-
Notifications
You must be signed in to change notification settings - Fork 1
89 lines (73 loc) · 2.8 KB
/
release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
# https://dev.to/erikhofer/build-and-publish-a-multi-platform-electron-app-on-github-3lnd
name: Electron/publish
on:
release:
types:
- created
jobs:
release:
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [macos-latest, ubuntu-latest, windows-latest]
steps:
- name: Install the Apple certificate
if: runner.os == 'macOS'
env:
MACOS_CERTIFICATE: ${{ secrets.MACOS_CERTIFICATE }}
MACOS_CERTIFICATE_PWD: ${{ secrets.MACOS_CERTIFICATE_PWD }}
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
run: |
# create variables
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
# import certificate
echo -n "$MACOS_CERTIFICATE" | base64 --decode -o $CERTIFICATE_PATH
# create temporary keychain
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
# import certificate to keychain
security import $CERTIFICATE_PATH -P "$MACOS_CERTIFICATE_PWD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
security list-keychain -d user -s $KEYCHAIN_PATH
- uses: actions/checkout@v4
- name: Cache node modules
uses: actions/cache@v4
with:
path: '**/node_modules'
key: ${{ runner.os }}-modules-${{ hashFiles('**/yarn.lock') }}
- uses: actions/setup-node@v4
with:
node-version: 20
- name: Enable corepack
run: corepack enable
- name: Install dependencies
run: yarn install
- name: Build packages
run: yarn build
- uses: actions/setup-python@v5
with:
# https://stackoverflow.com/a/78870850/4655177
# Required for `distutils` module
python-version: '3.10'
- name: Publish application
run: yarn publish
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
APPLE_IDENTITY: ${{ vars.APPLE_IDENTITY }}
APPLE_ID: ${{ vars.APPLE_ID }}
APPLE_TEAM_ID: ${{ vars.APPLE_TEAM_ID }}
APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
- name: Publish application
if: runner.os == 'macOS'
run: yarn publish:intel
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
APPLE_IDENTITY: ${{ vars.APPLE_IDENTITY }}
APPLE_ID: ${{ vars.APPLE_ID }}
APPLE_TEAM_ID: ${{ vars.APPLE_TEAM_ID }}
APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
- name: Clean up keychain and provisioning profile
if: runner.os == 'macOS'
run: |
security delete-keychain $RUNNER_TEMP/app-signing.keychain-db