Skip to content

Grant permission for release #27

Grant permission for release

Grant permission for release #27

Workflow file for this run

name: Generate and Release bundled CLI
on:
push:
tags:
- 'v*.*.*'
jobs:
build:
strategy:
matrix:
settings:
- host: macos-12
target: macos-x64
- host: macos-14
target: macos-arm64
- host: windows-2022
target: win-x64
extension: .exe
- host: ubuntu-latest
target: linux-x64
runs-on: ${{ matrix.settings.host }}
name: dev build - ${{ matrix.settings.target }} - node@18
steps:
- uses: actions/checkout@v4
- name: Use Node.js
uses: actions/setup-node@v4
with:
node-version: 18.x
- if: matrix.settings.host == 'macos-14'
run: brew install python-setuptools
- if: matrix.settings.host == 'macos-12'
run: pip install setuptools
- run: yarn
- run: yarn run build
# remove dev dependencies before packaging
- run: yarn workspaces focus --all --production
# package final binaries
- run: |
yarn dlx @yao-pkg/[email protected] . -t node18-${{ matrix.settings.target }} -o bundle/dcli-${{ matrix.settings.target }}${{ matrix.settings.extension }} -C GZip "--public" "--public-packages" "tslib,thirty-two" "--no-bytecode"
- name: Archive binary artifact
uses: actions/upload-artifact@v4
with:
name: dcli-${{ matrix.settings.target }}
path: bundle/dcli-${{ matrix.settings.target }}${{ matrix.settings.extension }}
retention-days: 1
sign:
runs-on: ubuntu-latest
needs: build
steps:
- uses: actions/checkout@v4
- name: Download all artifacts
uses: actions/download-artifact@v4
with:
path: artifacts
- name: List artifacts
run: ls -R artifacts
shell: bash
- name: Sign Artifact with CodeSignTool
uses: sslcom/esigner-codesign@develop
with:
command: sign
username: ${{ secrets.ES_USERNAME }}
password: ${{ secrets.ES_PASSWORD }}
# Credential ID for signing certificate.
credential_id: ${{ secrets.CREDENTIAL_ID }}
# OAuth TOTP Secret (https://www.ssl.com/how-to/automate-esigner-ev-code-signing)
totp_secret: ${{ secrets.ES_TOTP_SECRET }}
# Path of code object to be signed
file_path: artifacts/dcli-win-x64/dcli-win-x64.exe
# Directory where signed code object(s) will be written.
output_path: signed
malware_block: false
environment_name: PROD
- run: mv signed/dcli-win-x64.exe signed/dcli-win-x64-signed.exe
- name: Archive binary artifact
uses: actions/upload-artifact@v4
with:
name: dcli-win-x64-signed
path: signed/dcli-win-x64-signed.exe
retention-days: 1
release:
permissions:
contents: write
runs-on: ubuntu-latest
needs:
- build
- sign
steps:
- uses: actions/checkout@v4
- name: Download all artifacts
uses: actions/download-artifact@v4
with:
path: artifacts
- name: List artifacts
run: ls -R artifacts
shell: bash
- name: Release
uses: softprops/action-gh-release@v2
with:
files: |
artifacts/dcli-linux-x64/dcli-linux-x64
artifacts/dcli-macos-x64/dcli-macos-x64
artifacts/dcli-macos-arm64/dcli-macos-arm64
artifacts/dcli-win-x64/dcli-win-x64.exe
artifacts/dcli-win-x64-signed/dcli-win-x64-signed.exe