1.0.2 #80
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| push: | |
| tags: | |
| - 'v*' | |
| workflow_dispatch: | |
| env: | |
| NODE_OPTIONS: '--max_old_space_size=4096' | |
| TAURI_PRIVATE_KEY: ${{ secrets.TAURI_PRIVATE_KEY }} | |
| APP_SIGNAL_REVISION: ${{ github.ref_name }} | |
| CX_API_URL: ${{ vars.CX_API_URL }} | |
| CX_REPO_RELEASE: ${{ vars.CX_REPO_RELEASE }} | |
| CX_WEB_URL: ${{ vars.CX_WEB_URL }} | |
| APP_SIGNAL_KEY: ${{ secrets.APP_SIGNAL_KEY }} | |
| GITHUB_SHA: ${{ github.sha }} | |
| # See for windows build: https://github.com/phcode-dev/phoenix-desktop/tree/main and https://github.com/phcode-dev/signtool discord: https://discord.com/channels/616186924390023171/1047150269156294677/threads/1126473205905887337 | |
| jobs: | |
| create-release: | |
| permissions: | |
| contents: write | |
| runs-on: ubuntu-20.04 | |
| outputs: | |
| release_id: ${{ steps.create-release.outputs.result }} | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: setup node | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: lts/* | |
| - name: create release | |
| id: create-release | |
| uses: actions/github-script@v6 | |
| with: | |
| script: | | |
| const { data } = await github.rest.repos.createRelease({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| tag_name: `${{ github.ref_name }}`, | |
| name: `Code Expert Sync ${{ github.ref_name }}`, | |
| body: 'Take a look at the assets to download and install this app.', | |
| draft: true, | |
| prerelease: false | |
| }) | |
| return data.id | |
| build-tauri: | |
| needs: create-release | |
| permissions: | |
| contents: write | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| platform: [macos-13, ubuntu-20.04, windows-latest] | |
| runs-on: ${{ matrix.platform }} | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Rust setup | |
| uses: hecrj/setup-rust-action@v2 | |
| - name: Rust cache | |
| uses: swatinem/rust-cache@v2 | |
| with: | |
| workspaces: './src-tauri -> target' | |
| - name: Sync node version and setup cache | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: 'lts/*' | |
| cache: 'yarn' # Set this to npm, yarn or pnpm. | |
| - name: install dependencies (ubuntu only) | |
| if: matrix.platform == 'ubuntu-20.04' | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y libgtk-3-dev libwebkit2gtk-4.0-dev libappindicator3-dev librsvg2-dev patchelf | |
| - name: Setup aarch64 requirements | |
| if: matrix.platform == 'macos-13' | |
| run: 'rustup target add aarch64-apple-darwin' | |
| - name: install frontend dependencies | |
| run: yarn && yarn build | |
| - name: install AzureSignTool (windows only) | |
| if: matrix.platform == 'windows-latest' | |
| run: | | |
| dotnet tool install --global AzureSignTool | |
| - name: import certificate for signing (windows only) | |
| if: matrix.platform == 'windows-latest' | |
| run: | | |
| echo "${{ secrets.AZURE_EV_CERT }}" > secret.cer | |
| Import-Certificate -FilePath .\secret.cer -CertStoreLocation Cert:\LocalMachine\My | |
| shell: powershell | |
| - name: patch signTool (windows only) | |
| if: matrix.platform == 'windows-latest' | |
| run: Start-Process -FilePath .\src-build\win\copy_sign_tool.exe -Verb RunAs | |
| shell: powershell | |
| - name: setup env for signing (windows only) | |
| if: matrix.platform == 'windows-latest' | |
| env: | |
| TAURI_PRIVATE_KEY: ${{ secrets.TAURI_PRIVATE_KEY }} | |
| TAURI_KEY_PASSWORD: ${{ secrets.TAURI_KEY_PASSWORD }} | |
| AZURE_KEY_VAULT_URI: ${{ secrets.AZURE_KEY_VAULT_URI }} | |
| AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} | |
| AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} | |
| AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} | |
| AZURE_CERT_NAME: ${{ secrets.AZURE_CERT_NAME }} | |
| AZURE_COMPANY_NAME: ${{ secrets.AZURE_COMPANY_NAME }} | |
| run: | | |
| $jsonContent = @{ | |
| "AZURE_KEY_VAULT_URI" = $env:AZURE_KEY_VAULT_URI | |
| "AZURE_CLIENT_ID" = $env:AZURE_CLIENT_ID | |
| "AZURE_TENANT_ID" = $env:AZURE_TENANT_ID | |
| "AZURE_CLIENT_SECRET" = $env:AZURE_CLIENT_SECRET | |
| "AZURE_CERT_NAME" = $env:AZURE_CERT_NAME | |
| "AZURE_COMPANY_NAME" = $env:AZURE_COMPANY_NAME | |
| } | |
| $jsonContent | ConvertTo-Json | Out-File -FilePath ./secrets.json -Encoding utf8 | |
| # Load content from the file | |
| $content = Get-Content -Path "./secrets.json" -Raw | |
| # Replace \r\n with \n | |
| $content = $content -replace "`r`n", "`n" | |
| # Write the content back to the file | |
| Set-Content -Path "./secrets.json" -Value $content | |
| shell: powershell | |
| - uses: tauri-apps/tauri-action@v0 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| TAURI_PRIVATE_KEY: ${{ secrets.TAURI_PRIVATE_KEY }} | |
| TAURI_KEY_PASSWORD: ${{ secrets.TAURI_KEY_PASSWORD }} | |
| ENABLE_CODE_SIGNING: ${{ secrets.APPLE_CERTIFICATE }} | |
| APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }} | |
| APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }} | |
| APPLE_SIGNING_IDENTITY: ${{ secrets.APPLE_SIGNING_IDENTITY }} | |
| APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} | |
| APPLE_ID: ${{ secrets.APPLE_ID }} | |
| APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }} | |
| with: | |
| releaseId: ${{ needs.create-release.outputs.release_id }} | |
| args: ${{ matrix.platform == 'macos-13' && '--target aarch64-apple-darwin' || '' }} | |
| publish-release: | |
| permissions: | |
| contents: write | |
| runs-on: ubuntu-20.04 | |
| needs: [create-release, build-tauri] | |
| steps: | |
| - name: publish release | |
| id: publish-release | |
| uses: actions/github-script@v6 | |
| env: | |
| release_id: ${{ needs.create-release.outputs.release_id }} | |
| with: | |
| script: | | |
| github.rest.repos.updateRelease({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| release_id: process.env.release_id, | |
| draft: true, | |
| prerelease: false | |
| }) |