Skip to content

macos-13 only

macos-13 only #173

Workflow file for this run

name: 'publish'
on:
push:
branches:
- release-0.300.x
jobs:
extract-versions:
uses: ./.github/workflows/get-versions.yaml
create-draft-release:
needs: extract-versions
runs-on: ubuntu-latest
outputs:
release_id: ${{ steps.create_release.outputs.id }}
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: '18'
- name: Create Draft Release
id: create_release
uses: ncipollo/release-action@v1
with:
tag: v${{ needs.extract-versions.outputs.version }}
commit: ${{ github.sha }}
name: v${{ needs.extract-versions.outputs.version }} (Holochain v${{ needs.extract-versions.outputs.holochain_version }})
draft: true
generateReleaseNotes: true
omitBodyDuringUpdate: true
allowUpdates: true
publish:
needs: [extract-versions, create-draft-release]
strategy:
fail-fast: false
matrix:
# platform: [macos-12, ubuntu-22.04]
platform: [macos-13]
# platform: [macos-12, macos-latest]
# platform: [windows-2019, macos-12, macos-latest, ubuntu-22.04]
# platform: [ubuntu-22.04]
# platform: [windows-2019]
env:
MACOSX_DEPLOYMENT_TARGET: 10.13
permissions:
contents: write
runs-on: ${{ matrix.platform }}
steps:
- uses: actions/checkout@v4
- name: Setup for macOS code signing
if: matrix.platform == 'macos-12' || matrix.platform == 'macos-latest'
uses: matthme/import-codesign-certs@5565bb656f60c98c8fc515f3444dd8db73545dc2
with:
p12-file-base64: ${{ secrets.APPLE_CERTIFICATE }}
p12-password: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }}
- name: setup node
uses: actions/setup-node@v4
with:
node-version: 18
- name: Retrieve version
run: |
echo "Retrieved App version: $(node -p -e "require('./package.json').version")"
echo "APP_VERSION=$(node -p -e "require('./package.json').version")" >> $GITHUB_OUTPUT
id: version
shell: bash
- name: install Rust stable
uses: actions-rs/toolchain@v1
with:
override: true
toolchain: 1.77.2
- name: install Go stable
uses: actions/setup-go@v4
with:
go-version: 'stable'
- name: Cache rust-utils build
id: cache-rust-utils
uses: actions/cache@v4
with:
path: rust-utils/dist
key: ${{ matrix.platform }}-rust-utils-${{ needs.extract-versions.outputs.rust_utils_version }}
- name: Conditionally Setup rust-utils
if: steps.cache-rust-utils.outputs.cache-hit != 'true'
run: yarn setupForCI
- name: build and install libs and dependencies
run: yarn build:libs
- name: install default apps
run: |
mkdir resources/default-apps
yarn fetch:default-apps
yarn fetch:binaries
- name: build and upload the app (macOS arm64)
if: matrix.platform == 'macos-latest'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
APPLE_DEV_IDENTITY: ${{ secrets.APPLE_SIGNING_IDENTITY }}
APPLE_ID_EMAIL: ${{ secrets.APPLE_ID }}
APPLE_ID_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
DEBUG: electron-osx-sign*,electron-notarize*
run: |
shasum resources/default-apps/devhub.happ
shasum resources/default-apps/appstore.happ
yarn build:mac-arm64
ls dist
- name: build and upload the app (macOS x64)
if: matrix.platform == 'macos-12'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
APPLE_DEV_IDENTITY: ${{ secrets.APPLE_SIGNING_IDENTITY }}
APPLE_ID_EMAIL: ${{ secrets.APPLE_ID }}
APPLE_ID_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
DEBUG: electron-osx-sign*,electron-notarize*
run: |
shasum resources/default-apps/devhub.happ
shasum resources/default-apps/appstore.happ
yarn build:mac-x64
ls dist
- name: build and upload the app (Linux)
if: matrix.platform == 'ubuntu-22.04'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
shasum resources/default-apps/devhub.happ
shasum resources/default-apps/appstore.happ
yarn build:linux
ls dist
# Modify the postinst script of the .deb file
node ./scripts/extend-deb-postinst.mjs
gh release upload "v${{ steps.version.outputs.APP_VERSION }}" "latest-linux.yml" --clobber
gh release upload "v${{ steps.version.outputs.APP_VERSION }}" "dist/holochain-launcher-0.3_${{ steps.version.outputs.APP_VERSION }}_amd64.deb" --clobber
- name: build, sign and upload the app (Windows)
if: matrix.platform == 'windows-2019'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
yarn build:win
ls dist
dotnet tool install --global --version 4.0.1 AzureSignTool
echo "sha512 before code signing"
CertUtil -hashfile "dist/holochain-launcher-0.3-${{ steps.version.outputs.APP_VERSION }}-setup.exe" SHA512
AzureSignTool sign -kvu "${{ secrets.AZURE_KEY_VAULT_URI }}" -kvi "${{ secrets.AZURE_CLIENT_ID }}" -kvt "${{ secrets.AZURE_TENANT_ID }}" -kvs "${{ secrets.AZURE_CLIENT_SECRET }}" -kvc ${{ secrets.AZURE_CERT_NAME }} -tr http://timestamp.digicert.com -v "dist/holochain-launcher-0.3-${{ steps.version.outputs.APP_VERSION }}-setup.exe"
echo "sha512 after code signing"
CertUtil -hashfile "dist/holochain-launcher-0.3-${{ steps.version.outputs.APP_VERSION }}-setup.exe" SHA512
# Overwrite the latest.yml with one containing the sha512 of the code signed setup.exe file
node ./scripts/latest-yaml.js
gh release upload "latest.yml" "latest.yml" --clobber
# Overwrite the setup.exe file with the code signed one
gh release upload "v${{ steps.version.outputs.APP_VERSION }}" "dist/holochain-launcher-0.3-${{ steps.version.outputs.APP_VERSION }}-setup.exe" --clobber
- name: Merge latest-mac.yml mac release files
if: matrix.platform == 'macos-latest' || matrix.platform == 'macos-12'
run: |
node ./scripts/merge-mac-yamls.mjs
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# mark-as-prerelease:
# needs: [publish, create-draft-release]
# runs-on: ubuntu-latest
# steps:
# - uses: actions/checkout@v4
# - uses: actions/setup-node@v4
# with:
# node-version: '18'
# - name: Mark release as pre-release
# run: |
# curl \
# -X PATCH \
# -H "Accept: application/vnd.github.v3+json" \
# -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
# https://api.github.com/repos/${{ github.repository }}/releases/${{ needs.create-draft-release.outputs.release_id }} \
# -d '{
# "prerelease": true,
# "draft": false
# }'