Release Windows app #14
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # .github/workflows/release.yml | ||
| name: Release Windows app | ||
| on: | ||
| workflow_dispatch: | ||
| jobs: | ||
| build-windows: | ||
| runs-on: windows-latest | ||
| steps: | ||
| - name: Enable Long Name | ||
| shell: pwsh | ||
| run: New-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\FileSystem" -Name "LongPathsEnabled" -Value 1 -PropertyType DWORD -Force | ||
| - run: git config --system core.longpaths true | ||
| - name: Set up certificate | ||
| run: | | ||
| echo "${{ secrets.SM_CLIENT_CERT_FILE_B64 }}" | base64 --decode > /d/Certificate_pkcs12.p12 | ||
| shell: bash | ||
| - name: Github checkout | ||
| uses: actions/checkout@v4 | ||
| - name: Use Node.js | ||
| uses: actions/setup-node@v4 | ||
| with: | ||
| node-version: 20 | ||
| - run: yarn install | ||
| - name: Set variables | ||
| id: variables | ||
| run: | | ||
| echo "::set-output name=version::${GITHUB_REF#refs/tags/v}" | ||
| echo "SM_HOST=${{ secrets.SM_HOST }}" >> "$GITHUB_ENV" | ||
| echo "SM_API_KEY=${{ secrets.SM_API_KEY }}" >> "$GITHUB_ENV" | ||
| echo "SM_CLIENT_CERT_FILE=D:\\Certificate_pkcs12.p12" >> "$GITHUB_ENV" | ||
| echo "SM_CLIENT_CERT_PASSWORD=${{ secrets.SM_CLIENT_CERT_PASSWORD }}" >> "$GITHUB_ENV" | ||
| shell: bash | ||
| - name: Setup Keylocker KSP on windows | ||
| retryCountOnTaskFailure: 10 | ||
| run: | | ||
| curl -X GET https://one.digicert.com/signingmanager/api-ui/v1/releases/Keylockertools-windows-x64.msi/download -H "x-api-key:%SM_API_KEY%" -o Keylockertools-windows-x64.msi | ||
| msiexec /i Keylockertools-windows-x64.msi /quiet /qn | ||
| smksp_registrar.exe list | ||
| smctl.exe keypair ls | ||
| C:\Windows\System32\certutil.exe -csp "DigiCert Signing Manager KSP" -key -user | ||
| shell: cmd | ||
| - name: Certificates Sync | ||
| run: | | ||
| smctl windows certsync | ||
| shell: cmd | ||
| - name: Download and prepare ComfyUI | ||
| run: | | ||
| curl -L -o comfyui-win.7z https://github.com/Comfy-Org/python-dependencies/releases/download/embedded-windows-deps-cu11.8-py11.9-5/ComfyUI_windows_portable.7z | ||
| 7z x comfyui-win.7z -odist/ | ||
| move dist/ComfyUI_windows_portable/ComfyUI assets/UI/ | ||
| move dist/ComfyUI_windows_portable/python_embedded assets/UI/ | ||
| cd assets/UI/ComfyUI && ls | ||
| - name: Make app | ||
| env: | ||
| DEBUG: electron-forge:* | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| run: npm run publish --dry-run | ||
| - name: Signing using Signtool | ||
| run: | | ||
| signtool.exe sign /sha1 ${{ secrets.SM_CODE_SIGNING_CERT_SHA1_HASH }} /tr http://timestamp.digicert.com /td SHA256 /fd SHA256 out/ComfyUI-win32-x64/ComfyUI.exe | ||
| - name: verify signing | ||
| run: | ||
| signtool verify out/ComfyUI-win32-x64/ComfyUI.exe | ||
| - name: publish app | ||
| env: | ||
| DEBUG: electron-forge:* | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| run: npm run publish --from-dry-run | ||
