Skip to content

Pass secrets.GITHUB_TOKEN to env #110

Pass secrets.GITHUB_TOKEN to env

Pass secrets.GITHUB_TOKEN to env #110

Workflow file for this run

name: CD
on:
push:
tags:
- v*
permissions:
contents: write
env:
node-version: 20.11.1
jobs:
desktop-build:
name: desktop-build
strategy:
matrix:
include:
- os: ubuntu-latest
command: publish:intel
- os: ubuntu-latest
command: publish:arm
- os: windows-latest
command: publish:intel
- os: macos-13
command: publish:intel
- os: macos-13
command: publish:arm
- os: macos-13
command: publish:universal
runs-on: ${{ matrix.os }}
timeout-minutes: 30
env:
APPLE_API_KEY: ${{ github.workspace }}/AuthKey.p8
APPLE_API_KEY_ID: ${{ secrets.APPLE_API_KEY_ID }}
APPLE_API_ISSUER: ${{ secrets.APPLE_API_ISSUER }}
REACT_APP_AMPLITUDE: ${{ secrets.REACT_APP_AMPLITUDE }}
REACT_APP_TG_BOT_ID: ${{ secrets.REACT_APP_TG_BOT_ID }}
REACT_APP_TONCONSOLE_API: https://pro.tonconsole.com
REACT_APP_TG_BOT_ORIGIN: https://tonkeeper.com
REACT_APP_APTABASE: ${{ secrets.VITE_APP_APTABASE }}
REACT_APP_APTABASE_HOST: https://anonymous-analytics.tonkeeper.com
REACT_APP_STONFI_REFERRAL_ADDRESS: ${{ secrets.REACT_APP_STONFI_REFERRAL_ADDRESS }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
DEBUG: electron*
steps:
- name: Checkout to git repository
uses: actions/checkout@v4
- name: Set up Node
uses: actions/setup-node@v4
with:
node-version: ${{ env.node-version }}
- name: Enable Corepack
run: |
corepack enable
- name: Decode service account into a file
if: runner.os == 'macOS'
env:
CREDENTIALS: ${{ secrets.APPLE_API_KEY }}
run: |
echo $CREDENTIALS | base64 -d > ${{ github.workspace }}/AuthKey.p8
- name: Configure keychain
if: runner.os == 'macOS'
uses: apple-actions/import-codesign-certs@v2
with:
p12-file-base64: ${{ secrets.IDENTITY_P12_B64 }}
p12-password: ${{ secrets.IDENTITY_PASSPHRASE }}
- name: Run install
uses: borales/actions-yarn@v5
with:
cmd: install
- name: Run build packages
uses: borales/actions-yarn@v5
with:
cmd: build:pkg
- name: Run build distributive
uses: borales/actions-yarn@v5
with:
cmd: ${{ matrix.command }}
dir: 'apps/desktop'
- name: Clean-up credentials
if: always() && runner.os == 'macOS'
run: |
rm ${{ github.workspace }}/AuthKey.p8
web-build:
uses: ./.github/workflows/web-build.yaml
with:
environment: 'main'
secrets: inherit
swap-widget-build:
uses: ./.github/workflows/swap-widget-build.yaml
with:
environment: 'main'
secrets: inherit
web-tests:
needs: web-build
uses: ./.github/workflows/web-tests.yaml
with:
base-url: 'https://wallet.tonkeeper.com'
transaction: true
secrets: inherit
extension-build:
name: extension-build
runs-on: macos-14
timeout-minutes: 10
steps:
- name: Checkout to git repository
uses: actions/checkout@v4
- name: Set up Node
uses: actions/setup-node@v4
with:
node-version: ${{ env.node-version }}
- name: Enable Corepack
run: |
corepack enable
- name: Run install
uses: borales/actions-yarn@v5
with:
cmd: install
- name: Run build
uses: borales/actions-yarn@v5
env:
REACT_APP_AMPLITUDE: ${{ secrets.REACT_APP_AMPLITUDE_EXTENSION }}
REACT_APP_APTABASE: ${{ secrets.VITE_APP_APTABASE }}
REACT_APP_APTABASE_HOST: https://anonymous-analytics.tonkeeper.com
with:
cmd: build:extension
- name: Upload Tonkeeper Extension to release
uses: softprops/action-gh-release@v2
with:
name: 'Tonkeeper ${{ github.ref_name }}'
draft: true
generate_release_notes: true
files: |
${{ github.workspace }}/apps/extension/dist/tonkeeper_chrome_${{
github.ref_name }}.zip
${{ github.workspace
}}/apps/extension/dist/tonkeeper_firefox_${{ github.ref_name }}.zip