This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Chocolatey Deploy | |
| # This GH action will push a okta-aws-cli build to chocolatey.org when a | |
| # okta-aws-cli GH release is completed. | |
| # | |
| # inspired by https://github.com/rcmaehl/MSEdgeRedirect thank you rcmaehl 🙏🙏🙏 | |
| on: | |
| release: | |
| types: | |
| - published | |
| # TODO: remove push, using this to debug in the feature branch | |
| push: | |
| branches: | |
| - chocolatey-gh-action | |
| tags: | |
| - 'test-*' | |
| defaults: | |
| run: | |
| shell: bash | |
| jobs: | |
| chocolatey: | |
| runs-on: windows-latest | |
| steps: | |
| - | |
| name: Checkout | |
| uses: actions/checkout@v4 | |
| - | |
| name: Unshallow | |
| run: git fetch --prune --unshallow | |
| - | |
| name: Get latest release tag | |
| uses: oprypin/find-latest-tag@v1 | |
| with: | |
| repository: ${{ github.repository }} | |
| releases-only: true | |
| id: latesttag | |
| - | |
| name: Set Version | |
| id: version | |
| run: | | |
| gkey="${{ secrets.GPG_PRIVATE_KEY }}" | |
| if [ -z "${gkey}" ]; then | |
| echo "gkey NOT set" | |
| else | |
| echo "gkey IS set" | |
| fi | |
| skey="${{ secrets.SEMGREP_APP_TOKEN }}" | |
| if [ -z "${skey}" ]; then | |
| echo "skey NOT set" | |
| else | |
| echo "skey IS set" | |
| fi | |
| ckey="${{ secrets.CHOCO_API_KEY }}" | |
| if [ -z "${ckey}" ]; then | |
| echo "choco api key NOT set" | |
| else | |
| echo "choco api key IS set" | |
| fi | |
| exit 1 | |
| version=$(echo "${{ steps.latesttag.outputs.tag }}" | grep -oE "[[:digit:]]{1,}\.[[:digit:]]{1,}\.[[:digit:]]{1,}") | |
| echo "nuget=$version" >> $GITHUB_OUTPUT | |
| sed -i "s/{VERSION}/${version}/g" "nuspec/chocolatey/okta-aws-cli.nuspec" | |
| - | |
| name: Set Checksum | |
| run: | | |
| filename="okta-aws-cli_${{ steps.version.outputs.nuget }}_windows_386.zip" | |
| url="https://github.com/${{ github.repository }}/releases/download/${{ steps.latesttag.outputs.tag }}/${filename}" | |
| sed -i "s#{ZIPURL}#${url}#g" "nuspec/chocolatey/tools/chocolateyinstall.ps1" | |
| curl -sSL "${url}" -o "nuspec/chocolatey/${filename}" | |
| sha256=$(cat "nuspec/chocolatey/${filename}" | sha256sum -) | |
| sed -i "s/{SHA256CHECKSUM}/${sha256:0:64}/g" "nuspec/chocolatey/tools/chocolateyinstall.ps1" | |
| - | |
| name: Choco Downgrade | |
| uses: crazy-max/ghaction-chocolatey@v3 | |
| with: | |
| args: install chocolatey --version=1.2.1 --allow-downgrade -y -r --no-progress | |
| - | |
| name: Pack Release | |
| uses: crazy-max/ghaction-chocolatey@v3 | |
| with: | |
| args: pack nuspec/chocolatey/okta-aws-cli.nuspec --outputdirectory nuspec/chocolatey | |
| - | |
| name: Choco Upgrade | |
| uses: crazy-max/ghaction-chocolatey@v3 | |
| with: | |
| args: upgrade chocolatey | |
| - | |
| name: Upload Release | |
| uses: crazy-max/ghaction-chocolatey@v3 | |
| with: | |
| args: push nuspec/chocolatey/okta-aws-cli.${{ steps.version.outputs.nuget }}.nupkg -s https://push.chocolatey.org/ -k ${{ secrets.CHOCO_API_KEY }} |