Skip to content

Publish distributables into new GitHub release #78

Publish distributables into new GitHub release

Publish distributables into new GitHub release #78

Workflow file for this run

name: Publish distributables into new GitHub release
# Currently this does not seem to be an issue, but saving the following as a potential
# improvement to make: https://github.com/electron/forge/issues/3577#issuecomment-2078502500
on:
repository_dispatch:
types: [publish]
# Enable manual trigger
workflow_dispatch:
jobs:
mac-arm64:
strategy:
fail-fast: false
matrix:
app: [hostd, renterd, walletd]
runs-on: macos-latest
defaults:
run:
working-directory: ${{ matrix.app }}
steps:
- uses: actions/checkout@v4
- name: Setup
uses: ./.github/actions/daemon-setup
with:
daemon: ${{ matrix.app }}
node_version: 20.10.0
- name: Setup signing
env:
APPLE_CERT_ID: ${{ secrets.APPLE_CERT_ID }}
APPLE_API_KEY: ${{ secrets.APPLE_API_KEY }}
APPLE_API_ISSUER: ${{ secrets.APPLE_API_ISSUER }}
APPLE_KEY_B64: ${{ secrets.APPLE_KEY_B64 }}
APPLE_CERT_B64: ${{ secrets.APPLE_CERT_B64 }}
APPLE_CERT_PASSWORD: ${{ secrets.APPLE_CERT_PASSWORD }}
APPLE_KEYCHAIN_PASSWORD: ${{ secrets.APPLE_KEYCHAIN_PASSWORD }}
run: |
# extract apple cert
APPLE_CERT_PATH=$RUNNER_TEMP/apple_cert.p12
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
echo -n "$APPLE_CERT_B64" | base64 --decode --output $APPLE_CERT_PATH
# extract apple key
mkdir -p ~/private_keys
APPLE_API_KEY_PATH=~/private_keys/AuthKey_$APPLE_API_KEY.p8
echo "APPLE_API_KEY_PATH=$APPLE_API_KEY_PATH" >> $GITHUB_ENV
echo -n "$APPLE_KEY_B64" | base64 --decode --output $APPLE_API_KEY_PATH
# create temp keychain
security create-keychain -p "$APPLE_KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security default-keychain -s $KEYCHAIN_PATH
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
security unlock-keychain -p "$APPLE_KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
# import keychain
security import $APPLE_CERT_PATH -P $APPLE_CERT_PASSWORD -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
security find-identity -v $KEYCHAIN_PATH -p codesigning
security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k $APPLE_KEYCHAIN_PASSWORD $KEYCHAIN_PATH
- name: Build
uses: nick-fields/retry@v3
with:
max_attempts: 3
timeout_minutes: 30
retry_wait_seconds: 30
command: |
cd ${{ matrix.app }}
npm run build
- name: Download daemon binary
run: npm run download:binary -- --goos=darwin --goarch=amd64
shell: bash
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Package executable bundles, sign and notarize, make and publish distributables
uses: nick-fields/retry@v3
env:
APPLE_API_KEY: ${{ secrets.APPLE_API_KEY }}
APPLE_API_ISSUER: ${{ secrets.APPLE_API_ISSUER }}
APPLE_API_KEY_PATH: ${{ env.APPLE_API_KEY_PATH }}
RELEASE_BUCKET_ACCESS_KEY: ${{ secrets.RELEASE_BUCKET_ACCESS_KEY }}
RELEASE_BUCKET_SECRET_KEY: ${{ secrets.RELEASE_BUCKET_SECRET_KEY }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
max_attempts: 3
timeout_minutes: 30
retry_wait_seconds: 30
command: |
cd ${{ matrix.app }}
npm run publish -- --arch=arm64
linux-arm64:
strategy:
fail-fast: false
matrix:
app: [hostd, renterd, walletd]
runs-on: ubuntu-latest
defaults:
run:
working-directory: ${{ matrix.app }}
steps:
- uses: actions/checkout@v4
- name: Setup
uses: ./.github/actions/daemon-setup
with:
daemon: ${{ matrix.app }}
node_version: 20.10.0
- name: Build
uses: nick-fields/retry@v3
with:
max_attempts: 3
timeout_minutes: 30
retry_wait_seconds: 30
command: |
cd ${{ matrix.app }}
npm run build
- name: Download daemon binary
run: npm run download:binary -- --goos=linux --goarch=arm64
shell: bash
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Package executable bundles, make and publish distributables
uses: nick-fields/retry@v3
env:
RELEASE_BUCKET_ACCESS_KEY: ${{ secrets.RELEASE_BUCKET_ACCESS_KEY }}
RELEASE_BUCKET_SECRET_KEY: ${{ secrets.RELEASE_BUCKET_SECRET_KEY }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
max_attempts: 3
timeout_minutes: 30
retry_wait_seconds: 30
command: |
cd ${{ matrix.app }}
npm run publish -- --arch=arm64
linux-amd64:
strategy:
fail-fast: false
matrix:
app: [hostd, renterd, walletd]
runs-on: ubuntu-latest
defaults:
run:
working-directory: ${{ matrix.app }}
steps:
- uses: actions/checkout@v4
- name: Setup
uses: ./.github/actions/daemon-setup
with:
daemon: ${{ matrix.app }}
node_version: 20.10.0
- name: Build
uses: nick-fields/retry@v3
with:
max_attempts: 3
timeout_minutes: 30
retry_wait_seconds: 30
command: |
cd ${{ matrix.app }}
npm run build
- name: Download daemon binary
run: npm run download:binary -- --goos=linux --goarch=amd64
shell: bash
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Package executable bundles, make and publish distributables
uses: nick-fields/retry@v3
env:
RELEASE_BUCKET_ACCESS_KEY: ${{ secrets.RELEASE_BUCKET_ACCESS_KEY }}
RELEASE_BUCKET_SECRET_KEY: ${{ secrets.RELEASE_BUCKET_SECRET_KEY }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
max_attempts: 3
timeout_minutes: 30
retry_wait_seconds: 30
command: |
cd ${{ matrix.app }}
npm run publish -- --arch=x64
windows-amd64:
strategy:
fail-fast: false
matrix:
app: [hostd, renterd, walletd]
runs-on: windows-latest
defaults:
run:
working-directory: ${{ matrix.app }}
steps:
- uses: actions/checkout@v4
- name: Setup
uses: ./.github/actions/daemon-setup
with:
daemon: ${{ matrix.app }}
node_version: 20.10.0
- name: Setup signing
run: dotnet tool install --global AzureSignTool
- name: Build
uses: nick-fields/retry@v3
with:
max_attempts: 3
timeout_minutes: 30
retry_wait_seconds: 30
command: |
cd ${{ matrix.app }}
npm run build
- name: Download daemon binary
run: npm run download:binary -- --goos=windows --goarch=amd64
shell: bash
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Package executable bundles, sign and notarize, make and publish distributables
uses: nick-fields/retry@v3
env:
RELEASE_BUCKET_ACCESS_KEY: ${{ secrets.RELEASE_BUCKET_ACCESS_KEY }}
RELEASE_BUCKET_SECRET_KEY: ${{ secrets.RELEASE_BUCKET_SECRET_KEY }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
AZURE_KEY_VAULT_URI: ${{ secrets.AZURE_KEY_VAULT_URI }}
AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }}
AZURE_CERT_NAME: ${{ secrets.AZURE_CERT_NAME }}
with:
max_attempts: 3
timeout_minutes: 30
retry_wait_seconds: 30
command: |
cd ${{ matrix.app }}
npm run publish -- --arch=x64