Skip to content

publish

publish #39

Workflow file for this run

name: "publish"
# change this when ready to release if you want CI/CD
on: workflow_dispatch
env:
CN_APPLICATION: cap/cap
APP_CARGO_TOML: apps/desktop/src-tauri/Cargo.toml
jobs:
draft:
runs-on: ubuntu-latest
outputs:
version: ${{ steps.read_version.outputs.value }}
needs_release: ${{ steps.create_tag.outputs.tag_existed != 'true' }}
permissions:
contents: write
steps:
- uses: actions/checkout@v4
- name: Read version number
uses: SebRollen/toml-action@v1.0.2
id: read_version
with:
file: ${{ env.APP_CARGO_TOML }}
field: "package.version"
- name: Create tag
id: create_tag
if: ${{ steps.create_tag.outputs.tag_existed != 'true' }}
uses: actions/github-script@v7
with:
script: |
const tag = "cap-v${{ steps.read_version.outputs.value }}";
const tagRef = `tags/${tag}`;
const TAG_EXISTED = "tag_existed";
async function main() {
let tagExisted = true;
try {
await github.rest.git.getRef({
ref: tagRef,
owner: context.repo.owner,
repo: context.repo.repo,
});
tagExisted = true;
core.notice(`Release skipped as tag '${tag}' already exists. Update the version in '${{ env.APP_CARGO_TOML }}' before starting another release.`);
} catch (error) {
if ("status" in error && error.status === 404) tagExisted = false;
else throw error;
}
core.setOutput(TAG_EXISTED, tagExisted);
if (!tagExisted)
await github.rest.git.createRef({
ref: `refs/${tagRef}`,
owner: context.repo.owner,
repo: context.repo.repo,
sha: context.sha,
});
}
main();
- name: create draft release
uses: crabnebula-dev/cloud-release@v0
with:
command: release draft ${{ env.CN_APPLICATION }} ${{ steps.read_version.outputs.value }} --framework tauri
api-key: ${{ secrets.CN_API_KEY }}
build:
needs: draft
if: ${{ needs.draft.outputs.needs_release == 'true' }}
permissions:
contents: write
runs-on: macos-latest
strategy:
fail-fast: false
matrix:
settings:
- target: x86_64-apple-darwin
prebuild: x86_64
- target: aarch64-apple-darwin
prebuild: aarch64
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Create API Key File
run: echo "${{ secrets.APPLE_API_KEY_FILE }}" > api.p8
- uses: apple-actions/import-codesign-certs@v2
with:
p12-file-base64: ${{ secrets.APPLE_CERTIFICATE }}
p12-password: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }}
- name: Verify certificate
run: security find-identity -v -p codesigning ${{ runner.temp }}/build.keychain
- name: Rust setup
uses: dtolnay/rust-toolchain@stable
with:
targets: ${{ matrix.settings.target }}
- name: Rust cache
uses: swatinem/rust-cache@v2
with:
shared-key: ${{ matrix.settings.target }}
- name: Setup pnpm
uses: pnpm/action-setup@v4
with:
version: 8.10.5
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: "20"
cache: pnpm
- name: Install dependencies
run: pnpm install
- name: Create .env file in root
run: |
echo "appVersion=${{ needs.draft.outputs.version }}" >> .env
echo "CAP_DESKTOP_SENTRY_URL=https://efd3156d9c0a8a49bee3ee675bec80d8@o4506859771527168.ingest.us.sentry.io/4506859844403200" >> .env
echo "NEXT_PUBLIC_URL=${{ secrets.NEXT_PUBLIC_URL }}" >> .env
echo 'NEXTAUTH_URL=${NEXT_PUBLIC_URL}' >> .env
echo 'VITE_SERVER_URL=${NEXT_PUBLIC_URL}' >> .env
- name: Copy .env to apps/desktop
run: cp .env apps/desktop/.env
- name: Output .env file
run: cat apps/desktop/.env
- name: Build MacOS Apps
working-directory: apps/desktop
run: |
export TARGET_TRIPLE=${{ matrix.settings.target }}
node ${{ github.workspace }}/.github/prebuild.js ${{ matrix.settings.prebuild }}
pnpm tauri build --target ${{ matrix.settings.target }}
env:
# https://github.com/tauri-apps/tauri-action/issues/740
CI: false
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# codesigning
APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }}
APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }}
APPLE_SIGNING_IDENTITY: ${{ secrets.APPLE_SIGNING_IDENTITY }}
# notarization
APPLE_API_ISSUER: ${{ secrets.APPLE_API_ISSUER }}
APPLE_API_KEY: ${{ secrets.APPLE_API_KEY }}
APPLE_API_KEY_PATH: ${{ github.workspace }}/api.p8
APPLE_KEYCHAIN: ${{ runner.temp }}/build.keychain
TAURI_SIGNING_PRIVATE_KEY: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY }}
TAURI_SIGNING_PRIVATE_KEY_PASSWORD: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY_PASSWORD }}
- name: upload assets
uses: crabnebula-dev/cloud-release@v0
with:
command: release upload ${{ env.CN_APPLICATION }} "${{ needs.draft.outputs.version }}" --framework tauri
api-key: ${{ secrets.CN_API_KEY }}