openhermes update v1 (#863) #44
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Jan Build Electron App | |
| on: | |
| push: | |
| tags: ["v[0-9]+.[0-9]+.[0-9]+"] | |
| jobs: | |
| create-draft-release: | |
| runs-on: ubuntu-latest | |
| if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/') | |
| outputs: | |
| upload_url: ${{ steps.create_release.outputs.upload_url }} | |
| version: ${{ steps.get_version.outputs.version }} | |
| permissions: | |
| contents: write | |
| steps: | |
| - name: Extract tag name without v prefix | |
| id: get_version | |
| run: echo "VERSION=${GITHUB_REF#refs/tags/v}" >> $GITHUB_ENV && echo "::set-output name=version::${GITHUB_REF#refs/tags/v}" | |
| env: | |
| GITHUB_REF: ${{ github.ref }} | |
| - name: Create Draft Release | |
| id: create_release | |
| uses: actions/create-release@v1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| tag_name: ${{ github.ref_name }} | |
| release_name: "${{ env.VERSION }}" | |
| draft: true | |
| prerelease: false | |
| build-macos: | |
| runs-on: macos-latest | |
| needs: create-draft-release | |
| environment: production | |
| permissions: | |
| contents: write | |
| steps: | |
| - name: Getting the repo | |
| uses: actions/checkout@v3 | |
| - name: Installing node | |
| uses: actions/setup-node@v1 | |
| with: | |
| node-version: 20 | |
| - name: Install jq | |
| uses: dcarbone/[email protected] | |
| - name: Get tag | |
| id: tag | |
| uses: dawidd6/action-get-tag@v1 | |
| - name: Update app version base on tag | |
| run: | | |
| if [[ ! "${VERSION_TAG}" =~ ^v[0-9]+\.[0-9]+\.[0-9]+$ ]]; then | |
| echo "Error: Tag is not valid!" | |
| exit 1 | |
| fi | |
| jq --arg version "${VERSION_TAG#v}" '.version = $version' electron/package.json > /tmp/package.json | |
| mv /tmp/package.json electron/package.json | |
| env: | |
| VERSION_TAG: ${{ steps.tag.outputs.tag }} | |
| - name: Get Cer for code signing | |
| run: base64 -d <<< "$CODE_SIGN_P12_BASE64" > /tmp/codesign.p12 | |
| shell: bash | |
| env: | |
| CODE_SIGN_P12_BASE64: ${{ secrets.CODE_SIGN_P12_BASE64 }} | |
| - uses: apple-actions/import-codesign-certs@v2 | |
| continue-on-error: true | |
| with: | |
| p12-file-base64: ${{ secrets.CODE_SIGN_P12_BASE64 }} | |
| p12-password: ${{ secrets.CODE_SIGN_P12_PASSWORD }} | |
| - name: Build and publish app | |
| run: | | |
| make build-and-publish | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| CSC_LINK: "/tmp/codesign.p12" | |
| CSC_KEY_PASSWORD: ${{ secrets.CODE_SIGN_P12_PASSWORD }} | |
| CSC_IDENTITY_AUTO_DISCOVERY: "true" | |
| APPLE_ID: ${{ secrets.APPLE_ID }} | |
| APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.APPLE_APP_SPECIFIC_PASSWORD }} | |
| APP_PATH: "." | |
| DEVELOPER_ID: ${{ secrets.DEVELOPER_ID }} | |
| build-windows-x64: | |
| runs-on: windows-latest | |
| needs: create-draft-release | |
| permissions: | |
| contents: write | |
| steps: | |
| - name: Getting the repo | |
| uses: actions/checkout@v3 | |
| - name: Installing node | |
| uses: actions/setup-node@v1 | |
| with: | |
| node-version: 20 | |
| - name: Install jq | |
| uses: dcarbone/[email protected] | |
| - name: Get tag | |
| id: tag | |
| uses: dawidd6/action-get-tag@v1 | |
| - name: Update app version base on tag | |
| shell: bash | |
| run: | | |
| if [[ ! "${VERSION_TAG}" =~ ^v[0-9]+\.[0-9]+\.[0-9]+$ ]]; then | |
| echo "Error: Tag is not valid!" | |
| exit 1 | |
| fi | |
| jq --arg version "${VERSION_TAG#v}" '.version = $version' electron/package.json > /tmp/package.json | |
| mv /tmp/package.json electron/package.json | |
| env: | |
| VERSION_TAG: ${{ steps.tag.outputs.tag }} | |
| - name: Build app | |
| shell: cmd | |
| run: | | |
| make build | |
| - name: Windows Code Sign with AzureSignTool | |
| run: | | |
| dotnet tool install --global AzureSignTool | |
| cd ./electron/dist | |
| azuresigntool.exe sign -kvu "${{ secrets.AZURE_KEY_VAULT_URI }}" -kvi "${{ secrets.AZURE_CLIENT_ID }}" -kvt "${{ secrets.AZURE_TENANT_ID }}" -kvs "${{ secrets.AZURE_CLIENT_SECRET }}" -kvc ${{ secrets.AZURE_CERT_NAME }} -tr http://timestamp.globalsign.com/tsa/r6advanced1 -v "jan-win-x64-${{ needs.create-draft-release.outputs.version }}.exe" | |
| - uses: actions/[email protected] | |
| if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/') | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| upload_url: ${{ needs.create-draft-release.outputs.upload_url }} | |
| asset_path: ./electron/dist/jan-win-x64-${{ needs.create-draft-release.outputs.version }}.exe | |
| asset_name: jan-win-x64-${{ needs.create-draft-release.outputs.version }}.exe | |
| asset_content_type: application/octet-stream | |
| - uses: actions/[email protected] | |
| if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/') | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| upload_url: ${{ needs.create-draft-release.outputs.upload_url }} | |
| asset_path: ./electron/dist/jan-win-x64-${{ needs.create-draft-release.outputs.version }}.exe.blockmap | |
| asset_name: jan-win-x64-${{ needs.create-draft-release.outputs.version }}.exe.blockmap | |
| asset_content_type: text/xml | |
| - uses: actions/[email protected] | |
| if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/') | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| upload_url: ${{ needs.create-draft-release.outputs.upload_url }} | |
| asset_path: ./electron/dist/latest.yml | |
| asset_name: latest.yml | |
| asset_content_type: text/yaml | |
| build-linux-x64: | |
| runs-on: ubuntu-latest | |
| needs: create-draft-release | |
| environment: production | |
| env: | |
| SNAPCRAFT_STORE_CREDENTIALS: ${{ secrets.SNAPCRAFT_TOKEN }} | |
| permissions: | |
| contents: write | |
| steps: | |
| - name: Getting the repo | |
| uses: actions/checkout@v3 | |
| - name: Installing node | |
| uses: actions/setup-node@v1 | |
| with: | |
| node-version: 20 | |
| - name: Install jq | |
| uses: dcarbone/[email protected] | |
| - name: Get tag | |
| id: tag | |
| uses: dawidd6/action-get-tag@v1 | |
| - name: Update app version base on tag | |
| run: | | |
| if [[ ! "${VERSION_TAG}" =~ ^v[0-9]+\.[0-9]+\.[0-9]+$ ]]; then | |
| echo "Error: Tag is not valid!" | |
| exit 1 | |
| fi | |
| jq --arg version "${VERSION_TAG#v}" '.version = $version' electron/package.json > /tmp/package.json | |
| mv /tmp/package.json electron/package.json | |
| env: | |
| VERSION_TAG: ${{ steps.tag.outputs.tag }} | |
| - name: Build and publish app | |
| run: | | |
| make build-and-publish | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| update_release_draft: | |
| needs: [build-macos, build-windows-x64, build-linux-x64, create-draft-release] | |
| permissions: | |
| # write permission is required to create a github release | |
| contents: write | |
| # write permission is required for autolabeler | |
| # otherwise, read permission is required at least | |
| pull-requests: write | |
| runs-on: ubuntu-latest | |
| steps: | |
| # (Optional) GitHub Enterprise requires GHE_HOST variable set | |
| #- name: Set GHE_HOST | |
| # run: | | |
| # echo "GHE_HOST=${GITHUB_SERVER_URL##https:\/\/}" >> $GITHUB_ENV | |
| # Drafts your next Release notes as Pull Requests are merged into "master" | |
| - uses: release-drafter/release-drafter@v5 | |
| # (Optional) specify config name to use, relative to .github/. Default: release-drafter.yml | |
| # with: | |
| # config-name: my-config.yml | |
| # disable-autolabeler: true | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |