Skip to content

fixed codesigned workflow for Windows, removed other platforms from m… #12

fixed codesigned workflow for Windows, removed other platforms from m…

fixed codesigned workflow for Windows, removed other platforms from m… #12

name: "publish"
on:
push:
branches:
- release-codesigned-testing-sidecar
jobs:
publish-tauri:
permissions:
contents: write
strategy:
fail-fast: false
matrix:
platform: [windows-2019]
env:
MACOSX_DEPLOYMENT_TARGET: 10.13
runs-on: ${{ matrix.platform }}
steps:
- uses: actions/checkout@v2
- name: setup node
uses: actions/setup-node@v1
with:
node-version: 16
- name: install Rust stable
uses: actions-rs/toolchain@v1
with:
override: true
toolchain: stable
- name: install Go stable
uses: actions/setup-go@v4
with:
go-version: 'stable'
- name: install app dependencies and info
run: npm install && npm run tauri info
- name: setup binaries (Windows only)
if: matrix.platform == 'windows-2019'
run: |
mkdir src-tauri/bins
cargo install --version 0.3.0 lair_keystore
$LkPath = Get-Command lair-keystore | Select-Object -ExpandProperty Definition
Copy-Item $LkPath -Destination src-tauri/bins/lair-keystore-v0.3.0-x86_64-pc-windows-msvc.exe
cargo install holochain --version 0.2.3-beta-rc.1 --locked --features sqlite-encrypted
$HcPath = Get-Command holochain | Select-Object -ExpandProperty Definition
Copy-Item $HcPath -Destination src-tauri/bins/holochain-v0.2.3-beta-rc.1-x86_64-pc-windows-msvc.exe
- name: setup binaries (macos only)
if: matrix.platform == 'macos-11'
run: |
mkdir src-tauri/bins
cargo install --version 0.3.0 lair_keystore
LAIR_PATH=$(which lair-keystore)
cp $LAIR_PATH src-tauri/bins/lair-keystore-v0.3.0-x86_64-apple-darwin
cargo install holochain --version 0.2.3-beta-rc.1 --locked --features sqlite-encrypted
HOLOCHAIN_PATH=$(which holochain)
cp $HOLOCHAIN_PATH src-tauri/bins/holochain-v0.2.3-beta-rc.1-x86_64-apple-darwin
- name: install dependencies (ubuntu only)
if: matrix.platform == 'ubuntu-20.04'
run: |
sudo apt-get update
sudo apt-get install -y libwebkit2gtk-4.0-dev libcanberra-gtk-module libcanberra-gtk3-module build-essential curl wget libssl-dev libgtk-3-dev squashfs-tools libgtksourceview-3.0-dev libappindicator3-dev patchelf librsvg2-dev ayatana-indicator-application
- name: setup binaries (ubuntu only)
if: matrix.platform == 'ubuntu-20.04'
run: |
mkdir src-tauri/bins
cargo install --version 0.3.0 lair_keystore
LAIR_PATH=$(which lair-keystore)
cp $LAIR_PATH src-tauri/bins/lair-keystore-v0.3.0-x86_64-unknown-linux-gnu
cargo install holochain --version 0.2.3-beta-rc.1 --locked --features sqlite-encrypted
HOLOCHAIN_PATH=$(which holochain)
cp $HOLOCHAIN_PATH src-tauri/bins/holochain-v0.2.3-beta-rc.1-x86_64-unknown-linux-gnu
- name: generate dist folder
run: npm run dist
- name: build the app (macOS and Linux only)
if: matrix.platform == 'ubuntu-20.04' || matrix.platform == 'macos-11' # HELP remove this line if Windows code signing is not wanted
uses: tauri-apps/tauri-action@dev
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
ENABLE_CODE_SIGNING: ${{ secrets.APPLE_CERTIFICATE }}
APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }}
APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }}
APPLE_SIGNING_IDENTITY: ${{ secrets.APPLE_SIGNING_IDENTITY }}
APPLE_ID: ${{ secrets.APPLE_ID }}
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
TAURI_PRIVATE_KEY: ${{ secrets.TAURI_PRIVATE_KEY }}
TAURI_KEY_PASSWORD: ${{ secrets.TAURI_KEY_PASSWORD }}
with:
tagName: v__VERSION__ # the action automatically replaces \_\_VERSION\_\_ with the app version
releaseName: "hc-stress-test v__VERSION__"
releaseBody: "See assets below to download and install this version."
releaseDraft: true
prerelease: true
### Everything below this line is code signing for Windows via azure key vault, following these instructions:
### https://melatonin.dev/blog/how-to-code-sign-windows-installers-with-an-ev-cert-on-github-actions/
### HELP Remove everything below if Windows code signing is wanted.
- name: build and sign the app (Windows only)
if: matrix.platform == 'windows-2019'
run: |
npm run tauri build -- --verbose # building in verbose mode to get reasonable logging output in case of failure
dotnet tool install --global AzureSignTool
# replace-me -- HELP
# 1. replace all occurrences of [[GITHUB_REPO_NAME]] with the name you of your GitHub repository
# 2. replace all occurrences of [[productName]] with the productName field in tauri.conf.json
# 3. replace all occurrences of [[version]] with the version field in tauri.conf.json
# !! NOTE: The version field needs to be updated manually here with each new version of your app, otherwise the Windows build will fail.
# sign the .msi file
AzureSignTool sign -kvu "${{ secrets.AZURE_KEY_VAULT_URI }}" -kvi "${{ secrets.AZURE_CLIENT_ID }}" -kvt "${{ secrets.AZURE_TENANT_ID }}" -kvs "${{ secrets.AZURE_CLIENT_SECRET }}" -kvc ${{ secrets.AZURE_CERT_NAME }} -tr http://timestamp.digicert.com -v "D:\a\holochain-kangaroo\holochain-kangaroo\src-tauri\target\release\bundle\msi\hc-stress-test_0.0.3_x64_en-US.msi"
# sign the .exe file
AzureSignTool sign -kvu "${{ secrets.AZURE_KEY_VAULT_URI }}" -kvi "${{ secrets.AZURE_CLIENT_ID }}" -kvt "${{ secrets.AZURE_TENANT_ID }}" -kvs "${{ secrets.AZURE_CLIENT_SECRET }}" -kvc ${{ secrets.AZURE_CERT_NAME }} -tr http://timestamp.digicert.com -v "D:\a\holochain-kangaroo\holochain-kangaroo\src-tauri\target\release\bundle\nsis\hc-stress-test_0.0.3_x64-setup.exe"
# # Uncomment the lines below if you have the updater enabled
# # =========================================================
# # remove the .msi.zip and .msi.zip.sig files generated by tauri's build command as they are not code signed
# rm "D:\a\holochain-kangaroo\holochain-kangaroo\src-tauri\target\release\bundle\msi\hc-stress-test_0.0.3_x64_en-US.msi.zip"
# rm "D:\a\holochain-kangaroo\holochain-kangaroo\src-tauri\target\release\bundle\msi\hc-stress-test_0.0.3_x64_en-US.msi.zip.sig"
# rm "D:\a\holochain-kangaroo\holochain-kangaroo\target\release\bundle\nsis\hc-stress-test_0.0.3_x64-setup.nsis.zip"
# rm "D:\a\holochain-kangaroo\holochain-kangaroo\target\release\bundle\nsis\hc-stress-test_0.0.3_x64-setup.nsis.zip.sig"
# # zip and sign the code signed .msi
# 7z a -mx=0 "D:\a\holochain-kangaroo\holochain-kangaroo\src-tauri\target\release\bundle\msi\hc-stress-test_0.0.3_x64_en-US.msi.zip" "D:\a\holochain-kangaroo\holochain-kangaroo\target\release\bundle\msi\hc-stress-test_0.0.3_x64_en-US.msi"
# npm run tauri signer sign "D:\a\holochain-kangaroo\holochain-kangaroo\src-tauri\target\release\bundle\msi\hc-stress-test_0.0.3_x64_en-US.msi.zip" -- -k ${{ secrets.TAURI_PRIVATE_KEY }} -p "${{ secrets.TAURI_KEY_PASSWORD }}"
# 7z a -mx=0 "D:\a\holochain-kangaroo\holochain-kangaroo\target\release\bundle\nsis\hc-stress-test_0.0.3_x64-setup.nsis.zip" "D:\a\holochain-kangaroo\holochain-kangaroo\target\release\bundle\nsis\hc-stress-test_0.0.3_x64-setup.exe"
# npm run tauri signer sign "D:\a\holochain-kangaroo\holochain-kangaroo\target\release\bundle\nsis\hc-stress-test_0.0.3_x64-setup.nsis.zip" -- -k ${{ secrets.TAURI_PRIVATE_KEY_0_2 }} -p "${{ secrets.TAURI_KEY_PASSWORD }}"
# # =========================================================
env:
TAURI_PRIVATE_KEY: ${{ secrets.TAURI_PRIVATE_KEY }}
TAURI_KEY_PASSWORD: ${{ secrets.TAURI_KEY_PASSWORD }}
- name: upload signed .msi, .msi.zip, .msi.zip.sig, .exe, .nsis.zip, .nsis.zip.sig files to github release (Windows only)
uses: matthme/tauri-action-ev-signing@upload-only
if: matrix.platform == 'windows-2019'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tagName: v__VERSION__ # the action automatically replaces \_\_VERSION\_\_ with the app version
releaseName: "hc-stress-test v__VERSION__"
releaseBody: "See assets below to download and install this version."
releaseDraft: true
prerelease: true