Skip to content

Commit

Permalink
Merge pull request #78 from nextcloud/backport/77/stable23
Browse files Browse the repository at this point in the history
[stable23] Create appstore-build-publish.yml
  • Loading branch information
nickvergessen authored Nov 23, 2021
2 parents a91beb4 + fc5664f commit 8a92882
Show file tree
Hide file tree
Showing 2 changed files with 148 additions and 2 deletions.
146 changes: 146 additions & 0 deletions .github/workflows/appstore-build-publish.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,146 @@
# This workflow is provided via the organization template repository
#
# https://github.com/nextcloud/.github
# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization

name: Build and publish app release

on:
release:
types: [published]

env:
PHP_VERSION: 7.4

jobs:
build_and_publish:
runs-on: ubuntu-latest

# Only allowed to be run on nextcloud-releases repositories
if: ${{ github.repository_owner == 'nextcloud-releases' }}

steps:
- name: Check actor permission
uses: skjnldsv/check-actor-permission@v2
with:
require: admin

- name: Set app env
run: |
# Split and keep last
echo "APP_NAME=${GITHUB_REPOSITORY##*/}" >> $GITHUB_ENV
echo "APP_VERSION=${GITHUB_REF##*/}" >> $GITHUB_ENV
- name: Checkout
uses: actions/checkout@v2
with:
path: ${{ env.APP_NAME }}

- name: Get appinfo data
id: appinfo
uses: skjnldsv/xpath-action@master
with:
filename: ${{ env.APP_NAME }}/appinfo/info.xml
expression: '//info//dependencies//nextcloud/@min-version'

- name: Read package.json node and npm engines version
uses: skjnldsv/[email protected]
id: versions
# Continue if no package.json
continue-on-error: true
with:
path: ${{ env.APP_NAME }}
fallbackNode: '^12'
fallbackNpm: '^6'

- name: Set up node ${{ steps.versions.outputs.nodeVersion }}
# Skip if no package.json
if: ${{ steps.versions.outputs.nodeVersion }}
uses: actions/setup-node@v2
with:
node-version: ${{ steps.versions.outputs.nodeVersion }}

- name: Set up npm ${{ steps.versions.outputs.npmVersion }}
# Skip if no package.json
if: ${{ steps.versions.outputs.npmVersion }}
run: npm i -g npm@"${{ steps.versions.outputs.npmVersion }}"

- name: Set up php ${{ env.PHP_VERSION }}
uses: shivammathur/setup-php@v2
with:
php-version: ${{ env.PHP_VERSION }}
coverage: none

- name: Check composer.json
id: check_composer
uses: andstor/file-existence-action@v1
with:
files: "${{ env.APP_NAME }}/composer.json"

- name: Install composer dependencies
if: steps.check_composer.outputs.files_exists == 'true'
run: |
cd ${{ env.APP_NAME }}
composer install --no-dev
- name: Build ${{ env.APP_NAME }}
# Skip if no package.json
if: ${{ steps.versions.outputs.nodeVersion }}
run: |
cd ${{ env.APP_NAME }}
npm ci
npm run build
- name: Package ${{ env.APP_NAME }} ${{ env.APP_VERSION }}
# Try krankerl, fallback to makefile
run: |
cd ${{ env.APP_NAME }}
krankerl package || make appstore
- name: Checkout server ${{ fromJSON(steps.appinfo.outputs.result).nextcloud.min-version }}
continue-on-error: true
id: server-checkout
run: |
NCVERSION=${{ fromJSON(steps.appinfo.outputs.result).nextcloud.min-version }}
wget --quiet https://download.nextcloud.com/server/releases/latest-$NCVERSION.zip
unzip latest-$NCVERSION.zip
- name: Checkout server master fallback
uses: actions/checkout@v2
if: ${{ steps.server-checkout.outcome != 'success' }}
with:
repository: nextcloud/server
path: nextcloud

- name: Sign app
run: |
# Extracting release
cd ${{ env.APP_NAME }}/build/artifacts
tar -xvf ${{ env.APP_NAME }}.tar.gz
cd ../../../
# Setting up keys
echo "${{ secrets.APP_PRIVATE_KEY }}" > ${{ env.APP_NAME }}.key
wget --quiet "https://github.com/nextcloud/app-certificate-requests/raw/master/${{ env.APP_NAME }}/${{ env.APP_NAME }}.crt"
# Signing
php nextcloud/occ integrity:sign-app --privateKey=../${{ env.APP_NAME }}.key --certificate=../${{ env.APP_NAME }}.crt --path=../${{ env.APP_NAME }}/build/artifacts/${{ env.APP_NAME }}
# Rebuilding archive
cd ${{ env.APP_NAME }}/build/artifacts
tar -zcvf ${{ env.APP_NAME }}.tar.gz ${{ env.APP_NAME }}
- name: Attach tarball to github release
uses: svenstaro/upload-release-action@v2
id: attach_to_release
with:
repo_token: ${{ secrets.GITHUB_TOKEN }}
file: ${{ env.APP_NAME }}/build/artifacts/${{ env.APP_NAME }}.tar.gz
asset_name: ${{ env.APP_NAME }}-${{ env.APP_VERSION }}.tar.gz
tag: ${{ github.ref }}
overwrite: true

- name: Upload app to Nextcloud appstore
uses: nextcloud-releases/nextcloud-appstore-push-action@v1
with:
app_name: ${{ env.APP_NAME }}
appstore_token: ${{ secrets.APPSTORE_TOKEN }}
download_url: ${{ steps.attach_to_release.outputs.browser_download_url }}
app_private_key: ${{ secrets.APP_PRIVATE_KEY }}
4 changes: 2 additions & 2 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -48,10 +48,10 @@ appstore: clean
--certificate=$(cert_dir)/$(app_name).crt\
--path=$(sign_dir)/$(app_name); \
fi
tar -czf $(build_dir)/$(app_name)-$(version).tar.gz \
tar -czf $(build_dir)/$(app_name).tar.gz \
-C $(sign_dir) $(app_name)
@if [ -f $(cert_dir)/$(app_name).key ]; then \
echo "Signing package…"; \
openssl dgst -sha512 -sign $(cert_dir)/$(app_name).key $(build_dir)/$(app_name)-$(version).tar.gz | openssl base64; \
openssl dgst -sha512 -sign $(cert_dir)/$(app_name).key $(build_dir)/$(app_name).tar.gz | openssl base64; \
fi

0 comments on commit 8a92882

Please sign in to comment.