diff --git a/.github/workflows/go-releaser.yml b/.github/workflows/go-releaser.yml
index 2875bfaa..1a5cd45b 100644
--- a/.github/workflows/go-releaser.yml
+++ b/.github/workflows/go-releaser.yml
@@ -12,28 +12,224 @@ permissions:
jobs:
goreleaser:
runs-on: ubuntu-latest
+ outputs:
+ version: ${{ steps.calculate-version.outputs.version }}
+ tag_name: ${{ steps.calculate-version.outputs.tag_name }}
+
steps:
- - name: Checkout
- uses: actions/checkout@v3
- with:
- fetch-depth: 0
- - name: Fetch all tags
- run: git fetch --force --tags
- - name: Set up Go
- uses: actions/setup-go@v3
- with:
+ - name: Checkout
+ uses: actions/checkout@v3
+ with:
+ fetch-depth: 0
+
+ - name: Fetch all tags
+ run: git fetch --force --tags
+
+ - name: Set up Go
+ uses: actions/setup-go@v3
+ with:
go-version: 1.19
- - uses: crazy-max/ghaction-import-gpg@v5
- id: import_gpg
- with:
- gpg_private_key: ${{ secrets.OCTOPUS_GPG_PRIVATE_KEY }}
- passphrase: ${{ secrets.OCTOPUS_GPG_PASSPHRASE }}
- - name: Run GoReleaser
- uses: goreleaser/goreleaser-action@v3
- with:
- version: latest
- args: release --rm-dist
- env:
- GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }}
- GPG_PASSWORD: ${{ secrets.OCTOPUS_GPG_PASSPHRASE }}
+
+ - uses: crazy-max/ghaction-import-gpg@v5
+ id: import_gpg
+ with:
+ gpg_private_key: ${{ secrets.OCTOPUS_GPG_PRIVATE_KEY }}
+ passphrase: ${{ secrets.OCTOPUS_GPG_PASSPHRASE }}
+
+ - name: Run GoReleaser
+ id: goreleaser-release
+ uses: goreleaser/goreleaser-action@v3
+ with:
+ version: latest
+ args: release --rm-dist
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }}
+ GPG_PASSWORD: ${{ secrets.OCTOPUS_GPG_PASSPHRASE }}
+
+ - name: Calculate version
+ id: calculate-version
+ run: |
+ tag_name=${{ fromJson(steps.goreleaser-release.outputs.metadata).tag }}
+ version=${{ fromJson(steps.goreleaser-release.outputs.metadata).version }}
+ echo "::set-output name=tag_name::$tag_name"
+ echo "::set-output name=version::$version"
+
+ - name: Upload goreleaser built binaries to artifact octopus-cli.${{ steps.calculate-version.outputs.version }}
+ uses: actions/upload-artifact@v3
+ with:
+ name: octopus-cli.${{ steps.calculate-version.outputs.version }}
+ path: |
+ dist/*.zip
+ dist/*.tar.gz
+ dist/*.rpm
+ dist/*.deb
+
+ msi:
+ needs: goreleaser
+ runs-on: windows-latest
+ env:
+ DOTNET_CLI_TELEMETRY_OPTOUT: 1
+ outputs:
+ msi_file: ${{ steps.buildmsi.outputs.msi }}
+
+ steps:
+ - uses: actions/checkout@v3
+
+ - uses: microsoft/setup-msbuild@v1.1
+ id: setupmsbuild
+
+ - name: Download goreleaser built binaries from artifact octopus-cli.${{ needs.goreleaser.outputs.version }}
+ uses: actions/download-artifact@v3
+ with:
+ name: octopus-cli.${{ needs.goreleaser.outputs.version }}
+ path: artifacts/
+
+ # the wix installer is going to expect octopus.exe to be in the working directory when it runs; this gets it there
+ # TODO we can include the arm64 version of octopus.exe in the same MSI, or we can build a second MSI for Arm64. Currently we do neither, this is x86_64 only
+ - name: Extract octopus.exe
+ id: extract_exe
+ shell: bash
+ run: unzip -d . ./artifacts/*Windows_x86_64.zip octopus.exe
+
+ - name: Build MSI
+ id: buildmsi
+ shell: bash
+ env:
+ MSBUILD_PATH: ${{ steps.setupmsbuild.outputs.msbuildPath }}
+ # note the wixproj deliberately logs "::set-output name=msi::$(TargetPath)" so this step has an output called 'msi'
+ run: |
+ name="octopus_${{ needs.goreleaser.outputs.version }}_Windows_x86_64"
+ version="$(echo -e ${{ needs.goreleaser.outputs.version }} | sed 's/-.*$//')"
+ "${MSBUILD_PATH}\MSBuild.exe" ./build/windows/octopus.wixproj -p:SourceDir="$PWD" -p:OutputPath="$PWD" -p:OutputName="$name" -p:ProductVersion="$version"
+
+ - name: Install AzureSignTool
+ run: dotnet tool install --global AzureSignTool
+
+ - name: Sign MSI
+ env:
+ MSI_FILE: ${{ steps.buildmsi.outputs.msi }}
+ shell: powershell
+ run: |
+ $timestampurl = (
+ "http://timestamp.comodoca.com/rfc3161",
+ "http://timestamp.globalsign.com/tsa/r6advanced1", #https://support.globalsign.com/code-signing/code-signing-windows-7-8-and-10,
+ "http://timestamp.digicert.com", #https://knowledge.digicert.com/solution/SO912.html
+ "http://timestamp.apple.com/ts01", #https://gist.github.com/Manouchehri/fd754e402d98430243455713efada710
+ "http://tsa.starfieldtech.com",
+ "http://www.startssl.com/timestamp",
+ "http://timestamp.verisign.com/scripts/timstamp.dll",
+ "http://timestamp.globalsign.com/scripts/timestamp.dll",
+ "https://rfc3161timestamp.globalsign.com/advanced"
+ )
+
+ $ex = $null
+ $signSuccessful = $false
+
+ foreach ($url in $timestampurl) {
+ Write-Host "Signing and timestamping with server $url"
+ try {
+ & AzureSignTool sign `
+ -kvu "${{ secrets.AZURE_KEYVAULT_URL }}" `
+ -kvt ${{ secrets.AZURE_KEYVAULT_TENANT_ID }} `
+ -kvi "${{ secrets.AZURE_KEYVAULT_CLIENT_ID }}" `
+ -kvs "${{ secrets.AZURE_KEYVAULT_CLIENT_SECRET }}" `
+ -kvc ${{ secrets.AZURE_KEYVAULT_CERTIFICATE_NAME }} `
+ -d "Octopus CLI" `
+ -du "https://octopus.com" `
+ -tr $url `
+ -v `
+ $env:MSI_FILE
+
+ $signSuccessful = $true
+ break
+ }
+ catch {
+ $ex = $_
+ }
+ }
+
+ if (-not $signSuccessful) {
+ Write-Error $ex
+ exit 1
+ }
+
+ - name: Attach MSI to github release
+ shell: bash
+ env:
+ MSI_FILE: ${{ steps.buildmsi.outputs.msi }}
+ GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
+ if: "!contains(needs.goreleaser.outputs.version, '-')" # skip prereleases
+ run: gh release upload "${{ needs.goreleaser.outputs.tag_name }}" "$MSI_FILE"
+
+ - name: Append MSI to artifact octopus-cli.${{ needs.goreleaser.outputs.version }}
+ uses: actions/upload-artifact@v3
+ with:
+ name: octopus-cli.${{ needs.goreleaser.outputs.version }}
+ path: ${{ steps.buildmsi.outputs.msi }}
+
+ generate-packages-and-publish:
+ needs: [goreleaser, msi]
+ runs-on: ubuntu-latest
+ env:
+ OCTOPUS_API_KEY: ${{ secrets.OCTOPUS_API_KEY }}
+ OCTOPUS_HOST: ${{ secrets.OCTOPUS_URL }}
+ OCTOPUS_SPACE: Integrations
+
+ steps:
+ - uses: actions/checkout@v3
+ - uses: nuget/setup-nuget@v1
+
+ - name: checkout OctopusDeploy/linux-package-feeds so we can take the package publish scripts from it
+ uses: actions/checkout@v3
+ with:
+ repository: OctopusDeploy/linux-package-feeds
+ token: ${{ secrets.INTEGRATIONS_FNM_BOT_TOKEN }}
+ path: linux-package-feeds
+
+ - name: Download goreleaser built binaries and MSI from artifact octopus-cli.${{ needs.goreleaser.outputs.version }}
+ uses: actions/download-artifact@v3
+ with:
+ name: octopus-cli.${{ needs.goreleaser.outputs.version }}
+ path: artifacts/
+
+ - name: Create Chocolatey NuGet package
+ env:
+ MSI_FILE: ${{ needs.msi.outputs.msi_file }}
+ run: |
+ cp artifacts/$(basename "${MSI_FILE//\\//}") build/tools
+ nuget pack ./build/cli.nuspec -Version ${{ needs.goreleaser.outputs.version }} -OutputDirectory artifacts/
+
+ - name: Copy publish-apt.sh and publish-rpm.sh
+ run: cp linux-package-feeds/source/publish-*.sh artifacts/
+
+ - name: Create combined zipfile package for Octopus Deploy
+ working-directory: artifacts
+ run: zip -r octopus-cli.${{ needs.goreleaser.outputs.version }}.zip .
+
+ - uses: OctopusDeploy/install-octopus-cli-action@v1
+ with:
+ version: latest
+
+ - uses: OctopusDeploy/push-package-action@v2
+ with:
+ packages: artifacts/octopus-cli.${{ needs.goreleaser.outputs.version }}.zip
+
+ - name: Fetch Release Notes
+ id: fetch-release-notes
+ if: "!contains(needs.goreleaser.outputs.version, '-')" # don't generate release notes for SNAPSHOT builds because there won't be a github release to get them from
+ run: |
+ echo "::debug::${{github.event_name}}"
+ OUTPUT_FILE="release_notes.txt"
+ gh view release "${{ needs.goreleaser.outputs.tag_name }}" --jq '.body' --json 'body' | sed 's#\r# #g' > $OUTPUT_FILE
+ echo "::set-output name=release-note-file::$OUTPUT_FILE"
+
+ - uses: OctopusDeploy/create-release-action@v2
+ if: "!contains(needs.goreleaser.outputs.version, '-')"
+ with:
+ project: 'cli'
+ package_version: ${{ needs.goreleaser.outputs.version }}
+ packages: 'NuGet.CommandLine:6.2.1'
+ release_notes_file: ${{ steps.fetch-release-notes.outputs.release-note-file || ''}}
+ git_ref: ${{ github.event.repository.default_branch }}
+ git_commit: ${{ github.event.after || github.event.pull_request.head.sha }}
diff --git a/.goreleaser.yaml b/.goreleaser.yaml
index 2b170210..e73455c7 100644
--- a/.goreleaser.yaml
+++ b/.goreleaser.yaml
@@ -1,5 +1,10 @@
project_name: octopus
+release:
+ prerelease: auto
+ draft: true # we publish during the Octopus deployment
+ name_template: "Octopus CLI {{.Version}}"
+
before:
hooks:
- go mod tidy
@@ -16,21 +21,33 @@ builds:
- arm64
id: "octopus"
main: ./cmd/octopus
- binary: "{{ .ProjectName }}_v{{ .Version }}"
+ binary: "{{ .ProjectName }}"
archives:
- replacements:
- darwin: Darwin
+ darwin: macOS
linux: Linux
windows: Windows
amd64: x86_64
format_overrides:
- goos: windows
format: zip
- name_template: "{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}"
+ name_template: "{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}{{ if .Arm }}v{{ .Arm }}{{ end }}"
+
+nfpms:
+ - license: Apache 2.0
+ maintainer: Octopus Deploy
+ homepage: https://github.com/OctopusDeploy/cli
+ bindir: /usr/bin
+ description: Octopus Deploy's official command line tool.
+ formats:
+ - rpm
+ - deb
+
checksum:
- name_template: '{{ .ProjectName }}_{{ .Version }}_SHA256SUMS'
+ name_template: "{{ .ProjectName }}_{{ .Version }}_SHA256SUMS"
algorithm: sha256
+
signs:
- artifacts: all
args:
@@ -42,6 +59,7 @@ signs:
"--detach-sign",
"${artifact}",
]
- stdin: '{{ .Env.GPG_PASSWORD }}'
+ stdin: "{{ .Env.GPG_PASSWORD }}"
+
changelog:
skip: true
diff --git a/.octopus/deployment_process.ocl b/.octopus/deployment_process.ocl
new file mode 100644
index 00000000..4319c966
--- /dev/null
+++ b/.octopus/deployment_process.ocl
@@ -0,0 +1,193 @@
+step "push-cli-to-chocolatey" {
+ name = "Push cli to Chocolatey"
+
+ action {
+ action_type = "Octopus.Script"
+ environments = ["production"]
+ properties = {
+ Octopus.Action.Script.ScriptBody = <<-EOT
+ $nugetPackagePath = $OctopusParameters["Octopus.Action.Package[NuGet.CommandLine].ExtractedPath"]
+ $nugetExe = Join-Path -Path $nugetPackagePath -ChildPath "Tools\nuget.exe"
+ $extractedPath = $OctopusParameters["Octopus.Action.Package[cli].ExtractedPath"]
+ $packagePath = Get-ChildItem -Path $extractedPath -Name "octopus-cli*.nupkg"
+
+ $maxAttempts = 5
+ $currentAttempt = 1
+
+ while ($currentAttempt -le $maxAttempts)
+ {
+ write-host "Pushing package ($packagePath) to Chocolatey (attempt $currentAttempt)"
+ . $nugetExe push "$packagePath" -source $OctopusParameters["Publish:Chocolatey:FeedUrl"] -apikey $OctopusParameters["Publish:Chocolatey:ApiKey"] -NonInteractive -Verbosity detailed
+ if ($LastExitCode -eq 0) {
+ exit 0
+ } else {
+ write-host "Failed to push package - nuget returned $LastExitCode"
+ $currentAttempt = $currentAttempt + 1
+ }
+ }
+ exit 1
+ EOT
+ Octopus.Action.Script.ScriptSource = "Inline"
+ Octopus.Action.Script.Syntax = "PowerShell"
+ }
+ worker_pool = "hosted-windows-2019"
+
+ packages "cli" {
+ acquisition_location = "Server"
+ feed = "octopus-server-built-in"
+ package_id = "octopus-cli"
+ properties = {
+ Extract = "True"
+ }
+ }
+
+ packages "NuGet.CommandLine" {
+ acquisition_location = "Server"
+ feed = "nuget"
+ package_id = "NuGet.CommandLine"
+ properties = {
+ Extract = "True"
+ }
+ }
+ }
+}
+
+step "create-pull-request-to-update-formula-in-homebrew" {
+ name = "Create pull request to update formula in Homebrew"
+ start_trigger = "StartWithPrevious"
+
+ action {
+ action_type = "Octopus.Script"
+ environments = ["production"]
+ properties = {
+ Octopus.Action.Script.ScriptBody = <<-EOT
+ packageVersion="$(get_octopusvariable 'Octopus.Action.Package[cli].PackageVersion')"
+ extractedPath="$(get_octopusvariable 'Octopus.Action.Package[cli].ExtractedPath')"
+
+ username="$(get_octopusvariable 'Publish:HomeBrew:Username')"
+ email="$(get_octopusvariable 'Publish:HomeBrew:UserEmail')"
+ personalAccessToken="$(get_octopusvariable 'Publish:HomeBrew:ApiKey')"
+
+ orgName="OctopusDeploy"
+ repoName="$(get_octopusvariable 'Publish:HomeBrew:RepoName')"
+
+ # https://docs.brew.sh/Homebrew-on-Linux#requirements
+ apt-get install build-essential procps curl file git --yes
+ # https://github.com/Homebrew/install/#install-homebrew-on-macos-or-linux
+ NONINTERACTIVE=1 /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
+
+ # https://docs.brew.sh/Manpage#environment
+ HOMEBREW_GIT_EMAIL=$email
+ HOMEBREW_GIT_NAME=$username
+ HOMEBREW_GITHUB_API_TOKEN=$personalAccessToken
+
+ newUrl="https://github.com/$orgName/$repoName/releases/download/v$packageVersion/octopus_$packageVersion_macOS_amd64.tar.gz"
+ newSha=$(sha256sum "$extractedPath/octopus_$packageVersion_macOS_amd64.tar.gz" | awk '{ print $1 }')
+
+ # https://docs.brew.sh/Manpage#bump-formula-pr-options-formula
+ brew bump-formula-pr \
+ --fork-org $orgName \
+ --version $packageVersion \
+ --url $newUrl \
+ --sha256 $newSha \
+ octopus
+ EOT
+ Octopus.Action.Script.ScriptSource = "Inline"
+ Octopus.Action.Script.Syntax = "Bash"
+ OctopusUseBundledTooling = "False"
+ }
+ worker_pool = "hosted-ubuntu"
+
+ container {
+ feed = "docker-hub"
+ image = "octopusdeploy/worker-tools:3.3.2-ubuntu.18.04"
+ }
+
+ packages "cli" {
+ acquisition_location = "Server"
+ feed = "octopus-server-built-in"
+ package_id = "octopus-cli"
+ properties = {
+ Extract = "True"
+ Purpose = ""
+ SelectionMode = "immediate"
+ }
+ }
+ }
+}
+
+step "publish-to-apt-repo" {
+ name = "Publish to APT repo"
+ start_trigger = "StartWithPrevious"
+
+ action {
+ action_type = "Octopus.Script"
+ environments = ["production"]
+ properties = {
+ Octopus.Action.Script.ScriptBody = <<-EOT
+ cd cli || exit
+
+ # Deploy APT repo
+ docker run --rm --volume $(pwd):/working \
+ --env PUBLISH_LINUX_EXTERNAL="$(get_octopusvariable "Publish:Linux:External")" \
+ --env PUBLISH_ARTIFACTORY_USERNAME="$(get_octopusvariable "Publish:Artifactory:Username")" \
+ --env PUBLISH_ARTIFACTORY_PASSWORD="$(get_octopusvariable "Publish:Artifactory:Password")" \
+ --env AWS_ACCESS_KEY_ID="$(get_octopusvariable "LinuxPackagePublisherAwsAccount.AccessKey")" \
+ --env AWS_SECRET_ACCESS_KEY="$(get_octopusvariable "LinuxPackagePublisherAwsAccount.SecretKey")" \
+ octopusdeploy/publish-linux bash -c 'cd /working && bash publish-apt.sh' 2>&1 || exit
+
+ EOT
+ Octopus.Action.Script.ScriptSource = "Inline"
+ Octopus.Action.Script.Syntax = "Bash"
+ }
+ worker_pool = "hosted-ubuntu"
+
+ packages "cli" {
+ acquisition_location = "Server"
+ feed = "octopus-server-built-in"
+ package_id = "octopus-cli"
+ properties = {
+ Extract = "True"
+ SelectionMode = "immediate"
+ }
+ }
+ }
+}
+
+step "publish-to-rpm-repo" {
+ name = "Publish to RPM repo"
+ start_trigger = "StartWithPrevious"
+
+ action {
+ action_type = "Octopus.Script"
+ environments = ["production"]
+ properties = {
+ Octopus.Action.Script.ScriptBody = <<-EOT
+ cd cli || exit
+
+ # Deploy RPM repo
+ docker run --rm --volume $(pwd):/working \
+ --env PUBLISH_LINUX_EXTERNAL="$(get_octopusvariable "Publish:Linux:External")" \
+ --env PUBLISH_ARTIFACTORY_USERNAME="$(get_octopusvariable "Publish:Artifactory:Username")" \
+ --env PUBLISH_ARTIFACTORY_PASSWORD="$(get_octopusvariable "Publish:Artifactory:Password")" \
+ --env AWS_ACCESS_KEY_ID="$(get_octopusvariable "LinuxPackagePublisherAwsAccount.AccessKey")" \
+ --env AWS_SECRET_ACCESS_KEY="$(get_octopusvariable "LinuxPackagePublisherAwsAccount.SecretKey")" \
+ octopusdeploy/publish-linux bash -c 'cd /working && bash publish-rpm.sh' 2>&1 || exit
+
+ EOT
+ Octopus.Action.Script.ScriptSource = "Inline"
+ Octopus.Action.Script.Syntax = "Bash"
+ }
+ worker_pool = "hosted-ubuntu"
+
+ packages "cli" {
+ acquisition_location = "Server"
+ feed = "octopus-server-built-in"
+ package_id = "octopus-cli"
+ properties = {
+ Extract = "True"
+ SelectionMode = "immediate"
+ }
+ }
+ }
+}
\ No newline at end of file
diff --git a/.octopus/deployment_settings.ocl b/.octopus/deployment_settings.ocl
new file mode 100644
index 00000000..4964b063
--- /dev/null
+++ b/.octopus/deployment_settings.ocl
@@ -0,0 +1,16 @@
+deployment_changes_template = <<-EOT
+ #{each release in Octopus.Deployment.Changes}
+ #{release.ReleaseNotes}
+ #{/each}
+ EOT
+
+connectivity_policy {
+}
+
+versioning_strategy {
+
+ donor_package {
+ package = "cli"
+ step = "push-cli-to-chocolatey"
+ }
+}
\ No newline at end of file
diff --git a/.octopus/schema_version.ocl b/.octopus/schema_version.ocl
new file mode 100644
index 00000000..c62d1c32
--- /dev/null
+++ b/.octopus/schema_version.ocl
@@ -0,0 +1 @@
+version = 5
\ No newline at end of file
diff --git a/DISTRIBUTION.md b/DISTRIBUTION.md
new file mode 100644
index 00000000..ed95da5d
--- /dev/null
+++ b/DISTRIBUTION.md
@@ -0,0 +1,82 @@
+# Distribution of the CLI
+
+This document explains the process by which the CLI is distrbuted to various package management systems, such as Homebrew, Chocolatey, and apt.
+
+## Pipeline
+
+The following process happens on each merge of a PR to main
+
+```mermaid
+graph LR
+ Developer --> |merge PR| GM[Git Main] --> |merge trigger| RP[Release-Please updates changelog PR PR]
+```
+
+When the team decides to create a release, we do so by merging the changelog PR that release-please has been keeping up to date.
+
+This creates a new GitHub release, and also a Git Tag with the corresponding version number (e.g. `v2.1`)
+
+```mermaid
+graph LR
+ Developer --> |merge changelog PR| GM[Git Main] --> |merge trigger| RP[Release-Please creates tag and github release]
+```
+
+Upon creation of the git tag, a `goreleaser` workflow runs, which builds the binaries and kicks off the distribution flow:
+
+```mermaid
+graph LR
+ RP[release-please] --> |creates tag| GM[Git] --> |tag trigger| GO[GoReleaser]
+```
+
+The GoReleaser Github Actions workflow does most of the heavy lifting, as follows
+
+## GoReleaser Github Workflow
+
+```mermaid
+flowchart TD
+goreleaser --> msi --> generate-packages-and-publish
+
+subgraph "goreleaser"
+ build --> uploadToGHA
+
+ build[Build CLI binaries for all architectures including deb, rpm]
+ uploadToGHA[Upload binaries+linux packages to GHA artifact]
+end
+subgraph "msi"
+ fetch --> buildmsi --> signmsi --> attachMSIToRelease --> uploadMSIToGHA
+
+ fetch[Fetch GHA artifact]
+ buildmsi[Build MSI installer]
+ signmsi[Sign MSI installer]
+ attachMSIToRelease["Attach MSI to GHA release"]
+ uploadMSIToGHA["Upload(append) MSI to GHA artifact"]
+end
+subgraph generate-packages-and-publish
+ fetch2 --> getScripts --> choco --> zipall --> octoPush --> octoRelease
+
+ fetch2[Fetch MSI + CLI Binaries from GHA artifact]
+ getScripts[Copy scripts to publish rpm and deb from OctopusDeploy/linux-package-feeds]
+ choco[Create chocolatey package]
+ zipall[Create octopus-cli-VERSION.zip with all packages and scripts]
+ octoPush[Push octopus-cli-VERSION.zip to octopus deploy]
+ octoRelease[Create release in octopus deploy using VERSION]
+end
+```
+
+After which point Octopus is used to publish the packages to the external marketplaces, using the following deployment process.
+The lifecycle is configured to automatically deploy upon release creation
+
+## Octopus Deployment Process
+
+```mermaid
+flowchart LR
+start[Fetch octopus-cli-VERSION.zip]
+choco-push[Push CLI to chocolatey]
+homebrew-pr[Create pull request to update homebrew]
+apt-push[Publish to APT repo]
+rpm-push[Publish to RPM repo]
+
+start-->choco-push
+start-->homebrew-pr
+start-->apt-push
+start-->rpm-push
+```
\ No newline at end of file
diff --git a/build/cli.nuspec b/build/cli.nuspec
new file mode 100644
index 00000000..7d887214
--- /dev/null
+++ b/build/cli.nuspec
@@ -0,0 +1,32 @@
+
+
+
+ octopus-cli
+ Octopus CLI
+ $version$
+ Octopus Deploy
+ Octopus Deploy
+ Command line wrapper for continuous deployments that makes you better at Octopus Deploy.
+ octopus is Octopus Deploy on the command line. It brings releases, deployments, and other Octopus Deploy concepts to the terminal next to where you are already working with projects and your continuous deployment processes.
+
+### Usage
+```
+octopus release [list, create, delete]
+octopus account [aws|azure|gcp|ssh|token|username] [list, create]
+octopus help
+```
+
+ https://github.com/OctopusDeploy/cli/releases/latest
+ en-US
+ false
+ Apache-2.0
+ https://github.com/OctopusDeploy/cli/
+
+ tools\icon.png
+ automation deployment
+ true
+
+
+
+
+
diff --git a/build/tools/LICENSE.txt b/build/tools/LICENSE.txt
new file mode 100644
index 00000000..9db683f8
--- /dev/null
+++ b/build/tools/LICENSE.txt
@@ -0,0 +1,16 @@
+From: https://github.com/OctopusDeploy/cli/blob/main/LICENSE
+
+LICENSE
+
+Copyright (c) Octopus Deploy and contributors. All rights reserved.
+
+Licensed under the Apache License, Version 2.0 (the "License"); you may not use
+these files except in compliance with the License. You may obtain a copy of the
+License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software distributed
+under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
+CONDITIONS OF ANY KIND, either express or implied. See the License for the
+specific language governing permissions and limitations under the License.
diff --git a/build/tools/VERIFICATION.txt b/build/tools/VERIFICATION.txt
new file mode 100644
index 00000000..95d846a1
--- /dev/null
+++ b/build/tools/VERIFICATION.txt
@@ -0,0 +1,5 @@
+VERIFICATION
+Verification is intended to assist the Chocolatey moderators and community
+in verifying that this package's contents are trustworthy.
+
+This package is published by the Octopus Deploy team itself.
\ No newline at end of file
diff --git a/build/tools/chocolateyInstall.ps1 b/build/tools/chocolateyInstall.ps1
new file mode 100644
index 00000000..9f48d2ee
--- /dev/null
+++ b/build/tools/chocolateyInstall.ps1
@@ -0,0 +1,13 @@
+$ErrorActionPreference = 'Stop'
+
+$toolsDir = "$(Split-Path -parent $MyInvocation.MyCommand.Definition)"
+$logMsi = Join-Path -Path $env:TEMP -ChildPath ("{0}-{1}-MsiInstall.log" -f $env:ChocolateyPackageName, $env:chocolateyPackageVersion)
+
+$packageArgs = @{
+ packageName = $env:ChocolateyPackageName
+ fileType = 'MSI'
+ silentArgs = "/qn /norestart `"$logMsi`""
+ file64 = Join-Path -Path $toolsDir -ChildPath "octopus_$($env:ChocolateyPackageVersion)_windows_amd64.msi"
+}
+
+Install-ChocolateyInstallPackage @packageArgs
\ No newline at end of file
diff --git a/build/tools/icon.png b/build/tools/icon.png
new file mode 100644
index 00000000..4d8cd6e8
Binary files /dev/null and b/build/tools/icon.png differ
diff --git a/build/windows/octopus.wixproj b/build/windows/octopus.wixproj
new file mode 100644
index 00000000..cbbfdabd
--- /dev/null
+++ b/build/windows/octopus.wixproj
@@ -0,0 +1,38 @@
+
+
+
+ Release
+ x64
+ 0.1.0
+ $(MSBuildProjectName)
+ package
+ $([MSBuild]::NormalizeDirectory($(MSBuildProjectDirectory)\..\..))
+ $(RepoPath)bin\$(Platform)\
+ $(RepoPath)bin\obj\$(Platform)\
+
+ $(DefineConstants);
+ ProductVersion=$(ProductVersion);
+
+ ICE39
+ false
+ $(MSBuildExtensionsPath)\Microsoft\WiX\v3.x\Wix.targets
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/build/windows/octopus.wxs b/build/windows/octopus.wxs
new file mode 100644
index 00000000..eebf56f9
--- /dev/null
+++ b/build/windows/octopus.wxs
@@ -0,0 +1,57 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/build/windows/ui.wxs b/build/windows/ui.wxs
new file mode 100644
index 00000000..84d5be2e
--- /dev/null
+++ b/build/windows/ui.wxs
@@ -0,0 +1,54 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ 1
+ "1"]]>
+
+ 1
+
+ NOT Installed
+ Installed AND PATCH
+
+ 1
+ 1
+ NOT WIXUI_DONTVALIDATEPATH
+ "1"]]>
+ WIXUI_DONTVALIDATEPATH OR WIXUI_INSTALLDIR_VALID="1"
+ 1
+ 1
+
+ NOT Installed
+ Installed AND NOT PATCH
+ Installed AND PATCH
+
+ 1
+
+ 1
+ 1
+ 1
+
+
+
+
+
+
+
\ No newline at end of file