diff options
Diffstat (limited to '.github/workflows/builds.yml')
-rw-r--r-- | .github/workflows/builds.yml | 359 |
1 files changed, 359 insertions, 0 deletions
diff --git a/.github/workflows/builds.yml b/.github/workflows/builds.yml new file mode 100644 index 000000000..3f356e1e0 --- /dev/null +++ b/.github/workflows/builds.yml | |||
@@ -0,0 +1,359 @@ | |||
1 | # This workflow will do a clean install of node dependencies, build the source code and run tests across different versions of node | ||
2 | # For more information see: https://help.github.com/actions/language-and-framework-guides/using-nodejs-with-github-actions | ||
3 | |||
4 | # Note: This workflow requires some secrets setup, and set on this repo with the names: | ||
5 | # 'FERDI_PUBLISH_TOKEN' (A GitHub Personal Access Token with appropriate permissions - for publishing the built artifacts) | ||
6 | # 'APPLEID' (The username of your Apple developer account - for notarizing the mac artifacts) | ||
7 | # 'APPLEID_PASSWORD' (An app-specific password - for notarizing the mac artifacts) | ||
8 | # 'CSC_LINK' (The HTTPS link or local path to certificate - for code signing of mac artifacts) | ||
9 | # 'CSC_KEY_PASSWORD' (The password to decrypt the certificate given in CSC_LINK - for code signing of mac artifacts) | ||
10 | # 'WIN_CSC_LINK' (The HTTPS link or local path to certificate - for code signing of windows artifacts) | ||
11 | # 'WIN_CSC_KEY_PASSWORD' (The password to decrypt the certificate given in CSC_LINK - for code signing of windows artifacts) | ||
12 | |||
13 | name: Builds | ||
14 | |||
15 | on: | ||
16 | # Push to any tracked branches | ||
17 | push: | ||
18 | branches: [develop, release, nightly] | ||
19 | # PRs only on develop branch | ||
20 | pull_request: | ||
21 | branches: [develop] | ||
22 | # Manual trigger from the UI | ||
23 | workflow_dispatch: | ||
24 | inputs: | ||
25 | message: | ||
26 | description: 'Message for build' | ||
27 | required: true | ||
28 | schedule: | ||
29 | - cron: '15 0 * * *' # every night at 12:15 am (to allow for dependency builds to complete) | ||
30 | |||
31 | env: | ||
32 | USE_HARD_LINKS: false | ||
33 | # DEBUG: electron-builder | ||
34 | |||
35 | jobs: | ||
36 | check_updates: | ||
37 | runs-on: ubuntu-latest | ||
38 | name: 'Check latest commit: ${{ github.event.inputs.message }}' | ||
39 | outputs: | ||
40 | should_run: ${{ steps.should_run.outputs.should_run }} | ||
41 | steps: | ||
42 | - name: Checkout code along with submodules for the 'nightly' branch if the trigger event is 'scheduled' | ||
43 | uses: actions/checkout@v2 | ||
44 | if: ${{ github.event_name == 'schedule' || (github.event_name == 'workflow_dispatch' && contains(github.event.inputs.message, '[nightly branch]')) }} | ||
45 | with: | ||
46 | ref: nightly | ||
47 | submodules: recursive | ||
48 | fetch-depth: 0 # Note: Needed to be able to pull the 'develop' branch as well for merging | ||
49 | # ssh-key: ${{ secrets.FERDI_PUBLISH_TOKEN }} | ||
50 | - name: Use Node.js 16.13.0 | ||
51 | uses: actions/setup-node@v2 | ||
52 | if: ${{ github.event_name == 'schedule' || (github.event_name == 'workflow_dispatch' && contains(github.event.inputs.message, '[nightly branch]')) }} | ||
53 | with: | ||
54 | node-version: 16.13.0 | ||
55 | - id: should_run | ||
56 | name: Check whether there are any commits since this run was last triggered and push them and/or set the output | ||
57 | if: ${{ github.event_name == 'schedule' || (github.event_name == 'workflow_dispatch' && contains(github.event.inputs.message, '[nightly branch]')) }} | ||
58 | run: | | ||
59 | git config user.name github-actions | ||
60 | git config user.email github-actions@github.com | ||
61 | |||
62 | CHANGES_COUNT=$(git diff --shortstat origin/develop | wc -l) | ||
63 | MANUAL_REBUILD="${{ github.event_name == 'workflow_dispatch' }}" | ||
64 | VERSION_BUMP="${{ contains(github.event.inputs.message, '[version bump]') }}" | ||
65 | if [ $CHANGES_COUNT -gt 0 ] || [[ $MANUAL_REBUILD == "true" && $VERSION_BUMP == "true" ]]; then | ||
66 | # Do the version bump in the 'develop' branch ONLY if | ||
67 | # there were other changes coming from the 'develop' branch (or) | ||
68 | # this is a manual trigger with the key-phrase | ||
69 | git checkout develop | ||
70 | TAG_NAME=$(npm version -m "%s [skip ci]" prerelease --preid=nightly) | ||
71 | git commit --all --amend --no-edit --no-verify | ||
72 | git push origin develop --no-verify | ||
73 | git tag -f $TAG_NAME | ||
74 | git push origin --tags --no-verify | ||
75 | # Also tag the submodule so as to help identify which changes went into which nightly release | ||
76 | # TODO: Not working due to cross-repo access issues by the github-action bot | ||
77 | # git -C recipes tag -f $TAG_NAME | ||
78 | # git -C recipes push origin --tags --no-verify | ||
79 | |||
80 | git checkout nightly | ||
81 | fi | ||
82 | |||
83 | echo "Merge with fast-forward from 'origin/develop'" | ||
84 | git merge --ff-only origin/develop --no-verify | ||
85 | |||
86 | echo "Number of changes: $CHANGES_COUNT" | ||
87 | if [ $CHANGES_COUNT -eq 0 ] && [ $MANUAL_REBUILD != "true" ]; then | ||
88 | echo "No changes found - terminating the build" | ||
89 | echo "::set-output name=should_run::false" | ||
90 | else # changes > 0 (or) MANUAL_REBUILD=true | ||
91 | echo "Pushing rebased commits" | ||
92 | git push origin $(git rev-parse --abbrev-ref HEAD) --no-verify | ||
93 | fi | ||
94 | |||
95 | build_mac: | ||
96 | name: 'macos ${{ github.event.inputs.message }}' | ||
97 | needs: check_updates | ||
98 | if: ${{ (needs.check_updates.outputs.should_run != 'false') && (github.event_name != 'workflow_dispatch' || (github.event_name == 'workflow_dispatch' && (contains(github.event.inputs.message, '[macOS]') || (!contains(github.event.inputs.message, '[macOS]') && !contains(github.event.inputs.message, '[Linux]') && !contains(github.event.inputs.message, '[Windows]'))))) }} | ||
99 | runs-on: macos-latest | ||
100 | steps: | ||
101 | - name: Set env vars | ||
102 | run: | | ||
103 | echo "NPM_CACHE=$HOME/.npm" >> $GITHUB_ENV | ||
104 | echo "PNPM_CACHE=$HOME/.pnpm-store" >> $GITHUB_ENV | ||
105 | echo "ELECTRON_CACHE=$HOME/.cache/electron" >> $GITHUB_ENV | ||
106 | echo "ELECTRON_BUILDER_CACHE=$HOME/.cache/electron-builder" >> $GITHUB_ENV | ||
107 | echo "MANUAL_REBUILD_ON_NIGHTLY=${{ github.event_name == 'workflow_dispatch' && contains(github.event.inputs.message, '[nightly branch]') }}" >> $GITHUB_ENV | ||
108 | echo "SKIP_NOTARIZATION=${{ !contains(github.repository_owner, 'getferdi') }}" >> $GITHUB_ENV | ||
109 | - name: Checkout code along with submodules for the 'nightly' branch if the trigger event is 'scheduled' or this is a forced rebuild on the nightly branch | ||
110 | uses: actions/checkout@v2 | ||
111 | if: ${{ github.event_name == 'schedule' || env.MANUAL_REBUILD_ON_NIGHTLY == 'true' }} | ||
112 | with: | ||
113 | submodules: recursive | ||
114 | ref: nightly | ||
115 | - name: Checkout code along with submodules for any branch if the trigger event is NOT 'scheduled' and this is NOT a forced rebuild on the nightly branch | ||
116 | uses: actions/checkout@v2 | ||
117 | if: ${{ github.event_name != 'schedule' && env.MANUAL_REBUILD_ON_NIGHTLY != 'true' }} | ||
118 | with: | ||
119 | submodules: recursive | ||
120 | - name: Extract Git branch name from the currently checked out branch (not from the branch where this run was kicked off) | ||
121 | run: echo "GIT_BRANCH_NAME=$(git rev-parse --abbrev-ref HEAD)" >> $GITHUB_ENV | ||
122 | shell: bash | ||
123 | - name: Cache electron modules | ||
124 | uses: actions/cache@v2 | ||
125 | env: | ||
126 | cache-name: cache-electron-modules | ||
127 | with: | ||
128 | key: ${{ runner.os }}-${{ env.cache-name }} | ||
129 | path: ${{ env.ELECTRON_CACHE }} | ||
130 | - name: Cache electron-builder modules | ||
131 | uses: actions/cache@v2 | ||
132 | env: | ||
133 | cache-name: cache-electron-builder-modules | ||
134 | with: | ||
135 | key: ${{ runner.os }}-${{ env.cache-name }} | ||
136 | path: ${{ env.ELECTRON_BUILDER_CACHE }} | ||
137 | - name: Use Node.js 16.13.0 | ||
138 | uses: actions/setup-node@v2 | ||
139 | with: | ||
140 | node-version: 16.13.0 | ||
141 | - name: Install pnpm | ||
142 | uses: pnpm/action-setup@v2.0.1 | ||
143 | with: | ||
144 | version: 6.23.6 | ||
145 | - name: Install node dependencies | ||
146 | run: npm i | ||
147 | - name: Package recipes | ||
148 | run: pnpm i && pnpm run package | ||
149 | working-directory: ./recipes | ||
150 | - name: Run linter and tests | ||
151 | run: npm run lint && npm run test | ||
152 | - name: Build Ferdi without publish for any branch not 'nightly' and not 'release' | ||
153 | if: ${{ env.GIT_BRANCH_NAME != 'nightly' && env.GIT_BRANCH_NAME != 'release' }} | ||
154 | run: npm run build -- --publish never | ||
155 | shell: bash | ||
156 | - name: Build Ferdi with publish for 'nightly' branch | ||
157 | if: ${{ env.GIT_BRANCH_NAME == 'nightly' }} | ||
158 | run: npm run build -- --publish always -c.publish.provider=github -c.publish.owner=${{ github.repository_owner }} | ||
159 | shell: bash | ||
160 | env: | ||
161 | GH_TOKEN: ${{ secrets.FERDI_PUBLISH_TOKEN }} | ||
162 | APPLEID: ${{ secrets.APPLEID }} | ||
163 | APPLEID_PASSWORD: ${{ secrets.APPLEID_PASSWORD }} | ||
164 | CSC_LINK: ${{ secrets.CSC_LINK }} | ||
165 | CSC_KEY_PASSWORD: ${{ secrets.CSC_KEY_PASSWORD }} | ||
166 | - name: Build Ferdi with publish for 'release' branch | ||
167 | if: ${{ env.GIT_BRANCH_NAME == 'release' }} | ||
168 | run: npm run build -- --publish always -c.publish.provider=github -c.publish.owner=${{ github.repository_owner }} -c.publish.repo=ferdi | ||
169 | shell: bash | ||
170 | env: | ||
171 | GH_TOKEN: ${{ secrets.FERDI_PUBLISH_TOKEN }} | ||
172 | APPLEID: ${{ secrets.APPLEID }} | ||
173 | APPLEID_PASSWORD: ${{ secrets.APPLEID_PASSWORD }} | ||
174 | CSC_LINK: ${{ secrets.CSC_LINK }} | ||
175 | CSC_KEY_PASSWORD: ${{ secrets.CSC_KEY_PASSWORD }} | ||
176 | |||
177 | build_linux: | ||
178 | name: 'ubuntu ${{ github.event.inputs.message }}' | ||
179 | needs: check_updates | ||
180 | if: ${{ (needs.check_updates.outputs.should_run != 'false') && (github.event_name != 'workflow_dispatch' || (github.event_name == 'workflow_dispatch' && (contains(github.event.inputs.message, '[Linux]') || (!contains(github.event.inputs.message, '[macOS]') && !contains(github.event.inputs.message, '[Linux]') && !contains(github.event.inputs.message, '[Windows]'))))) }} | ||
181 | runs-on: ubuntu-20.04 | ||
182 | steps: | ||
183 | - name: Set env vars | ||
184 | run: | | ||
185 | echo "NPM_CACHE=$HOME/.npm" >> $GITHUB_ENV | ||
186 | echo "PNPM_CACHE=$HOME/.pnpm-store" >> $GITHUB_ENV | ||
187 | echo "ELECTRON_CACHE=$HOME/.cache/electron" >> $GITHUB_ENV | ||
188 | echo "ELECTRON_BUILDER_CACHE=$HOME/.cache/electron-builder" >> $GITHUB_ENV | ||
189 | echo "MANUAL_REBUILD_ON_NIGHTLY=${{ github.event_name == 'workflow_dispatch' && contains(github.event.inputs.message, '[nightly branch]') }}" >> $GITHUB_ENV | ||
190 | echo "SKIP_NOTARIZATION=${{ !contains(github.repository_owner, 'getferdi') }}" >> $GITHUB_ENV | ||
191 | - name: Checkout code along with submodules for the 'nightly' branch if the trigger event is 'scheduled' or this is a forced rebuild on the nightly branch | ||
192 | uses: actions/checkout@v2 | ||
193 | if: ${{ github.event_name == 'schedule' || env.MANUAL_REBUILD_ON_NIGHTLY == 'true' }} | ||
194 | with: | ||
195 | submodules: recursive | ||
196 | ref: nightly | ||
197 | - name: Checkout code along with submodules for any branch if the trigger event is NOT 'scheduled' and this is NOT a forced rebuild on the nightly branch | ||
198 | uses: actions/checkout@v2 | ||
199 | if: ${{ github.event_name != 'schedule' && env.MANUAL_REBUILD_ON_NIGHTLY != 'true' }} | ||
200 | with: | ||
201 | submodules: recursive | ||
202 | - name: Extract Git branch name from the currently checked out branch (not from the branch where this run was kicked off) | ||
203 | run: echo "GIT_BRANCH_NAME=$(git rev-parse --abbrev-ref HEAD)" >> $GITHUB_ENV | ||
204 | shell: bash | ||
205 | - name: Cache electron modules | ||
206 | uses: actions/cache@v2 | ||
207 | env: | ||
208 | cache-name: cache-electron-modules | ||
209 | with: | ||
210 | key: ${{ runner.os }}-${{ env.cache-name }} | ||
211 | path: ${{ env.ELECTRON_CACHE }} | ||
212 | - name: Cache electron-builder modules | ||
213 | uses: actions/cache@v2 | ||
214 | env: | ||
215 | cache-name: cache-electron-builder-modules | ||
216 | with: | ||
217 | key: ${{ runner.os }}-${{ env.cache-name }} | ||
218 | path: ${{ env.ELECTRON_BUILDER_CACHE }} | ||
219 | - name: Use Node.js 16.13.0 | ||
220 | uses: actions/setup-node@v2 | ||
221 | with: | ||
222 | node-version: 16.13.0 | ||
223 | - name: Install pnpm | ||
224 | uses: pnpm/action-setup@v2.0.1 | ||
225 | with: | ||
226 | version: 6.23.6 | ||
227 | - name: Install node dependencies | ||
228 | run: npm i | ||
229 | - name: Figure out used package.json version | ||
230 | run: echo "PACKAGE_VERSION=$(node -p 'require("./package.json").version')" >> $GITHUB_ENV | ||
231 | shell: bash | ||
232 | - name: Package recipes | ||
233 | run: pnpm i && pnpm run package | ||
234 | working-directory: ./recipes | ||
235 | - name: Run linter and tests | ||
236 | run: npm run lint && npm run test | ||
237 | - name: Build Ferdi without publish for any branch not 'nightly' and not 'release' | ||
238 | if: ${{ env.GIT_BRANCH_NAME != 'nightly' && env.GIT_BRANCH_NAME != 'release' }} | ||
239 | run: npm run build -- --publish never | ||
240 | shell: bash | ||
241 | - name: Build Ferdi with publish for 'nightly' branch | ||
242 | if: ${{ env.GIT_BRANCH_NAME == 'nightly' }} | ||
243 | env: | ||
244 | GH_TOKEN: ${{ secrets.FERDI_PUBLISH_TOKEN }} | ||
245 | CSC_IDENTITY_AUTO_DISCOVERY: false | ||
246 | SNAPCRAFT_LOGIN: ${{ secrets.SNAPCRAFT_LOGIN }} | ||
247 | run: | | ||
248 | sudo snap install snapcraft --classic | ||
249 | echo "$SNAPCRAFT_LOGIN" | snapcraft login --with - | ||
250 | npm run build -- --publish always -c.publish.provider=github -c.publish.owner=${{ github.repository_owner }} -c.snap.publish.provider=snapStore -c.snap.publish.repo=nightlies -c.snap.publish.channels=edge | ||
251 | snapcraft logout | ||
252 | shell: bash | ||
253 | - name: Build Ferdi with publish for 'release' beta branch | ||
254 | if: ${{ env.GIT_BRANCH_NAME == 'release' && contains(env.PACKAGE_VERSION, 'beta') }} | ||
255 | env: | ||
256 | GH_TOKEN: ${{ secrets.FERDI_PUBLISH_TOKEN }} | ||
257 | CSC_IDENTITY_AUTO_DISCOVERY: false | ||
258 | SNAPCRAFT_LOGIN: ${{ secrets.SNAPCRAFT_LOGIN }} | ||
259 | run: | | ||
260 | sudo snap install snapcraft --classic | ||
261 | echo "$SNAPCRAFT_LOGIN" | snapcraft login --with - | ||
262 | npm run build -- --publish always -c.publish.provider=github -c.publish.owner=${{ github.repository_owner }} -c.publish.repo=ferdi -c.snap.publish.provider=snapStore -c.snap.publish.repo=ferdi -c.snap.publish.channels=beta | ||
263 | snapcraft logout | ||
264 | shell: bash | ||
265 | - name: Build Ferdi with publish for 'release' stable branch | ||
266 | if: ${{ env.GIT_BRANCH_NAME == 'release' && !contains(env.PACKAGE_VERSION, 'beta') }} | ||
267 | env: | ||
268 | GH_TOKEN: ${{ secrets.FERDI_PUBLISH_TOKEN }} | ||
269 | CSC_IDENTITY_AUTO_DISCOVERY: false | ||
270 | SNAPCRAFT_LOGIN: ${{ secrets.SNAPCRAFT_LOGIN }} | ||
271 | run: | | ||
272 | sudo snap install snapcraft --classic | ||
273 | echo "$SNAPCRAFT_LOGIN" | snapcraft login --with - | ||
274 | npm run build -- --publish always -c.publish.provider=github -c.publish.owner=${{ github.repository_owner }} -c.publish.repo=ferdi -c.snap.publish.provider=snapStore -c.snap.publish.repo=ferdi -c.snap.publish.channels=stable | ||
275 | snapcraft logout | ||
276 | shell: bash | ||
277 | |||
278 | build_windows: | ||
279 | name: 'windows ${{ github.event.inputs.message }}' | ||
280 | needs: check_updates | ||
281 | if: ${{ (needs.check_updates.outputs.should_run != 'false') && (github.event_name != 'workflow_dispatch' || (github.event_name == 'workflow_dispatch' && (contains(github.event.inputs.message, '[Windows]') || (!contains(github.event.inputs.message, '[macOS]') && !contains(github.event.inputs.message, '[Linux]') && !contains(github.event.inputs.message, '[Windows]'))))) }} | ||
282 | runs-on: windows-latest | ||
283 | steps: | ||
284 | - name: Set env vars | ||
285 | run: | | ||
286 | echo "HOME=$USERPROFILE" >> $GITHUB_ENV | ||
287 | echo "NPM_CACHE=$USERPROFILE\.npm" >> $GITHUB_ENV | ||
288 | echo "PNPM_CACHE=$USERPROFILE\.pnpm-store" >> $GITHUB_ENV | ||
289 | echo "ELECTRON_CACHE=$USERPROFILE\.cache\electron" >> $GITHUB_ENV | ||
290 | echo "ELECTRON_BUILDER_CACHE=$USERPROFILE\.cache\electron-builder" >> $GITHUB_ENV | ||
291 | echo "MANUAL_REBUILD_ON_NIGHTLY=${{ github.event_name == 'workflow_dispatch' && contains(github.event.inputs.message, '[nightly branch]') }}" >> $GITHUB_ENV | ||
292 | echo "SKIP_NOTARIZATION=${{ !contains(github.repository_owner, 'getferdi') }}" >> $GITHUB_ENV | ||
293 | shell: bash | ||
294 | - name: Checkout code along with submodules for the 'nightly' branch if the trigger event is 'scheduled' or this is a forced rebuild on the nightly branch | ||
295 | uses: actions/checkout@v2 | ||
296 | if: ${{ github.event_name == 'schedule' || env.MANUAL_REBUILD_ON_NIGHTLY == 'true' }} | ||
297 | with: | ||
298 | submodules: recursive | ||
299 | ref: nightly | ||
300 | - name: Checkout code along with submodules for any branch if the trigger event is NOT 'scheduled' and this is NOT a forced rebuild on the nightly branch | ||
301 | uses: actions/checkout@v2 | ||
302 | if: ${{ github.event_name != 'schedule' && env.MANUAL_REBUILD_ON_NIGHTLY != 'true' }} | ||
303 | with: | ||
304 | submodules: recursive | ||
305 | - name: Extract Git branch name from the currently checked out branch (not from the branch where this run was kicked off) | ||
306 | run: echo "GIT_BRANCH_NAME=$(git rev-parse --abbrev-ref HEAD)" >> $GITHUB_ENV | ||
307 | shell: bash | ||
308 | - name: Cache electron modules | ||
309 | uses: actions/cache@v2 | ||
310 | env: | ||
311 | cache-name: cache-electron-modules | ||
312 | with: | ||
313 | key: ${{ runner.os }}-${{ env.cache-name }} | ||
314 | path: ${{ env.ELECTRON_CACHE }} | ||
315 | - name: Cache electron-builder modules | ||
316 | uses: actions/cache@v2 | ||
317 | env: | ||
318 | cache-name: cache-electron-builder-modules | ||
319 | with: | ||
320 | key: ${{ runner.os }}-${{ env.cache-name }} | ||
321 | path: ${{ env.ELECTRON_BUILDER_CACHE }} | ||
322 | - name: Use Node.js 16.13.0 | ||
323 | uses: actions/setup-node@v2 | ||
324 | with: | ||
325 | node-version: 16.13.0 | ||
326 | - name: Install pnpm | ||
327 | uses: pnpm/action-setup@v2.0.1 | ||
328 | with: | ||
329 | version: 6.23.6 | ||
330 | - name: Install node dependencies | ||
331 | run: npm i | ||
332 | shell: bash | ||
333 | - name: Package recipes | ||
334 | run: pnpm i && pnpm run package | ||
335 | working-directory: ./recipes | ||
336 | shell: bash | ||
337 | - name: Run linter and tests | ||
338 | run: npm run lint && npm run test | ||
339 | shell: bash | ||
340 | - name: Build Ferdi without publish for any branch not 'nightly' and not 'release' | ||
341 | if: ${{ env.GIT_BRANCH_NAME != 'nightly' && env.GIT_BRANCH_NAME != 'release' }} | ||
342 | run: npm run build -- --publish never | ||
343 | shell: bash | ||
344 | - name: Build Ferdi with publish for 'nightly' branch | ||
345 | if: ${{ env.GIT_BRANCH_NAME == 'nightly' }} | ||
346 | run: npm run build -- --publish always -c.publish.provider=github -c.publish.owner=${{ github.repository_owner }} | ||
347 | shell: bash | ||
348 | env: | ||
349 | GH_TOKEN: ${{ secrets.FERDI_PUBLISH_TOKEN }} | ||
350 | WIN_CSC_LINK: ${{ secrets.WIN_CSC_LINK }} | ||
351 | WIN_CSC_KEY_PASSWORD: ${{ secrets.WIN_CSC_KEY_PASSWORD }} | ||
352 | - name: Build Ferdi with publish for 'release' branch | ||
353 | if: ${{ env.GIT_BRANCH_NAME == 'release' }} | ||
354 | run: npm run build -- --publish always -c.publish.provider=github -c.publish.owner=${{ github.repository_owner }} -c.publish.repo=ferdi | ||
355 | shell: bash | ||
356 | env: | ||
357 | GH_TOKEN: ${{ secrets.FERDI_PUBLISH_TOKEN }} | ||
358 | WIN_CSC_LINK: ${{ secrets.WIN_CSC_LINK }} | ||
359 | WIN_CSC_KEY_PASSWORD: ${{ secrets.WIN_CSC_KEY_PASSWORD }} | ||