From 3e6a2456be9dffc0bb8223e69874ac7b2e47ce6b Mon Sep 17 00:00:00 2001
From: Vladyslav Nikonov <mail@pacmancoder.xyz>
Date: Wed, 5 Jun 2024 16:33:50 +0300
Subject: [PATCH] fix(ci): fix devolutions-agent packaging

---
 .github/workflows/package.yml | 47 +++++++++++++++++++++++++++++------
 1 file changed, 39 insertions(+), 8 deletions(-)

diff --git a/.github/workflows/package.yml b/.github/workflows/package.yml
index fe22306a9..dfb488360 100644
--- a/.github/workflows/package.yml
+++ b/.github/workflows/package.yml
@@ -244,8 +244,8 @@ jobs:
         if: matrix.os == 'windows' && (matrix.project == 'devolutions-gateway' || matrix.project == 'devolutions-agent')
         uses: microsoft/setup-msbuild@v2
 
-      - name: Regenerate MSI
-        if: (matrix.project == 'devolutions-gateway' || matrix.project == 'devolutions-agent') && matrix.os == 'windows'
+      - name: Regenerate Gateway MSI
+        if: matrix.project == 'devolutions-gateway' && matrix.os == 'windows'
         shell: pwsh
         run: |
           $PackageRoot = Join-Path ${{ runner.temp }} ${{ matrix.project}}
@@ -257,10 +257,19 @@ jobs:
             Remove-Item $_.FullName -Force
           }
 
-          ./ci/tlk.ps1 package -PackageOption generate
+          ./ci/tlk.ps1 package -Product gateway -PackageOption generate
 
-      - name: Sign msi runtime
-        if: (matrix.project == 'devolutions-gateway' || matrix.project == 'devolutions-agent') && matrix.os == 'windows'
+      - name: Regenerate Agent MSI
+        if: matrix.project == 'devolutions-agent' && matrix.os == 'windows'
+        shell: pwsh
+        run: |
+          $PackageRoot = Join-Path ${{ runner.temp }} ${{ matrix.project}}
+          $Env:DAGENT_EXECUTABLE = Get-ChildItem -Path $PackageRoot -Recurse -Include '*DevolutionsAgent*.exe' | Select -First 1
+
+          ./ci/tlk.ps1 package -Product agent -PackageOption generate
+
+      - name: Sign Gateway MSI runtime
+        if: matrix.project == 'devolutions-gateway' && matrix.os == 'windows'
         shell: pwsh
         working-directory: package/WindowsManaged/Release
         run: |
@@ -276,7 +285,24 @@ jobs:
             AzureSignTool @Params $_.FullName
           }
 
-      - name: Repackage gateway
+      - name: Sign Agent MSI runtime
+        if: matrix.project == 'devolutions-agent' && matrix.os == 'windows'
+        shell: pwsh
+        working-directory: package/AgentWindowsManaged/Release
+        run: |
+          Get-ChildItem -Path .\* -Include "*.exe" | % {
+            $Params = @('sign',
+              '-kvt', '${{ secrets.AZURE_TENANT_ID }}',
+              '-kvu', '${{ secrets.CODE_SIGNING_KEYVAULT_URL }}',
+              '-kvi', '${{ secrets.CODE_SIGNING_CLIENT_ID }}',
+              '-kvs', '${{ secrets.CODE_SIGNING_CLIENT_SECRET }}',
+              '-kvc', '${{ secrets.CODE_SIGNING_CERTIFICATE_NAME }}',
+              '-tr', '${{ vars.CODE_SIGNING_TIMESTAMP_SERVER }}',
+              '-v')
+            AzureSignTool @Params $_.FullName
+          }
+
+      - name: Repackage Gateway
         if: matrix.project == 'devolutions-gateway' && matrix.os == 'windows'
         shell: pwsh
         run: |
@@ -285,7 +311,7 @@ jobs:
 
           ./ci/tlk.ps1 package -Product gateway -PackageOption assemble
 
-      - name: Repackage agent
+      - name: Repackage Agent
         if: matrix.project == 'devolutions-agent' && matrix.os == 'windows'
         shell: pwsh
         run: |
@@ -298,6 +324,11 @@ jobs:
         if: (matrix.project == 'devolutions-gateway' || matrix.project == 'devolutions-agent') && matrix.os == 'windows'
         shell: pwsh
         run: |
+          $ContentDescription = switch ('${{ matrix.project }}') {
+            'devolutions-gateway' { 'Devolutions Gateway' }
+            'devolutions-agent' { 'Devolutions Agent' }
+          }
+
           Get-ChildItem -Path ${{ runner.temp }} -Recurse -Include '*.msi' | % {
             $Params = @('sign',
               '-kvt', '${{ secrets.AZURE_TENANT_ID }}',
@@ -306,7 +337,7 @@ jobs:
               '-kvs', '${{ secrets.CODE_SIGNING_CLIENT_SECRET }}',
               '-kvc', '${{ secrets.CODE_SIGNING_CERTIFICATE_NAME }}',
               '-tr', '${{ vars.CODE_SIGNING_TIMESTAMP_SERVER }}',
-              '-d', 'Devolutions Gateway',
+              '-d', $ContentDescription,
               '-v')
             AzureSignTool @Params $_.FullName
           }