publish #29
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "publish" | |
| # change this when ready to release if you want CI/CD | |
| on: workflow_dispatch | |
| env: | |
| CN_APPLICATION: cap/cap | |
| APP_CARGO_TOML: apps/desktop-solid/src-tauri/Cargo.toml | |
| jobs: | |
| draft: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| version: ${{ steps.read_version.outputs.value }} | |
| needs_release: ${{ steps.create_tag.outputs.tag_existed != 'true' }} | |
| permissions: | |
| contents: write | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Read version number | |
| uses: SebRollen/[email protected] | |
| id: read_version | |
| with: | |
| file: ${{ env.APP_CARGO_TOML }} | |
| field: "package.version" | |
| - name: Create tag | |
| id: create_tag | |
| if: ${{ steps.create_tag.outputs.tag_existed != 'true' }} | |
| uses: actions/github-script@v7 | |
| with: | |
| script: | | |
| const tag = "cap-${{ steps.read_version.outputs.value }}"; | |
| const tagRef = `tags/${tag}`; | |
| const TAG_EXISTED = "tag_existed"; | |
| async function main() { | |
| let tagExisted = true; | |
| try { | |
| await github.rest.git.getRef({ | |
| ref: tagRef, | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| }); | |
| tagExisted = true; | |
| core.notice(`Release skipped as tag '${tag}' already exists. Update the version in '${{ env.APP_CARGO_TOML }}' before starting another release.`); | |
| } catch (error) { | |
| if ("status" in error && error.status === 404) tagExisted = false; | |
| else throw error; | |
| } | |
| core.setOutput(TAG_EXISTED, tagExisted); | |
| if (!tagExisted) | |
| await github.rest.git.createRef({ | |
| ref: `refs/${tagRef}`, | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| sha: context.sha, | |
| }); | |
| } | |
| main(); | |
| - name: create draft release | |
| uses: crabnebula-dev/cloud-release@v0 | |
| with: | |
| command: release draft ${{ env.CN_APPLICATION }} ${{ steps.read_version.outputs.value }} --framework tauri | |
| api-key: ${{ secrets.CN_API_KEY }} | |
| build: | |
| needs: draft | |
| if: ${{ needs.draft.outputs.needs_release == 'true' }} | |
| permissions: | |
| contents: write | |
| runs-on: macos-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| settings: | |
| - target: x86_64-apple-darwin | |
| prebuild: x86_64 | |
| - target: aarch64-apple-darwin | |
| prebuild: aarch64 | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Create API Key File | |
| run: echo "${{ secrets.APPLE_API_KEY_FILE }}" > api.p8 | |
| - uses: apple-actions/import-codesign-certs@v2 | |
| with: | |
| p12-file-base64: ${{ secrets.APPLE_CERTIFICATE }} | |
| p12-password: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }} | |
| - name: Verify certificate | |
| run: security find-identity -v -p codesigning ${{ runner.temp }}/build.keychain | |
| - name: Rust setup | |
| uses: dtolnay/rust-toolchain@stable | |
| with: | |
| targets: ${{ matrix.settings.target }} | |
| - name: Rust cache | |
| uses: swatinem/rust-cache@v2 | |
| with: | |
| shared-key: ${{ matrix.settings.target }} | |
| - name: Setup pnpm | |
| uses: pnpm/action-setup@v4 | |
| with: | |
| version: 8.10.5 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: "20" | |
| cache: pnpm | |
| - name: Install dependencies | |
| run: pnpm install | |
| - name: Create .env file in root | |
| run: | | |
| echo "appVersion=${{ needs.draft.outputs.version }}" >> .env | |
| echo "CAP_DESKTOP_SENTRY_URL=https://efd3156d9c0a8a49bee3ee675bec80d8@o4506859771527168.ingest.us.sentry.io/4506859844403200" >> .env | |
| echo "NEXT_PUBLIC_URL=${{ secrets.NEXT_PUBLIC_URL }}" >> .env | |
| echo 'NEXTAUTH_URL=${NEXT_PUBLIC_URL}' >> .env | |
| echo 'VITE_SERVER_URL=${NEXT_PUBLIC_URL}' >> .env | |
| - name: Copy .env to apps/desktop-solid | |
| run: cp .env apps/desktop-solid/.env | |
| - name: Output .env file | |
| run: cat apps/desktop-solid/.env | |
| - name: Build MacOS Apps | |
| # Install x86_64-apple-darwin for mac and build Tauri binaries | |
| # Build both intel and apple silicon | |
| working-directory: apps/desktop-solid | |
| run: | | |
| pnpm install | |
| node ${{ github.workspace }}/.github/prebuild.js ${{ matrix.settings.prebuild }} | |
| pnpm tauri build --target ${{ matrix.settings.target }} | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }} | |
| APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }} | |
| APPLE_SIGNING_IDENTITY: ${{ secrets.APPLE_SIGNING_IDENTITY }} | |
| # APPLE_ID: ${{ secrets.APPLE_ID }} | |
| # APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }} | |
| # APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} | |
| APPLE_API_ISSUER: ${{ secrets.APPLE_API_ISSUER }} | |
| APPLE_API_KEY: ${{ secrets.APPLE_API_KEY }} | |
| APPLE_API_KEY_PATH: ${{ github.workspace }}/api.p8 | |
| APPLE_KEYCHAIN: ${{ runner.temp }}/build.keychain | |
| TAURI_SIGNING_PRIVATE_KEY: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY }} | |
| TAURI_SIGNING_PRIVATE_KEY_PASSWORD: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY_PASSWORD }} | |
| - name: upload assets | |
| uses: crabnebula-dev/cloud-release@v0 | |
| with: | |
| command: release upload ${{ env.CN_APPLICATION }} "${{ needs.draft.outputs.version }}" --framework tauri | |
| api-key: ${{ secrets.CN_API_KEY }} |