v0.0.204-dev #31
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Dev Release Enchanted Twin App | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| version: | |
| description: 'Version number (e.g. v1.2.3)' | |
| required: true | |
| default: 'v0.0.0' | |
| release: | |
| types: [prereleased] | |
| jobs: | |
| build-and-release-dev: | |
| runs-on: macos-latest | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| CSC_LINK: ${{ secrets.CSC_LINK }} | |
| CSC_KEY_PASSWORD: ${{ secrets.CSC_KEY_PASSWORD }} | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: '20' | |
| - name: Install pnpm | |
| uses: pnpm/action-setup@v2 | |
| with: | |
| version: 8 | |
| - name: Set up Go | |
| uses: actions/setup-go@v4 | |
| with: | |
| go-version: '1.24.2' | |
| - name: Check secrets are injected | |
| env: | |
| COMPLETIONS_API_KEY: ${{ secrets.COMPLETIONS_API_KEY }} | |
| EMBEDDINGS_API_KEY: ${{ secrets.EMBEDDINGS_API_KEY }} | |
| run: | | |
| echo "COMPLETIONS_API_KEY length: ${#COMPLETIONS_API_KEY}" | |
| echo "EMBEDDINGS_API_KEY length: ${#EMBEDDINGS_API_KEY}" | |
| - name: Install dependencies | |
| working-directory: app | |
| run: pnpm install | |
| - name: Write Apple API key (.p8) to disk | |
| run: | | |
| mkdir -p app/build | |
| echo "$APPLE_API_KEY" > app/build/AuthKey.p8 | |
| env: | |
| APPLE_API_KEY: ${{ secrets.APPLE_API_KEY }} | |
| - name: Set app version | |
| if: github.event_name == 'workflow_dispatch' || github.event_name == 'release' | |
| working-directory: app | |
| run: | | |
| if [ "${{ github.event_name }}" == "release" ]; then | |
| VERSION="${{ github.event.release.tag_name }}" | |
| else | |
| VERSION="${{ github.event.inputs.version }}" | |
| fi | |
| VERSION_NUMBER="${VERSION#v}" | |
| # Update version in package.json | |
| jq ".version = \"$VERSION_NUMBER\"" package.json > package.json.tmp | |
| mv package.json.tmp package.json | |
| echo "Updated package.json version to $VERSION_NUMBER" | |
| - name: Build & notarize macOS dev app | |
| env: | |
| COMPLETIONS_API_URL: 'https://openrouter.ai/api/v1' | |
| COMPLETIONS_MODEL: 'openai/gpt-4.1' | |
| REASONING_MODEL: 'openai/o3' | |
| EMBEDDINGS_API_URL: 'https://api.openai.com/v1' | |
| EMBEDDINGS_MODEL: 'text-embedding-3-small' | |
| IS_PROD_BUILD: 'true' | |
| NOTARY_API_KEY_ID: ${{ secrets.NOTARY_API_KEY_ID }} | |
| NOTARY_API_ISSUER: ${{ secrets.NOTARY_API_ISSUER }} | |
| NOTARY_TEAM_ID: ${{ secrets.NOTARY_TEAM_ID }} | |
| OLLAMA_BASE_URL: 'https://enchanted.ngrok.pro' | |
| TELEGRAM_CHAT_SERVER: 'https://enchanted-proxy-telegram-dev.up.railway.app/query' | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| ENCHANTED_MCP_URL: https://proxy-api-dev.ep-use1.ghostagent.org/mcp | |
| POSTHOG_API_KEY: '' | |
| TTS_MODEL: kokoro | |
| TTS_URL: https://inference.tinfoil.sh/v1/ | |
| STT_MODEL: whisper-large-v3-turbo | |
| STT_URL: https://inference.tinfoil.sh/v1/ | |
| PROXY_TEE_URL: https://proxy-api-dev.ep-use1.ghostagent.org | |
| VITE_FIREBASE_API_KEY: AIzaSyBMQG7Kw8p1Ymm1j_A-x2Jxc-x4BakXz3k | |
| VITE_FIREBASE_AUTH_DOMAIN: freysa-prod.firebaseapp.com | |
| VITE_FIREBASE_PROJECT_ID: freysa-prod | |
| HOLON_API_URL: http://23.22.67.228:8123 | |
| ANONYMIZER_TYPE: 'no-op' | |
| USE_LOCAL_EMBEDDINGS: 'true' | |
| TTS_ENDPOINT: 'https://inference.tinfoil.sh/v1/audio/speech' | |
| BUILD_CHANNEL: 'dev' | |
| VITE_DISABLE_ONBOARDING: 'false' | |
| VITE_DISABLE_HOLONS: 'false' | |
| VITE_DISABLE_TASKS: 'false' | |
| VITE_DISABLE_CONNECTORS: 'false' | |
| VITE_DISABLE_VOICE: 'false' | |
| run: make build-dev-mac-silicon | |
| - name: Create dev release | |
| uses: softprops/action-gh-release@v1 | |
| with: | |
| tag_name: ${{ github.event_name == 'release' && github.event.release.tag_name || github.event.inputs.version }} | |
| name: 'Dev Release' | |
| body: | | |
| ## Dev Release | |
| Triggered by: `${{ github.event_name }}` | |
| Version: `${{ github.event_name == 'release' && github.event.release.tag_name || github.event.inputs.version }}` | |
| files: app/dist/*.dmg | |
| draft: true | |
| prerelease: true | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Verify notarization | |
| run: | | |
| RESULT=$(spctl --assess --type exec --verbose=4 app/dist/mac-arm64/Enchanted\ Dev.app 2>&1) | |
| echo "$RESULT" | |
| if [[ "$RESULT" != *"accepted"* ]]; then | |
| echo "❌ Dev app is not notarized!" | |
| exit 1 | |
| fi | |
| echo "✅ Dev app is notarized and accepted by Gatekeeper." |