Files @ r28519:990ea5120e84
Branch filter:

Location: cpp/openttd-patchpack/source/.github/workflows/release-windows.yml

Patric Stout
Add: monocypher 4.0.2

Monocypher will take care of all our encryption needs; as most
OSes and vcpkg doesn't have it available, we vendor it.
name: Release (Windows)

on:
  workflow_call:
    inputs:
      survey_key:
        required: false
        type: string
        default: ""
      is_tag:
        required: true
        type: string

jobs:
  windows:
    strategy:
      fail-fast: false
      matrix:
        include:
        - arch: x86
          host: x86
        - arch: x64
          host: x64
        - arch: arm64
          host: x64_arm64

    name: Windows (${{ matrix.arch }})

    runs-on: windows-latest

    steps:
    - name: Download source
      uses: actions/download-artifact@v3
      with:
        name: internal-source

    - name: Unpack source
      shell: bash
      run: |
        tar -xf source.tar.gz --strip-components=1

    - name: Install Rust toolchain
      uses: dtolnay/rust-toolchain@stable

    - name: Enable Rust cache
      uses: Swatinem/rust-cache@v2

    - name: Setup vcpkg caching
      uses: actions/github-script@v6
      with:
        script: |
          core.exportVariable('ACTIONS_CACHE_URL', process.env.ACTIONS_CACHE_URL || '');
          core.exportVariable('ACTIONS_RUNTIME_TOKEN', process.env.ACTIONS_RUNTIME_TOKEN || '');
          core.exportVariable('VCPKG_BINARY_SOURCES', 'clear;x-gha,readwrite')

    - name: Install dependencies
      shell: bash
      run: |
        echo "::group::Install choco dependencies"
        choco install pandoc
        echo "::endgroup::"

        echo "::group::Install breakpad dependencies"
        cargo install dump_syms
        echo "::endgroup::"

    - name: Install MSVC problem matcher
      uses: ammaraskar/msvc-problem-matcher@master

    - name: Configure developer command prompt for tools
      uses: ilammy/msvc-dev-cmd@v1
      with:
        arch: x64

    - name: Build tools
      shell: bash
      run: |
        mkdir build-host
        cd build-host

        echo "::group::CMake"
        cmake ${GITHUB_WORKSPACE} \
          -GNinja \
          -DOPTION_TOOLS_ONLY=ON \
          -DCMAKE_BUILD_TYPE=RelWithDebInfo \
          # EOF
        echo "::endgroup::"

        echo "::group::Build"
        cmake --build . --target tools
        echo "::endgroup::"

    - name: Configure developer command prompt for ${{ matrix.arch }}
      uses: ilammy/msvc-dev-cmd@v1
      with:
        arch: ${{ matrix.host }}

    - name: Import code signing certificate
      shell: powershell
      # If this is run on a fork, there may not be a certificate set up - continue in this case
      continue-on-error: true
      run: |
        $tempFile = [System.IO.Path]::GetTempFileName()
        $bytes = [System.Convert]::FromBase64String($env:WINDOWS_CERTIFICATE_P12)
        [IO.File]::WriteAllBytes($tempFile, $bytes)
        $pwd = ConvertTo-SecureString $env:WINDOWS_CERTIFICATE_PASSWORD -AsPlainText -Force
        Import-PfxCertificate -FilePath $tempFile -CertStoreLocation Cert:\CurrentUser\My -Password $pwd
        Remove-Item $tempFile
      env:
        WINDOWS_CERTIFICATE_P12: ${{ secrets.WINDOWS_CERTIFICATE_P12 }}
        WINDOWS_CERTIFICATE_PASSWORD: ${{ secrets.WINDOWS_CERTIFICATE_PASSWORD }}

    - name: Build (with installer)
      if: inputs.is_tag == 'true'
      shell: bash
      run: |
        mkdir build
        cd build

        echo "::group::CMake"
        cmake ${GITHUB_WORKSPACE} \
          -GNinja \
          -DVCPKG_TARGET_TRIPLET=${{ matrix.arch }}-windows-static \
          -DCMAKE_TOOLCHAIN_FILE="c:\vcpkg\scripts\buildsystems\vcpkg.cmake" \
          -DOPTION_USE_NSIS=ON \
          -DHOST_BINARY_DIR=${GITHUB_WORKSPACE}/build-host \
          -DCMAKE_BUILD_TYPE=RelWithDebInfo \
          -DOPTION_SURVEY_KEY=${{ inputs.survey_key }} \
          -DWINDOWS_CERTIFICATE_COMMON_NAME="${WINDOWS_CERTIFICATE_COMMON_NAME}" \
          # EOF
        echo "::endgroup::"

        echo "::group::Build"
        cmake --build . --target openttd
        echo "::endgroup::"
      env:
        WINDOWS_CERTIFICATE_COMMON_NAME: ${{ secrets.WINDOWS_CERTIFICATE_COMMON_NAME }}

    - name: Build (without installer)
      if: inputs.is_tag != 'true'
      shell: bash
      run: |
        mkdir build
        cd build

        echo "::group::CMake"
        cmake ${GITHUB_WORKSPACE} \
          -GNinja \
          -DVCPKG_TARGET_TRIPLET=${{ matrix.arch }}-windows-static \
          -DCMAKE_TOOLCHAIN_FILE="c:\vcpkg\scripts\buildsystems\vcpkg.cmake" \
          -DHOST_BINARY_DIR=${GITHUB_WORKSPACE}/build-host \
          -DCMAKE_BUILD_TYPE=RelWithDebInfo \
          -DOPTION_SURVEY_KEY=${{ inputs.survey_key }} \
          -DWINDOWS_CERTIFICATE_COMMON_NAME="${WINDOWS_CERTIFICATE_COMMON_NAME}" \
          # EOF
        echo "::endgroup::"

        echo "::group::Build"
        cmake --build . --target openttd
        echo "::endgroup::"
      env:
        WINDOWS_CERTIFICATE_COMMON_NAME: ${{ secrets.WINDOWS_CERTIFICATE_COMMON_NAME }}

    - name: Create breakpad symbols
      shell: bash
      run: |
        cd build
        dump_syms openttd.pdb --inlines --store symbols

    - name: Create bundles
      shell: bash
      run: |
        cd ${GITHUB_WORKSPACE}/build
        echo "::group::Run CPack"
        cpack
        echo "::endgroup::"

        echo "::group::Move PDB and exe to symbols"
        PDB_FOLDER=$(find symbols -mindepth 2 -type d)
        cp openttd.pdb ${PDB_FOLDER}/

        EXE_FOLDER=symbols/openttd.exe/$(grep "INFO CODE_ID" symbols/*/*/openttd.sym | cut -d\  -f3)
        mkdir -p ${EXE_FOLDER}
        cp openttd.exe ${EXE_FOLDER}/
        echo "::endgroup::"

        echo "::group::Cleanup"
        # Remove the sha256 files CPack generates; we will do this ourself at
        # the end of this workflow.
        rm -f bundles/*.sha256
        echo "::endgroup::"

    - name: Sign installer
      if: inputs.is_tag == 'true'
      shell: bash
      # If this is run on a fork, there may not be a certificate set up - continue in this case
      continue-on-error: true
      run: |
        cd ${GITHUB_WORKSPACE}/build/bundles
        ../../os/windows/sign.bat *.exe "${WINDOWS_CERTIFICATE_COMMON_NAME}"
      env:
        WINDOWS_CERTIFICATE_COMMON_NAME: ${{ secrets.WINDOWS_CERTIFICATE_COMMON_NAME }}

    - name: Store bundles
      uses: actions/upload-artifact@v3
      with:
        name: openttd-windows-${{ matrix.arch }}
        path: build/bundles
        retention-days: 5

    - name: Store symbols
      uses: actions/upload-artifact@v3
      with:
        name: symbols-windows-${{ matrix.arch }}
        path: build/symbols
        retention-days: 5