name: Releaser on: release: types: [published] jobs: build: name: Build runs-on: windows-latest strategy: matrix: architecture: [x64, x86, arm64] steps: - name: Checkout uses: actions/checkout@v4 - name: Setup Go environment uses: actions/setup-go@v5 with: go-version: '1.24' - name: Setup VS environment shell: powershell run: | echo "$(vswhere.exe -latest -property installationPath)\VC\Auxiliary\Build" >> $env:GITHUB_PATH @" @echo off setlocal enabledelayedexpansion set SRC_DIR=%~1 :safe_copy shift if "%~1"=="" exit /b 0 if "%~2"=="" exit /b 1 set SRC_FILE=%SRC_DIR%\%~1 set DST_FILE=%~2\%~1 if not "%~x1" == ".msi" ( set SRC_FILE_UNSIGNED=!SRC_FILE!.unsigned copy /Y "!SRC_FILE!" "!SRC_FILE_UNSIGNED!" "%SIGNTOOL%" remove /s "!SRC_FILE_UNSIGNED!" || exit /b 1 call :pe_compare "!SRC_FILE_UNSIGNED!" "!DST_FILE!" || ( echo File checksum mismatch: !SRC_FILE! exit /b 1)) copy /Y "!SRC_FILE!" "!DST_FILE!" shift goto :safe_copy :pe_compare python -c "import os;import sys;from ctypes import *;header_sum,checksum1,checksum2=c_ulong(0),c_ulong(0),c_ulong(0);src_size,dst_size=os.path.getsize(sys.argv[1]),os.path.getsize(sys.argv[2]);f=open(sys.argv[1],'r+');f.seek(dst_size,os.SEEK_SET);f.truncate();f.close();assert windll.imagehlp.MapFileAndCheckSumW(sys.argv[1],byref(header_sum),byref(checksum1))==0;assert windll.imagehlp.MapFileAndCheckSumW(sys.argv[2],byref(header_sum),byref(checksum2))==0;assert checksum1.value==checksum2.value" %1 %2 goto :eof "@ | Out-File -Encoding ascii -FilePath safe_copy.bat - name: Setup toolchain shell: cmd run: | curl "https://github.com/mstorsjo/llvm-mingw/releases/download/20250709/llvm-mingw-20250709-msvcrt-x86_64.zip" -o llvm-mingw-20250709-msvcrt-x86_64.zip -L tar -xf llvm-mingw-20250709-msvcrt-x86_64.zip echo %CD%\llvm-mingw-20250709-msvcrt-x86_64\bin>>%GITHUB_PATH% vcvarsall x64 && set WindowsSdkVerBinPath >> %GITHUB_ENV% - name: Build main application shell: cmd run: build.bat -p ${{ matrix.architecture }} - name: Get version info shell: powershell run: | $version = $((Get-Item .\bin\${{ matrix.architecture }}\frpmgr.exe).VersionInfo.ProductVersion) echo "VERSION=$version" >> $env:GITHUB_ENV $signtool = $(cmd /C "vcvarsall x64 && where signtool" | Select-Object -Last 1) echo "SIGNTOOL=$signtool" >> $env:GITHUB_ENV - name: Build custom actions shell: cmd run: installer\build.bat %VERSION% ${{ matrix.architecture }} actions - name: Prepare to upload files shell: cmd run: copy /Y installer\build\${{ matrix.architecture }}\actions.dll bin\${{ matrix.architecture }} - name: Upload unsigned application id: upload-unsigned-application uses: actions/upload-artifact@v4 with: name: frpmgr-${{ env.VERSION }}-main-${{ matrix.architecture }}-unsigned path: | bin/${{ matrix.architecture }}/frpmgr.exe bin/${{ matrix.architecture }}/actions.dll - name: Sign uses: signpath/github-action-submit-signing-request@v1.2 with: api-token: '${{ secrets.SIGNPATH_API_TOKEN }}' organization-id: '${{ secrets.SIGNPATH_ORGANIZATION_ID }}' project-slug: 'frpmgr' signing-policy-slug: 'release-signing' github-artifact-id: '${{ steps.upload-unsigned-application.outputs.artifact-id }}' wait-for-completion: true output-artifact-directory: 'dist' - name: Verify and copy signed files shell: cmd run: safe_copy dist frpmgr.exe bin\${{ matrix.architecture }} actions.dll installer\build\${{ matrix.architecture }} - name: Build MSI installer shell: cmd run: installer\build.bat %VERSION% ${{ matrix.architecture }} msi - name: Upload unsigned installer id: upload-unsigned-installer uses: actions/upload-artifact@v4 with: name: frpmgr-${{ env.VERSION }}-installer-${{ matrix.architecture }}-unsigned path: installer/build/${{ matrix.architecture }}/frpmgr.msi - name: Sign uses: signpath/github-action-submit-signing-request@v1.2 with: api-token: '${{ secrets.SIGNPATH_API_TOKEN }}' organization-id: '${{ secrets.SIGNPATH_ORGANIZATION_ID }}' project-slug: 'frpmgr' signing-policy-slug: 'release-signing' github-artifact-id: '${{ steps.upload-unsigned-installer.outputs.artifact-id }}' wait-for-completion: true output-artifact-directory: 'dist' - name: Verify and copy signed files shell: cmd run: safe_copy dist frpmgr.msi installer\build\${{ matrix.architecture }} - name: Build EXE bootstrapper shell: cmd run: installer\build.bat %VERSION% ${{ matrix.architecture }} setup - name: Upload unsigned bootstrapper id: upload-unsigned-bootstrapper uses: actions/upload-artifact@v4 with: name: frpmgr-${{ env.VERSION }}-setup-${{ matrix.architecture }}-unsigned path: installer/build/${{ matrix.architecture }}/setup.exe - name: Sign uses: signpath/github-action-submit-signing-request@v1.2 with: api-token: '${{ secrets.SIGNPATH_API_TOKEN }}' organization-id: '${{ secrets.SIGNPATH_ORGANIZATION_ID }}' project-slug: 'frpmgr' signing-policy-slug: 'release-signing' github-artifact-id: '${{ steps.upload-unsigned-bootstrapper.outputs.artifact-id }}' wait-for-completion: true output-artifact-directory: 'dist' - name: Verify and copy signed files shell: cmd run: safe_copy dist setup.exe installer\build\${{ matrix.architecture }} - name: Create release files shell: cmd run: installer\build.bat %VERSION% ${{ matrix.architecture }} dist - name: Upload release files uses: actions/upload-artifact@v4 with: name: frpmgr-${{ env.VERSION }}-dist-${{ matrix.architecture }} path: | bin/*.exe bin/*.zip release: name: Release needs: build runs-on: ubuntu-latest steps: - name: Get version info run: | tag_name="${{ github.event.release.tag_name }}" echo "VERSION=${tag_name#v}" >> $GITHUB_ENV - name: Collect files uses: actions/download-artifact@v4 with: pattern: frpmgr-${{ env.VERSION }}-dist-* merge-multiple: true - name: Upload release assets uses: shogo82148/actions-upload-release-asset@v1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: upload_url: ${{ github.event.release.upload_url }} asset_path: | ./*.exe ./*.zip