131 lines
5.5 KiB
YAML
131 lines
5.5 KiB
YAML
name: Build & Release IntuneWin package
|
|
|
|
on:
|
|
push:
|
|
paths:
|
|
- 'apps/**'
|
|
- 'scripts/Build-And-UpdateReadme.ps1'
|
|
- '.github/workflows/build-packages.yml'
|
|
workflow_dispatch:
|
|
|
|
jobs:
|
|
build:
|
|
runs-on: windows-latest
|
|
defaults:
|
|
run:
|
|
shell: pwsh
|
|
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Zoek gewijzigde apps
|
|
id: appdir
|
|
run: |
|
|
$diff = git diff --name-only ${{ github.sha }} ${{ github.sha }}~1
|
|
$apps = $diff | Select-String '^apps/([^/]+)/' | ForEach-Object { $_.Matches.Groups[1].Value } | Sort-Object -Unique
|
|
if (-not $apps) { Write-Error "Geen wijziging in apps gedetecteerd"; exit 1 }
|
|
"appname=$($apps[0])" | Out-File -Append $env:GITHUB_ENV
|
|
shell: pwsh
|
|
|
|
- name: Build intunewin package + update README.md
|
|
id: build
|
|
run: |
|
|
$appdir = "apps/${{ steps.appdir.outputs.appname }}"
|
|
$result = .\scripts\Build-And-UpdateReadme.ps1 -AppPath $appdir -BuildIntuneWin
|
|
$outlines = ($result | Out-String) -split "`n"
|
|
foreach ($line in $outLines) {
|
|
if ($line -like "*::set-output*") {
|
|
$parts = $line -replace "::set-output name=", "" -split "::"
|
|
Write-Host "$($parts[0])=$($parts[1])"
|
|
"::set-output name=$($parts[0])::$($parts[1])"
|
|
}
|
|
}
|
|
|
|
- name: Create or update GitHub release
|
|
id: create_release
|
|
uses: softprops/action-gh-release@v2
|
|
with:
|
|
tag_name: '${{ steps.appdir.outputs.appname }}-v${{ steps.build.outputs.app_version }}'
|
|
name: '${{ steps.appdir.outputs.appname }} v${{ steps.build.outputs.app_version }}'
|
|
draft: false
|
|
prerelease: false
|
|
files: apps/${{ steps.appdir.outputs.appname }}/build/*.intunewin
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
- name: Update README.md met definitieve downloadlink
|
|
run: |
|
|
$appdir = "apps/${{ steps.appdir.outputs.appname }}"
|
|
$ver = "${{ steps.build.outputs.app_version }}"
|
|
$release_url = "https://github.com/${{ github.repository }}/releases/download/${{ steps.appdir.outputs.appname }}-v$ver/${{ steps.build.outputs.package_name }}"
|
|
# Lees bestaande REAMDE in, vervang de downloadregel
|
|
$readme = Get-Content "$appdir/README.md" -Raw
|
|
pattern = "(?ms)(\*\*Laatste intunewin package:\*\* ).*?(\r?\n)"
|
|
$newreadme = [regex]::Replace($readme, $pattern, "`$1`$release_url`$2")
|
|
Set-Content "$appdir/README.md" $newreadme -Encoding UTF8
|
|
|
|
- name: Commit en push gewijzigde README.md (indien aangepast)
|
|
run: |
|
|
git config user.name "github-actions[bot]"
|
|
git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
|
|
git add apps/${{ steps.appdir.outputs.appname }}/README.md
|
|
git diff --cached --quiet || git commit -m "README.md: update downloadlink na release [skip ci]"
|
|
git push
|
|
|
|
# Later te testen, momenteel niet in gebruik: Push naar intune omgeving
|
|
|
|
# - name: Install IntuneWin32App module
|
|
# run: |
|
|
# Install-Module IntuneWin32App -Scope CurrentUser -Force -AllowClobber
|
|
|
|
# - name: Deploy naar intune win32-app
|
|
# env:
|
|
# CLIENT_ID: ${{ secrets.INTUNE_CLIENT_ID }}
|
|
# TENANT_ID: ${{ secrets.INTUNE_TENANT_ID }}
|
|
# CLIENT_SECRET: ${{ secrets.INTUNE_CLIENT_SECRET }}
|
|
# run: |
|
|
# $ErrorActionPreference = "Stop"
|
|
# $appdir = "apps/${{ steps.appdir.outputs.appname }}"
|
|
# $metaPath = "$appdir/app-meta.json"
|
|
# $meta = Get-Content $metaPath | ConvertFrom-Json
|
|
|
|
# $iconPath = if ($meta.icon) { Join-Path $appdir $meta.icon } else { $null }
|
|
# if ($iconPath -and -not (Test-Path $iconPath)) { $iconPath = $null }
|
|
|
|
# # Authenticatie
|
|
# Import-Module IntuneWin32App
|
|
# $secureSecret = ConvertTo-SecureString $env:CLIENT_SECRET -AsPlainText -Force
|
|
# $creds = New-Object System.Management.Automation.PSCredential($env:CLIENT_ID, $secureSecret)
|
|
# Connect-MSGraph -ClientId $env:CLIENT_ID -TenantId $env:TENANT_ID -ClientSecret $env:CLIENT_SECRET
|
|
|
|
# # Build detectie block
|
|
# $detection = $meta.detection
|
|
# $detectionRule = $null
|
|
# if ($null -ne $detection -and $detection.type -eq 'File') {
|
|
# $filePath = Split-Path $detection.path
|
|
# $fileName = Split-Path $detection.path -Leaf
|
|
# $detectionRule = @{
|
|
# DetectionType = "File"
|
|
# Path = $filePath
|
|
# FileOrFolder = $fileName
|
|
# DetectionMethod = "Exists"
|
|
# }
|
|
# }
|
|
# # Add more logic here if you want to support other detection types (Registry, etc.)
|
|
|
|
# # Deploy Win32 app
|
|
# $package = Get-ChildItem "$appdir/build" -Filter *.intunewin | Sort-Object LastWriteTime -Descending | Select-Object -First 1
|
|
|
|
# Add-IntuneWin32App `
|
|
# -FilePath $package.FullName `
|
|
# -DisplayName $meta.displayName `
|
|
# -Description $meta.description `
|
|
# -Publisher $meta.publisher `
|
|
# -InstallCommandLine ("powershell.exe -ExecutionPolicy Bypass -File " + $meta.installScript) `
|
|
# -UninstallCommandLine $meta.uninstallCommand `
|
|
# -DetectionRule $detectionRule `
|
|
# -Icon $iconPath `
|
|
# -Force
|
|
|
|
# Disconnect-MSIntuneGraph |