Skip to content

BUILD_ON_DEMAND

BUILD_ON_DEMAND #277

name: BUILD_ON_DEMAND
on:
workflow_dispatch:
inputs:
buildName:
description: 'Name of the build'
required: true
linkedDependencies:
description: 'Dependencies to link from GitHub (format: bpmn-js#develop,dmn-js#9.0.0)'
default: ''
jobs:
Build:
strategy:
matrix:
os: [ windows-2022 ]
runs-on: ${{ matrix.os }}
env:
ON_DEMAND: true
steps:
- name: Build distro (Linux)
if: ${{ runner.OS == 'Linux' }}
env:
BUILD_NAME: "${{ github.event.inputs.buildName }}"
AWS_ACCESS_KEY_ID: "${{ secrets.AWS_ON_DEMAND_ACCESS_KEY_ID }}"
AWS_SECRET_ACCESS_KEY: "${{ secrets.AWS_ON_DEMAND_SECRET_ACCESS_KEY }}"
AWS_REGION: "${{ secrets.AWS_ON_DEMAND_REGION }}"
AWS_BUCKET: "${{ secrets.AWS_ON_DEMAND_BUCKET }}"
CSC_LINK: "${{ secrets.CSC_LINK }}"
CSC_KEY_PASSWORD: "${{ secrets.CSC_KEY_PASSWORD }}"
run: npm run build -- --linux --publish --on-demand
- name: Build distro (MacOS)
if: ${{ runner.os == 'macOS' }}
env:
BUILD_NAME: "${{ github.event.inputs.buildName }}"
AWS_ACCESS_KEY_ID: "${{ secrets.AWS_ON_DEMAND_ACCESS_KEY_ID }}"
AWS_SECRET_ACCESS_KEY: "${{ secrets.AWS_ON_DEMAND_SECRET_ACCESS_KEY }}"
AWS_REGION: "${{ secrets.AWS_ON_DEMAND_REGION }}"
AWS_BUCKET: "${{ secrets.AWS_ON_DEMAND_BUCKET }}"
APPLE_DEVELOPER_ID: "${{ secrets.APPLE_DEVELOPER_ID }}"
APPLE_DEVELOPER_ID_PASSWORD: "${{ secrets.APPLE_DEVELOPER_ID_PASSWORD }}"
APPLE_TEAM_ID: "${{ secrets.APPLE_TEAM_ID }}"
CSC_LINK: "${{ secrets.CSC_LINK }}"
CSC_KEY_PASSWORD: "${{ secrets.CSC_KEY_PASSWORD }}"
run: npm run build -- --mac --publish --on-demand
- name: Import Secrets (Windows)
id: windows-secrets
uses: hashicorp/vault-action@v3.0.0
if: ${{ runner.os == 'Windows' }}
with:
url: ${{ secrets.VAULT_ADDR }}
method: approle
roleId: ${{ secrets.VAULT_ROLE_ID }}
secretId: ${{ secrets.VAULT_SECRET_ID }}
exportEnv: false
secrets: |
secret/data/products/desktop-modeler/ci/certificates CSC_CERT_WIN;
- name: Display if private
env:
CSC_LINK: "${{ steps.windows-secrets.outputs.CSC_CERT_WIN }}"
CSC_KEY_PASSWORD: "${{ secrets.WIN_CSC_KEY_PASSWORD }}"
run: |
echo "$CSC_LINK" | base64 -i -d > temp.crt
openssl x509 -passin "pass:$CSC_KEY_PASSWORD" -in temp.crt -noout -text | grep "Private Key"
rm temp.crt