-
Notifications
You must be signed in to change notification settings - Fork 0
85 lines (74 loc) · 3.29 KB
/
publish.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
# This workflow will do a clean installation of node dependencies, cache/restore them, build the source code and run tests across different versions of node
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-nodejs
name: Build Electron App
on:
workflow_dispatch:
push:
tags: '*'
jobs:
build:
strategy:
matrix:
os: [macos-latest, windows-latest]
runs-on: ${{ matrix.os }}
permissions:
contents: write
repository-projects: write
steps:
# https://github.com/electron/forge/issues/2807
- run: python3 -m pip install setuptools
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: '20'
cache: 'npm'
- name: Install dependencies
run: npm ci
- name: Install the Apple certificate and api key
if: ${{ runner.os == 'macOS' }}
env:
BUILD_CERTIFICATE_BASE64: ${{ secrets.BUILD_CERTIFICATE_BASE64 }}
P12_PASSWORD: ${{ secrets.P12_PASSWORD }}
API_KEY_BASE64: ${{ secrets.API_KEY_BASE64 }}
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
run: |
# create variables
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
API_KEY_PATH=$RUNNER_TEMP/auth_key.p8
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
# import certificate and api key from secrets
echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode -o $CERTIFICATE_PATH
echo -n "$API_KEY_BASE64" | base64 --decode -o $API_KEY_PATH
echo "APPLE_API_KEY=$API_KEY_PATH" >> "$GITHUB_ENV"
# create temporary keychain
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
# import certificate to keychain
security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
security set-key-partition-list -S apple-tool:,apple: -k "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security list-keychain -d user -s $KEYCHAIN_PATH
- name: Package and publish
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
APPLE_ID: ${{ secrets.APPLE_ID }}
APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }}
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
APPLE_API_KEY_ID: ${{ secrets.APPLE_API_KEY_ID }}
APPLE_API_ISSUER: ${{ secrets.APPLE_API_ISSUER }}
run: npm run publish
- name: Upload to Cloud Storage
if: ${{ startsWith(github.ref, 'refs/tags/') }}
run: |
VERSION=$(node -p "require('./package.json').version")
echo "Current version: $VERSION"
npm i ali-oss
node ./scripts/upload-oss.js
env:
ALI_OSS_REGION: ${{ vars.dev.ALI_OSS_REGION }}
ALI_OSS_ACCESS_KEY_ID: ${{ secrets.ALI_OSS_ACCESS_KEY_ID }}
ALI_OSS_ACCESS_KEY_SECRET: ${{ secrets.ALI_OSS_ACCESS_KEY_SECRET }}
ALI_OSS_BUCKET: ${{ vars.dev.ALI_OSS_BUCKET }}
ALI_OSS_ENDPOINT: ${{ vars.dev.ALI_OSS_ENDPOINT }}
ALI_OSS_RELEASE_PATH: ${{ vars.dev.ALI_OSS_RELEASE_PATH }}
shell: bash