bump rust-utils version #166
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: 'publish' | |
on: | |
push: | |
branches: | |
- release-test | |
jobs: | |
extract-versions: | |
uses: ./.github/workflows/get-versions.yaml | |
create-draft-release: | |
needs: extract-versions | |
runs-on: ubuntu-latest | |
outputs: | |
release_id: ${{ steps.create_release.outputs.id }} | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-node@v4 | |
with: | |
node-version: '18' | |
- name: Create Draft Release | |
id: create_release | |
uses: ncipollo/release-action@v1 | |
with: | |
tag: v${{ needs.extract-versions.outputs.version }} | |
commit: ${{ github.sha }} | |
name: v${{ needs.extract-versions.outputs.version }} (Holochain v${{ needs.extract-versions.outputs.holochain_version }}) | |
draft: true | |
generateReleaseNotes: true | |
omitBodyDuringUpdate: true | |
allowUpdates: true | |
publish: | |
needs: [extract-versions, create-draft-release] | |
strategy: | |
fail-fast: false | |
matrix: | |
platform: [windows-2019, macos-12, macos-latest, ubuntu-22.04] | |
# platform: [ubuntu-22.04, macos-12] | |
# platform: [windows-2019] | |
env: | |
MACOSX_DEPLOYMENT_TARGET: 10.13 | |
permissions: | |
contents: write | |
runs-on: ${{ matrix.platform }} | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Setup for macOS code signing | |
if: matrix.platform == 'macos-12' || matrix.platform == 'macos-latest' | |
uses: matthme/import-codesign-certs@5565bb656f60c98c8fc515f3444dd8db73545dc2 | |
with: | |
p12-file-base64: ${{ secrets.APPLE_CERTIFICATE }} | |
p12-password: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }} | |
- name: setup node | |
uses: actions/setup-node@v4 | |
with: | |
node-version: 18 | |
- name: Retrieve version | |
run: | | |
echo "Retrieved App version: $(node -p -e "require('./package.json').version")" | |
echo "APP_VERSION=$(node -p -e "require('./package.json').version")" >> $GITHUB_OUTPUT | |
id: version | |
shell: bash | |
- name: install Rust stable | |
uses: actions-rs/toolchain@v1 | |
with: | |
override: true | |
toolchain: stable | |
- name: install Go stable | |
uses: actions/setup-go@v4 | |
with: | |
go-version: 'stable' | |
- name: Cache rust-utils build | |
id: cache-rust-utils | |
uses: actions/cache@v4 | |
with: | |
path: rust-utils/dist | |
key: ${{ matrix.platform }}-rust-utils-${{ needs.extract-versions.outputs.rust_utils_version }} | |
- name: Conditionally Setup rust-utils | |
if: steps.cache-rust-utils.outputs.cache-hit != 'true' | |
run: yarn build:rust-utils | |
- name: build and install libs and dependencies | |
run: yarn build:libs | |
- name: Download default apps and binaries | |
run: | | |
mkdir resources/default-apps | |
yarn fetch:apps-and-binaries | |
- name: build and upload the app (macOS arm64) | |
if: matrix.platform == 'macos-latest' | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
APPLE_DEV_IDENTITY: ${{ secrets.APPLE_SIGNING_IDENTITY }} | |
APPLE_ID_EMAIL: ${{ secrets.APPLE_ID }} | |
APPLE_ID_PASSWORD: ${{ secrets.APPLE_PASSWORD }} | |
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} | |
DEBUG: electron-osx-sign*,electron-notarize* | |
run: | | |
yarn build:mac-arm64 | |
ls dist | |
- name: build and upload the app (macOS x64) | |
if: matrix.platform == 'macos-12' | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
APPLE_DEV_IDENTITY: ${{ secrets.APPLE_SIGNING_IDENTITY }} | |
APPLE_ID_EMAIL: ${{ secrets.APPLE_ID }} | |
APPLE_ID_PASSWORD: ${{ secrets.APPLE_PASSWORD }} | |
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} | |
DEBUG: electron-osx-sign*,electron-notarize* | |
run: | | |
yarn build:mac-x64 | |
ls dist | |
- name: build and upload the app (Linux) | |
if: matrix.platform == 'ubuntu-22.04' | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run: | | |
yarn build:linux | |
ls dist | |
# Modify the postinst script of the .deb file | |
node ./scripts/extend-deb-postinst.mjs | |
gh release upload "v${{ steps.version.outputs.APP_VERSION }}" "latest-linux.yml" --clobber | |
gh release upload "v${{ steps.version.outputs.APP_VERSION }}" "dist/holochain-launcher-0.4_${{ steps.version.outputs.APP_VERSION }}_amd64.deb" --clobber | |
- name: build, sign and upload the app (Windows) | |
if: matrix.platform == 'windows-2019' | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run: | | |
yarn build:win | |
ls dist | |
dotnet tool install --global --version 4.0.1 AzureSignTool | |
echo "sha512 before code signing" | |
CertUtil -hashfile "dist/holochain-launcher-0.4-${{ steps.version.outputs.APP_VERSION }}-setup.exe" SHA512 | |
AzureSignTool sign -kvu "${{ secrets.AZURE_KEY_VAULT_URI }}" -kvi "${{ secrets.AZURE_CLIENT_ID }}" -kvt "${{ secrets.AZURE_TENANT_ID }}" -kvs "${{ secrets.AZURE_CLIENT_SECRET }}" -kvc ${{ secrets.AZURE_CERT_NAME }} -tr http://timestamp.digicert.com -v "dist/holochain-launcher-0.4-${{ steps.version.outputs.APP_VERSION }}-setup.exe" | |
echo "sha512 after code signing" | |
CertUtil -hashfile "dist/holochain-launcher-0.4-${{ steps.version.outputs.APP_VERSION }}-setup.exe" SHA512 | |
# Overwrite the latest.yml with one containing the sha512 of the code signed setup.exe file | |
node ./scripts/latest-yaml.js | |
gh release upload "v${{ steps.version.outputs.APP_VERSION }}" "latest.yml" --clobber | |
# Overwrite the setup.exe file with the code signed one | |
gh release upload "v${{ steps.version.outputs.APP_VERSION }}" "dist/holochain-launcher-0.4-${{ steps.version.outputs.APP_VERSION }}-setup.exe" --clobber | |
- name: Merge latest-mac.yml mac release files | |
if: matrix.platform == 'macos-latest' || matrix.platform == 'macos-12' | |
run: | | |
node ./scripts/merge-mac-yamls.mjs | |
env: | |
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
# mark-as-prerelease: | |
# needs: [publish, create-draft-release] | |
# runs-on: ubuntu-latest | |
# steps: | |
# - uses: actions/checkout@v4 | |
# - uses: actions/setup-node@v4 | |
# with: | |
# node-version: '18' | |
# - name: Mark release as pre-release | |
# run: | | |
# curl \ | |
# -X PATCH \ | |
# -H "Accept: application/vnd.github.v3+json" \ | |
# -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \ | |
# https://api.github.com/repos/${{ github.repository }}/releases/${{ needs.create-draft-release.outputs.release_id }} \ | |
# -d '{ | |
# "prerelease": true, | |
# "draft": false | |
# }' | |