-
Notifications
You must be signed in to change notification settings - Fork 0
170 lines (149 loc) · 6.5 KB
/
main.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
name: Build Matrix
on:
# run for all pull requests that should go into the master
pull_request:
branches:
- master
# run when a new semantic version tag got pushed (a release)
push:
tags:
- "v[0-9]+.[0-9]+(.[0-9]+)?(-[a-z]+(.[0-9])?)?"
# allow to run the workflow manually from the actions tab
workflow_dispatch:
jobs:
variables:
outputs:
ref_name: ${{ steps.var.outputs.ref_name}}
runs-on: "ubuntu-20.04"
steps:
- name: Setting Global Variables
uses: actions/github-script@v6
id: var
with:
script: |
core.setOutput('ref_name', '${{ github.ref_name }}'.toLowerCase().replaceAll(/[/\\*?]/g, '_').trim());
build:
name: ${{ matrix.config.name }}
needs: [variables]
runs-on: ${{ matrix.config.os }}
strategy:
fail-fast: false
matrix:
config:
- {
name: "Windows",
executable_name: "AFEC-Explorer.exe",
os: windows-2022,
}
- {
name: "Ubuntu",
executable_name: "afec-explorer",
os: ubuntu-20.04,
}
- {
name: "macOS",
executable_name: "AFEC-Explorer.app",
os: macos-13,
}
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Rust Setup (Windows & Linux)
uses: dtolnay/rust-toolchain@stable
if: ${{ matrix.config.name != 'macOS' }}
- name: Rust Setup (macOS)
uses: dtolnay/rust-toolchain@stable
with:
targets: "aarch64-apple-darwin, x86_64-apple-darwin"
if: ${{ matrix.config.name == 'macOS' }}
- name: Rust Cache
uses: swatinem/rust-cache@v2
with:
workspaces: "./src-tauri -> target"
- name: Node Setup
uses: actions/setup-node@v3
with:
node-version: "lts/*"
cache: "npm"
- name: System dependencies (Linux)
run: |
sudo apt update
sudo apt install -y libasound2-dev libjack-dev
sudo apt install -y libgtk-3-dev libwebkit2gtk-4.0-dev
if: ${{ matrix.config.name == 'Ubuntu' }}
- name: Node dependencies
run: npm ci
- name: Build (Windows)
run: npm run tauri build
if: ${{ matrix.config.name == 'Windows' }}
- name: Build (Linux)
run: npm run tauri build
if: ${{ matrix.config.name == 'Ubuntu' }}
- name: Build (macOS)
run: npm run tauri build -- --target universal-apple-darwin
if: ${{ matrix.config.name == 'macOS' }}
- name: Code Sign (Windows)
env:
WINDOWS_CODE_CERT_DATA: ${{ secrets.WINDOWS_CODE_CERT_DATA }}
WINDOWS_CODE_CERT_PASS: ${{ secrets.WINDOWS_CODE_CERT_PASS }}
if: ${{ matrix.config.name == 'Windows' && env.WINDOWS_CODE_CERT_DATA != null && env.WINDOWS_CODE_CERT_PASS != null }}
uses: lando/code-sign-action@v2
with:
file: ./src-tauri/target/release/${{ matrix.config.executable_name }}
certificate-data: ${{ secrets.WINDOWS_CODE_CERT_DATA }}
certificate-password: ${{ secrets.WINDOWS_CODE_CERT_PASS }}
- name: Code Sign (macOS)
env:
MACOS_CODE_CERT_DATA: ${{ secrets.MACOS_CODE_CERT_DATA }}
MACOS_CODE_CERT_PASS: ${{ secrets.MACOS_CODE_CERT_PASS }}
MACOS_CODE_CERT_TEAM_ID: ${{ secrets.MACOS_CODE_CERT_TEAM_ID }}
MACOS_EXECUTABLE_PATH: ./src-tauri/target/universal-apple-darwin/release/bundle/macos/${{ matrix.config.executable_name }}
if: ${{ matrix.config.name == 'macOS' && env.MACOS_CODE_CERT_DATA != null && env.MACOS_CODE_CERT_PASS != null && env.MACOS_CODE_CERT_TEAM_ID != null }}
run: |
echo $MACOS_CODE_CERT_DATA | base64 --decode > certificate.p12
security create-keychain -p $MACOS_CODE_CERT_PASS build.keychain
security default-keychain -s build.keychain
security unlock-keychain -p $MACOS_CODE_CERT_PASS build.keychain
security import certificate.p12 -k build.keychain -P $MACOS_CODE_CERT_PASS -T /usr/bin/codesign
security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k $MACOS_CODE_CERT_PASS build.keychain
/usr/bin/codesign --force -s $MACOS_CODE_CERT_TEAM_ID --entitlements ./src-tauri/entitlements.plist --deep --options=runtime "$MACOS_EXECUTABLE_PATH"
- name: Notarize (macOS)
env:
MACOS_NOTARY_USER: ${{ secrets.MACOS_NOTARY_USER }}
MACOS_NOTARY_PASS: ${{ secrets.MACOS_NOTARY_PASS }}
if: ${{ matrix.config.name == 'macOS' && env.MACOS_NOTARY_USER != null && env.MACOS_NOTARY_USER != null }}
uses: lando/notarize-action@v2
with:
appstore-connect-username: ${{ secrets.MACOS_NOTARY_USER }}
appstore-connect-password: ${{ secrets.MACOS_NOTARY_PASS }}
appstore-connect-team-id: ${{ secrets.MACOS_CODE_CERT_TEAM_ID }}
primary-bundle-id: org.emuell.afec
product-path: ./src-tauri/target/universal-apple-darwin/release/bundle/macos/${{ matrix.config.executable_name }}
verbose: false
- name: Upload Artifact (Windows)
if: ${{ matrix.config.name == 'Windows' }}
uses: actions/upload-artifact@v3
with:
name: "AFEC-Explorer-${{ needs.variables.outputs.ref_name }}-windows"
path: ./src-tauri/target/release/*.exe
if-no-files-found: error
- name: Prepare Upload Artifact (Linux)
if: ${{ matrix.config.name == 'Ubuntu' }}
run: cd ./src-tauri/target/release && tar -cvf ${{ matrix.config.executable_name }}.tar ${{ matrix.config.executable_name }}
- name: Upload Artifact (Linux)
if: ${{ matrix.config.name == 'Ubuntu' }}
uses: actions/upload-artifact@v3
with:
name: "AFEC-Explorer-${{ needs.variables.outputs.ref_name }}-linux"
path: ./src-tauri/target/release/*.tar
if-no-files-found: error
- name: Prepare Upload Artifact (macOS)
if: ${{ matrix.config.name == 'macOS' }}
run: cd ./src-tauri/target/universal-apple-darwin/release/bundle/macos && tar -cvf ${{ matrix.config.executable_name }}.tar ${{ matrix.config.executable_name }}
- name: Upload Artifact (macOS)
if: ${{ matrix.config.name == 'macOS' }}
uses: actions/upload-artifact@v3
with:
name: "AFEC-Explorer-${{ needs.variables.outputs.ref_name }}-macOS"
path: ./src-tauri/target/universal-apple-darwin/release/bundle/macos/*.tar
if-no-files-found: error