-
Notifications
You must be signed in to change notification settings - Fork 42
149 lines (147 loc) · 5.14 KB
/
release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
name: BuildAndReleaseMaster
on:
push:
tags:
- "*"
jobs:
create_release:
name: Create release
runs-on: ubuntu-latest
outputs:
upload_url: ${{ steps.create_release.outputs.upload_url }}
env:
PUBLISH_FOR_PULL_REQUEST: true
CSC_FOR_PULL_REQUEST: true
steps:
- name: Release
if: startsWith(github.ref, 'refs/tags/')
id: create_release
uses: softprops/action-gh-release@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
prerelease: true
tag_name: ${{ github.ref_name }}
name: ${{ github.ref_name }}
build_release:
name: Build release
needs: create_release
runs-on: ${{ matrix.os }}
env:
PUBLISH_FOR_PULL_REQUEST: 1
CSC_FOR_PULL_REQUEST: true
strategy:
matrix:
os: [ubuntu-20.04, windows-latest, macos-13, macOS-latest]
rust: [stable]
steps:
- name: Checkout
uses: actions/checkout@v3
- name: libudev-dev
if: runner.os == 'Linux'
run: |
sudo apt-get update
sudo apt-get install -y libudev-dev
- name: install node
uses: actions/setup-node@master
with:
node-version: "lts/*"
- name: install rust
uses: hecrj/setup-rust-action@v1
with:
rust-version: ${{ matrix.rust }}
- name: Rust Cache
uses: Swatinem/rust-cache@v2.7.3
- name: cargo install nj-cli
run: cargo install nj-cli
- name: install wasm-pack
run: curl https://rustwasm.github.io/wasm-pack/installer/init.sh -sSf | sh
- name: Install Build CLI tool
run: cargo install --path=cli
- name: enable corepack for yarnpkg upgrade
run: |
corepack enable
yarn cache clean
- name: setup keychain for signing and notarising
if: runner.os == 'macOS'
env:
KEYCHAIN_NAME: "build.keychain-db"
CSC_LINK: ${{ secrets.CSC_LINK }}
CSC_KEY_PASSWORD: ${{ secrets.CSC_KEY_PASSWORD }}
KEYCHAIN_PWD: ${{ secrets.KEYCHAIN_PWD }}
run: |
security create-keychain -p "$KEYCHAIN_PWD" "$KEYCHAIN_NAME"
security default-keychain -s "$KEYCHAIN_NAME"
security unlock-keychain -p "$KEYCHAIN_PWD" "$KEYCHAIN_NAME"
security list-keychains -d user -s "$KEYCHAIN_NAME" $(security list-keychains -d user | tr -d '"')
security list-keychains
applewwdrca="${HOME}/AppleWWDRCA.cer"
curl https://developer.apple.com/certificationauthority/AppleWWDRCA.cer > "$applewwdrca"
security import \
"$applewwdrca" \
-k "$KEYCHAIN_NAME" \
-A \
-T /usr/bin/codesign
certfile="${HOME}/buildcert.p12"
echo "$CSC_LINK" | base64 -d > "$certfile"
security import \
"$certfile" \
-P "$CSC_KEY_PASSWORD" \
-A \
-k "$KEYCHAIN_NAME"
rm "$certfile"
security set-key-partition-list \
-S apple-tool:,apple:,codesign: \
-s \
-k "$KEYCHAIN_PWD" \
"$KEYCHAIN_NAME"
security set-keychain-settings -lut 2400
- name: build release macOS
if: runner.os == 'macOS'
run: |
cargo chipmunk release -c cli/config/codesign_macos.toml
env:
KEYCHAIN_NAME: "build.keychain-db"
CSC_LINK: ${{ secrets.CSC_LINK }}
CSC_KEY_PASSWORD: ${{ secrets.CSC_KEY_PASSWORD }}
APPLEID: ${{ secrets.APPLEID }}
APPLEIDPASS: ${{ secrets.APPLEIDPASS }}
TEAMID: ${{ secrets.TEAMID }}
SIGNING_ID: ${{ secrets.SIGNING_ID }}
KEYCHAIN_PWD: ${{ secrets.KEYCHAIN_PWD }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: build release
if: runner.os != 'macOS'
run: |
cargo chipmunk release
- name: list release files
working-directory: ./application/holder/release
run: ls
- name: upload files
if: startsWith(github.ref, 'refs/tags/')
uses: AButler/upload-release-assets@v2.0
with:
files: "./application/holder/release/*.tgz;./application/holder/release/*.zip"
repo-token: ${{ secrets.GITHUB_TOKEN }}
release-tag: ${{ github.ref_name }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
invoke_package_distribution:
name: Invoke chipmunk package creation and distribution for different package managers
needs: build_release
runs-on: ubuntu-latest
steps:
- name: Checkout chipmunk-distribution
uses: actions/checkout@v2
with:
repository: esrlabs/chipmunk-distribution
path: './chipmunk-distribution'
token: ${{secrets.PUSH_TOKEN}}
- name: Push tag
working-directory: ./chipmunk-distribution
run: |
git config user.name "esrlabs"
git config user.email "esrlabs@gmail.com"
git remote set-url origin "https://esrlabs:${{secrets.PUSH_TOKEN}}@github.com/esrlabs/chipmunk-distribution"
git tag ${{ github.ref_name }}
git push origin ${{ github.ref_name }}