chore: activate macos signing #220
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "publish-release" | |
on: | |
push: | |
branches: | |
- main | |
jobs: | |
publish-release: | |
strategy: | |
fail-fast: false | |
matrix: | |
settings: | |
- platform: "macos-latest" | |
args: "--target x86_64-apple-darwin" | |
- platform: "macos-latest" | |
args: "--target aarch64-apple-darwin" | |
- platform: "ubuntu-20.04" | |
args: "--target x86_64-unknown-linux-gnu" | |
- platform: "windows-latest" | |
args: "--target x86_64-pc-windows-msvc" | |
runs-on: ${{ matrix.settings.platform }} | |
steps: | |
- uses: actions/checkout@v4 | |
- name: setup node | |
uses: actions/setup-node@v4 | |
with: | |
node-version: 20 | |
- name: install Rust stable | |
uses: dtolnay/rust-toolchain@stable | |
with: | |
targets: aarch64-apple-darwin | |
- name: install dependencies (ubuntu only) | |
if: matrix.settings.platform == 'ubuntu-20.04' | |
run: | | |
sudo apt-get update | |
sudo apt-get install -y libgtk-3-dev libwebkit2gtk-4.0-dev libappindicator3-dev librsvg2-dev patchelf | |
- uses: Swatinem/rust-cache@v2 | |
with: | |
cache-on-failure: true | |
- name: install frontend dependencies | |
run: yarn install # change this to npm or pnpm depending on which one you use | |
#- name: import windows certificate | |
# if: matrix.settings.platform == 'windows-latest' | |
# env: | |
# WINDOWS_CERTIFICATE: ${{ secrets.WINDOWS_CERTIFICATE }} | |
# WINDOWS_CERTIFICATE_PASSWORD: ${{ secrets.WINDOWS_CERTIFICATE_PASSWORD }} | |
# run: | | |
# New-Item -ItemType directory -Path certificate | |
# Set-Content -Path certificate/tempCert.txt -Value $env:WINDOWS_CERTIFICATE | |
# certutil -decode certificate/tempCert.txt certificate/certificate.pfx | |
# Remove-Item -path certificate -include tempCert.txt | |
# Import-PfxCertificate -FilePath certificate/certificate.pfx -CertStoreLocation Cert:\CurrentUser\My -Password (ConvertTo-SecureString -String $env:WINDOWS_CERTIFICATE_PASSWORD -Force -AsPlainText) | |
# If tagName and releaseId are omitted tauri-action will only build the app and won't try to upload any assets. | |
- uses: tauri-apps/tauri-action@v0 | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
TAURI_PRIVATE_KEY: ${{ secrets.TAURI_PRIVATE_KEY }} | |
TAURI_KEY_PASSWORD: ${{ secrets.TAURI_KEY_PASSWORD }} | |
APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }} | |
APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }} | |
APPLE_SIGNING_IDENTITY: ${{ secrets.APPLE_SIGNING_IDENTITY }} | |
APPLE_ID: ${{ secrets.APPLE_ID }} | |
APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }} | |
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} | |
APPLE_API_ISSUER: ${{ secrets.APPLE_API_ISSUER }} | |
APPLE_API_KEY: ${{ secrets.APPLE_API_KEY }} | |
APPLE_API_KEY_PATH: ${{ secrets.APPLE_API_KEY_PATH }} | |
with: | |
tagName: app-v__VERSION__ # the action automatically replaces \_\_VERSION\_\_ with the app version | |
releaseName: "App v__VERSION__" | |
releaseBody: "See the assets to download this version and install." | |
releaseDraft: true | |
prerelease: false | |
args: ${{ matrix.settings.args}} |