refactor(dat): validate handle filename before mapping; tidy comments #4053
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CMake | |
| on: | |
| push: | |
| paths: | |
| # C/C++ source and headers | |
| - '**/*.cpp' | |
| - '**/*.c' | |
| - '**/*.h' | |
| # Win32 resources | |
| - '**/*.rc' | |
| - '**/*.ico' | |
| - '**/*.manifest' | |
| # Build system | |
| - 'CMakeLists.txt' | |
| - 'cmake/*.cmake' | |
| - 'CMakePresets.json' | |
| - 'CMakeSettings.json' | |
| - 'vcpkg.json' | |
| - 'vcpkg-configuration.json' | |
| - 'vcpkg-overlays/**' | |
| # The workflow itself | |
| - '.github/workflows/cmake.yml' | |
| jobs: | |
| build: | |
| runs-on: windows-2025-vs2026 | |
| timeout-minutes: 30 | |
| permissions: | |
| contents: write | |
| # Exposed at job level so the release steps can gate on `env.CERTUM_OTP_URI` | |
| # (secrets can't be referenced directly in an `if:` expression). | |
| env: | |
| CERTUM_OTP_URI: ${{ secrets.CERTUM_OTP_URI }} | |
| CERTUM_USERID: ${{ secrets.CERTUM_USERID }} | |
| CERTUM_CERT_SHA1: ${{ secrets.CERTUM_CERT_SHA1 }} | |
| steps: | |
| # - name: Setup Windows 10 SDK Action | |
| # uses: GuillaumeFalourd/setup-windows10-sdk-action@v2 | |
| # with: | |
| # sdk-version: 22621 | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Cache vcpkg toolchain | |
| id: cache-vcpkg-tool | |
| uses: actions/cache@v4 | |
| with: | |
| path: ${{ github.workspace }}/vcpkg | |
| key: vcpkg-tool-${{ runner.os }}-ce613c41372b23b1f51333815feb3edd87ef8a8b | |
| - name: Install vcpkg | |
| if: steps.cache-vcpkg-tool.outputs.cache-hit != 'true' | |
| shell: bash | |
| env: | |
| VCPKG_COMMIT: ce613c41372b23b1f51333815feb3edd87ef8a8b | |
| run: | | |
| git clone https://github.com/microsoft/vcpkg.git | |
| cd vcpkg | |
| git checkout "$VCPKG_COMMIT" | |
| ./bootstrap-vcpkg.bat | |
| - name: Set VCPKG_ROOT | |
| run: | | |
| echo "VCPKG_ROOT=$(Get-Location)\vcpkg" >> $env:GITHUB_ENV | |
| shell: powershell | |
| - name: Restore vcpkg binary cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: ${{ github.workspace }}/vcpkg-bincache | |
| key: vcpkg-bin-${{ runner.os }}-${{ hashFiles('vcpkg.json', 'vcpkg-configuration.json', 'vcpkg-overlays/**') }} | |
| restore-keys: | | |
| vcpkg-bin-${{ runner.os }}- | |
| - name: Restore FetchContent cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: ${{runner.workspace}}/GWToolboxpp/build/_deps | |
| key: deps-${{ runner.os }}-${{ hashFiles('cmake/*.cmake') }} | |
| restore-keys: | | |
| deps-${{ runner.os }}- | |
| - name: Restore vcpkg installed cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: ${{runner.workspace}}/GWToolboxpp/build/vcpkg_installed | |
| key: vcpkg-inst-${{ runner.os }}-${{ hashFiles('vcpkg.json', 'vcpkg-configuration.json') }} | |
| - name: Create Build Environment | |
| # Some projects don't allow in-source building, so create a separate build directory | |
| # We'll use this as our working directory for all subsequent commands | |
| run: cmake -E make_directory ${{runner.workspace}}/GWToolboxpp/build | |
| - name: Configure CMake | |
| # Use a bash shell so we can use the same syntax for environment variable | |
| # access regardless of the host operating system | |
| shell: bash | |
| working-directory: ${{runner.workspace}}/GWToolboxpp/build | |
| run: cmake $GITHUB_WORKSPACE --preset=vcpkg | |
| env: | |
| VCPKG_ROOT: ${{ env.VCPKG_ROOT }} | |
| VCPKG_BINARY_SOURCES: "clear;files,${{ github.workspace }}/vcpkg-bincache,readwrite" | |
| - name: Build | |
| working-directory: ${{runner.workspace}}/GWToolboxpp/build | |
| shell: bash | |
| # Execute the build. You can specify a specific target with "--target <NAME>" | |
| run: cmake --build . --config RelWithDebInfo | |
| - name: Save output | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| path: ${{runner.workspace}}/GWToolboxpp/bin/RelWithDebInfo/ | |
| - name: Determine release version | |
| id: version | |
| if: github.ref == 'refs/heads/master' | |
| shell: bash | |
| run: | | |
| VERSION=$(sed -n 's/.*set(GWTOOLBOXDLL_VERSION "\(.*\)").*/\1/p' CMakeLists.txt | tr -d '\r') | |
| BETA=$(sed -n 's/.*set(GWTOOLBOXDLL_VERSION_BETA "\(.*\)").*/\1/p' CMakeLists.txt | tr -d '\r') | |
| if [ -z "$VERSION" ]; then | |
| echo "Could not find version in CMakeLists.txt" | |
| exit 1 | |
| fi | |
| if [ -z "$BETA" ]; then | |
| TAG_NAME="${VERSION}_Release" | |
| else | |
| TAG_NAME="${VERSION}_${BETA}" | |
| fi | |
| echo "Detected version: $VERSION" | |
| echo "Detected beta: $BETA" | |
| echo "Target tag: $TAG_NAME" | |
| echo "tag_name=$TAG_NAME" >> "$GITHUB_OUTPUT" | |
| if git ls-remote --tags origin "refs/tags/$TAG_NAME" | grep -q .; then | |
| echo "Tag $TAG_NAME already exists. Skipping release." | |
| echo "should_release=false" >> "$GITHUB_OUTPUT" | |
| else | |
| echo "Tag $TAG_NAME does not exist. Will create release." | |
| echo "should_release=true" >> "$GITHUB_OUTPUT" | |
| fi | |
| # Certum SimplySign code signing. The binaries are signed in place in | |
| # bin/RelWithDebInfo before the release upload. Each signing step is gated on | |
| # the CERTUM_OTP_URI secret being present, so forks and un-provisioned | |
| # environments still publish a release (unsigned) instead of failing. | |
| - name: Set up Certum SimplySign | |
| if: steps.version.outputs.should_release == 'true' && env.CERTUM_OTP_URI != '' | |
| shell: bash | |
| run: | | |
| chmod +x ./.github/scripts/install-simplysign.sh | |
| ./.github/scripts/install-simplysign.sh | |
| powershell -ExecutionPolicy Bypass -File "./.github/scripts/configure-simplysign.ps1" | |
| - name: Authenticate Certum SimplySign | |
| if: steps.version.outputs.should_release == 'true' && env.CERTUM_OTP_URI != '' | |
| shell: bash | |
| run: powershell -ExecutionPolicy Bypass -File "./.github/scripts/connect-simplysign.ps1" | |
| - name: Sign release binaries | |
| if: steps.version.outputs.should_release == 'true' && env.CERTUM_OTP_URI != '' | |
| shell: pwsh | |
| run: | | |
| $bin = "${{runner.workspace}}/GWToolboxpp/bin/RelWithDebInfo" | |
| ./.github/scripts/sign-certum.ps1 -Files @("$bin/GWToolbox.exe", "$bin/GWToolboxdll.dll") | |
| - name: Create release | |
| if: steps.version.outputs.should_release == 'true' | |
| shell: bash | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| TAG_NAME="${{ steps.version.outputs.tag_name }}" | |
| BIN_DIR="${{runner.workspace}}/GWToolboxpp/bin/RelWithDebInfo" | |
| gzip -c "$BIN_DIR/GWToolboxdll.pdb" > GWToolboxdll.pdb.gz | |
| git config user.name "GitHub Actions" | |
| git config user.email "actions@github.com" | |
| git tag "$TAG_NAME" | |
| git push origin "$TAG_NAME" | |
| gh release create "$TAG_NAME" \ | |
| --title "$TAG_NAME" \ | |
| "$BIN_DIR/GWToolbox.exe" "$BIN_DIR/GWToolboxdll.dll" GWToolboxdll.pdb.gz |