forked from Expensify/App
-
Notifications
You must be signed in to change notification settings - Fork 0
84 lines (75 loc) · 3.44 KB
/
desktop.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
name: Build and Deploy Desktop
# This workflow is run when any tag is published
on:
push:
tags:
- '*'
release:
types: [created]
jobs:
build:
if: github.actor == 'OSBotify'
runs-on: macos-latest
env:
SHOULD_DEPLOY_PRODUCTION: ${{ github.event_name == 'release' }}
steps:
- uses: actions/checkout@v2
- name: Setup Node
uses: actions/setup-node@v1
with:
node-version: '14.x'
- name: Install node packages
uses: nick-invision/retry@7c68161adf97a48beb850a595b8784ec57a98cbb
with:
timeout_minutes: 10
max_attempts: 5
command: npm ci
- name: Decrypt Developer ID Certificate
run: cd desktop && gpg --quiet --batch --yes --decrypt --passphrase="$DEVELOPER_ID_SECRET_PASSPHRASE" --output developer_id.p12 developer_id.p12.gpg
env:
DEVELOPER_ID_SECRET_PASSPHRASE: ${{ secrets.DEVELOPER_ID_SECRET_PASSPHRASE }}
- name: Build production desktop app
if: ${{ env.SHOULD_DEPLOY_PRODUCTION == 'true' }}
run: npm run desktop-build -- --publish always -c.afterSign=desktop/notarize.js
env:
CSC_LINK: ${{ secrets.CSC_LINK }}
CSC_KEY_PASSWORD: ${{ secrets.CSC_KEY_PASSWORD }}
APPLE_ID: ${{ secrets.APPLE_ID }}
APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
SHOULD_DEPLOY_PRODUCTION: true
- name: Build staging desktop app
if: ${{ env.SHOULD_DEPLOY_PRODUCTION == 'false' }}
run: npm run desktop-build-staging -- --publish always -c.afterSign=desktop/notarize.js
env:
CSC_LINK: ${{ secrets.CSC_LINK }}
CSC_KEY_PASSWORD: ${{ secrets.CSC_KEY_PASSWORD }}
APPLE_ID: ${{ secrets.APPLE_ID }}
APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
SHOULD_DEPLOY_PRODUCTION: false
# These Slack steps are duplicated in all workflows, if you make a change to this step, make sure to update all
# the other workflows with the same changes
- uses: 8398a7/action-slack@v3
name: Job failed Slack notification
if: ${{ failure() }}
with:
status: custom
fields: workflow, repo
custom_payload: |
{
channel: '#announce',
attachments: [{
color: "#DB4545",
pretext: `<!here>`,
text: `💥 ${process.env.AS_REPO} failed on ${process.env.AS_WORKFLOW} workflow 💥`,
}]
}
env:
GITHUB_TOKEN: ${{ github.token }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
- name: Set version in ENV
if: ${{ success() }}
run: echo "VERSION=$(npm run print-version --silent)" >> $GITHUB_ENV