Create GitHub release #119
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Create GitHub release | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| release: | |
| type: choice | |
| description: 'Should this build be released?' | |
| options: | |
| - true | |
| - false | |
| default: 'false' | |
| ref_to_build: | |
| description: 'Ref to build (only tested by providing tags), e.g. v6.1.0' | |
| required: true | |
| env: | |
| SIGNAL_TAG: ${{ inputs.ref_to_build }} | |
| jobs: | |
| windows: | |
| runs-on: windows-2019 | |
| defaults: | |
| run: | |
| shell: pwsh | |
| steps: | |
| - name: Get GH token | |
| id: generate_token | |
| uses: tibdex/github-app-token@b62528385c34dbc9f38e5f4225ac829252d1ea92 | |
| with: | |
| app_id: ${{ secrets.GH_APP_DENNIS_APP_ID }} | |
| private_key: ${{ secrets.GH_APP_DENNIS_PRIVATE_KEY }} | |
| - uses: actions/checkout@v3 | |
| with: | |
| repository: 'signalapp/signal-desktop' | |
| ref: ${{ inputs.ref_to_build }} | |
| token: ${{ steps.generate_token.outputs.token }} | |
| fetch-depth: 200 | |
| - name: Create ${{ inputs.ref_to_build }} tag in dennisameling/Signal-Desktop | |
| shell: bash | |
| run: | | |
| git remote add dennis https://github.com/dennisameling/Signal-Desktop | |
| git push --force dennis HEAD:refs/tags/$SIGNAL_TAG | |
| - uses: actions/checkout@v3 | |
| with: | |
| path: ./tmp-automation-release-scripts | |
| - uses: actions/setup-node@v3 | |
| with: | |
| node-version-file: '.nvmrc' | |
| - run: npm install -g yarn@1.22.10 npm@10.2.5 node-gyp@10.0.1 | |
| - name: Prepare release signing | |
| shell: bash | |
| run: | | |
| echo ${{ secrets.SIGN_RELEASE_PUBLIC_KEY }} >> public.key | |
| echo ${{ secrets.SIGN_RELEASE_PRIVATE_KEY }} >> private.key | |
| # The script below ensures that we overwrite some defaults from the official Signal repo | |
| - name: Overwrite updates server, public key, etc. | |
| shell: bash | |
| run: PUBLIC_KEY="${{ secrets.SIGN_RELEASE_PUBLIC_KEY }}" SIGNAL_DIR="${{ github.workspace }}" node ./tmp-automation-release-scripts/patch-files.mjs | |
| - run: git diff | |
| - name: Install Desktop node_modules | |
| run: yarn install --frozen-lockfile | |
| - run: yarn generate | |
| - run: yarn build | |
| env: | |
| DISABLE_INSPECT_FUSE: on | |
| # Rebuild deps for tests | |
| - run: yarn electron:install-app-deps | |
| - run: yarn test-electron | |
| timeout-minutes: 5 | |
| - run: | | |
| yarn sign-release | |
| Remove-Item public.key | |
| Remove-Item private.key | |
| - name: Upload artifacts | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: signal-desktop-win-all | |
| path: | | |
| release/*.exe | |
| release/*.exe.sig | |
| release/latest*.yml | |
| - name: Copy files for FTP upload | |
| if: inputs.release == 'true' | |
| shell: bash | |
| run: | | |
| mkdir -p release-ftp | |
| cp release/*.exe release-ftp | |
| cp release/*.exe.sig release-ftp | |
| cp release/latest*.yml release-ftp | |
| - name: Deploy binaries | |
| if: inputs.release == 'true' | |
| uses: dennisameling/ftp-upload-action@v1 | |
| with: | |
| server: ${{ secrets.FTP_HOST }} | |
| username: ${{ secrets.FTP_USER }} | |
| password: ${{ secrets.FTP_PASSWORD }} | |
| local_dir: ./release-ftp/ | |
| release: | |
| needs: windows | |
| runs-on: ubuntu-latest | |
| if: inputs.release == 'true' | |
| outputs: | |
| release_url: ${{ steps.release-url.outputs.html_url }} | |
| signal_version: ${{ steps.signal-version.outputs.version }} | |
| steps: | |
| - name: Get GH token | |
| id: generate_token | |
| uses: tibdex/github-app-token@b62528385c34dbc9f38e5f4225ac829252d1ea92 | |
| with: | |
| app_id: ${{ secrets.GH_APP_DENNIS_APP_ID }} | |
| private_key: ${{ secrets.GH_APP_DENNIS_PRIVATE_KEY }} | |
| # Turns v6.1.0 into 6.1.0 | |
| - name: Get version from tag | |
| id: signal-version | |
| run: | | |
| SIGNAL_VERSION=${SIGNAL_TAG#"v"} | |
| echo "SIGNAL_VERSION=${SIGNAL_VERSION}" >> $GITHUB_ENV | |
| echo "SIGNAL_TAG=${SIGNAL_TAG}" >> $GITHUB_ENV | |
| echo "::set-output name=version::${SIGNAL_VERSION}" | |
| - uses: ncipollo/release-action@v1 | |
| id: release-url | |
| with: | |
| owner: dennisameling | |
| repo: Signal-Desktop | |
| tag: ${{ inputs.ref_to_build }} | |
| body: | | |
| This is the v${{ env.SIGNAL_VERSION }} release. Existing users of Signal Unofficial will get an in-app update notification. | |
| Windows arm64: | |
| https://signal.dennisameling.com/dl/signal-desktop-unofficial-win-arm64-${{ env.SIGNAL_VERSION }}.exe | |
| **Note:** this release also contains a `.deb` file for Linux users. Note that auto-updates are **not** supported on this platform. | |
| name: v${{ env.SIGNAL_VERSION }} | |
| token: ${{ steps.generate_token.outputs.token }} | |
| - uses: actions/github-script@v6.4.0 | |
| name: Trigger CircleCI build + publish | |
| env: | |
| CIRCLECI_API_TOKEN: ${{ secrets.CIRCLECI_API_TOKEN }} | |
| GITHUB_RELEASE_UPLOAD_URL: ${{ steps.release-url.outputs.upload_url }} | |
| with: | |
| script: | | |
| await fetch('https://circleci.com/api/v2/project/gh/dennisameling/signal-desktop-automation/pipeline', { | |
| method: 'post', | |
| body: JSON.stringify({ | |
| branch: 'main', | |
| parameters: { | |
| ref_to_build: process.env.SIGNAL_TAG, | |
| github_actions_release_upload_url: process.env.GITHUB_RELEASE_UPLOAD_URL | |
| } | |
| }), | |
| headers: { | |
| 'Circle-Token': process.env.CIRCLECI_API_TOKEN, | |
| 'Content-Type': 'application/json' | |
| } | |
| }); | |
| console.log(`Successfully started CircleCI pipeline. It'll add the generated binary to the GitHub release when it's done.`) |