mirror of
https://github.com/memohai/Memoh.git
synced 2026-04-25 07:00:48 +09:00
Acbox
250 lines
7.8 KiB
YAML
250 lines
7.8 KiB
YAML
name: Release
|
|
|
|
on:
|
|
push:
|
|
tags:
|
|
- "v*"
|
|
workflow_dispatch:
|
|
inputs:
|
|
tag_name:
|
|
description: "Existing release tag to rebuild, e.g. v0.7.0"
|
|
required: true
|
|
|
|
permissions:
|
|
contents: write
|
|
|
|
concurrency:
|
|
group: ${{ github.workflow }}-${{ github.event.inputs.tag_name || github.ref_name }}
|
|
cancel-in-progress: false
|
|
|
|
env:
|
|
RELEASE_TAG: ${{ github.event.inputs.tag_name || github.ref_name }}
|
|
|
|
jobs:
|
|
changelog:
|
|
name: Generate changelog
|
|
runs-on: ubuntu-latest
|
|
if: github.event_name == 'push'
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 0
|
|
- uses: pnpm/action-setup@v4
|
|
with:
|
|
version: 10
|
|
- uses: actions/setup-node@v4
|
|
with:
|
|
node-version: lts/*
|
|
registry-url: https://registry.npmjs.org/
|
|
|
|
- run: pnpm dlx changelogithub
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
cli-build:
|
|
name: Build CLI ${{ matrix.goos }}/${{ matrix.goarch }}
|
|
runs-on: ubuntu-latest
|
|
timeout-minutes: 45
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
include:
|
|
- goos: linux
|
|
goarch: amd64
|
|
- goos: linux
|
|
goarch: arm64
|
|
- goos: darwin
|
|
goarch: amd64
|
|
- goos: darwin
|
|
goarch: arm64
|
|
- goos: windows
|
|
goarch: amd64
|
|
- goos: windows
|
|
goarch: arm64
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- uses: pnpm/action-setup@v4
|
|
with:
|
|
version: 10
|
|
- uses: actions/setup-node@v4
|
|
with:
|
|
node-version: lts/*
|
|
cache: pnpm
|
|
- uses: actions/setup-go@v5
|
|
with:
|
|
go-version-file: go.mod
|
|
cache: true
|
|
- name: Install JS dependencies
|
|
run: pnpm install --frozen-lockfile
|
|
- name: Build release archive
|
|
shell: bash
|
|
env:
|
|
COMMIT_HASH: ${{ github.sha }}
|
|
TARGET_OS: ${{ matrix.goos }}
|
|
TARGET_ARCH: ${{ matrix.goarch }}
|
|
run: |
|
|
set -euo pipefail
|
|
VERSION="${RELEASE_TAG#v}"
|
|
bash scripts/release.sh \
|
|
--version "$VERSION" \
|
|
--commit-hash "$COMMIT_HASH" \
|
|
--os "$TARGET_OS" \
|
|
--arch "$TARGET_ARCH" \
|
|
--output-dir dist
|
|
- name: Upload CLI artifacts
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: cli-${{ matrix.goos }}-${{ matrix.goarch }}
|
|
path: |
|
|
dist/*.tar.gz
|
|
dist/*.zip
|
|
if-no-files-found: error
|
|
|
|
cli-upload:
|
|
name: Upload CLI artifacts
|
|
runs-on: ubuntu-latest
|
|
needs: [changelog, cli-build]
|
|
if: ${{ always() && needs.cli-build.result == 'success' && (needs.changelog.result == 'success' || needs.changelog.result == 'skipped') }}
|
|
steps:
|
|
- name: Download CLI artifacts
|
|
uses: actions/download-artifact@v4
|
|
with:
|
|
path: release-artifacts/cli
|
|
pattern: cli-*
|
|
merge-multiple: true
|
|
- name: Publish CLI assets
|
|
shell: bash
|
|
env:
|
|
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
GH_REPO: ${{ github.repository }}
|
|
TAG_NAME: ${{ env.RELEASE_TAG }}
|
|
run: |
|
|
set -euo pipefail
|
|
shopt -s nullglob
|
|
files=(release-artifacts/cli/*.tar.gz release-artifacts/cli/*.zip)
|
|
if [[ ${#files[@]} -eq 0 ]]; then
|
|
echo "No CLI artifacts found" >&2
|
|
exit 1
|
|
fi
|
|
gh release upload "$TAG_NAME" "${files[@]}" --clobber --repo "$GH_REPO"
|
|
|
|
desktop-build:
|
|
name: Build desktop (${{ matrix.platform }})
|
|
runs-on: ${{ matrix.platform }}
|
|
timeout-minutes: 60
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
include:
|
|
- platform: macos-latest
|
|
build_cmd: build:mac
|
|
- platform: ubuntu-22.04
|
|
build_cmd: build:linux
|
|
- platform: windows-latest
|
|
build_cmd: build:win
|
|
env:
|
|
APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }}
|
|
APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }}
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- name: Sync desktop version
|
|
shell: bash
|
|
run: |
|
|
set -euo pipefail
|
|
VERSION="${RELEASE_TAG#v}"
|
|
export VERSION
|
|
node <<'EOF'
|
|
const fs = require('fs');
|
|
const version = process.env.VERSION;
|
|
const packageJsonPath = 'apps/desktop/package.json';
|
|
const packageJson = JSON.parse(fs.readFileSync(packageJsonPath, 'utf8'));
|
|
packageJson.version = version;
|
|
fs.writeFileSync(packageJsonPath, `${JSON.stringify(packageJson, null, 2)}\n`);
|
|
EOF
|
|
- uses: pnpm/action-setup@v4
|
|
with:
|
|
version: 10
|
|
- uses: actions/setup-node@v4
|
|
with:
|
|
node-version: lts/*
|
|
cache: pnpm
|
|
- name: Install JS dependencies
|
|
run: pnpm install --frozen-lockfile
|
|
- name: Prepare macOS code signing
|
|
id: mac-signing
|
|
if: ${{ matrix.platform == 'macos-latest' && env.APPLE_CERTIFICATE != '' && env.APPLE_CERTIFICATE_PASSWORD != '' }}
|
|
shell: bash
|
|
run: |
|
|
set -euo pipefail
|
|
CSC_PATH="$RUNNER_TEMP/certificate.p12"
|
|
python3 - <<'EOF'
|
|
import base64
|
|
import os
|
|
from pathlib import Path
|
|
|
|
target = Path(os.environ["RUNNER_TEMP"]) / "certificate.p12"
|
|
target.write_bytes(base64.b64decode(os.environ["APPLE_CERTIFICATE"]))
|
|
EOF
|
|
echo "CSC_LINK=$CSC_PATH" >> "$GITHUB_ENV"
|
|
echo "CSC_KEY_PASSWORD=$APPLE_CERTIFICATE_PASSWORD" >> "$GITHUB_ENV"
|
|
echo "has_cert=true" >> "$GITHUB_OUTPUT"
|
|
- name: Build desktop bundles
|
|
shell: bash
|
|
env:
|
|
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
CSC_IDENTITY_AUTO_DISCOVERY: ${{ steps.mac-signing.outputs.has_cert == 'true' && 'true' || 'false' }}
|
|
run: pnpm --filter @memohai/desktop ${{ matrix.build_cmd }}
|
|
- name: Upload desktop artifacts
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: desktop-${{ matrix.platform }}
|
|
path: |
|
|
apps/desktop/dist/**/*.AppImage
|
|
apps/desktop/dist/**/*.deb
|
|
apps/desktop/dist/**/*.rpm
|
|
apps/desktop/dist/**/*.dmg
|
|
apps/desktop/dist/**/*.zip
|
|
apps/desktop/dist/**/*.exe
|
|
apps/desktop/dist/**/*.msi
|
|
apps/desktop/dist/**/*.blockmap
|
|
apps/desktop/dist/**/latest*.yml
|
|
if-no-files-found: error
|
|
|
|
desktop-upload:
|
|
name: Upload desktop artifacts
|
|
runs-on: ubuntu-latest
|
|
needs: [changelog, desktop-build]
|
|
if: ${{ always() && needs.desktop-build.result == 'success' && (needs.changelog.result == 'success' || needs.changelog.result == 'skipped') }}
|
|
steps:
|
|
- name: Download desktop artifacts
|
|
uses: actions/download-artifact@v4
|
|
with:
|
|
path: release-artifacts/desktop
|
|
pattern: desktop-*
|
|
merge-multiple: true
|
|
- name: Publish desktop assets
|
|
shell: bash
|
|
env:
|
|
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
GH_REPO: ${{ github.repository }}
|
|
TAG_NAME: ${{ env.RELEASE_TAG }}
|
|
run: |
|
|
set -euo pipefail
|
|
shopt -s nullglob globstar
|
|
files=(
|
|
release-artifacts/desktop/**/*.AppImage
|
|
release-artifacts/desktop/**/*.deb
|
|
release-artifacts/desktop/**/*.rpm
|
|
release-artifacts/desktop/**/*.dmg
|
|
release-artifacts/desktop/**/*.zip
|
|
release-artifacts/desktop/**/*.exe
|
|
release-artifacts/desktop/**/*.msi
|
|
release-artifacts/desktop/**/*.blockmap
|
|
release-artifacts/desktop/**/latest*.yml
|
|
)
|
|
if [[ ${#files[@]} -eq 0 ]]; then
|
|
echo "No desktop artifacts found" >&2
|
|
exit 1
|
|
fi
|
|
gh release upload "$TAG_NAME" "${files[@]}" --clobber --repo "$GH_REPO"
|