-
Notifications
You must be signed in to change notification settings - Fork 3
124 lines (107 loc) · 4.15 KB
/
release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
name: Build & release chat
on:
push:
branches: [main]
workflow_dispatch:
inputs:
release:
description: "create a new release"
required: true
default: false
type: boolean
jobs:
build:
runs-on: macos-latest
environment: release-chat
steps:
- uses: actions/checkout@v4
- name: Get version from Cargo.toml
id: get_version
run: |
VERSION=$(grep '^version =' chat/Cargo.toml | sed 's/.*= "\(.*\)"/\1/')
echo "VERSION=$VERSION" >> $GITHUB_OUTPUT
- name: Setup rust
uses: dtolnay/rust-toolchain@master
with:
toolchain: nightly-2024-09-28
- name: Install deps
run: |
brew install create-dmg
cargo install cargo-bundle
- name: Bundle app
run: cargo bundle --release
- name: Install the Apple certificate
env:
APPLE_DID_CERTIFICATE_BASE64: ${{ secrets.APPLE_DID_CERTIFICATE_BASE64 }}
APPLE_DID_CERTIFICATE_PWD: ${{ secrets.APPLE_DID_CERTIFICATE_PWD }}
run: |
echo "Decoding certificate..."
echo $APPLE_DID_CERTIFICATE_BASE64 | base64 --decode > certificate.p12
echo "Creating keychain..."
security create-keychain -p "pwd" parcnet-chat-codesign.keychain
echo "Setting default keychain..."
security default-keychain -s parcnet-chat-codesign.keychain
echo "Unlocking keychain..."
security unlock-keychain -p "pwd" parcnet-chat-codesign.keychain
echo "Importing certificate..."
security import certificate.p12 -k parcnet-chat-codesign.keychain -P $APPLE_DID_CERTIFICATE_PWD -T /usr/bin/codesign
echo "Setting key partition list..."
security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k "pwd" parcnet-chat-codesign.keychain
echo "Certificate installation complete."
- name: Codesign app
run: |
codesign --sign "Developer ID Application: Small Brain Engineering, Inc (D7642W43D2)" --keychain parcnet-chat-codesign.keychain --force --options runtime --timestamp target/release/bundle/osx/chat.app
- name: Create dmg
run: |
create-dmg \
--volname "chat" \
"chat.dmg" \
"target/release/bundle/osx/chat.app"
- name: Codesign dmg
run: |
codesign --sign "Developer ID Application: Small Brain Engineering, Inc (D7642W43D2)" --keychain parcnet-chat-codesign.keychain --force --options runtime --timestamp chat.dmg
- name: Upload dmg
uses: actions/upload-artifact@v4
with:
name: chat-dmg
path: chat.dmg
release:
needs: build
environment: release-chat
if: github.event.inputs.release == 'true'
runs-on: macos-latest
steps:
- uses: actions/checkout@v4
- name: Get version from Cargo.toml
id: get_version
run: |
VERSION=$(grep '^version =' chat/Cargo.toml | sed 's/.*= "\(.*\)"/\1/')
echo "VERSION=$VERSION" >> $GITHUB_OUTPUT
- name: Download dmg
uses: actions/download-artifact@v4
with:
name: chat-dmg
- name: Notarize
env:
APPLECONNECT_KEY: ${{ secrets.APPLECONNECT_KEY }}
run: |
cargo install apple-codesign
echo "$APPLECONNECT_KEY" > key.json
rcodesign notary-submit --wait --max-wait-seconds 86400 --staple --api-key-path key.json chat.dmg
rm key.json
- name: Generate release notes
run: |
echo "Release notes for version ${{ steps.get_version.outputs.VERSION }}" > RELEASE_NOTES.md
echo "Changelog:" >> RELEASE_NOTES.md
git log $(git describe --tags --abbrev=0)..HEAD --pretty=format:"%s" >> RELEASE_NOTES.md
- name: Create gh release
uses: softprops/action-gh-release@v2
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: v${{ steps.get_version.outputs.VERSION }}
name: Release ${{ steps.get_version.outputs.VERSION }}
body_path: RELEASE_NOTES.md
draft: false
prerelease: false
files: chat.dmg