PIV: Add support for RSA 2048 private key import #324
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright Nitrokey GmbH | |
| # SPDX-License-Identifier: Apache-2.0 OR MIT | |
| name: Continuous delivery - Windows | |
| on: | |
| pull_request: | |
| push: | |
| branches: [master] | |
| release: | |
| types: [published] | |
| workflow_dispatch: | |
| env: | |
| PYTHON_VERSION: "3.10" | |
| jobs: | |
| version-check: | |
| name: Check versioning | |
| runs-on: windows-latest | |
| if: github.event_name == 'release' | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Install poetry | |
| run: choco install poetry --source python | |
| - name: Check version tag format | |
| run: | | |
| $VERSION_TAG="${{ github.event.release.tag_name }}" | |
| if ($VERSION_TAG -match "^v[0-9]+.[0-9]+.[0-9]+(-(rc|post)\.[1-9])?$") {exit 0} else {exit 1} | |
| - name: Check if version tag and package version are equal | |
| run: | | |
| $VERSION_TAG="${{ github.event.release.tag_name }}" | |
| $VERSION_FILE=poetry version --short | |
| if ($VERSION_TAG.Substring(1) -eq $VERSION_FILE) {exit 0} else {exit 1} | |
| build-onedir: | |
| name: Build onedir | |
| runs-on: windows-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Set up Python ${{ env.PYTHON_VERSION }} | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| - name: Install poetry | |
| run: choco install poetry --source python | |
| - name: Create virtual environment | |
| run: poetry sync --all-extras --with pyinstaller | |
| - name: Create Windows version info file | |
| run: | | |
| poetry run create-version-file ` | |
| --outfile .\ci-scripts\windows\pyinstaller\file_version_info.txt ` | |
| --version "$(poetry version --short)" ` | |
| .\ci-scripts\windows\pyinstaller\file_version_info_metadata.yaml | |
| - name: Build onedir | |
| run: poetry run pyinstaller -- ci-scripts/pyinstaller.spec -- --mode onedir --platform windows | |
| - name: Test onedir | |
| run: | | |
| dist/nitropy/nitropy.exe --help | |
| dist/nitropy/nitropy.exe version | |
| dist/nitropy/nitropy.exe nethsm --host nethsmdemo.nitrokey.com state | |
| dist/nitropy/nitropy.exe list | |
| - name: Upload artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: pynitrokey-onedir | |
| path: dist/nitropy | |
| build-onefile: | |
| name: Build onefile | |
| runs-on: windows-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Set up Python ${{ env.PYTHON_VERSION }} | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| - name: Install poetry | |
| run: choco install poetry --source python | |
| - name: Create virtual environment | |
| run: poetry sync --all-extras --with pyinstaller | |
| - name: Create Windows version info file | |
| run: | | |
| poetry run create-version-file ` | |
| --outfile .\ci-scripts\windows\pyinstaller\file_version_info.txt ` | |
| --version "$(poetry version --short)" ` | |
| .\ci-scripts\windows\pyinstaller\file_version_info_metadata.yaml | |
| - name: Build onefile | |
| run: poetry run pyinstaller -- ci-scripts/pyinstaller.spec -- --mode onefile --platform windows | |
| - name: Test onefile | |
| run: | | |
| dist/nitropy.exe --help | |
| dist/nitropy.exe version | |
| dist/nitropy.exe nethsm --host nethsmdemo.nitrokey.com state | |
| dist/nitropy.exe list | |
| - name: Upload artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: pynitrokey-onefile | |
| path: dist/nitropy.exe | |
| build-msi-installer: | |
| name: Build MSI installer | |
| runs-on: windows-latest | |
| needs: build-onedir | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Download artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: pynitrokey-onedir | |
| path: dist/nitropy | |
| - name: Create sources file | |
| run: | | |
| $Env:Path += ";" + "$Env:WIX" + "bin" | |
| heat ` | |
| dir .\dist\nitropy\ ` | |
| -dr INSTALLFOLDER ` | |
| -ag ` | |
| -cg ApplicationFilesDynamic ` | |
| -ke ` | |
| -srd -sfrag -suid -sreg ` | |
| -nologo ` | |
| -pog:Binaries ` | |
| -pog:Documents ` | |
| -pog:Satellites ` | |
| -pog:Sources ` | |
| -pog:Content ` | |
| -o Sources.wxs | |
| - name: Build object files | |
| run: | | |
| $Env:Path += ";" + "$Env:WIX" + "bin" | |
| candle .\ci-scripts\windows\wix\Product.wxs -o Product.wixobj | |
| candle .\Sources.wxs -o .\Sources.wixobj | |
| - name: Build installer package | |
| run: | | |
| $Env:Path += ";" + "$Env:WIX" + "bin" | |
| light ` | |
| -b .\dist\nitropy\ ` | |
| -sice:ICE80 ` | |
| .\Product.wixobj ` | |
| .\Sources.wixobj ` | |
| -o nitropy.msi | |
| - name: Upload artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: nitropy-installer | |
| path: nitropy.msi | |
| publish-binary: | |
| name: Publish binary | |
| runs-on: windows-latest | |
| needs: [build-onefile, version-check] | |
| if: github.event_name == 'release' | |
| permissions: | |
| contents: write | |
| steps: | |
| - name: Download artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: pynitrokey-onefile | |
| - name: Rename binary | |
| run: | | |
| mv ` | |
| nitropy.exe ` | |
| nitropy-${{ github.event.release.tag_name }}-x64-windows-binary.exe | |
| - name: Create archive | |
| run: | | |
| 7z a -tzip -mx9 ` | |
| nitropy-${{ github.event.release.tag_name }}-x64-windows-binary.zip ` | |
| nitropy-${{ github.event.release.tag_name }}-x64-windows-binary.exe | |
| - name: Publish release | |
| uses: softprops/action-gh-release@v2 | |
| with: | |
| files: nitropy-${{ github.event.release.tag_name }}-x64-windows-binary.zip | |
| publish-msi-installer: | |
| name: Publish MSI installer | |
| runs-on: windows-latest | |
| needs: [build-msi-installer, version-check] | |
| if: github.event_name == 'release' | |
| permissions: | |
| contents: write | |
| steps: | |
| - name: Download artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: nitropy-installer | |
| - name: Rename installer | |
| run: | | |
| mv ` | |
| nitropy.msi ` | |
| nitropy-${{ github.event.release.tag_name }}-x64-windows-installer.msi | |
| - name: Publish release | |
| uses: softprops/action-gh-release@v2 | |
| with: | |
| files: nitropy-${{ github.event.release.tag_name }}-x64-windows-installer.msi |