Skip to content
release

release #82

Sign in to view logs

release

release #82

Workflow file for this run

.github/workflows/release.yml at 1aa8bf3
name: release
on:
push:
tags:
- v1.*
- v2.*
permissions:
contents: write
jobs:
create-release:
name: Create Release
runs-on: ubuntu-latest
steps:
- name: Create GitHub Release
uses: ncipollo/release-action@v1
with:
allowUpdates: true
omitBody: true
omitBodyDuringUpdate: true
omitNameDuringUpdate: true
prerelease: true
token: ${{ github.token }}
build:
name: Build ${{ matrix.platform }}-${{ matrix.arch }}
needs: create-release
runs-on: ${{ matrix.os }}
environment: release
strategy:
fail-fast: false
matrix:
os:
- ubuntu-20.04
- macos-12
- windows-2019
arch:
- x64
include:
- os: ubuntu-20.04
platform: linux
- os: macos-12
platform: darwin
- os: windows-2019
platform: win32
- os: macos-13
platform: darwin
arch: arm64
- os: windows-2019
platform: win32
arch: ia32
- os: windows-latest
platform: win32
arch: arm64
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: 18
cache: npm
- name: Workaround node-gyp issue 2915
if: matrix.platform == 'darwin'
run: python3 -m pip install setuptools
- name: Install and build dependencies
run: npm clean-install --no-progress
- name: Rebuild native dependencies
run: npm run rebuild -- --force --arch ${{ matrix.arch }}
- name: Setup macOS keychain and signing certificates
if: matrix.platform == 'darwin'
run: |
# Create temporary keychain
security create-keychain -p "$KEYCHAIN_PASS" "$KEYCHAIN"
security set-keychain-settings -lut 3600 "$KEYCHAIN"
security unlock-keychain -p "$KEYCHAIN_PASS" "$KEYCHAIN"
security default-keychain -s "$KEYCHAIN"
# Import signing certificate
echo -n "$SIGN_CERT" | base64 --decode > "${RUNNER_TEMP}/cert.p12"
security import "${RUNNER_TEMP}/cert.p12" -P "$SIGN_CERT_PASS" -T /usr/bin/codesign -k "$KEYCHAIN"
security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k "$KEYCHAIN_PASS" "$KEYCHAIN"
# Import API key for notarization
mkdir -p "$HOME/.private_keys"
echo "$NOTARY_KEY" > "$HOME/.private_keys/AuthKey_${NOTARY_KEY_ID}.p8"
env:
SIGN_CERT: ${{ secrets.MAC_CERT }}
SIGN_CERT_PASS: ${{ secrets.MAC_CERT_PASS }}
KEYCHAIN: ${{ secrets.KEYCHAIN }}
KEYCHAIN_PASS: ${{ secrets.KEYCHAIN_PASS }}
NOTARY_KEY: ${{ secrets.APPLE_API_KEY }}
NOTARY_KEY_ID: ${{ secrets.APPLE_API_KEY_ID }}
- name: Setup Windows signing certificate
if: matrix.platform == 'win32'
run: |
echo -n "$SIGN_CERT_BASE64" | base64 --decode > "${RUNNER_TEMP}/cert.p12"
shell: bash
env:
SIGN_CERT_BASE64: ${{ secrets.WIN_CERT }}
- name: Create production build
run: npm run build
env:
npm_config_arch: ${{ matrix.arch }}
SIGN_CERT: ${{ secrets.MAC_CERT_ID }}
SIGN_KEYCHAIN: ${{ secrets.KEYCHAIN }}
NOTARY_KEY_ID: ${{ secrets.APPLE_API_KEY_ID }}
NOTARY_KEY_ISSUER: ${{ secrets.APPLE_API_KEY_ISSUER }}
- name: Create release assets
run: npm run pack
env:
npm_config_arch: ${{ matrix.arch }}
SIGN_CERT: ${{ runner.temp }}\\cert.p12
SIGN_PASS: ${{ secrets.WIN_CERT_PASS }}
- name: Upload Linux release assets
if: matrix.platform == 'linux'
uses: ncipollo/release-action@v1
with:
allowUpdates: true
artifacts: >-
dist/*.bz2,
dist/*.integrity
omitBodyDuringUpdate: true
omitNameDuringUpdate: true
prerelease: true
token: ${{ github.token }}
- name: Upload macOS release assets
if: matrix.platform == 'darwin'
uses: ncipollo/release-action@v1
with:
allowUpdates: true
artifacts: >-
dist/*.dmg,
dist/*.zip,
dist/*.integrity
omitBodyDuringUpdate: true
omitNameDuringUpdate: true
prerelease: true
token: ${{ github.token }}
- name: Upload Windows release assets
if: matrix.platform == 'win32'
uses: ncipollo/release-action@v1
with:
allowUpdates: true
artifacts: >-
dist/*.exe,
dist/*.nupkg,
dist/*.integrity
omitBodyDuringUpdate: true
omitNameDuringUpdate: true
prerelease: true
token: ${{ github.token }}