turn off windows codesigning for now in workflow #59
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Build macOS, optionally sign | |
name: macos | |
env: | |
MACOS_CERTIFICATE: ${{ secrets.MACOS_CERTIFICATE }} | |
MACOS_CERTIFICATE_PWD: ${{ secrets.MACOS_CERTIFICATE_PWD }} | |
APPLEID: ${{ secrets.MACOS_APPLEID }} | |
APPLEIDPASSWD: ${{ secrets.MACOS_APPLEIDPASSWD }} | |
TEAM_SHORT_NAME: ${{ secrets.MACOS_TEAM_SHORT_NAME }} | |
GH_TOKEN: ${{ secrets.GH_TOKEN }} | |
# see https://localazy.com/blog/how-to-automatically-sign-macos-apps-using-github-actions | |
# see https://shipshape.io/blog/signing-electron-apps-with-github-actions/ | |
on: | |
push: | |
pull_request: | |
release: | |
types: [created] | |
#types: [published] # publish a draft release to set github.event_name = 'release' | |
jobs: | |
# This workflow contains a single job called "build" | |
build: | |
runs-on: macos-latest | |
# Steps represent a sequence of tasks executed as part of the job | |
steps: | |
- name: Check out Git repository | |
uses: actions/checkout@v3 | |
- name: Setup prerequisites | |
run: echo "no prereqs to set up" | |
- name: Setup Python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: "3.10" | |
- name: Install Node.js and NPM | |
uses: actions/setup-node@v3 | |
with: | |
node-version: 16 | |
cache: npm | |
- name: Codesign setup for macOS | |
run: | | |
echo $MACOS_CERTIFICATE | base64 --decode > certificate.p12 | |
security create-keychain -p actions build.keychain | |
security default-keychain -s build.keychain | |
security unlock-keychain -p actions build.keychain | |
security import certificate.p12 -k build.keychain -P $MACOS_CERTIFICATE_PWD -T /usr/bin/codesign | |
security set-key-partition-list -S apple-tool:,apple: -s -k actions build.keychain | |
- name: Build | |
run: | | |
npm install | |
npm run pack | |
npm run dist:draft | |
- name: Notarize | |
if: "contains(github.event.head_commit.message, '[publish]')" | |
run: | | |
npm run dist:nopub | |
- name: Publish | |
continue-on-error: true | |
if: "contains(github.event.head_commit.message, '[publish]')" | |
#if: (github.event_name == 'release') # or values = 'push' or 'pull_request' | |
run: | | |
npm run dist | |
# - name: Check files | |
# run: ls -alR --ignore=\.git --ignore=node_modules | |
- name: Upload artifacts | |
uses: actions/upload-artifact@v3 | |
with: | |
name: Blink1Control2-${{ runner.os }} | |
path: | | |
dist/Blink1Control2*zip | |
dist/Blink1Control2*dmg | |
dist/Blink1Control2*deb | |
dist/Blink1Control2*tar.gz | |
dist/Blink1Control2*AppImage | |
dist/Blink1Control2*exe | |
dist/Blink1Control2*blockmap | |
dist/latest*yml |