mirror of
https://github.com/gitbutlerapp/gitbutler.git
synced 2024-12-18 23:02:31 +03:00
265 lines
9.1 KiB
YAML
265 lines
9.1 KiB
YAML
name: "Publish"
|
|
on:
|
|
workflow_run:
|
|
workflows: ["Nightly build"]
|
|
types:
|
|
- completed
|
|
|
|
workflow_dispatch:
|
|
inputs:
|
|
channel:
|
|
type: choice
|
|
required: true
|
|
description: channel
|
|
options:
|
|
- release
|
|
- nightly
|
|
bump:
|
|
type: choice
|
|
required: true
|
|
description: update type
|
|
options:
|
|
- undefined
|
|
- patch
|
|
- minor
|
|
- major
|
|
|
|
jobs:
|
|
build-tauri:
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
platform:
|
|
- macos-latest # [macOs, x64]
|
|
- macos-latest-xlarge # [macOs, ARM64]
|
|
- ubuntu-20.04 # [linux, x64]
|
|
- windows-latest # [windows, x64]
|
|
|
|
runs-on: ${{ matrix.platform }}
|
|
|
|
outputs:
|
|
platform: ${{ matrix.platform }}
|
|
channel: ${{ env.channel }}
|
|
|
|
env:
|
|
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
|
|
|
|
steps:
|
|
# Because GitHub broke perl installations sometime in 2022 on Windows.
|
|
- name: perl -V (before re-install)
|
|
if: runner.os == 'Windows'
|
|
run: which perl && perl -V
|
|
- name: Setup perl
|
|
if: runner.os == 'Windows'
|
|
uses: shogo82148/actions-setup-perl@v1
|
|
with:
|
|
perl-version: "5.38"
|
|
distribution: strawberry
|
|
- name: Set git to use LF
|
|
if: runner.os == 'Windows'
|
|
run: |
|
|
git config --global core.autocrlf false
|
|
git config --global core.eol lf
|
|
- name: perl -V
|
|
if: runner.os == 'Windows'
|
|
run: which perl && perl -V
|
|
- name: Ensure we have a working Perl toolchain
|
|
if: runner.os == 'Windows'
|
|
run: cpanm ExtUtils::Manifest App::cpanminus Locale::Maketext::Simple
|
|
- name: Set Perl environment variables
|
|
if: runner.os == 'Windows'
|
|
run: |
|
|
echo "PERL=$((where.exe perl)[0])" | Out-File -FilePath $env:GITHUB_ENV -Append -Encoding utf8
|
|
echo "OPENSSL_SRC_PERL=$((where.exe perl)[0])" | Out-File -FilePath $env:GITHUB_ENV -Append -Encoding utf8
|
|
|
|
- uses: actions/checkout@v4
|
|
with:
|
|
token: ${{ secrets.PAT_JUNON }} # custom token here so that we can push tags later
|
|
- uses: ./.github/actions/init-env-rust
|
|
- uses: ./.github/actions/init-env-node
|
|
|
|
- name: Set nightly params
|
|
shell: bash
|
|
if: ${{!!github.event.workflow_run }}
|
|
run: |
|
|
echo "channel=nightly" >> $GITHUB_ENV
|
|
echo "bump=patch" >> $GITHUB_ENV
|
|
|
|
- name: Use input params
|
|
shell: bash
|
|
if: ${{ !github.event.workflow_run }}
|
|
run: |
|
|
echo "channel=${{ github.event.inputs.channel }}" >> $GITHUB_ENV
|
|
echo "bump=${{ github.event.inputs.bump }}" >> $GITHUB_ENV
|
|
|
|
- name: Set env variable with version
|
|
shell: bash
|
|
run: |
|
|
CURRENT_VERSION="$(curl --silent "https://app.gitbutler.com/releases/${{ env.channel }}" | jq -r '.version')"
|
|
NEXT_VERSION=$(./scripts/next.sh "${CURRENT_VERSION}" "${{ env.bump }}")
|
|
echo "version=$NEXT_VERSION" >> $GITHUB_ENV
|
|
mkdir -p release && echo "$NEXT_VERSION" > release/version
|
|
|
|
- name: import gpg key
|
|
if: runner.os == 'Linux'
|
|
uses: crazy-max/ghaction-import-gpg@v6
|
|
with:
|
|
gpg_private_key: ${{ secrets.APPIMAGE_PRIVATE_KEY }}
|
|
passphrase: ${{ secrets.APPIMAGE_KEY_PASSPHRASE }}
|
|
|
|
- name: install linux dependencies
|
|
shell: bash
|
|
if: runner.os == 'Linux'
|
|
run: sudo apt-get install -y libwebkit2gtk-4.0-dev build-essential curl wget file libssl-dev libgtk-3-dev libayatana-appindicator3-dev librsvg2-dev
|
|
|
|
- name: Build binary
|
|
shell: bash
|
|
run: |
|
|
./scripts/release.sh \
|
|
--sign \
|
|
--channel "${{ env.channel }}" \
|
|
--dist "./release" \
|
|
--version "${{ env.version }}"
|
|
env:
|
|
TAURI_PRIVATE_KEY: ${{ secrets.TAURI_PRIVATE_KEY }}
|
|
TAURI_KEY_PASSWORD: ${{ secrets.TAURI_KEY_PASSWORD }}
|
|
APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }}
|
|
APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }}
|
|
APPLE_SIGNING_IDENTITY: ${{ secrets.APPLE_SIGNING_IDENTITY }}
|
|
APPLE_ID: ${{ secrets.APPLE_ID }}
|
|
APPLE_TEAM_ID: ${{ secrets.APPLE_PROVIDER_SHORT_NAME }}
|
|
APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
|
|
APPIMAGE_KEY_ID: ${{ secrets.APPIMAGE_KEY_ID }}
|
|
APPIMAGE_KEY_PASSPHRASE: ${{ secrets.APPIMAGE_KEY_PASSPHRASE }}
|
|
|
|
- name: Upload Artifacts
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: "${{ env.channel }}-${{ matrix.platform }}-${{ github.run_number }}"
|
|
path: release/
|
|
if-no-files-found: error
|
|
|
|
- name: Prepare Windows Aux Binary Artifacts
|
|
if: runner.os == 'Windows'
|
|
shell: bash
|
|
run: |
|
|
rm -rf tauri-aux-artifacts
|
|
mkdir -p tauri-aux-artifacts
|
|
cp target/release/gitbutler-git-askpass.exe tauri-aux-artifacts/
|
|
|
|
- name: Upload Windows Aux Binary Artifacts
|
|
uses: actions/upload-artifact@v4
|
|
if: runner.os == 'Windows'
|
|
with:
|
|
name: "${{ env.channel }}-windows-aux-${{ github.run_number }}"
|
|
path: tauri-aux-artifacts/
|
|
if-no-files-found: error
|
|
|
|
sign-tauri:
|
|
needs: build-tauri
|
|
runs-on: [self-hosted, evcodesignd]
|
|
strategy:
|
|
matrix:
|
|
platform:
|
|
- windows-latest # [windows, x64]
|
|
steps:
|
|
- name: Clear out old artifacts
|
|
shell: bash
|
|
run: rm -rf release
|
|
- name: Download unsigned artifacts
|
|
uses: actions/download-artifact@v4
|
|
with:
|
|
name: "${{ needs.build-tauri.outputs.channel }}-${{ matrix.platform }}-${{ github.run_number }}"
|
|
path: release
|
|
- name: Sign Windows binary
|
|
shell: bash
|
|
run: |
|
|
find release -name "*.msi" -type f -print0 | xargs -0 -n1 -I{} python3 /sign-with-evcodesignd.py "{}"
|
|
env:
|
|
EVCODESIGND_PSK: ${{ secrets.EVCODESIGND_PSK }}
|
|
- name: Upload signed artifacts
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: "${{ needs.build-tauri.outputs.channel }}-${{ matrix.platform }}-${{ github.run_number }}"
|
|
path: release/
|
|
if-no-files-found: error
|
|
overwrite: true
|
|
|
|
publish-tauri:
|
|
needs: [sign-tauri, build-tauri]
|
|
runs-on: ubuntu-latest
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
platform:
|
|
- macos-latest # [macOs, x64]
|
|
- macos-latest-xlarge # [macOs, ARM64]
|
|
- ubuntu-20.04 # [linux, x64]
|
|
- windows-latest # [windows, x64]
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
with:
|
|
token: ${{ secrets.PAT_JUNON }} # custom token here so that we can push tags later
|
|
- name: Download artifacts
|
|
uses: actions/download-artifact@v4
|
|
with:
|
|
name: "${{ needs.build-tauri.outputs.channel }}-${{ matrix.platform }}-${{ github.run_number }}"
|
|
path: release
|
|
- name: Extract version
|
|
shell: bash
|
|
run: |
|
|
VERSION="$(cat release/version)"
|
|
echo "version=$VERSION" >> $GITHUB_ENV
|
|
- name: Prepare S3 payload
|
|
shell: bash
|
|
run: |
|
|
rm -rf release-s3
|
|
mkdir -p release-s3
|
|
rsync -avE --prune-empty-dirs --include-from='.github/workflows/publish.include.txt' --exclude='*' release/ release-s3/
|
|
bash scripts/normalize-spaces.sh ./release-s3
|
|
- uses: shallwefootball/s3-upload-action@master
|
|
name: Upload To S3
|
|
id: S3
|
|
with:
|
|
aws_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }}
|
|
aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
|
|
aws_bucket: "releases.gitbutler.com"
|
|
source_dir: "release-s3/"
|
|
destination_dir: "releases/${{ needs.build-tauri.outputs.channel }}/${{ env.version }}-${{ github.run_number }}"
|
|
|
|
# tell our server to update with the version number
|
|
- name: Tell our server to update
|
|
shell: bash
|
|
run: |
|
|
curl 'https://app.gitbutler.com/api/releases' \
|
|
--fail \
|
|
--request POST \
|
|
--header 'Content-Type: application/json' \
|
|
--header 'X-Auth-Token: ${{ secrets.BOT_AUTH_TOKEN }}' \
|
|
--data '{"channel":"${{ needs.build-tauri.outputs.channel }}","version":"${{ env.version }}-${{ github.run_number }}","sha":"${{ github.sha }}"}'
|
|
|
|
- name: Tag release
|
|
shell: bash
|
|
env:
|
|
TAG_NAME: "${{ needs.build-tauri.outputs.channel }}/${{ env.version }}"
|
|
run: |
|
|
function tag_exists() {
|
|
git tag --list | grep -q "^$1$"
|
|
}
|
|
function fetch_tag() {
|
|
git fetch origin "refs/tags/$1:refs/tags/$1"
|
|
}
|
|
function delete_tag() {
|
|
git push --delete origin "$1"
|
|
}
|
|
function create_tag() {
|
|
git tag --force "$1"
|
|
git push --tags
|
|
}
|
|
|
|
fetch_tag "$TAG_NAME" || true
|
|
if tag_exists "$TAG_NAME"; then
|
|
delete_tag "$TAG_NAME"
|
|
fi
|
|
create_tag "$TAG_NAME"
|