Skip to content

Release 1.2.3

Release 1.2.3 #419

name: Build & Release
on:
push:
tags:
- '**'
branches:
- refactor/refactor-base #remove this once rebuild is merged
pull_request:
branches:
- '**'
concurrency:
# SHA is added to the end if on `main` to let all main workflows run
group: ${{ github.ref }}-${{ github.workflow }}-${{ github.event_name }}-${{ github.ref == 'refs/heads/main' && github.sha || '' }}
cancel-in-progress: true
permissions:
id-token: write
contents: write
env:
APP_NAME: climate-tokenization-engine-ui
jobs:
build_mac:
name: Build Mac Installer
runs-on: macos-latest
steps:
- uses: Chia-Network/actions/clean-workspace@main
- name: Checkout Code
uses: actions/checkout@v4
- name: Setup Node 20
uses: actions/setup-node@v4
with:
node-version: '20.10'
- name: Install Husky
run: npm install --save-dev husky
- name: install dmg-license
run: npm i dmg-license
- name: npm install
run: |
npm install
- name: Test for secrets access
id: check_secrets
shell: bash
run: |
unset HAS_SIGNING_SECRET
if [ -n "$SIGNING_SECRET" ]; then HAS_SIGNING_SECRET='true' ; fi
echo "HAS_SIGNING_SECRET=${HAS_SIGNING_SECRET}" >> "$GITHUB_OUTPUT"
env:
SIGNING_SECRET: "${{ secrets.SM_CLIENT_CERT_FILE_B64 }}"
- name: Import Apple installer signing certificate
if: steps.check_secrets.outputs.HAS_SIGNING_SECRET
uses: Apple-Actions/import-codesign-certs@v3
with:
p12-file-base64: ${{ secrets.APPLE_DEV_ID_APP }}
p12-password: ${{ secrets.APPLE_DEV_ID_APP_PASS }}
- name: Build electron app
env:
CSC_FOR_PULL_REQUEST: "true"
run: npm run electron:package:mac
- name: Notarize
if: steps.check_secrets.outputs.HAS_SIGNING_SECRET
run: |
DMG_FILE=$(find ${{ github.workspace }}/dist/ -type f -name '*.dmg')
xcrun notarytool submit \
--wait \
--apple-id "${{ secrets.APPLE_NOTARIZE_USERNAME }}" \
--password "${{ secrets.APPLE_NOTARIZE_PASSWORD }}" \
--team-id "${{ secrets.APPLE_TEAM_ID }}" \
"$DMG_FILE"
- name: Upload Mac Installer
uses: actions/upload-artifact@v4
with:
name: ${{ env.APP_NAME }}-mac-installer
path: ${{ github.workspace }}/dist/*.dmg
build_windows:
name: Build Windows Installer
runs-on: windows-2019
steps:
- name: Checkout Code
uses: actions/checkout@v4
- name: Setup Node 20.10
uses: actions/setup-node@v4
with:
node-version: '20.10'
- name: Install Husky
run: npm install --save-dev husky
- name: Ignore Husky where not compatible
run: npm pkg delete scripts.prepare
- name: npm install
run: |
node --version
npm install
- name: Build electron app
run: npm run electron:package:win
- name: Test for secrets access
id: check_secrets
shell: bash
run: |
unset HAS_SIGNING_SECRET
if [ -n "$SIGNING_SECRET" ]; then HAS_SIGNING_SECRET='true' ; fi
echo "HAS_SIGNING_SECRET=${HAS_SIGNING_SECRET}" >> "$GITHUB_OUTPUT"
env:
SIGNING_SECRET: "${{ secrets.SM_CLIENT_CERT_FILE_B64 }}"
# Windows Code Signing
- name: Get installer name for signing
shell: bash
run: |
FILE=$(find dist -type f -maxdepth 1 -name '*.exe')
echo "Installer file is $FILE"
echo "INSTALLER_FILE=$FILE" >> "$GITHUB_ENV"
- name: Sign windows artifacts
if: steps.check_secrets.outputs.HAS_SIGNING_SECRET
uses: chia-network/actions/digicert/windows-sign@main
with:
sm_api_key: ${{ secrets.SM_API_KEY }}
sm_client_cert_file_b64: ${{ secrets.SM_CLIENT_CERT_FILE_B64 }}
sm_client_cert_password: ${{ secrets.SM_CLIENT_CERT_PASSWORD }}
sm_code_signing_cert_sha1_hash: ${{ secrets.SM_CODE_SIGNING_CERT_SHA1_HASH }}
file: "${{ github.workspace }}/${{ env.INSTALLER_FILE }}"
- name: Upload Windows Installer
uses: actions/upload-artifact@v4
with:
name: ${{ env.APP_NAME }}-windows-installer
path: "${{ github.workspace }}/${{ env.INSTALLER_FILE }}"
build_linux:
name: Build Linux Installer
runs-on: ubuntu-latest
steps:
- name: Checkout Code
uses: actions/checkout@v4
- name: Setup Node 20.10
uses: actions/setup-node@v4
with:
node-version: '20.10'
- name: Install Husky
run: npm install --save-dev husky
- name: npm install
run: |
node --version
npm install
- name: Build electron app
run: npm run electron:package:linux
- name: Rename Linux installer to be standard format for apt
run: |
ORIGINAL=$(ls dist/*.deb)
MODIFIED=${ORIGINAL:0:-10}-1${ORIGINAL#${ORIGINAL:0:-10}}
mv $ORIGINAL $MODIFIED
- name: Upload Linux Installer
uses: actions/upload-artifact@v4
with:
name: ${{ env.APP_NAME }}-linux-installer
path: ${{ github.workspace }}/dist/*.deb
build_web:
name: Build Web App
runs-on: ubuntu-latest
steps:
- name: Checkout Code
uses: actions/checkout@v4
- name: Setup Node 20.10
uses: actions/setup-node@v4
with:
node-version: '20.10'
- name: Install Husky
run: npm install --save-dev husky
- name: npm install and build
run: |
node --version
npm install
npm run web-build
- name: Create .tar.gz of the web build
run: tar -cvzf ${{ env.APP_NAME }}-web-build.tar.gz build
- name: Upload build artifact
uses: actions/upload-artifact@v4
with:
name: ${{ env.APP_NAME }}-web-build
path: ${{ env.APP_NAME }}-web-build.tar.gz
release:
runs-on: ubuntu-latest
if: startsWith(github.ref, 'refs/tags/')
needs:
- build_mac
- build_windows
- build_linux
- build_web
steps:
- name: Download Windows artifacts
uses: actions/download-artifact@v4
with:
name: ${{ env.APP_NAME }}-windows-installer
path: ${{ env.APP_NAME }}-windows-installer
- name: Download MacOS artifacts
uses: actions/download-artifact@v4
with:
name: ${{ env.APP_NAME }}-mac-installer
path: ${{ env.APP_NAME }}-mac-installer
- name: Download Linux artifacts
uses: actions/download-artifact@v4
with:
name: ${{ env.APP_NAME }}-linux-installer
path: ${{ env.APP_NAME }}-linux-installer
- name: Download Web artifact
uses: actions/download-artifact@v4
with:
name: ${{ env.APP_NAME }}-web-build
path: ${{ env.APP_NAME }}-web-build
- name: Get Filenames
run: |
DMG_FILE=$(find ${{ github.workspace }}/${{ env.APP_NAME }}-mac-installer/ -type f -name '*.dmg')
DEB_FILE=$(find ${{ github.workspace }}/${{ env.APP_NAME }}-linux-installer/ -type f -name '*.deb')
EXE_FILE=$(find ${{ github.workspace }}/${{ env.APP_NAME }}-windows-installer/ -type f -name '*.exe')
WEB_FILE=$(find ${{ github.workspace }}/${{ env.APP_NAME }}-web-build/ -type f -name '*.tar.gz')
echo "DMG_FILE=$DMG_FILE" >>$GITHUB_ENV
echo "DEB_FILE=$DEB_FILE" >>$GITHUB_ENV
echo "EXE_FILE=$EXE_FILE" >>$GITHUB_ENV
echo "WEB_FILE=$WEB_FILE" >>$GITHUB_ENV
- name: Release
uses: softprops/[email protected]
with:
files: |
${{ env.DMG_FILE }}
${{ env.DEB_FILE }}
${{ env.EXE_FILE }}
${{ env.WEB_FILE }}
- name: Get repo name
id: repo-name
run: |
echo "REPO_NAME=$(echo "$GITHUB_REPOSITORY" | cut -d "/" -f 2)" >>$GITHUB_OUTPUT
- name: Get tag name
id: tag-name
run: |
echo "TAGNAME=$(echo $GITHUB_REF | cut -d / -f 3)" >>$GITHUB_OUTPUT
- name: Gets JWT Token from GitHub
uses: Chia-Network/actions/github/jwt@main
- name: Trigger apt repo update
uses: Chia-Network/actions/github/glue@main
with:
json_data: '{"climate_tokenization_repo":"${{ steps.repo-name.outputs.REPO_NAME }}","application_name":"[\"${{ env.APP_NAME }}\"]","release_version":"${{ steps.tag-name.outputs.TAGNAME }}","add_debian_version":"true","arm64":"available"}'
glue_url: ${{ secrets.GLUE_API_URL }}
glue_project: "climate-tokenization"
glue_path: "trigger"