u "$REHLDS_LINUX_FINGERPRINT" "$file"
|
||||
gpg --batch --yes --detach-sign --armor -u "$GPG_LINUX_FINGERPRINT" "$file"
|
||||
if [ $? -ne 0 ]; then
|
||||
echo "Error: Failed to sign $file"
|
||||
exit 2
|
||||
|
Loading…
Reference in New Issue
Block a user