Package with electron-builder and enable auto-updates #72
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: build-publish-apps | |
on: | |
pull_request: | |
push: | |
branches: | |
- main | |
release: | |
types: [published] | |
schedule: | |
- cron: '0 4 * * *' | |
# Daily at 04:00 AM UTC | |
# Will checkout the last commit from the default branch (main as of 2023-10-04) | |
env: | |
CUT_RELEASE_PR: ${{ github.event_name == 'pull_request' && (contains(github.event.pull_request.title, 'Cut release v')) }} | |
BUILD_RELEASE: true | |
BUCKET_NAME: 'dl.kittycad.io' | |
BUCKET_FOLDER: 'releases/modeling-app/test/electron' | |
WEBSITE_DIR: 'dl.zoo.dev/releases/modeling-app/test/electron' | |
GOOGLE_CLOUD_PROJECT_ID: 'kittycadapi' | |
# concurrency: | |
# group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} | |
# cancel-in-progress: true | |
jobs: | |
prepare-files: | |
runs-on: ubuntu-22.04 # seperate job on Ubuntu for easy string manipulations (compared to Windows) | |
outputs: | |
version: ${{ steps.export_version.outputs.version }} | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-node@v4 | |
with: | |
node-version-file: '.nvmrc' | |
cache: 'yarn' | |
- run: yarn install | |
- name: Setup Rust | |
uses: dtolnay/rust-toolchain@stable | |
- uses: Swatinem/rust-cache@v2 | |
with: | |
workspaces: './src/wasm-lib' | |
# TODO: see if we can fetch from main instead if no diff at src/wasm-lib | |
- name: Run build:wasm | |
run: "yarn build:wasm${{ env.BUILD_RELEASE == 'true' && '-dev' || ''}}" | |
- name: Set nightly version | |
if: github.event_name == 'schedule' | |
run: | | |
VERSION=$(date +'%-y.%-m.%-d') yarn bump-jsons | |
# TODO: see if we need to inject updater nightly URL here https://dl.zoo.dev/releases/modeling-app/nightly/last_update.json | |
# TODO: see if we ned to add updater test URL here https://dl.zoo.dev/releases/modeling-app/updater-test/last_update.json | |
- uses: actions/upload-artifact@v3 | |
with: | |
name: prepared-files | |
path: | | |
package.json | |
src/wasm-lib/pkg/wasm_lib* | |
- id: export_version | |
run: echo "version=`cat package.json | jq -r '.version'`" >> "$GITHUB_OUTPUT" | |
build-apps: | |
needs: [prepare-files] | |
strategy: | |
fail-fast: false | |
matrix: | |
os: [macos-14, windows-2022, ubuntu-22.04] | |
runs-on: ${{ matrix.os }} | |
env: | |
APPLE_ID: ${{ secrets.APPLE_ID }} | |
APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }} | |
APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.APPLE_PASSWORD }} | |
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} | |
CSC_LINK: ${{ secrets.APPLE_CERTIFICATE }} | |
CSC_KEY_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }} | |
CSC_KEYCHAIN: ${{ secrets.APPLE_SIGNING_IDENTITY }} | |
CSC_FOR_PULL_REQUEST: true | |
WINDOWS_CERTIFICATE_THUMBPRINT: F4C9A52FF7BC26EE5E054946F6B11DEEA94C748D | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/download-artifact@v3 | |
name: prepared-files | |
- name: Copy prepared files | |
run: | | |
ls -R prepared-files | |
cp prepared-files/package.json package.json | |
cp prepared-files/src/wasm-lib/pkg/wasm_lib_bg.wasm public | |
mkdir src/wasm-lib/pkg | |
cp prepared-files/src/wasm-lib/pkg/wasm_lib* src/wasm-lib/pkg | |
- name: Sync node version and setup cache | |
uses: actions/setup-node@v4 | |
with: | |
node-version-file: '.nvmrc' | |
cache: 'yarn' # Set this to npm, yarn or pnpm. | |
- run: yarn install | |
- run: yarn tronb:vite | |
- name: Prepare certificate and variables (Windows only) | |
if: ${{ env.BUILD_RELEASE == 'true' && matrix.os == 'windows-2022' }} | |
run: | | |
echo "${{secrets.SM_CLIENT_CERT_FILE_B64 }}" | base64 --decode > /d/Certificate_pkcs12.p12 | |
cat /d/Certificate_pkcs12.p12 | |
echo "::set-output name=version::${GITHUB_REF#refs/tags/v}" | |
echo "SM_HOST=${{ secrets.SM_HOST }}" >> "$GITHUB_ENV" | |
echo "SM_API_KEY=${{ secrets.SM_API_KEY }}" >> "$GITHUB_ENV" | |
echo "SM_CLIENT_CERT_FILE=D:\\Certificate_pkcs12.p12" >> "$GITHUB_ENV" | |
echo "SM_CLIENT_CERT_PASSWORD=${{ secrets.SM_CLIENT_CERT_PASSWORD }}" >> "$GITHUB_ENV" | |
echo "C:\Program Files (x86)\Windows Kits\10\App Certification Kit" >> $GITHUB_PATH | |
echo "C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.8 Tools" >> $GITHUB_PATH | |
echo "C:\Program Files\DigiCert\DigiCert One Signing Manager Tools" >> $GITHUB_PATH | |
shell: bash | |
- name: Setup certicate with SSM KSP (Windows only) | |
if: ${{ env.BUILD_RELEASE == 'true' && matrix.os == 'windows-2022' }} | |
run: | | |
curl -X GET https://one.digicert.com/signingmanager/api-ui/v1/releases/smtools-windows-x64.msi/download -H "x-api-key:%SM_API_KEY%" -o smtools-windows-x64.msi | |
msiexec /i smtools-windows-x64.msi /quiet /qn | |
smksp_registrar.exe list | |
smctl.exe keypair ls | |
C:\Windows\System32\certutil.exe -csp "DigiCert Signing Manager KSP" -key -user | |
smksp_cert_sync.exe | |
shell: cmd | |
- name: Build the app | |
# if: ${{ env.BUILD_RELEASE == 'false' }} | |
run: yarn electron-builder --config --publish always | |
# - name: Publish the app (dry run) | |
# if: ${{ env.BUILD_RELEASE == 'true' }} | |
# run: "yarn electron-forge publish --dry-run" | |
- name: List artifacts in out/ | |
run: ls -R out | |
- name: Prepare the tauri update bundles (macOS) | |
if: ${{ matrix.os == 'macos-14' }} | |
env: | |
TAURI_PRIVATE_KEY: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY }} | |
TAURI_PRIVATE_KEY_PASSWORD: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY_PASSWORD }} | |
# VERSION: ${{ github.event_name == 'release' && format('v{0}', needs.prepare-files.outputs.version) || needs.prepare-files.outputs.version }} | |
VERSION: ${{ format('v{0}', needs.prepare-files.outputs.version) }} | |
run: | | |
# for ARCH in arm64 x64; do | |
for ARCH in universal; do | |
TAURI_DIR=out/tauri/$VERSION/macos | |
mkdir -p $TAURI_DIR | |
unzip out/*-$ARCH-mac.zip -d $TAURI_DIR | |
tar -czvf "$TAURI_DIR/Zoo Modeling App.app.tar.gz" -C $TAURI_DIR "Zoo Modeling App.app" | |
yarn tauri signer sign "$TAURI_DIR/Zoo Modeling App.app.tar.gz" | |
done | |
ls -R out | |
- name: Prepare the tauri update bundles (Windows) | |
if: ${{ matrix.os == 'windows-2022' }} | |
env: | |
TAURI_PRIVATE_KEY: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY }} | |
TAURI_PRIVATE_KEY_PASSWORD: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY_PASSWORD }} | |
# VERSION: ${{ github.event_name == 'release' && format('v{0}', needs.prepare-files.outputs.version) || needs.prepare-files.outputs.version }} | |
VERSION_NO_V: ${{ needs.prepare-files.outputs.version }} | |
VERSION: ${{ format('v{0}', needs.prepare-files.outputs.version) }} | |
run: | | |
$env:TAURI_DIR="out/tauri/${env:VERSION}/msi" | |
mkdir -p ${env:TAURI_DIR} | |
$env:MSI_FILE="${env:TAURI_DIR}/Zoo Modeling App_${env:VERSION_NO_V}_x64_en-US.msi.zip" | |
7z a -mm=Copy "${env:MSI_FILE}" ./out/*-x64-win.msi | |
yarn tauri signer sign "${env:MSI_FILE}" | |
ls -R out | |
- uses: actions/upload-artifact@v3 | |
with: | |
name: out-${{ matrix.os }} | |
path: | | |
out/Zoo*.* | |
out/latest*.yml | |
out/tauri | |
# TODO: add the 'Build for Mac TestFlight (nightly)' stage back | |
publish-apps-release: | |
runs-on: ubuntu-22.04 | |
permissions: | |
contents: write | |
# if: ${{ github.event_name == 'release' || github.event_name == 'schedule' }} | |
needs: [prepare-files, build-apps] | |
env: | |
VERSION_NO_V: ${{ needs.prepare-files.outputs.version }} | |
# VERSION: ${{ github.event_name == 'release' && format('v{0}', needs.prepare-files.outputs.version) || needs.prepare-files.outputs.version }} | |
VERSION: ${{ format('v{0}', needs.prepare-files.outputs.version) }} | |
PUB_DATE: ${{ github.event_name == 'release' && github.event.release.created_at || github.event.repository.updated_at }} | |
# NOTES: ${{ github.event_name == 'release' && github.event.release.body || format('Nightly build, commit {0}', github.sha) }} | |
NOTES: ${{ format('Electron build, commit {0}', github.sha) }} | |
# BUCKET_DIR: ${{ github.event_name == 'release' && 'dl.kittycad.io/releases/modeling-app' || 'dl.kittycad.io/releases/modeling-app/nightly' }} | |
BUCKET_DIR: ${{ 'dl.kittycad.io/releases/modeling-app/test/electron-builder' }} | |
BUCKET_DIR_TAURI: ${{ 'dl.kittycad.io/releases/modeling-app/test/electron-builder/tauri' }} | |
# WEBSITE_DIR: ${{ github.event_name == 'release' && 'dl.zoo.dev/releases/modeling-app' || 'dl.zoo.dev/releases/modeling-app/nightly' }} | |
WEBSITE_DIR_TAURI: ${{ 'dl.zoo.dev/releases/modeling-app/test/electron-builder/tauri' }} | |
# URL_CODED_NAME: ${{ github.event_name == 'schedule' && 'Zoo%20Modeling%20App%20%28Nightly%29' || 'Zoo%20Modeling%20App' }} | |
URL_CODED_NAME: ${{ 'Zoo%20Modeling%20App' }} | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/download-artifact@v3 | |
with: | |
name: out-windows-2022 | |
path: out | |
- uses: actions/download-artifact@v3 | |
with: | |
name: out-macos-14 | |
path: out | |
- uses: actions/download-artifact@v3 | |
with: | |
name: out-ubuntu-22.04 | |
path: out | |
- name: List artifacts | |
run: "ls -R out" | |
- name: Authenticate to Google Cloud | |
uses: 'google-github-actions/[email protected]' | |
with: | |
credentials_json: '${{ secrets.GOOGLE_CLOUD_DL_SA }}' | |
- name: Set up Google Cloud SDK | |
uses: google-github-actions/[email protected] | |
with: | |
project_id: ${{ env.GOOGLE_CLOUD_PROJECT_ID }} | |
- name: Upload release files to public bucket | |
uses: google-github-actions/[email protected] | |
with: | |
path: out | |
glob: 'Zoo*' | |
parent: false | |
destination: ${{ env.BUCKET_DIR }} | |
- name: Upload update endpoint to public bucket | |
uses: google-github-actions/[email protected] | |
with: | |
path: out | |
glob: 'latest*' | |
parent: false | |
destination: ${{ env.BUCKET_DIR }} | |
- name: Generate the update static endpoint for tauri | |
run: | | |
TAURI_DIR=out/tauri/$VERSION | |
DARWIN_SIG=`cat $TAURI_DIR/macos/*.app.tar.gz.sig` | |
WINDOWS_SIG=`cat $TAURI_DIR/msi/*.msi.zip.sig` | |
RELEASE_DIR=https://${WEBSITE_DIR_TAURI}/${VERSION} | |
jq --null-input \ | |
--arg version "${VERSION}" \ | |
--arg pub_date "${PUB_DATE}" \ | |
--arg notes "${NOTES}" \ | |
--arg darwin_sig "$DARWIN_SIG" \ | |
--arg darwin_url "$RELEASE_DIR/macos/${{ env.URL_CODED_NAME }}.app.tar.gz" \ | |
--arg windows_sig "$WINDOWS_SIG" \ | |
--arg windows_url "$RELEASE_DIR/msi/${{ env.URL_CODED_NAME }}_${VERSION_NO_V}_x64_en-US.msi.zip" \ | |
'{ | |
"version": $version, | |
"pub_date": $pub_date, | |
"notes": $notes, | |
"platforms": { | |
"darwin-x86_64": { | |
"signature": $darwin_sig, | |
"url": $darwin_url | |
}, | |
"darwin-aarch64": { | |
"signature": $darwin_sig, | |
"url": $darwin_url | |
}, | |
"windows-x86_64": { | |
"signature": $windows_sig, | |
"url": $windows_url | |
} | |
} | |
}' > last_update.json | |
cat last_update.json | |
- name: Upload release files to public bucket for tauri | |
uses: google-github-actions/[email protected] | |
with: | |
path: "out/tauri/${{ env.VERSION }}" | |
glob: '*/Zoo*' | |
parent: false | |
destination: ${{ env.BUCKET_DIR_TAURI }}/${{ env.VERSION }} | |
- name: Upload update endpoint to public bucket for tauri | |
uses: google-github-actions/[email protected] | |
with: | |
path: last_update.json | |
destination: ${{ env.BUCKET_DIR_TAURI }} | |
# - name: Upload download endpoint to public bucket | |
# uses: google-github-actions/[email protected] | |
# with: | |
# path: last_download.json | |
# destination: ${{ env.BUCKET_DIR }} | |
- name: Upload release files to Github | |
if: ${{ github.event_name == 'release' }} | |
uses: softprops/action-gh-release@v2 | |
with: | |
files: 'artifact/*/Zoo*' | |
# TODO: Add GitHub publisher | |
announce_release: | |
needs: [publish-apps-release] | |
runs-on: ubuntu-22.04 | |
if: github.event_name == 'release' | |
steps: | |
- name: Check out code | |
uses: actions/checkout@v4 | |
- name: Set up Python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: '3.x' | |
- name: Install dependencies | |
run: | | |
python -m pip install --upgrade pip | |
pip install requests | |
- name: Announce Release | |
env: | |
DISCORD_WEBHOOK_URL: ${{ secrets.DISCORD_WEBHOOK_URL }} | |
RELEASE_VERSION: ${{ github.event.release.tag_name }} | |
RELEASE_BODY: ${{ github.event.release.body}} | |
run: python public/announce_release.py |