release #82
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: release | |
on: | |
push: | |
tags: | |
- v1.* | |
- v2.* | |
permissions: | |
contents: write | |
jobs: | |
create-release: | |
name: Create Release | |
runs-on: ubuntu-latest | |
steps: | |
- name: Create GitHub Release | |
uses: ncipollo/release-action@v1 | |
with: | |
allowUpdates: true | |
omitBody: true | |
omitBodyDuringUpdate: true | |
omitNameDuringUpdate: true | |
prerelease: true | |
token: ${{ github.token }} | |
build: | |
name: Build ${{ matrix.platform }}-${{ matrix.arch }} | |
needs: create-release | |
runs-on: ${{ matrix.os }} | |
environment: release | |
strategy: | |
fail-fast: false | |
matrix: | |
os: | |
- ubuntu-20.04 | |
- macos-12 | |
- windows-2019 | |
arch: | |
- x64 | |
include: | |
- os: ubuntu-20.04 | |
platform: linux | |
- os: macos-12 | |
platform: darwin | |
- os: windows-2019 | |
platform: win32 | |
- os: macos-13 | |
platform: darwin | |
arch: arm64 | |
- os: windows-2019 | |
platform: win32 | |
arch: ia32 | |
- os: windows-latest | |
platform: win32 | |
arch: arm64 | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Setup Node.js | |
uses: actions/setup-node@v4 | |
with: | |
node-version: 18 | |
cache: npm | |
- name: Workaround node-gyp issue 2915 | |
if: matrix.platform == 'darwin' | |
run: python3 -m pip install setuptools | |
- name: Install and build dependencies | |
run: npm clean-install --no-progress | |
- name: Rebuild native dependencies | |
run: npm run rebuild -- --force --arch ${{ matrix.arch }} | |
- name: Setup macOS keychain and signing certificates | |
if: matrix.platform == 'darwin' | |
run: | | |
# Create temporary keychain | |
security create-keychain -p "$KEYCHAIN_PASS" "$KEYCHAIN" | |
security set-keychain-settings -lut 3600 "$KEYCHAIN" | |
security unlock-keychain -p "$KEYCHAIN_PASS" "$KEYCHAIN" | |
security default-keychain -s "$KEYCHAIN" | |
# Import signing certificate | |
echo -n "$SIGN_CERT" | base64 --decode > "${RUNNER_TEMP}/cert.p12" | |
security import "${RUNNER_TEMP}/cert.p12" -P "$SIGN_CERT_PASS" -T /usr/bin/codesign -k "$KEYCHAIN" | |
security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k "$KEYCHAIN_PASS" "$KEYCHAIN" | |
# Import API key for notarization | |
mkdir -p "$HOME/.private_keys" | |
echo "$NOTARY_KEY" > "$HOME/.private_keys/AuthKey_${NOTARY_KEY_ID}.p8" | |
env: | |
SIGN_CERT: ${{ secrets.MAC_CERT }} | |
SIGN_CERT_PASS: ${{ secrets.MAC_CERT_PASS }} | |
KEYCHAIN: ${{ secrets.KEYCHAIN }} | |
KEYCHAIN_PASS: ${{ secrets.KEYCHAIN_PASS }} | |
NOTARY_KEY: ${{ secrets.APPLE_API_KEY }} | |
NOTARY_KEY_ID: ${{ secrets.APPLE_API_KEY_ID }} | |
- name: Setup Windows signing certificate | |
if: matrix.platform == 'win32' | |
run: | | |
echo -n "$SIGN_CERT_BASE64" | base64 --decode > "${RUNNER_TEMP}/cert.p12" | |
shell: bash | |
env: | |
SIGN_CERT_BASE64: ${{ secrets.WIN_CERT }} | |
- name: Create production build | |
run: npm run build | |
env: | |
npm_config_arch: ${{ matrix.arch }} | |
SIGN_CERT: ${{ secrets.MAC_CERT_ID }} | |
SIGN_KEYCHAIN: ${{ secrets.KEYCHAIN }} | |
NOTARY_KEY_ID: ${{ secrets.APPLE_API_KEY_ID }} | |
NOTARY_KEY_ISSUER: ${{ secrets.APPLE_API_KEY_ISSUER }} | |
- name: Create release assets | |
run: npm run pack | |
env: | |
npm_config_arch: ${{ matrix.arch }} | |
SIGN_CERT: ${{ runner.temp }}\\cert.p12 | |
SIGN_PASS: ${{ secrets.WIN_CERT_PASS }} | |
- name: Upload Linux release assets | |
if: matrix.platform == 'linux' | |
uses: ncipollo/release-action@v1 | |
with: | |
allowUpdates: true | |
artifacts: >- | |
dist/*.bz2, | |
dist/*.integrity | |
omitBodyDuringUpdate: true | |
omitNameDuringUpdate: true | |
prerelease: true | |
token: ${{ github.token }} | |
- name: Upload macOS release assets | |
if: matrix.platform == 'darwin' | |
uses: ncipollo/release-action@v1 | |
with: | |
allowUpdates: true | |
artifacts: >- | |
dist/*.dmg, | |
dist/*.zip, | |
dist/*.integrity | |
omitBodyDuringUpdate: true | |
omitNameDuringUpdate: true | |
prerelease: true | |
token: ${{ github.token }} | |
- name: Upload Windows release assets | |
if: matrix.platform == 'win32' | |
uses: ncipollo/release-action@v1 | |
with: | |
allowUpdates: true | |
artifacts: >- | |
dist/*.exe, | |
dist/*.nupkg, | |
dist/*.integrity | |
omitBodyDuringUpdate: true | |
omitNameDuringUpdate: true | |
prerelease: true | |
token: ${{ github.token }} |