Release desktop wallet #78
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release desktop wallet | |
| on: | |
| push: | |
| tags: ['alephium-desktop-wallet@[0-9]+.[0-9]+.[0-9]+*'] | |
| jobs: | |
| release-desktop-wallet-unix: | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| matrix: | |
| os: [macos-latest, ubuntu-latest, windows-latest] | |
| steps: | |
| - name: Check out Git repository | |
| uses: actions/checkout@v3 | |
| - name: Install pnpm package manager | |
| uses: pnpm/action-setup@v2 | |
| with: | |
| version: 8 | |
| - name: Install NPM dependencies | |
| run: pnpm install | |
| - name: Prepare for app notarization | |
| if: startsWith(matrix.os, 'macos') | |
| run: | | |
| mkdir -p ~/private_keys/ | |
| echo '${{ secrets.api_key }}' > ~/private_keys/AuthKey_${{ secrets.api_key_id }}.p8 | |
| echo '${{ secrets.mac_certs }}' | base64 -d > applecert.p12 | |
| - name: Get build command arguments | |
| id: get-args | |
| run: | | |
| args=$(if ${{ startsWith(matrix.os, 'macos') }}; then echo '--mac --universal'; else echo ''; fi) | |
| args=$(if ${{ startsWith(matrix.os, 'windows') }}; then echo '-w'; else echo $args; fi) | |
| args=$(if ${{ startsWith(matrix.os, 'ubuntu') }}; then echo '-l'; else echo $args; fi) | |
| echo "args=$args" >> $GITHUB_OUTPUT | |
| shell: bash | |
| - name: Install Snapcraft | |
| uses: samuelmeuli/action-snapcraft@v1 | |
| if: startsWith(matrix.os, 'ubuntu') | |
| - name: Build & release Electron app | |
| uses: nop33/[email protected] | |
| if: ${{ startsWith(github.ref, 'refs/tags/alephium-desktop-wallet@') }} | |
| with: | |
| package_root: 'apps/desktop-wallet' | |
| is_monorepo: true | |
| build_script_name: 'ci:build' | |
| args: ${{ steps.get-args.outputs.args }} | |
| github_token: ${{ secrets.github_token }} | |
| release: ${{ startsWith(github.ref, 'refs/tags/alephium-desktop-wallet@') }} | |
| mac_certs: ${{ secrets.MAC_CERTS }} | |
| mac_certs_password: ${{ secrets.MAC_CERTS_PASSWORD }} | |
| env: | |
| APPLE_ID: ${{ secrets.APPLE_ID }} | |
| APPLE_ID_PASSWORD: ${{ secrets.APPLE_APP_SPECIFIC_PASSWORD }} | |
| APPLEID: ${{ secrets.APPLE_ID }} | |
| APPLEIDPASS: ${{ secrets.APPLE_APP_SPECIFIC_PASSWORD }} | |
| SNAPCRAFT_STORE_CREDENTIALS: ${{ secrets.SNAPCRAFT_TOKEN }} | |
| - name: Create Artifacts Directory | |
| if: startsWith(matrix.os, 'windows') | |
| shell: bash | |
| run: | | |
| mkdir ${GITHUB_WORKSPACE}/artifacts | |
| - name: Find Alephuim-*.exe file | |
| if: startsWith(matrix.os, 'windows') | |
| id: get-exefile | |
| run: echo "exefile=$(find . -name 'Alephium-*.exe')" >> $GITHUB_OUTPUT | |
| shell: bash | |
| - name: Sign Artifact with CodeSignTool | |
| uses: sslcom/esigner-codesign@develop | |
| if: startsWith(matrix.os, 'windows') | |
| with: | |
| command: sign | |
| username: ${{ secrets.ES_USERNAME }} | |
| password: ${{ secrets.ES_PASSWORD }} | |
| credential_id: ${{ secrets.CREDENTIAL_ID }} | |
| totp_secret: ${{ secrets.ES_TOTP_SECRET }} | |
| file_path: ${{ steps.get-exefile.outputs.exefile }} | |
| output_path: ${GITHUB_WORKSPACE}/artifacts | |
| malware_block: false | |
| environment_name: PROD | |
| - name: Find Alephium-*.exe signed file | |
| if: startsWith(matrix.os, 'windows') | |
| id: get-signedfile | |
| run: | | |
| echo "file=$(find ${GITHUB_WORKSPACE}/artifacts -name 'Alephium-*.exe')" >> $GITHUB_OUTPUT | |
| echo "filename=$(find ${GITHUB_WORKSPACE}/artifacts -name 'Alephium-*.exe' | xargs basename)" >> $GITHUB_OUTPUT | |
| shell: bash | |
| - name: Upload Signed Alephuim-*.exe | |
| uses: actions/upload-artifact@v2 | |
| if: startsWith(matrix.os, 'windows') | |
| with: | |
| name: signed-${{ steps.get-signedfile.outputs.filename }} | |
| path: ${{ steps.get-signedfile.outputs.file }} |