Harden System Security v1.0.6.0 (#830) #14
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "Copilot Setup Steps" | |
| on: | |
| workflow_dispatch: | |
| push: | |
| paths: | |
| - .github/workflows/copilot-setup-steps.yml | |
| pull_request: | |
| paths: | |
| - .github/workflows/copilot-setup-steps.yml | |
| jobs: | |
| # The job MUST be called `copilot-setup-steps` or it will not be picked up by Copilot. | |
| copilot-setup-steps: | |
| runs-on: windows-latest | |
| permissions: | |
| # If you want to clone the repository as part of your setup steps, for example to install dependencies, you'll need the `contents: read` permission. | |
| # If you don't clone the repository in your setup steps, Copilot will do this for you automatically after the steps complete. | |
| contents: read | |
| # You can define any steps you want, and they will run before the agent starts. | |
| # If you do not check out your code, Copilot will do this for you. | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v5 | |
| - name: Updating Winget | |
| shell: powershell | |
| run: | | |
| try { | |
| Write-Host -Object 'The version of the pre-installed Winget on the Runner:' | |
| Write-Host -Object (winget --version) | |
| } | |
| catch { | |
| Write-Host -Object 'Winget is not installed.' | |
| } | |
| # Retrieve the latest Winget release information | |
| $WingetReleases = Invoke-RestMethod -Uri 'https://api.github.com/repos/microsoft/winget-cli/releases' | |
| $LatestRelease = $WingetReleases | Select-Object -First 1 | |
| # Direct links to the latest Winget release assets | |
| [string]$WingetURL = $LatestRelease.assets.browser_download_url | Where-Object -FilterScript { $_.EndsWith('.msixbundle') } | Select-Object -First 1 | |
| [string]$WingetLicense = $LatestRelease.assets.browser_download_url | Where-Object -FilterScript { $_.EndsWith('License1.xml') } | Select-Object -First 1 | |
| [string]$LatestWingetReleaseDependenciesZipURL = $LatestRelease.assets.browser_download_url | Where-Object -FilterScript { $_.EndsWith('DesktopAppInstaller_Dependencies.zip') } | Select-Object -First 1 | |
| [hashtable]$Downloads = @{ | |
| # 'Winget.msixbundle' = 'https://aka.ms/getwinget' This is updated slower than the GitHub release | |
| 'DesktopAppInstaller_Dependencies.zip' = $LatestWingetReleaseDependenciesZipURL | |
| 'Winget.msixbundle' = $WingetURL | |
| 'License1.xml' = $WingetLicense | |
| } | |
| $Downloads.GetEnumerator() | ForEach-Object -Process { | |
| Invoke-RestMethod -Uri $_.Value -OutFile $_.Key | |
| } | |
| Expand-Archive -Path 'DesktopAppInstaller_Dependencies.zip' -DestinationPath .\ -Force | |
| # Get the paths to all of the dependencies | |
| [string[]]$DependencyPaths = (Get-ChildItem -Path .\x64 -Filter '*.appx' -File -Force).FullName | |
| # Required to update the Winget | |
| Stop-Process -Name 'WindowsTerminal' -Force -ErrorAction Ignore | |
| Add-AppxProvisionedPackage -Online -PackagePath 'Winget.msixbundle' -DependencyPackagePath $DependencyPaths -LicensePath 'License1.xml' | |
| Add-AppPackage -Path 'Winget.msixbundle' -DependencyPath "$($DependencyPaths[0])", "$($DependencyPaths[1])" -ForceTargetApplicationShutdown -ForceUpdateFromAnyVersion | |
| - name: Installing the necessary programs | |
| shell: pwsh | |
| run: | | |
| Write-Host -Object "The version of the Winget currently in use:" | |
| Write-Host -Object (winget --version) | |
| winget source update | |
| Write-Host -Object "`nInstalling Rust toolchain" -ForegroundColor Magenta | |
| $null = winget install --id Rustlang.Rustup --exact --accept-package-agreements --accept-source-agreements --uninstall-previous --force --source winget | |
| if ($LASTEXITCODE -ne 0) { throw [System.InvalidOperationException]::New("Failed to install the Rust toolchain: $LASTEXITCODE") } | |
| Write-Host -Object "`nInstalling .NET SDK" -ForegroundColor Magenta | |
| $null = winget install --id Microsoft.DotNet.SDK.Preview --exact --accept-package-agreements --accept-source-agreements --uninstall-previous --force --source winget | |
| if ($LASTEXITCODE -ne 0) { throw [System.InvalidOperationException]::New("Failed to install .NET SDK: $LASTEXITCODE") } | |
| Write-Host -Object "`nInstalling Visual C++ Redistributable" -ForegroundColor Magenta | |
| $null = winget install --id Microsoft.VCRedist.2015+.x64 --exact --accept-package-agreements --accept-source-agreements --uninstall-previous --force --source winget | |
| if ($LASTEXITCODE -ne 0) { throw [System.InvalidOperationException]::New("Failed to install Microsoft.VCRedist: $LASTEXITCODE") } | |
| - name: Check out the repository code | |
| uses: actions/checkout@v5 |