Skip to content
Release

Merge pull request #1292 from keyboardio/dependabot/npm_and_yarn/semv… #241

Sign in to view logs

Merge pull request #1292 from keyboardio/dependabot/npm_and_yarn/semv…

Merge pull request #1292 from keyboardio/dependabot/npm_and_yarn/semv… #241

Workflow file for this run

.github/workflows/build.yml at ebc44e2
name: Release
on:
push:
branches:
- 'master'
jobs:
release:
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [macos-latest, ubuntu-latest, windows-latest]
steps:
- name: Check out Git repository
uses: actions/checkout@v3
- name: Install Node.js, NPM and Yarn
uses: actions/setup-node@v3
with:
node-version: 16
- name: Set snapshot version
shell: bash
run: echo "PACKAGE_VERSION=`npm pkg get version|tr -d '\"'`" >> $GITHUB_ENV
- name: Cancel job if the package version doesn't match "-snapshot$"
uses: andymckay/[email protected]
# We only want to build master if we have a snapshot version
# ..otherwise, building main will clobber releases...sometimes
# due to a race condition.
if: ${{ !endsWith( env.PACKAGE_VERSION, '-snapshot') }}
- name: Install windows certificates
if: matrix.os == 'windows-latest'
env:
CERT_FILE: ${{ secrets.WIN_CERT }}
shell: bash
run: |
echo "$CERT_FILE" > "./cert-b64.pfx"
certutil -decode "./cert-b64.pfx" "cert.pfx"
ls -al
- name: Install the Apple certificate and provisioning profile
if: matrix.os == 'macos-latest'
env:
BUILD_CERTIFICATE_BASE64: ${{ secrets.mac_certs }}
P12_PASSWORD: ${{ secrets.mac_certs_password }}
KEYCHAIN_PASSWORD: ${{ secrets.mac_certs_password }}
run: |
# create variables
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
PP_PATH=$RUNNER_TEMP/build_pp.mobileprovision
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
# import certificate and provisioning profile from secrets
echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode -o $CERTIFICATE_PATH
echo -n "$BUILD_PROVISION_PROFILE_BASE64" | base64 --decode -o $PP_PATH
# create temporary keychain
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
# import certificate to keychain
security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
security list-keychain -d user -s $KEYCHAIN_PATH
- name: Install udev-dev
run: sudo apt update && sudo apt install libudev-dev
if: runner.os == 'Linux'
- name: Set up yarn network timeout
run: yarn config set network-timeout 1000000 -g
- name: Install Yarn dependencies
shell: bash
env:
YARN_GPG: no
GITHUB_RUN_NUMBER: ${{ github.run_number }}
run: yarn
- name: Release (macos)
if: matrix.os == 'macos-latest'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
APPLE_ID: ${{ secrets.APPLE_ID }}
APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
run: yarn run make --arch=universal
- name: Release (non-macos)
shell: bash
if: matrix.os != 'macos-latest'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
WINDOWS_CERTIFICATE_PASSWORD: ${{ secrets.win_cert_password }}
run: yarn run make
- name: Generate latest.yml upgrade files
shell: bash
run: |
find out
mkdir out/artifacts
find out/make/zip -name \*.zip -exec cp {} out/artifacts \;
find out/make -name \*.dmg -exec cp {} out/artifacts \;
find out/make -name \*.AppImage -exec cp {} out/artifacts \;
cd out/artifacts
# rename our artifacts to "-snapshot"
# for i in ./*.* ; do mv "$i" "${i/`npm pkg get version|tr -d '\"'`/snapshot}" ; done
node ../../tools/generate-latest.js
- name: Upload latest.yml upgrade files
uses: svenstaro/upload-release-action@v2
with:
repo_token: ${{ secrets.GITHUB_TOKEN }}
file: out/artifacts/*.{zip,dmg,AppImage,yml}
tag: v${{ env.PACKAGE_VERSION }}
file_glob: true
prerelease: true
overwrite: true