Skip to content

Merge pull request #2508 from planetarium/hotfix/2.7.7 #413

Merge pull request #2508 from planetarium/hotfix/2.7.7

Merge pull request #2508 from planetarium/hotfix/2.7.7 #413

Workflow file for this run

name: Release
on:
push:
branches:
- release/*
- hotfix/*
- preview/*
tags: ["*"]
permissions:
id-token: write
contents: read
concurrency:
group: release
jobs:
release:
strategy:
fail-fast: false
matrix:
include:
- packCmd: l
os: ubuntu-latest
- packCmd: m
os: macos-latest
- packCmd: w
os: macos-latest
runs-on: ${{ matrix.os }}
environment:
name: ${{ startsWith(github.event.ref, 'refs/tags/') && 'main' || startsWith(github.event.ref, 'refs/heads/preview/') && 'preview' || 'internal' }}
steps:
- uses: actions/[email protected]
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v3
with:
role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/${{ secrets.AWS_ROLE_TO_ASSUME }}
role-session-name: GitHubActions-${{ github.run_id }}
role-duration-seconds: 3000
aws-region: ap-northeast-2
- name: Set up Java
uses: actions/[email protected]
with:
distribution: "temurin"
java-version: "11"
- name: Sync time on Ubuntu
continue-on-error: true
if: runner.os == 'Linux'
run: sudo chronyc -a makestep
- name: Sync time on macOS
continue-on-error: true
if: runner.os == 'macOS'
run: |
UNIX_TIMESTAMP=$(curl -s http://worldtimeapi.org/api/ip | jq '.unixtime')
echo "Unix timestamp is: $UNIX_TIMESTAMP"
sudo systemsetup -setusingnetworktime off
sudo date -r $UNIX_TIMESTAMP
sudo systemsetup -setusingnetworktime on
- name: Copy builder config
shell: bash
run: |
sh scripts/download-codesigner.sh
if [[ "${{ startsWith(github.event.ref, 'refs/tags/') }}" == true ]]
then
sed "s/Please replace it/${{ secrets.APPLE_TEAM_ID }}/g" electron-builder.main.yml > temp2.txt
mv temp2.txt electron-builder.main.yml
elif [[ "${{ startsWith(github.event.ref, 'refs/heads/preview/') }}" == true ]]
then
timestamp=$(date +%y%m%d%H%M%S)
version=$(jq -r .version package.json | awk -F'.' '{print $1"."$2}')
jq --arg version "$version.$timestamp" '.version = $version' package.json > tmp.$$.json && mv tmp.$$.json package.json
jq --arg suffix " Preview" '.productName += $suffix' package.json > tmp.$$.json && mv tmp.$$.json package.json
jq --arg suffix "Preview" '.name += $suffix' package.json > tmp.$$.json && mv tmp.$$.json package.json
sed 's/NineChronicles@workspace/NineChroniclesPreview@workspace/g' yarn.lock > temp1.txt
mv temp1.txt yarn.lock
mv ./signing/sandbox_code_sign_tool.properties ./tmp/codesign/conf/code_sign_tool.properties
sed "s/Please replace it/${{ secrets.APPLE_TEAM_ID }}/g" electron-builder.preview.yml > temp2.txt
mv temp2.txt electron-builder.preview.yml
else
timestamp=$(date +%y%m%d%H%M%S)
version=$(jq -r .version package.json | awk -F'.' '{print $1"."$2}')
jq --arg version "$version.$timestamp" '.version = $version' package.json > tmp.$$.json && mv tmp.$$.json package.json
jq --arg suffix " Internal" '.productName += $suffix' package.json > tmp.$$.json && mv tmp.$$.json package.json
jq --arg suffix "Internal" '.name += $suffix' package.json > tmp.$$.json && mv tmp.$$.json package.json
sed 's/NineChronicles@workspace/NineChroniclesInternal@workspace/g' yarn.lock > temp1.txt
mv temp1.txt yarn.lock
mv ./signing/sandbox_code_sign_tool.properties ./tmp/codesign/conf/code_sign_tool.properties
sed "s/Please replace it/${{ secrets.APPLE_TEAM_ID }}/g" electron-builder.internal.yml > temp2.txt
mv temp2.txt electron-builder.internal.yml
fi
- name: Cache electron-gyp
uses: actions/[email protected]
with:
path: ~/.electron-gyp
key: ${{ runner.os }}-electron-gyp
- uses: actions/[email protected]
with:
node-version: 20
cache: "yarn"
- name: Install
shell: bash
run: yarn
- name: Set environment variables for Mac
if: matrix.packCmd == 'm'
run: |
echo "CSC_LINK=${{ secrets.CSC_LINK }}" >> $GITHUB_ENV
echo "CSC_KEY_PASSWORD=${{ secrets.CSC_KEY_PASSWORD }}" >> $GITHUB_ENV
- name: release
shell: bash
run: |
if [[ "${{ startsWith(github.event.ref, 'refs/tags/') }}" == true ]]
then
sh ./scripts/release.sh main ${{ matrix.packCmd }}
aws cloudfront create-invalidation --distribution-id ${{ secrets.CF_DISTRIBUTION_ID }} --paths "/main/launcher/latest.yml"
aws cloudfront create-invalidation --distribution-id ${{ secrets.CF_DISTRIBUTION_ID }} --paths "/main/launcher/latest-mac.yml"
elif [[ "${{ startsWith(github.event.ref, 'refs/heads/preview/') }}" == true ]]
then
sh ./scripts/release.sh preview ${{ matrix.packCmd }}
aws cloudfront create-invalidation --distribution-id ${{ secrets.CF_DISTRIBUTION_ID }} --paths "/main/launcher/latest.yml"
aws cloudfront create-invalidation --distribution-id ${{ secrets.CF_DISTRIBUTION_ID }} --paths "/main/launcher/latest-mac.yml"
else
sh ./scripts/release.sh internal ${{ matrix.packCmd }}
aws cloudfront create-invalidation --distribution-id ${{ secrets.CF_DISTRIBUTION_ID }} --paths "/internal/launcher/latest.yml"
aws cloudfront create-invalidation --distribution-id ${{ secrets.CF_DISTRIBUTION_ID }} --paths "/internal/launcher/latest-mac.yml"
fi
bash ./scripts/purge-ncloud-cdn.sh ${{ secrets.NAVER_CLOUD_ACCESS_KEY }} ${{ secrets.NAVER_CLOUD_SECRET_KEY }} ${{ secrets.NAVER_CLOUD_CDN_ID }}
curl -X POST -H 'Content-type: application/json' --data '{"text":"[Launcher] Had success releasing with '${{ matrix.packCmd }}' pack-cmd"}' ${{ secrets.SLACK_WEBHOOK }}
rm -fR ./dist/*-unpacked
rm -fR ./dist/mac
rm -fR ./dist/mac-arm64
env:
APPLE_ID: ${{ secrets.APPLE_ID }}
APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.APPLE_APP_SPECIFIC_PASSWORD }}
ESIGNER_CREDENTIAL_ID: ${{ secrets.ESIGNER_CREDENTIAL_ID }}
ESIGNER_USERNAME: ${{ secrets.ESIGNER_USERNAME }}
ESIGNER_PASSWORD: ${{ secrets.ESIGNER_PASSWORD }}
ESIGNER_TOTP_SECRET: ${{ secrets.ESIGNER_TOTP_SECRET }}
- uses: actions/[email protected]
with:
path: dist
name: Dist-${{ matrix.packCmd }}
retention-days: 3
if-no-files-found: error