Refactor #37
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: release-desktop-app | |
on: | |
push: | |
tags: | |
- "v*.*.*" | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Check out code | |
uses: actions/checkout@v4 | |
- uses: pnpm/action-setup@v4 | |
with: | |
version: 9.9.0 | |
- name: Cache turbo build | |
uses: actions/cache@v4 | |
with: | |
path: .turbo | |
key: turbo-${{ github.sha }} | |
restore-keys: | | |
turbo- | |
- name: Setup Node.js environment | |
uses: actions/setup-node@v4 | |
with: | |
node-version: 20.18.0 | |
cache: "pnpm" | |
- name: Install dependencies | |
run: pnpm install | |
- name: Build project | |
working-directory: apps/desktop | |
run: pnpm turbo build | |
create-draft-release: | |
runs-on: ubuntu-latest | |
needs: build | |
environment: "Production – umami-v2" | |
permissions: | |
contents: write | |
issues: write | |
steps: | |
- name: Check out code | |
uses: actions/checkout@v4 | |
- name: Create Draft Release for ${{ github.ref_name }} | |
run: gh release create ${{ github.ref_name }} --draft --title "${{ github.ref_name }}" --generate-notes | |
env: | |
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
create-release-linux: | |
runs-on: ubuntu-22.04 | |
needs: [build, create-draft-release] | |
permissions: | |
contents: write | |
environment: "Production – umami-v2" | |
steps: | |
- name: Check out code | |
uses: actions/checkout@v4 | |
- uses: pnpm/action-setup@v4 | |
with: | |
version: 9.9.0 | |
- name: Setup Node.js environment | |
uses: actions/setup-node@v4 | |
with: | |
node-version: 20.18.0 | |
cache: "pnpm" | |
- name: Install dependencies | |
run: pnpm install | |
- name: Cache turbo build | |
uses: actions/cache@v4 | |
with: | |
path: .turbo | |
key: turbo-${{ github.sha }} | |
restore-keys: | | |
turbo- | |
- name: Build project | |
working-directory: apps/desktop | |
run: pnpm turbo build | |
- name: Import GPG key | |
uses: crazy-max/ghaction-import-gpg@v6 | |
with: | |
gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} | |
passphrase: ${{ secrets.GPG_PASSPHRASE }} | |
fingerprint: ${{ secrets.GPG_KEY_ID }} | |
git_user_signingkey: true | |
- name: Generate deb and rpm files | |
working-directory: apps/desktop | |
env: | |
CI: false | |
run: pnpm electron:package:linux -p never | |
- name: Sign the deb and rpm files using dpkg-sig and rpm-sign | |
working-directory: apps/desktop | |
run: | | |
sudo apt update | |
sudo apt install -y dpkg-sig | |
dpkg-sig --sign builder -k ${{ secrets.GPG_KEY_ID }} ./dist/*.deb | |
echo "%_gpg_name ${{ secrets.GPG_KEY_ID }}" > ~/.rpmmacros | |
rpm --addsign ./dist/*.rpm | |
- name: Upload deb and rpm files | |
working-directory: apps/desktop | |
env: | |
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run: gh release upload ${{ github.ref_name }} ./dist/*.deb ./dist/*.rpm | |
create-release-mac: | |
runs-on: macos-latest | |
needs: [build, create-draft-release] | |
environment: "Production – umami-v2" | |
permissions: | |
contents: write | |
steps: | |
- name: Check out code | |
uses: actions/checkout@v4 | |
- uses: pnpm/action-setup@v4 | |
with: | |
version: 9.9.0 | |
- name: Setup Python version | |
uses: actions/setup-python@v5 | |
with: | |
python-version: 3.11 | |
- name: Setup Node.js environment | |
uses: actions/setup-node@v4 | |
with: | |
node-version: 20.18.0 | |
cache: "pnpm" | |
- name: Install dependencies | |
run: pnpm install | |
- name: Cache turbo build | |
uses: actions/cache@v4 | |
with: | |
path: .turbo | |
key: turbo-${{ github.sha }} | |
restore-keys: | | |
turbo- | |
- name: Build project | |
working-directory: apps/desktop | |
run: pnpm turbo build | |
- name: Build and sign mac app | |
working-directory: apps/desktop | |
env: | |
CI: true | |
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
CSC_LINK: ${{ secrets.CSC_LINK }} | |
CSC_KEY_PASSWORD: ${{ secrets.CSC_KEY_PASSWORD }} | |
APPLE_ID: ${{ secrets.APPLE_ID }} | |
APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.APPLE_APP_SPECIFIC_PASSWORD }} | |
run: pnpm run electron:package:mac | |
cleanup-cache: | |
runs-on: ubuntu-latest | |
if: always() | |
needs: [create-release-linux, create-release-mac] | |
steps: | |
- name: Check out the code | |
uses: actions/checkout@v4 | |
- name: Cleanup cache | |
env: | |
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run: gh cache delete turbo-${{ github.sha }} |