Here goes nothing

Co-Authored-By: Tyler Mairose <84410962+tyler-mairose-sp@users.noreply.github.com>
2025-12-06 04:21:15 +00:00 · 2023-04-12 14:37:33 -05:00
parent 2dc508558a
commit d9f62cbc42
8 changed files with 369 additions and 16 deletions
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -28,10 +28,93 @@ jobs:
        with:
          go-version: 1.19

+      - name: Generate changelog
+        id: changelog
+        run: |
+          echo "tag-name=${GITHUB_REF#refs/tags/}" >> $GITHUB_OUTPUT
+          gh api repos/$GITHUB_REPOSITORY/releases/generate-notes \
+            -f tag_name="${GITHUB_REF#refs/tags/}" \
+            -f target_commitish=trunk \
+            -q .body > CHANGELOG.md
+        env:
+          GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
+
+      - name: Install osslsigncode
+        run: sudo apt-get install -y osslsigncode
+
+      - name: Obtain signing cert
+        run: |
+          cert="$(mktemp -t cert.XXX)"
+          base64 -d <<<"$CERT_CONTENTS" > "$cert"
+          echo "CERT_FILE=$cert" >> $GITHUB_ENV
+        env:
+          CERT_CONTENTS: ${{ secrets.OSS_SIGNING_CERT }}
+
+      - name: Set env
+        run: echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
+
      - name: Run GoReleaser
        uses: goreleaser/goreleaser-action@v4
        with:
-          version: latest
-          args: release --clean
+          version: ${{ env.RELEASE_VERSION }}
+          args: release --release-notes=CHANGELOG.md
        env:
-          GITHUB_TOKEN: ${{ secrets.PUBLISHER_TOKEN }}
+          GITHUB_TOKEN: ${{secrets.PUBLISHER_TOKEN}}
+          GORELEASER_CURRENT_TAG: ${{steps.changelog.outputs.tag-name}}
+
+  msi:
+    needs: goreleaser
+    runs-on: windows-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+      - name: Download sail.exe
+        id: download_exe
+        shell: bash
+        run: |
+          hub release download "${GITHUB_REF#refs/tags/}" -i '*windows_amd64*.zip'
+          printf "zip=%s\n" *.zip >> $GITHUB_OUTPUT
+          unzip -o *.zip && rm -v *.zip
+        env:
+          GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
+      - name: Prepare PATH
+        id: setupmsbuild
+        uses: microsoft/setup-msbuild@v1.3.1
+      - name: Build MSI
+        id: buildmsi
+        shell: bash
+        env:
+          ZIP_FILE: ${{ steps.download_exe.outputs.zip }}
+          MSBUILD_PATH: ${{ steps.setupmsbuild.outputs.msbuildPath }}
+        run: |
+          name="$(basename "$ZIP_FILE" ".zip")"
+          version="$(echo -e ${GITHUB_REF#refs/tags/v} | sed s/-.*$//)"
+          "${MSBUILD_PATH}\MSBuild.exe" ./build/windows/sail.wixproj -p:SourceDir="$PWD" -p:OutputPath="$PWD" -p:OutputName="$name" -p:ProductVersion="$version"
+      - name: Obtain signing cert
+        id: obtain_cert
+        shell: bash
+        run: |
+          base64 -d <<<"$CERT_CONTENTS" > ./cert.pfx
+          printf "cert-file=%s\n" ".\\cert.pfx" >> $GITHUB_OUTPUT
+        env:
+          CERT_CONTENTS: ${{ secrets.OSS_SIGNING_CERT }}
+      - name: Sign MSI
+        env:
+          CERT_FILE: ${{ steps.obtain_cert.outputs.cert-file }}
+          EXE_FILE: ${{ steps.buildmsi.outputs.msi }}
+        run: .\assets\signtool sign /d "SailPoint CLI" /f $env:CERT_FILE /fd sha256 /tr http://timestamp.digicert.com /v $env:EXE_FILE
+      - name: Upload MSI
+        shell: bash
+        run: |
+          tag_name="${GITHUB_REF#refs/tags/}"
+          hub release edit "$tag_name" -m "" -a "$MSI_FILE"
+          release_url="$(gh api repos/:owner/:repo/releases -q ".[]|select(.tag_name==\"${tag_name}\")|.url")"
+          publish_args=( -F draft=false )
+          if [[ $GITHUB_REF != *-* ]]; then
+            publish_args+=( -f discussion_category_name="$DISCUSSION_CATEGORY" )
+          fi
+          gh api -X PATCH "$release_url" "${publish_args[@]}"
+        env:
+          MSI_FILE: ${{ steps.buildmsi.outputs.msi }}
+          DISCUSSION_CATEGORY: General
+          GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
--- a/.goreleaser.yaml
+++ b/.goreleaser.yaml
@@ -1,19 +1,56 @@
 project_name: sail
+
+release:
+  prerelease: auto
+  draft: true # we only publish after the Windows MSI gets uploaded
+  name_template: "SailPoint CLI {{.Version}}"
+
+before:
+  hooks:
+    - go mod tidy
+
 builds:
-  - env: [CGO_ENABLED=0]
-    goos:
-      - linux
-      - windows
-      - darwin
-    goarch:
-      - amd64
-      - arm64
+  - <<: &build_defaults
+      binary: bin/gh
+      main: ./
+    id: macos
+    goos: [darwin]
+    goarch: [amd64, arm64]
+
+  - <<: *build_defaults
+    id: linux
+    goos: [linux]
+    goarch: [386, arm, amd64, arm64]
+    env:
+      - CGO_ENABLED=0
+
+  - <<: *build_defaults
+    id: windows
+    goos: [windows]
+    goarch: [386, amd64, arm64]
+    # hooks:
+    #   post:
+    #     - cmd: ./script/sign-windows-executable.sh '{{ .Path }}'
+    #       output: false

 archives:
-  - format: tar.gz
-    format_overrides:
-      - goos: windows
-        format: zip
+  - id: nix
+    builds: [macos, linux]
+    <<: &archive_defaults
+      name_template: "{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}{{ if .Arm }}v{{ .Arm }}{{ end }}"
+    wrap_in_directory: true
+    replacements:
+      darwin: macOS
+    format: tar.gz
+    files:
+      - LICENSE
+  - id: windows
+    builds: [windows]
+    <<: *archive_defaults
+    wrap_in_directory: false
+    format: zip
+    files:
+      - LICENSE

 dockers:
  - image_templates:
@@ -32,3 +69,13 @@ brews:
    commit_author:
      name: colin-mckibben-sp
      email: colin.mckibben@sailpoint.com
+
+nfpms:
+  - license: MIT
+    maintainer: SailPoint
+    homepage: https://github.com/sailpoint-oss/sailpoint-cli
+    bindir: /usr
+    description: The SailPoint Command Line Interface.
+    formats:
+      - deb
+      - rpm
--- a/7
+++ b/7
@@ -1,17 +1,22 @@
+.PHONY: clean
 clean:
 	go clean ./...

+.PHONY: mocks
 mocks:
 	# Ref: https://github.com/golang/mock
 	mockgen -source=client/client.go -destination=mocks/client.go -package=mocks

+.PHONY: test
 test:
 	go test -v -count=1 ./...

+.PHONY: install
 install:
 	go build -o /usr/local/bin/sail -buildvcs=false

+.PHONY: vhs
 vhs:
 	find assets -name "*.tape" | xargs -n 1 vhs

-.PHONY: clean mocks test install vhs .docker/login .docker/build .docker/push
+.PHONY: .docker/login .docker/build .docker/push
--- a/assets/sign-windows-executable.sh
+++ b/assets/sign-windows-executable.sh
@@ -0,0 +1,20 @@
+#!/bin/bash
+set -e
+
+EXE="$1"
+
+if [ -z "$CERT_FILE" ]; then
+  echo "skipping Windows code-signing; CERT_FILE not set" >&2
+  exit 0
+fi
+
+if [ ! -f "$CERT_FILE" ]; then
+  echo "error Windows code-signing; file '$CERT_FILE' not found" >&2
+  exit 1
+fi
+
+osslsigncode sign -n "SailPoint CLI" -t http://timestamp.digicert.com \
+  -pkcs12 "$CERT_FILE" -h sha256 \
+  -in "$EXE" -out "$EXE"~
+
+mv "$EXE"~ "$EXE"
--- a/assets/signtool.exe
+++ b/assets/signtool.exe
--- a/build/windows/sail.wixproj
+++ b/build/windows/sail.wixproj
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+    <PropertyGroup>
+        <Configuration>Release</Configuration>
+        <Platform Condition="'$(Platform)' == ''">x64</Platform>
+        <ProductVersion Condition="'$(ProductVersion)' == ''">0.1.0</ProductVersion>
+        <OutputName Condition="'$(OutputName)' == ''">$(MSBuildProjectName)</OutputName>
+        <OutputType>package</OutputType>
+        <RepoPath>$([MSBuild]::NormalizeDirectory($(MSBuildProjectDirectory)\..\..))</RepoPath>
+        <OutputPath Condition="'$(OutputPath)' == ''">$(RepoPath)bin\$(Platform)\</OutputPath>
+        <IntermediateOutputPath>$(RepoPath)bin\obj\$(Platform)\</IntermediateOutputPath>
+        <DefineConstants>
+            $(DefineConstants);
+            ProductVersion=$(ProductVersion);
+        </DefineConstants>
+        <SuppressIces Condition="'$(Platform)' == 'arm' Or '$(Platform)' == 'arm64'">ICE39</SuppressIces>
+        <DefineSolutionProperties>false</DefineSolutionProperties>
+        <WixTargetsPath Condition="'$(WixTargetsPath)' == ''">
+            $(MSBuildExtensionsPath)\Microsoft\WiX\v3.x\Wix.targets</WixTargetsPath>
+    </PropertyGroup>
+    <ItemGroup>
+        <Compile Include="sail.wxs" />
+        <Compile Include="ui.wxs" />
+    </ItemGroup>
+    <ItemGroup>
+        <!-- Include directories containing both user-specified output and unzipped release for ease -->
+        <BindInputPaths Include="$(SourceDir)" />
+        <BindInputPaths Include="$(SourceDir)\bin" />
+    </ItemGroup>
+    <ItemGroup>
+        <WixExtension Include="WixUIExtension" />
+        <WixExtension Include="WixUtilExtension" />
+    </ItemGroup>
+    <Target Name="SetStepOutput" AfterTargets="Build" Condition="'$(GITHUB_ACTIONS)' != ''">
+        <!-- Make sure the correct target path is always set as the step output -->
+        <Message Importance="high" Text="::set-output name=msi::$(TargetPath)" />
+    </Target>
+    <Import Project="$(WixTargetsPath)" />
+</Project>
--- a/build/windows/sail.wxs
+++ b/build/windows/sail.wxs
@@ -0,0 +1,87 @@
+<?xml version="1.0" encoding="utf-8"?>
+
+<?ifndef ProductVersion?>
+<?error ProductVersion property not defined?>
+<?endif?>
+
+<!-- Define a unique UpgradeCode per platform -->
+<?if $(var.Platform) = "x64"?>
+<?define InstallerVersion = "200"?>
+<?define UpgradeCode = "8CFB9531-B959-4E1B-AA2E-4AF0FFCC4AF4"?>
+<?define ProgramFilesFolder = "ProgramFiles64Folder"?>
+<?elseif $(var.Platform) = "x86"?>
+<?define InstallerVersion = "200"?>
+<?define UpgradeCode = "767EC5D2-C8F0-4912-9901-45E21F59A284"?>
+<?define ProgramFilesFolder = "ProgramFilesFolder"?>
+<?elseif $(var.Platform) = "arm64"?>
+<?define InstallerVersion = "500"?>
+<?define UpgradeCode = "5D15E95C-F979-41B0-826C-C33C8CB5A7EB"?>
+<?define ProgramFilesFolder = "ProgramFiles64Folder"?>
+<?elseif $(var.Platform) = "arm"?>
+<?define InstallerVersion = "500"?>
+<?define UpgradeCode = "DDDE52AA-42DA-404B-9238-77DC86117CFF"?>
+<?define ProgramFilesFolder = "ProgramFilesFolder"?>
+<?endif?>
+
+<Wix xmlns="http://schemas.microsoft.com/wix/2006/wi">
+    <Product Id="*" Name="SailPoint CLI" Version="$(var.ProductVersion)" Language="1033"
+        Manufacturer="SailPoint Technologies." UpgradeCode="$(var.UpgradeCode)">
+        <Package Compressed="yes" InstallerVersion="$(var.InstallerVersion)"
+            InstallScope="perMachine" />
+        <MediaTemplate EmbedCab="yes" />
+
+        <!-- Remove older product(s) early but within the transaction -->
+        <MajorUpgrade Schedule="afterInstallInitialize"
+            DowngradeErrorMessage="A newer version of !(bind.property.ProductName) is already installed." />
+
+        <!-- Upgrade older x86 products -->
+        <Upgrade Id="7C0A5736-5B8E-4176-B350-613FA2D8A1B3">
+            <UpgradeVersion Maximum="$(var.ProductVersion)" Property="OLDERX86VERSIONDETECTED" />
+        </Upgrade>
+
+        <Directory Id="TARGETDIR" Name="SourceDir">
+            <Directory Id="$(var.ProgramFilesFolder)" Name="Program Files">
+                <Directory Id="INSTALLDIR" Name="SailPoint CLI" />
+            </Directory>
+        </Directory>
+
+        <!-- Restore the INSTALLDIR if previously persisted to the registry -->
+        <Property Id="INSTALLDIR">
+            <RegistrySearch Id="InstallDir" Root="HKLM" Key="SOFTWARE\SailPoint\CLI"
+                Name="InstallDir"
+                Type="directory" />
+        </Property>
+
+        <Feature Id="DefaultFeature" ConfigurableDirectory="INSTALLDIR">
+            <!-- @Guid will be automatically and durably assigned based on key path -->
+            <Component Directory="INSTALLDIR">
+                <File Name="sail.exe" />
+                <Environment Id="Path" Action="set" Name="PATH" Part="last" System="yes"
+                    Value="[INSTALLDIR]" />
+            </Component>
+
+            <!-- Persist the INSTALLDIR and restore it in subsequent installs -->
+            <Component Directory="INSTALLDIR">
+                <RegistryValue Root="HKLM" Key="SOFTWARE\SailPoint\CLI" Name="InstallDir"
+                    Type="string"
+                    Value="[INSTALLDIR]" />
+            </Component>
+
+            <Component Id="OlderX86Env" Guid="50C15744-A674-404B-873C-6B58957E2A32"
+                Directory="TARGETDIR" Win64="no">
+                <Condition><![CDATA[OLDERX86VERSIONDETECTED]]></Condition>
+
+                <!-- Clean up the old x86 package default directory from the user environment -->
+                <Environment Id="OlderX86Path" Action="remove" Name="PATH" Part="last" System="no"
+                    Value="[ProgramFilesFolder]SailPoint CLI\" />
+            </Component>
+        </Feature>
+
+        <!-- Broadcast environment variable changes -->
+        <CustomActionRef Id="WixBroadcastEnvironmentChange" />
+
+        <!-- Use customized WixUI_InstallDir that removes WixUI_LicenseAgreementDlg -->
+        <Property Id="WIXUI_INSTALLDIR" Value="INSTALLDIR" />
+        <UIRef Id="SailPointCLI_InstallDir" />
+    </Product>
+</Wix>
--- a/build/windows/ui.wxs
+++ b/build/windows/ui.wxs
@@ -0,0 +1,72 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Wix xmlns="http://schemas.microsoft.com/wix/2006/wi">
+    <Fragment>
+        <UI Id="SailPointCLI_InstallDir">
+            <TextStyle Id="WixUI_Font_Normal" FaceName="Tahoma" Size="8" />
+            <TextStyle Id="WixUI_Font_Bigger" FaceName="Tahoma" Size="12" />
+            <TextStyle Id="WixUI_Font_Title" FaceName="Tahoma" Size="9" Bold="yes" />
+
+            <Property Id="DefaultUIFont" Value="WixUI_Font_Normal" />
+            <Property Id="WixUI_Mode" Value="InstallDir" />
+
+            <DialogRef Id="BrowseDlg" />
+            <DialogRef Id="DiskCostDlg" />
+            <DialogRef Id="ErrorDlg" />
+            <DialogRef Id="FatalError" />
+            <DialogRef Id="FilesInUse" />
+            <DialogRef Id="MsiRMFilesInUse" />
+            <DialogRef Id="PrepareDlg" />
+            <DialogRef Id="ProgressDlg" />
+            <DialogRef Id="ResumeDlg" />
+            <DialogRef Id="UserExit" />
+
+            <Publish Dialog="BrowseDlg" Control="OK" Event="DoAction" Value="WixUIValidatePath"
+                Order="3">1</Publish>
+            <Publish Dialog="BrowseDlg" Control="OK" Event="SpawnDialog" Value="InvalidDirDlg"
+                Order="4"><![CDATA[NOT WIXUI_DONTVALIDATEPATH AND WIXUI_INSTALLDIR_VALID<>"1"]]></Publish>
+
+            <Publish Dialog="ExitDialog" Control="Finish" Event="EndDialog" Value="Return"
+                Order="999">1</Publish>
+
+            <Publish Dialog="WelcomeDlg" Control="Next" Event="NewDialog" Value="InstallDirDlg">NOT
+                Installed</Publish>
+            <Publish Dialog="WelcomeDlg" Control="Next" Event="NewDialog" Value="VerifyReadyDlg">Installed
+                AND PATCH</Publish>
+
+            <Publish Dialog="InstallDirDlg" Control="Back" Event="NewDialog" Value="WelcomeDlg">1</Publish>
+            <Publish Dialog="InstallDirDlg" Control="Next" Event="SetTargetPath"
+                Value="[WIXUI_INSTALLDIR]" Order="1">1</Publish>
+            <Publish Dialog="InstallDirDlg" Control="Next" Event="DoAction"
+                Value="WixUIValidatePath" Order="2">NOT WIXUI_DONTVALIDATEPATH</Publish>
+            <Publish Dialog="InstallDirDlg" Control="Next" Event="SpawnDialog" Value="InvalidDirDlg"
+                Order="3"><![CDATA[NOT WIXUI_DONTVALIDATEPATH AND WIXUI_INSTALLDIR_VALID<>"1"]]></Publish>
+            <Publish Dialog="InstallDirDlg" Control="Next" Event="NewDialog" Value="VerifyReadyDlg"
+                Order="4">WIXUI_DONTVALIDATEPATH OR WIXUI_INSTALLDIR_VALID="1"</Publish>
+            <Publish Dialog="InstallDirDlg" Control="ChangeFolder" Property="_BrowseProperty"
+                Value="[WIXUI_INSTALLDIR]" Order="1">1</Publish>
+            <Publish Dialog="InstallDirDlg" Control="ChangeFolder" Event="SpawnDialog"
+                Value="BrowseDlg" Order="2">1</Publish>
+
+            <Publish Dialog="VerifyReadyDlg" Control="Back" Event="NewDialog" Value="InstallDirDlg"
+                Order="1">NOT Installed</Publish>
+            <Publish Dialog="VerifyReadyDlg" Control="Back" Event="NewDialog"
+                Value="MaintenanceTypeDlg" Order="2">Installed AND NOT PATCH</Publish>
+            <Publish Dialog="VerifyReadyDlg" Control="Back" Event="NewDialog" Value="WelcomeDlg"
+                Order="2">Installed AND PATCH</Publish>
+
+            <Publish Dialog="MaintenanceWelcomeDlg" Control="Next" Event="NewDialog"
+                Value="MaintenanceTypeDlg">1</Publish>
+
+            <Publish Dialog="MaintenanceTypeDlg" Control="RepairButton" Event="NewDialog"
+                Value="VerifyReadyDlg">1</Publish>
+            <Publish Dialog="MaintenanceTypeDlg" Control="RemoveButton" Event="NewDialog"
+                Value="VerifyReadyDlg">1</Publish>
+            <Publish Dialog="MaintenanceTypeDlg" Control="Back" Event="NewDialog"
+                Value="MaintenanceWelcomeDlg">1</Publish>
+
+            <Property Id="ARPNOMODIFY" Value="1" />
+        </UI>
+
+        <UIRef Id="WixUI_Common" />
+    </Fragment>
+</Wix>