focusany/.github/workflows/tag-release.yml at main · modstart-lib/focusany · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
name: TagRelease

on:
    push:
        tags:
            - v*.*.*

jobs:
  build:
    runs-on: ${{ matrix.os }}

    strategy:
      matrix:
          include:
              - os: ubuntu-latest
                arch: [arm64, amd64]
              - os: macos-latest
                arch: [arm64, amd64]
              - os: windows-latest
                arch: [arm64, amd64]

    steps:
      - name: Checkout Code
        uses: actions/checkout@v4

      - name: Setup Node.js
        uses: actions/setup-node@v4
        with:
          node-version: 20

      - name: Build Prepare (macOS)
        if: runner.os == 'macOS'
        run: |
            brew install python-setuptools

      - name: Cert Prepare (macOS)
        if: runner.os == 'macOS'
        env:
            MACOS_CERTIFICATE: ${{ secrets.CORP_MACOS_CERTIFICATE }}
            MACOS_CERTIFICATE_PASSWORD: ${{ secrets.CORP_MACOS_CERTIFICATE_PASSWORD }}
        run: |
            echo "find-identity"
            security find-identity -p codesigning
            echo "$MACOS_CERTIFICATE" | base64 --decode > certificate.p12
            security create-keychain -p "" build.keychain
            security import certificate.p12 -k build.keychain -P "$MACOS_CERTIFICATE_PASSWORD" -T /usr/bin/codesign
            security list-keychains -s build.keychain
            security set-keychain-settings -t 3600 -u build.keychain
            security unlock-keychain -p "" build.keychain
            echo "find-identity"
            security find-identity -v -p codesigning build.keychain
            echo "find-identity"
            security find-identity -p codesigning
            echo "set-key-partition-list"
            security set-key-partition-list -S apple-tool:,apple: -s -k "" -l "Mac Developer ID Application: Xi'an Yanyi Information Technology Co., Ltd" -t private build.keychain
            echo "find-certificate"
            security export -k build.keychain -t certs -f x509 -p -o certificate.cer
            echo "add-trusted-cert"
            sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain certificate.cer
            echo "find-identity"
            security find-identity -p codesigning

      - name: Install Dependencies
        run: npm install

      - name: init ( Windows )
        if: runner.os == 'Windows'
        shell: pwsh
        run: bash ./scripts/init.sh

      - name: init ( Linux/osx )
        if: runner.os == 'Linux' || runner.os == 'macOS'
        run: bash ./scripts/init.sh

      - name: Build Release Files
        run: npm run build
        env:
          DEBUG: "electron-notarize:*"
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          APPLE_ID: ${{ secrets.APPLE_ID }}
          APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }}
          APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }}
          APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}

      - name: Set Build Name ( Linux / macOS )
        if: runner.os == 'Linux' || runner.os == 'macOS'
        run: |
            DIST_FILE_NAME=${{ runner.os }}-${{ runner.arch }}-v$(date +%Y%m%d_%H%M%S)-${RANDOM}
            echo ::add-mask::$DIST_FILE_NAME
            echo DIST_FILE_NAME=$DIST_FILE_NAME >> $GITHUB_ENV

      - name: Set Build Name ( Windows )
        if: runner.os == 'Windows'
        shell: pwsh
        run: |
            $randomNumber = Get-Random -Minimum 10000 -Maximum 99999
            $DIST_FILE_NAME = "Windows-X64-v$(Get-Date -Format 'yyyyMMdd_HHmmss')-$randomNumber"
            Write-Host "::add-mask::$DIST_FILE_NAME"
            echo "DIST_FILE_NAME=$DIST_FILE_NAME" >> $env:GITHUB_ENV

#      - name: Upload
#        uses: modstart/github-oss-action@master
#        with:
#            title: ${{ github.event.head_commit.message }}
#            key-id: ${{ secrets.OSS_2_KEY_ID }}
#            key-secret: ${{ secrets.OSS_2_KEY_SECRET }}
#            region: ${{ secrets.OSS_2_REGION }}
#            bucket: ${{ secrets.OSS_2_BUCKET }}
#            callbackUrlSign: ${{ secrets.OSS_2_CALLBACK_URL_SIGN }}
#            callback: ${{ secrets.OSS_2_CALLBACK }}
#            assets: |
#                dist-release/*.exe:apps/focusany-${{ env.DIST_FILE_NAME }}/
#                dist-release/*.dmg:apps/focusany-${{ env.DIST_FILE_NAME }}/
#                dist-release/*.AppImage:apps/focusany-${{ env.DIST_FILE_NAME }}/
#                dist-release/*.deb:apps/focusany-${{ env.DIST_FILE_NAME }}/
#
#      - name: Release Assets
#        uses: softprops/action-gh-release@v2
#        with:
#            draft: false
#            prerelease: false
#            fail_on_unmatched_files: false
#            files: |
#                dist-release/*.exe
#                dist-release/*.dmg
#                dist-release/*.AppImage
#                dist-release/*.deb
#        env:
#            GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}