-
Notifications
You must be signed in to change notification settings - Fork 59
178 lines (168 loc) · 8.43 KB
/
publish.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
name: "Tauri - Publish"
on:
push:
branches:
- release
- refactor/production-build
jobs:
publish-tauri:
strategy:
fail-fast: false
matrix:
include:
- platform: "macos-latest"
args: "--target universal-apple-darwin"
- platform: "ubuntu-24.04"
args: ""
# - platform: "windows-latest"
# args: ""
runs-on: ${{ matrix.platform }}
steps:
- uses: actions/checkout@v4
# Setup tne node version we want
- name: Setup node
uses: actions/setup-node@v3
with:
node-version: 23
cache: 'npm'
cache-dependency-path: './apps/desktop-client/package-lock.json'
- name: install Rust stable
uses: moonrepo/setup-rust@v1
with:
channel: stable
# Install macos specific targets
- name: install intel & arm64 rust target (macos only)
if: matrix.platform == 'macos-latest'
run: |
rustup target add aarch64-apple-darwin
rustup target add x86_64-apple-darwin
# Install tauri build deps
- name: install tauri & plugins
working-directory: './apps/tauri'
run: npm install
- name: install front-end dependencies
working-directory: './apps/desktop-client'
run: npm install
# Install system dependencies
- name: install dependencies (ubuntu only)
if: matrix.platform == 'ubuntu-24.04'
run: |
sudo apt-get update
sudo apt install \
libwebkit2gtk-4.1-dev \
build-essential \
curl \
wget \
file \
libxdo-dev \
libssl-dev \
libayatana-appindicator3-dev \
librsvg2-dev
# Setup arch targets - linux
- name: setup arch target - linux
if: ${{startsWith(matrix.platform, 'ubuntu')}}
run: |
echo "target_arch=$(rustc -Vv | grep host | awk '{print $2 " "}')" >> $GITHUB_ENV
echo "target_ext=" >> $GITHUB_ENV
echo "target_os_name=linux" >> $GITHUB_ENV
- name: Setup arch target (windows only)
if: ${{startsWith(matrix.platform, 'windows')}}
run: |
echo "target_arch=x86_64-pc-windows-msvc" >> $env:GITHUB_ENV
echo "target_ext=.exe" >> $env:GITHUB_ENV
echo "target_os_name=win" >> $env:GITHUB_ENV
- name: Setup arch target (mac only)
if: matrix.platform == 'macos-latest'
run: |
echo "target_os_name=mac" >> $GITHUB_ENV
# Build stuff
- name: build sidecar (windows/linux)
if: ${{ matrix.platform == 'windows-latest' || startsWith(matrix.platform, 'ubuntu') }}
run: |
mkdir -p apps/tauri/binaries
cargo build -p spyglass --verbose --release
cp target/release/spyglass${{ env.target_ext }} apps/tauri/binaries/spyglass-server-${{ env.target_arch }}${{ env.target_ext }}
cp target/release/spyglass-debug${{ env.target_ext }} apps/tauri/binaries/spyglass-debug-${{ env.target_arch }}${{ env.target_ext }}
cp utils/${{ env.target_os_name }}/pdftotext${{ env.target_ext }} apps/tauri/binaries/pdftotext-${{ env.target_arch }}${{ env.target_ext }}
- name: build sidecar (macos)
if: matrix.platform == 'macos-latest'
run: |
mkdir -p apps/tauri/binaries
cargo build -p spyglass --verbose --release --target x86_64-apple-darwin;
cargo build -p spyglass --verbose --release --target aarch64-apple-darwin;
# For now only build the spyglass-debug on ARM, we'll provide
# the ARM build ourselves as part of the repo.
cargo build -p spyglass --bin spyglass-debug --verbose --release --target x86_64-apple-darwin;
cargo build -p spyglass --bin spyglass-debug --verbose --release --target aarch64-apple-darwin;
# tauri also expects these binaries to be in the binaries folder.
cp target/aarch64-apple-darwin/release/spyglass apps/tauri/binaries/spyglass-server-aarch64-apple-darwin;
cp target/x86_64-apple-darwin/release/spyglass apps/tauri/binaries/spyglass-server-x86_64-apple-darwin;
cp target/aarch64-apple-darwin/release/spyglass-debug apps/tauri/binaries/spyglass-debug-aarch64-apple-darwin;
cp target/x86_64-apple-darwin/release/spyglass-debug apps/tauri/binaries/spyglass-debug-x86_64-apple-darwin;
# There's no build specifically for ARM macs, so lets use the same one for both.
cp utils/mac/pdftotext apps/tauri/binaries/pdftotext-aarch64-apple-darwin;
cp utils/mac/pdftotext apps/tauri/binaries/pdftotext-x86_64-apple-darwin;
cp utils/mac/pdftotext apps/tauri/binaries/pdftotext-universal-apple-darwin;
lipo -create -output apps/tauri/binaries/spyglass-server-universal-apple-darwin \
target/x86_64-apple-darwin/release/spyglass \
target/aarch64-apple-darwin/release/spyglass;
lipo -create -output apps/tauri/binaries/spyglass-debug-universal-apple-darwin \
target/x86_64-apple-darwin/release/spyglass-debug \
target/aarch64-apple-darwin/release/spyglass-debug;
- name: import windows certificate
if: matrix.platform == 'windows-latest'
env:
WINDOWS_CERTIFICATE: ${{ secrets.WINDOWS_CERTIFICATE }}
WINDOWS_CERTIFICATE_PASSWORD: ${{ secrets.WINDOWS_CERTIFICATE_PASSWORD }}
run: |
New-Item -ItemType directory -Path certificate
Set-Content -Path certificate/tempCert.txt -Value $env:WINDOWS_CERTIFICATE
certutil -decode certificate/tempCert.txt certificate/certificate.pfx
Remove-Item -path certificate -include tempCert.txt
Import-PfxCertificate -FilePath certificate/certificate.pfx -CertStoreLocation Cert:\CurrentUser\My -Password (ConvertTo-SecureString -String $env:WINDOWS_CERTIFICATE_PASSWORD -Force -AsPlainText)
- name: Import Apple Developer certificate
if: matrix.platform == 'macos-latest'
env:
APPLE_ID: ${{ secrets.APPLE_ID }}
APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }}
APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }}
APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }}
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
run: |
echo $APPLE_CERTIFICATE | base64 --decode > certificate.p12
security create-keychain -p "$KEYCHAIN_PASSWORD" build.keychain
security default-keychain -s build.keychain
security unlock-keychain -p "$KEYCHAIN_PASSWORD" build.keychain
security import certificate.p12 -k build.keychain -P "$APPLE_CERTIFICATE_PASSWORD" -T /usr/bin/codesign
security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k "$KEYCHAIN_PASSWORD" build.keychain
security find-identity -v -p codesigning build.keychain
- name: Verify mac credentials
if: matrix.platform == 'macos-latest'
run: |
CERT_INFO=$(security find-identity -v -p codesigning build.keychain | grep "Apple Development")
CERT_ID=$(echo "$CERT_INFO" | awk -F'"' '{print $2}')
echo "CERT_ID=$CERT_ID" >> $GITHUB_ENV
echo "Certificate imported."
- uses: tauri-apps/tauri-action@v0
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
TAURI_SIGNING_PRIVATE_KEY: ${{ secrets.TAURI_PRIVATE_KEY }}
TAURI_SIGNING_PRIVATE_KEY_PASSWORD: ${{ secrets.TAURI_KEY_PASSWORD }}
# required for macOS code signing
ENABLE_CODE_SIGNING: ${{ secrets.APPLE_CERTIFICATE }}
APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }}
APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }}
APPLE_ID: ${{ secrets.APPLE_ID }}
APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
APPLE_SIGNING_IDENTITY: ${{ env.CERT_ID }}
with:
projectPath: "apps/tauri"
# Build universal binary on macOS
args: ${{ matrix.platform == 'macos-latest' && '--target universal-apple-darwin' || '' }} --config ./tauri.rel.conf.json
# the action automatically replaces \_\_VERSION\_\_ with the app version
tagName: v20__VERSION__
releaseName: "Spyglass v20__VERSION__"
releaseBody: "See the assets to download this version and install."
# releaseDraft: true
# prerelease: false