-
Notifications
You must be signed in to change notification settings - Fork 2
166 lines (148 loc) · 5.96 KB
/
release.yml
File metadata and controls
166 lines (148 loc) · 5.96 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
name: Release
on:
push:
tags:
- "v*"
workflow_dispatch:
permissions:
contents: write
jobs:
build:
name: Build ${{ matrix.label }}
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
include:
- label: macOS Apple Silicon
os: macos-15
rust_target: aarch64-apple-darwin
build_args: --target aarch64-apple-darwin --bundles app
artifact_name: fileshare-macos-arm64
artifact_path: release-assets/*
dmg_suffix: aarch64
app_path: src-tauri/target/aarch64-apple-darwin/release/bundle/macos/FileShare.app
updater_platform: darwin-aarch64
latest_name: latest-darwin-aarch64.json
updater_bundle: src-tauri/target/aarch64-apple-darwin/release/bundle/macos/FileShare.app.tar.gz
- label: macOS Intel
os: macos-15-intel
rust_target: x86_64-apple-darwin
build_args: --target x86_64-apple-darwin --bundles app
artifact_name: fileshare-macos-intel
artifact_path: release-assets/*
dmg_suffix: x64
app_path: src-tauri/target/x86_64-apple-darwin/release/bundle/macos/FileShare.app
updater_platform: darwin-x86_64
latest_name: latest-darwin-x86_64.json
updater_bundle: src-tauri/target/x86_64-apple-darwin/release/bundle/macos/FileShare.app.tar.gz
- label: Windows x86
os: windows-latest
rust_target: i686-pc-windows-msvc
build_args: --target i686-pc-windows-msvc --bundles nsis
artifact_name: fileshare-windows-x86
artifact_path: |
src-tauri/target/i686-pc-windows-msvc/release/bundle/nsis/*.exe
src-tauri/target/i686-pc-windows-msvc/release/bundle/nsis/*.exe.sig
release-assets/*.json
updater_platform: windows-i686
latest_name: latest-windows-i686.json
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: 20
cache: npm
- name: Setup Rust
uses: dtolnay/rust-toolchain@stable
with:
targets: ${{ matrix.rust_target }}
- name: Cache Rust
uses: Swatinem/rust-cache@v2
with:
workspaces: src-tauri
key: ${{ matrix.rust_target }}
- name: Install dependencies
run: npm ci
- name: Prepare updater signing key
shell: bash
run: |
if [ -z "${TAURI_SIGNING_PRIVATE_KEY:-}" ]; then
echo "TAURI_SIGNING_PRIVATE_KEY secret is required" >&2
exit 1
fi
node - <<'NODE'
const key = process.env.TAURI_SIGNING_PRIVATE_KEY.trim();
const decoded = Buffer.from(key, 'base64').toString('utf8');
const firstLine = decoded.split(/\r?\n/, 1)[0] || '';
if (!firstLine.startsWith('untrusted comment:')) {
console.error('TAURI_SIGNING_PRIVATE_KEY must be the full content of .updater/file-share.key.');
process.exit(1);
}
if (firstLine.includes('public key')) {
console.error('TAURI_SIGNING_PRIVATE_KEY is a public key. Use .updater/file-share.key, not .updater/file-share.key.pub.');
process.exit(1);
}
if (!firstLine.includes('secret key')) {
console.error('TAURI_SIGNING_PRIVATE_KEY is not an updater secret key.');
process.exit(1);
}
NODE
printf '%s' "$TAURI_SIGNING_PRIVATE_KEY" > "$RUNNER_TEMP/tauri-signing.key"
env:
TAURI_SIGNING_PRIVATE_KEY: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY }}
- name: Build
env:
TAURI_SIGNING_PRIVATE_KEY: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY }}
TAURI_SIGNING_PRIVATE_KEY_PATH: ${{ runner.temp }}/tauri-signing.key
TAURI_SIGNING_PRIVATE_KEY_PASSWORD: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY_PASSWORD }}
run: npm run build -- ${{ matrix.build_args }}
- name: Create DMG
if: runner.os == 'macOS'
run: |
version="${GITHUB_REF_NAME#v}"
version="${version/.rc/-rc.}"
scripts/create-macos-dmg.sh \
"${{ matrix.app_path }}" \
"release-assets/FileShare_${version}_${{ matrix.dmg_suffix }}.dmg"
- name: Prepare macOS updater assets
if: runner.os == 'macOS'
run: |
version="${GITHUB_REF_NAME#v}"
version="${version/.rc/-rc.}"
updater_asset="release-assets/FileShare_${version}_${{ matrix.dmg_suffix }}.app.tar.gz"
cp "${{ matrix.updater_bundle }}" "$updater_asset"
cp "${{ matrix.updater_bundle }}.sig" "$updater_asset.sig"
scripts/create-updater-json.sh \
"${{ matrix.updater_platform }}" \
"$version" \
"$updater_asset" \
"$updater_asset.sig" \
"release-assets/${{ matrix.latest_name }}"
- name: Prepare Windows updater metadata
if: runner.os == 'Windows'
shell: bash
run: |
version="${GITHUB_REF_NAME#v}"
version="${version/.rc/-rc.}"
updater_asset="$(ls src-tauri/target/i686-pc-windows-msvc/release/bundle/nsis/*.exe | head -n 1)"
scripts/create-updater-json.sh \
"${{ matrix.updater_platform }}" \
"$version" \
"$updater_asset" \
"$updater_asset.sig" \
"release-assets/${{ matrix.latest_name }}"
- name: Upload workflow artifact
uses: actions/upload-artifact@v4
with:
name: ${{ matrix.artifact_name }}
path: ${{ matrix.artifact_path }}
if-no-files-found: error
- name: Upload release assets
if: startsWith(github.ref, 'refs/tags/')
uses: softprops/action-gh-release@v2
with:
files: ${{ matrix.artifact_path }}
prerelease: ${{ contains(github.ref_name, 'rc') }}