Merge branch 'fix/factory-reset-windows' into release-debug #98
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: 'publish' | |
on: | |
push: | |
branches: | |
- release-debug | |
jobs: | |
extract-versions: | |
uses: ./.github/workflows/get-versions.yaml | |
create-draft-release: | |
needs: extract-versions | |
runs-on: ubuntu-latest | |
outputs: | |
release_id: ${{ steps.create_release.outputs.id }} | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-node@v4 | |
with: | |
node-version: '18' | |
- name: Create Draft Release | |
id: create_release | |
uses: ncipollo/release-action@v1 | |
with: | |
tag: v${{ needs.extract-versions.outputs.version }} | |
commit: ${{ github.sha }} | |
name: v${{ needs.extract-versions.outputs.version }} (Holochain v${{ needs.extract-versions.outputs.holochain_version }}) | |
draft: true | |
generateReleaseNotes: true | |
omitBodyDuringUpdate: true | |
allowUpdates: true | |
publish: | |
needs: [extract-versions, create-draft-release] | |
strategy: | |
fail-fast: false | |
matrix: | |
# platform: [windows-2019, macos-11, macos-latest, ubuntu-22.04] | |
platform: [windows-2019] | |
env: | |
MACOSX_DEPLOYMENT_TARGET: 10.13 | |
permissions: | |
contents: write | |
runs-on: ${{ matrix.platform }} | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Setup for macOS code signing | |
if: matrix.platform == 'macos-11' || matrix.platform == 'macos-latest' | |
uses: matthme/import-codesign-certs@5565bb656f60c98c8fc515f3444dd8db73545dc2 | |
with: | |
p12-file-base64: ${{ secrets.APPLE_CERTIFICATE }} | |
p12-password: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }} | |
- name: setup node | |
uses: actions/setup-node@v4 | |
with: | |
node-version: 18 | |
- name: Retrieve version | |
run: | | |
echo "Retrieved App version: $(node -p -e "require('./package.json').version")" | |
echo "APP_VERSION=$(node -p -e "require('./package.json').version")" >> $GITHUB_OUTPUT | |
id: version | |
shell: bash | |
- name: install Rust stable | |
uses: actions-rs/toolchain@v1 | |
with: | |
override: true | |
toolchain: stable | |
- name: install Go stable | |
uses: actions/setup-go@v4 | |
with: | |
go-version: 'stable' | |
- name: Cache rust-utils build | |
id: cache-rust-utils | |
uses: actions/cache@v4 | |
with: | |
path: rust-utils/dist | |
key: ${{ matrix.platform }}-rust-utils-${{ needs.extract-versions.outputs.rust_utils_version }} | |
- name: Conditionally Setup rust-utils | |
if: steps.cache-rust-utils.outputs.cache-hit != 'true' | |
run: yarn setupForCI | |
- name: build and install libs and dependencies | |
run: yarn build:libs | |
- name: install default apps | |
run: | | |
mkdir resources/default-apps | |
yarn fetch:default-apps | |
yarn fetch:binaries | |
- name: build and upload the app (macOS arm64) | |
if: matrix.platform == 'macos-latest' | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
APPLE_DEV_IDENTITY: ${{ secrets.APPLE_SIGNING_IDENTITY }} | |
APPLE_ID_EMAIL: ${{ secrets.APPLE_ID }} | |
APPLE_ID_PASSWORD: ${{ secrets.APPLE_PASSWORD }} | |
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} | |
DEBUG: electron-osx-sign*,electron-notarize* | |
run: | | |
yarn build:mac-arm64 | |
ls dist | |
- name: build and upload the app (macOS x64) | |
if: matrix.platform == 'macos-11' | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
APPLE_DEV_IDENTITY: ${{ secrets.APPLE_SIGNING_IDENTITY }} | |
APPLE_ID_EMAIL: ${{ secrets.APPLE_ID }} | |
APPLE_ID_PASSWORD: ${{ secrets.APPLE_PASSWORD }} | |
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} | |
DEBUG: electron-osx-sign*,electron-notarize* | |
run: | | |
yarn build:mac-x64 | |
ls dist | |
- name: build and upload the app (Linux) | |
if: matrix.platform == 'ubuntu-22.04' | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run: | | |
yarn build:linux | |
ls dist | |
- name: build, sign and upload the app (Windows) | |
if: matrix.platform == 'windows-2019' | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run: | | |
yarn build:win | |
ls dist | |
dotnet tool install --global --version 4.0.1 AzureSignTool | |
echo "sha512 before code signing" | |
CertUtil -hashfile "dist/holochain-launcher-0.4-${{ steps.version.outputs.APP_VERSION }}-setup.exe" SHA512 | |
AzureSignTool sign -kvu "${{ secrets.AZURE_KEY_VAULT_URI }}" -kvi "${{ secrets.AZURE_CLIENT_ID }}" -kvt "${{ secrets.AZURE_TENANT_ID }}" -kvs "${{ secrets.AZURE_CLIENT_SECRET }}" -kvc ${{ secrets.AZURE_CERT_NAME }} -tr http://timestamp.digicert.com -v "dist/holochain-launcher-0.4-${{ steps.version.outputs.APP_VERSION }}-setup.exe" | |
echo "sha512 after code signing" | |
CertUtil -hashfile "dist/holochain-launcher-0.4-${{ steps.version.outputs.APP_VERSION }}-setup.exe" SHA512 | |
# Overwrite the latest.yml with one containing the sha512 of the code signed setup.exe file | |
node ./scripts/latest-yaml.js | |
gh release upload "latest.yml" "latest.yml" --clobber | |
# Overwrite the setup.exe file with the code signed one | |
gh release upload "v${{ steps.version.outputs.APP_VERSION }}" "dist/holochain-launcher-0.4-${{ steps.version.outputs.APP_VERSION }}-setup.exe" --clobber | |
- name: Merge latest-mac.yml mac release files | |
if: matrix.platform == 'macos-latest' || matrix.platform == 'macos-11' | |
run: | | |
node ./scripts/merge-mac-yamls.mjs | |
env: | |
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
# mark-as-prerelease: | |
# needs: [publish, create-draft-release] | |
# runs-on: ubuntu-latest | |
# steps: | |
# - uses: actions/checkout@v4 | |
# - uses: actions/setup-node@v4 | |
# with: | |
# node-version: '18' | |
# - name: Mark release as pre-release | |
# run: | | |
# curl \ | |
# -X PATCH \ | |
# -H "Accept: application/vnd.github.v3+json" \ | |
# -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \ | |
# https://api.github.com/repos/${{ github.repository }}/releases/${{ needs.create-draft-release.outputs.release_id }} \ | |
# -d '{ | |
# "prerelease": true, | |
# "draft": false | |
# }' | |