-
Notifications
You must be signed in to change notification settings - Fork 0
137 lines (115 loc) · 5.71 KB
/
build.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
# yamllint disable rule:line-length
---
name: package
# yamllint disable-line rule:truthy
on:
push:
tags:
- "v*.*.*"
jobs:
package:
strategy:
matrix:
go-version: [1.20.4]
node-version: [16]
os: [windows-latest, ubuntu-latest, macos-latest]
runs-on: ${{ matrix.os }}
steps:
- name: Install Go
uses: actions/setup-go@v2
with:
go-version: ${{ matrix.go-version }}
- name: Checkout code
uses: actions/checkout@v2
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v3
with:
node-version: ${{ matrix.node-version }}
- name: Install wails
run: go install github.com/wailsapp/wails/v2/cmd/wails@v2.6.0
- name: Build package windows
if: matrix.os == 'windows-latest'
run: |
$GP = (go env GOPATH)
$env:path = "$env:path;$GP\bin"
echo "building on ${{ matrix.os }}"
echo "${{ env.GITHUB_REF }}"
echo "${{ env.GITHUB_HEAD_REF }}"
choco install mingw
wails build -platform windows/amd64 -clean -ldflags "-s -w -X github.com/SafetyCulture/safetyculture-exporter-ui/internal/version.version=${{ github.ref_name }}" -skipbindings
- name: Sign Windows Binary
if: matrix.os == 'windows-latest'
run: |
echo "Creating certificate file"
New-Item -ItemType directory -Path certificate
Set-Content -Path certificate\certificate.txt -Value "${{ secrets.WIN_SIGNING_CERT }}"
certutil -decode certificate\certificate.txt certificate\certificate.pfx
echo "Signing binary"
& "C:/Program Files (x86)/Windows Kits/10/bin/10.0.17763.0/x86/signtool.exe" sign /fd sha256 /tr http://ts.ssl.com /f certificate\certificate.pfx /p "${{ secrets.WIN_SIGNING_CERT_PASSWORD }}" .\build\bin\safetyculture-exporter.exe
Copy-Item -Path .\build\bin\safetyculture-exporter.exe -Destination .\exporter-windows-x86_64.exe
- name: Build and code sign macos binaries
if: matrix.os == 'macos-latest'
env:
MAC_SIGNING_CERT: ${{ secrets.MAC_SIGNING_CERT }}
run: |
echo "Importing certificates"
echo $MAC_SIGNING_CERT | base64 --decode > certificate.p12
security create-keychain -p ${{ secrets.MAC_SIGNING_KEYCHAIN_PWD }} build.keychain
security default-keychain -s build.keychain
security unlock-keychain -p ${{ secrets.MAC_SIGNING_KEYCHAIN_PWD }} build.keychain
security import certificate.p12 -k build.keychain -P ${{ secrets.MAC_SIGNING_CERT_PASSWORD }} -T /usr/bin/codesign
security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k ${{ secrets.MAC_SIGNING_KEYCHAIN_PWD }} build.keychain
export PATH=${PATH}:`go env GOPATH`/bin
echo "Building darwin/arm64"
wails build -platform darwin/arm64 -clean -ldflags "-s -w -X github.com/SafetyCulture/safetyculture-exporter-ui/internal/version.version=${{ github.ref_name }}"
echo "Code signing darwin/arm64"
codesign --force -s "${{ secrets.MAC_SIGNING_CERT_NAME }}" --options runtime ./build/bin/safetyculture-exporter.app -v
echo "Zipping Package"
ditto -c -k --keepParent ./build/bin/safetyculture-exporter.app ./safetyculture-exporter-darwin-arm64.zip
echo "Cleaning up"
rm -rf build/bin/SafetyCulture Exporter.app
echo "Building darwin/amd64"
wails build -platform darwin/amd64 -clean -ldflags "-s -w -X github.com/SafetyCulture/safetyculture-exporter-ui/internal/version.version=${{ github.ref_name }}"
echo "Code signing darwin/amd64"
codesign --force -s "${{ secrets.MAC_SIGNING_CERT_NAME }}" --options runtime ./build/bin/safetyculture-exporter.app -v
echo "Zipping Package"
ditto -c -k --keepParent ./build/bin/safetyculture-exporter.app ./safetyculture-exporter-darwin-amd64.zip
echo "Cleaning up"
rm -rf build/bin/SafetyCulture Exporter.app
echo "${{ secrets.APPSTORE_API_KEY }}" > appstore_api_key.p8
xcrun notarytool submit "safetyculture-exporter-darwin-arm64.zip" --key "appstore_api_key.p8" --key-id "${{ secrets.APPSTORE_API_KEY_ID }}" --issuer "${{ secrets.APPSTORE_API_ISSUER_ID }}" --wait
xcrun notarytool submit "safetyculture-exporter-darwin-amd64.zip" --key "appstore_api_key.p8" --key-id "${{ secrets.APPSTORE_API_KEY_ID }}" --issuer "${{ secrets.APPSTORE_API_ISSUER_ID }}" --wait
- name: Upload artifacts macOS
if: matrix.os == 'macos-latest'
uses: actions/upload-artifact@v2
with:
name: exporter-macos
path: safetyculture-exporter-*.zip
- name: Upload artifacts windows
if: matrix.os == 'windows-latest'
uses: actions/upload-artifact@v2
with:
name: exporter-windows
path: exporter-windows-x86_64.exe
release:
runs-on: ubuntu-latest
needs: package
steps:
- name: Download package windows
uses: actions/download-artifact@v2
with:
name: exporter-windows
- name: Download package macos
uses: actions/download-artifact@v2
with:
name: exporter-macos
- name: Create Release
id: create_release
uses: ncipollo/release-action@v1
with:
token: "${{ secrets.GITHUB_TOKEN }}"
artifacts: "safetyculture-exporter-*.zip,exporter-windows-x86_64.exe"
allowUpdates: true
prerelease: true
draft: true
makeLatest: false