refactor: migrate to tauri #116
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: distributions release | |
on: | |
pull_request: | |
branches: [master] | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref }} | |
cancel-in-progress: false | |
jobs: | |
pre-release: | |
strategy: | |
matrix: | |
os: [macos-latest, ubuntu-latest, windows-latest] | |
include: | |
- args: '--target universal-apple-darwin' | |
os: 'macos-latest' | |
- args: '--target aarch64-pc-windows-msvc' #,x86_64-pc-windows-msvc' | |
os: 'windows-latest' | |
- args: '--target aarch64-unknown-linux-gnu' | |
os: 'ubuntu-latest' | |
node-version: [20.x] | |
runs-on: ${{ matrix.os }} | |
steps: | |
- name: Github checkout | |
uses: actions/checkout@v4 | |
- name: install Rust stable | |
uses: dtolnay/rust-toolchain@stable | |
with: | |
targets: ${{ matrix.os == 'macos-latest' && 'aarch64-apple-darwin,x86_64-apple-darwin' || matrix.os == 'windows-latest' && 'aarch64-pc-windows-msvc,x86_64-pc-windows-msvc' || matrix.os == 'ubuntu-latest' && 'aarch64-unknown-linux-gnu,x86_64-unknown-linux-gnu' }} | |
- name: Use Node.js 20.x | |
uses: actions/setup-node@v4 | |
with: | |
node-version: ${{ matrix.node-version }} | |
cache: 'npm' | |
- name: install dependencies (ubuntu only) | |
if: matrix.os == 'ubuntu-latest' | |
run: | | |
sudo apt-get update | |
sudo apt-get install -y libgtk-3-dev libwebkit2gtk-4.0-dev libappindicator3-dev librsvg2-dev patchelf pkg-config libssl-dev gcc-aarch64-linux-gnu | |
ls -la /usr/include | |
- name: install frontend dependencies | |
run: npm ci --legacy-peer-deps | |
- run: npm run lint:check | |
- run: npm audit --audit-level=critical | |
- run: npm run test:ci | |
- name: Upload coverage reports to Codecov | |
uses: codecov/codecov-action@v3 | |
env: | |
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
- run: npm run build | |
- name: Generate changelog | |
uses: jaywcjlove/changelog-generator@main | |
id: changelog | |
with: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
# - name: import windows certificate | |
# if: matrix.os == 'windows-latest' | |
# env: | |
# WINDOWS_CERTIFICATE: ${{ secrets.WINDOWS_CERTIFICATE }} | |
# WINDOWS_CERTIFICATE_PASSWORD: ${{ secrets.WINDOWS_CERTIFICATE_PASSWORD }} | |
# run: | | |
# New-Item -ItemType directory -Path certificate | |
# Set-Content -Path certificate/tempCert.txt -Value $env:WINDOWS_CERTIFICATE | |
# certutil -decode certificate/tempCert.txt certificate/certificate.pfx | |
# Remove-Item -path certificate -include tempCert.txt | |
# Import-PfxCertificate -FilePath certificate/certificate.pfx -CertStoreLocation Cert:\CurrentUser\My -Password (ConvertTo-SecureString -String $env:WINDOWS_CERTIFICATE_PASSWORD -Force -AsPlainText) | |
- name: Tag Release | |
uses: jaywcjlove/create-tag-action@main | |
id: tag_release | |
with: | |
prerelease: true | |
token: ${{ secrets.GITHUB_TOKEN }} | |
body: | | |
${{ steps.changelog.outputs.compareurl }} | |
${{ steps.changelog.outputs.changelog }} | |
- name: Release App | |
uses: tauri-apps/tauri-action@v0 | |
if: steps.tag_release.outputs.successful | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
PKG_CONFIG_ALLOW_CROSS: 1 | |
CC_aarch64_unknown_linux_gnu: aarch64-linux-gnu-gcc | |
OPENSSL_DIR: /usr/include/openssl | |
# APPLE_ID: ${{ secrets.APPLE_ID }} | |
# APPLE_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} | |
# APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} | |
# APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }} | |
# APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }} | |
# APPLE_SIGNING_IDENTITY: ${{ secrets.APPLE_SIGNING_IDENTITY }} | |
with: | |
tagName: ${{ steps.tag_release.outputs.version }} | |
releaseName: ${{ steps.tag_release.outputs.version }} | |
appVersion: "${{ steps.tag_release.outputs.versionNumber }}" | |
args: ${{ matrix.args }} | |
releaseBody: | | |
${{ steps.changelog.outputs.compareurl }} | |
${{ steps.changelog.outputs.changelog }} | |
releaseDraft: true | |
prerelease: true | |
- name: Sign files with Trusted Signing | |
if: matrix.os == 'windows-latest' | |
uses: azure/trusted-signing-action@v0.3.19 | |
with: | |
azure-tenant-id: ${{ secrets.AZURE_TENANT_ID }} | |
azure-client-id: ${{ secrets.AZURE_CLIENT_ID }} | |
azure-client-secret: ${{ secrets.AZURE_CLIENT_SECRET }} | |
endpoint: https://eus.codesigning.azure.net/ | |
trusted-signing-account-name: geek-fun | |
certificate-profile-name: geek-fun | |
files-folder: ${{ github.workspace }}\src-tauri\target\release\bundle\nsis\ | |
files-folder-depth: 7 | |
files-folder-filter: exe | |
file-digest: SHA256 | |
timestamp-rfc3161: http://timestamp.acs.microsoft.com | |
timestamp-digest: SHA256 | |
# - name: Distribute artifacts to R2 | |
# uses: ryand56/r2-upload-action@master | |
# if: steps.tag_release.outputs.successful | |
# with: | |
# r2-account-id: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }} | |
# r2-access-key-id: ${{ secrets.CLOUDFLARE_R2_ACCESS_KEY_ID }} | |
# r2-secret-access-key: ${{ secrets.CLOUDFLARE_R2_SECRET_ACCESS_KEY }} | |
# r2-bucket: ${{ secrets.CLOUDFLARE_ARTIFACTS_R2 }} | |
# source-dir: out/make/ | |
# destination-dir: dockit |