Merge pull request #46 from levante-hub/feature/v1.2.0-beta.1 #20
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Beta Release Build & Publish | |
| on: | |
| push: | |
| tags: | |
| - 'v*-beta.*' # Only beta tags | |
| permissions: | |
| contents: write | |
| jobs: | |
| create-release: | |
| name: Create GitHub Release | |
| runs-on: ubuntu-latest | |
| outputs: | |
| release_id: ${{ steps.create_release.outputs.result }} | |
| tag_name: ${{ steps.get_tag.outputs.result }} | |
| steps: | |
| - name: Get tag name | |
| id: get_tag | |
| uses: actions/github-script@v7 | |
| with: | |
| script: | | |
| return context.ref.replace('refs/tags/', ''); | |
| result-encoding: string | |
| - name: Create or get release | |
| id: create_release | |
| uses: actions/github-script@v7 | |
| with: | |
| github-token: ${{ secrets.GH_TOKEN }} | |
| script: | | |
| const tag = context.ref.replace('refs/tags/', ''); | |
| // Check if release already exists | |
| try { | |
| const { data: existingRelease } = await github.rest.repos.getReleaseByTag({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| tag: tag | |
| }); | |
| console.log(`Release ${tag} already exists with ID: ${existingRelease.id}`); | |
| return existingRelease.id; | |
| } catch (error) { | |
| if (error.status === 404) { | |
| // Create new release | |
| const { data: release } = await github.rest.repos.createRelease({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| tag_name: tag, | |
| name: tag, | |
| draft: true, | |
| prerelease: true | |
| }); | |
| console.log(`Created new release ${tag} with ID: ${release.id}`); | |
| return release.id; | |
| } | |
| throw error; | |
| } | |
| build: | |
| name: Build & Release Beta - ${{ matrix.os }} | |
| runs-on: ${{ matrix.os }} | |
| needs: create-release | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - os: macos-latest | |
| platform: darwin | |
| arch: arm64 | |
| - os: macos-13 # Intel Mac | |
| platform: darwin | |
| arch: x64 | |
| - os: ubuntu-latest | |
| platform: linux | |
| arch: x64 | |
| - os: windows-latest | |
| platform: win32 | |
| arch: x64 | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: '22.20.0' | |
| - name: Setup Python 3.11 | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.11' | |
| - name: Setup pnpm | |
| uses: pnpm/action-setup@v2 | |
| with: | |
| version: 9.4.0 | |
| - name: Get pnpm store directory | |
| shell: bash | |
| run: echo "STORE_PATH=$(pnpm store path --silent)" >> $GITHUB_ENV | |
| - name: Setup pnpm cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: ${{ env.STORE_PATH }} | |
| key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }} | |
| restore-keys: | | |
| ${{ runner.os }}-pnpm-store- | |
| - name: Install dependencies | |
| run: pnpm install --frozen-lockfile | |
| # macOS signing (required for signed builds) | |
| - name: Import Apple certificate (macOS) | |
| if: matrix.platform == 'darwin' | |
| env: | |
| APPLE_CERTIFICATE_BASE64: ${{ secrets.APPLE_CERTIFICATE_BASE64 }} | |
| APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }} | |
| run: | | |
| security create-keychain -p actions temp.keychain | |
| security default-keychain -s temp.keychain | |
| security unlock-keychain -p actions temp.keychain | |
| security set-keychain-settings -t 3600 -u temp.keychain | |
| echo "$APPLE_CERTIFICATE_BASE64" | base64 --decode > certificate.p12 | |
| security import certificate.p12 -k temp.keychain -P "$APPLE_CERTIFICATE_PASSWORD" -T /usr/bin/codesign | |
| security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k actions temp.keychain | |
| rm certificate.p12 | |
| - name: Build and package application | |
| env: | |
| # Only set signing env vars if secrets exist, otherwise build unsigned | |
| APPLE_ID: ${{ secrets.APPLE_ID }} | |
| APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} | |
| APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} | |
| run: pnpm run make | |
| - name: Package & Publish Beta (macOS) | |
| if: matrix.platform == 'darwin' | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} | |
| # Notarization env vars needed for electron-forge publish | |
| APPLE_ID: ${{ secrets.APPLE_ID }} | |
| APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} | |
| APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} | |
| run: pnpm run publish | |
| - name: Package & Publish Beta (Windows) | |
| if: matrix.platform == 'win32' | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} | |
| run: pnpm run publish | |
| - name: Package & Publish Beta (Linux) | |
| if: matrix.platform == 'linux' | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} | |
| run: pnpm run publish | |
| - name: Cleanup keychain (macOS) | |
| if: matrix.platform == 'darwin' && always() | |
| run: security delete-keychain temp.keychain || true |