aheh/TunnelX
1
0
Fork 0
mirror of https://github.com/MaxiFan/TunnelX.git synced 2026-05-17 21:14:37 +03:00
Code Issues Packages Projects Releases Wiki Activity

Document GitHub Actions release provenance

Browse Source
This commit is contained in:
MaxFan
2026-05-12 12:29:47 +03:30
parent 10d6334624
commit 6d67476af5
3 changed files with 32 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.github/workflows/release.yml
+28
View File
@@ -92,6 +92,7 @@ jobs:
"asset=$asset" >> $env:GITHUB_OUTPUT
"checksum=$checksum" >> $env:GITHUB_OUTPUT
"sha256=$hash" >> $env:GITHUB_OUTPUT
- name: Upload workflow artifact
uses: actions/upload-artifact@v6
@@ -111,6 +112,9 @@ jobs:
$asset = "${{ steps.package.outputs.asset }}"
$checksum = "${{ steps.package.outputs.checksum }}"
$title = "TunnelX $tag"
$runUrl = "https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}"
$sha256 = "${{ steps.package.outputs.sha256 }}".ToUpperInvariant()
$artifactName = "${{ steps.meta.outputs.artifact_name }}"
if ("${{ github.event_name }}" -eq "workflow_dispatch") {
git fetch --tags origin
@@ -133,3 +137,27 @@ jobs:
--generate-notes `
--latest
}
$body = gh release view $tag --json body --jq .body
$provenance = @"
<!-- release-provenance:start -->
## Build provenance
- Built and uploaded by GitHub Actions.
- Workflow: ``release``
- Run: $runUrl
- Commit: ``${{ github.sha }}``
- SHA256: ``$sha256 $artifactName``
<!-- release-provenance:end -->
"@
if ($body -match '(?s)<!-- release-provenance:start -->.*<!-- release-provenance:end -->') {
$body = $body -replace '(?s)<!-- release-provenance:start -->.*<!-- release-provenance:end -->', $provenance
}
else {
$body = "$body`n`n$provenance"
}
$notesFile = Join-Path $env:RUNNER_TEMP "release-notes.md"
$body | Set-Content -Encoding UTF8 -LiteralPath $notesFile
gh release edit $tag --notes-file $notesFile
README.fa.md
+2
View File
@@ -37,6 +37,8 @@
<span dir="ltr">[دانلود آخرین نسخه از GitHub Releases](https://github.com/MaxiFan/TunnelX/releases/latest)</span>
فایل‌های منتشرشده توسط <span dir="ltr">GitHub Actions</span> ساخته و آپلود می‌شوند. برای هر فایل اجرایی <span dir="ltr">standalone</span>، فایل checksum با پسوند <span dir="ltr">`.sha256`</span> هم منتشر می‌شود و در متن هر <span dir="ltr">Release</span> لینک اجرای workflow قرار می‌گیرد.
نسخه پیشنهادی برای کاربران، فایل <span dir="ltr">standalone</span> و <span dir="ltr">self-contained</span> است. این نسخه به نصب جداگانه <span dir="ltr">.NET Runtime</span> نیاز ندارد.
## نیازمندی‌های اجرا
README.md
+2
View File
@@ -31,6 +31,8 @@ Public downloads should be attached to GitHub Releases after release validation
[GitHub project](https://github.com/MaxiFan/TunnelX)
Release assets are built and uploaded by GitHub Actions. Each published standalone executable includes a `.sha256` checksum file, and the release notes link back to the workflow run that produced the artifact.
## Build
End-user requirements for the recommended standalone release: