ivabus/gui
1
0
Fork 0
mirror of https://github.com/ivabus/gui synced 2025-06-07 15:50:27 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

add notarization

Browse source
This commit is contained in:
Jacob Heider 2023-01-20 18:20:05 -05:00
parent 2e64763141
commit aef0e2a2a1
No known key found for this signature in database
GPG key ID: A98011B5713535BF
2 changed files with 228 additions and 214 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

409
.github/workflows/ci.yml vendored
View file

@ -1,219 +1,218 @@
# name: "test" name: "test"
# on: [pull_request] on: [pull_request]
jobs:
changes:
runs-on: ubuntu-latest
outputs:
svelte: ${{steps.svelte.outputs.src}}
tauri: ${{steps.tauri.outputs.src}}
preview_folder: ${{steps.preview.outputs.folder}}
steps:
- uses: actions/checkout@v3
- uses: dorny/paths-filter@v2
id: svelte
with:
filters: |
src:
- 'modules/gui/src/**'
- 'modules/ui/**'
- uses: dorny/paths-filter@v2
id: tauri
with:
filters: |
src:
- 'modules/gui/src-tauri/**'
- 'modules/gui/src/**'
- 'modules/ui/src/**'
- name: get s3 preview folder
id: preview
run: echo "folder=${{ github.event.number }}-merge" >> $GITHUB_OUTPUT
no_preview:
needs: changes
if: needs.changes.outputs.svelte == 'false'
runs-on: ubuntu-latest
steps:
- name: comment preview site
uses: mshick/add-pr-comment@v2
with:
message-id: preview-comment-${{needs.changes.outputs.preview_folder}}
message: |
no preview or changes related to UI
test:
needs: changes
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
persist-credentials: false
- uses: pnpm/action-setup@v2
with:
version: 7
- name: setup node
uses: actions/setup-node@v1
with:
node-version: 18
cache: 'pnpm'
cache-dependency-path: pnpm-lock.yaml
- name: install app dependencies
run: pnpm install
- name: unit test
run: pnpm --filter gui run coverage
- name: lint
run: pnpm -r lint
build_svelte:
needs: changes
if: needs.changes.outputs.svelte == 'true'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: build tauri for Linux
uses: docker://getneil/tea-builder:latest
- uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-1
- name: sync web files into preview folder
env:
prefix: ${{ needs.changes.outputs.preview_folder }}
run: |
aws s3 sync ./modules/gui/build \
"s3://preview.gui.tea.xyz/$prefix"
- name: Install package
run: sudo apt-get install -y jq coreutils
- name: setup preview
id: preview_setup
run: .github/create-invalidate-preview.sh ${{ needs.changes.outputs.preview_folder }}
# jobs: - name: comment preview site
# changes: uses: mshick/add-pr-comment@v2
# runs-on: ubuntu-latest with:
# outputs: message-id: preview-comment-${{needs.changes.outputs.preview_folder}}
# svelte: ${{steps.svelte.outputs.src}} message: |
# tauri: ${{steps.tauri.outputs.src}} **preview is at**:
# preview_folder: ${{steps.preview.outputs.folder}} <a href="https://${{steps.preview_setup.outputs.domain}}" target="_blank">here</a>
# steps: ```bash
# - uses: actions/checkout@v3 https://${{steps.preview_setup.outputs.domain}}
# - uses: dorny/paths-filter@v2 ```
# id: svelte copy-paste into a browser to view
# with:
# filters: |
# src:
# - 'modules/gui/src/**'
# - 'modules/ui/**'
# - uses: dorny/paths-filter@v2
# id: tauri
# with:
# filters: |
# src:
# - 'modules/gui/src-tauri/**'
# - 'modules/gui/src/**'
# - 'modules/ui/src/**'
# - name: get s3 preview folder
# id: preview
# run: echo "folder=${{ github.event.number }}-merge" >> $GITHUB_OUTPUT
# no_preview:
# needs: changes
# if: needs.changes.outputs.svelte == 'false'
# runs-on: ubuntu-latest
# steps:
# - name: comment preview site
# uses: mshick/add-pr-comment@v2
# with:
# message-id: preview-comment-${{needs.changes.outputs.preview_folder}}
# message: |
# no preview or changes related to UI
# test:
# needs: changes
# runs-on: ubuntu-latest
# steps:
# - uses: actions/checkout@v3
# with:
# persist-credentials: false
# - uses: pnpm/action-setup@v2
# with:
# version: 7
# - name: setup node
# uses: actions/setup-node@v1
# with:
# node-version: 18
# cache: 'pnpm'
# cache-dependency-path: pnpm-lock.yaml
# - name: install app dependencies
# run: pnpm install
# - name: unit test
# run: pnpm --filter gui run coverage
# - name: lint
# run: pnpm -r lint
# build_svelte:
# needs: changes
# if: needs.changes.outputs.svelte == 'true'
# runs-on: ubuntu-latest
# steps:
# - uses: actions/checkout@v3
# - name: build tauri for Linux
# uses: docker://getneil/tea-builder:latest
# - uses: aws-actions/configure-aws-credentials@v1
# with:
# aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
# aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
# aws-region: us-east-1
# - name: sync web files into preview folder
# env:
# prefix: ${{ needs.changes.outputs.preview_folder }}
# run: |
# aws s3 sync ./modules/gui/build \
# "s3://preview.gui.tea.xyz/$prefix"
# - name: Install package
# run: sudo apt-get install -y jq coreutils
# - name: setup preview
# id: preview_setup
# run: .github/create-invalidate-preview.sh ${{ needs.changes.outputs.preview_folder }}
# - name: comment preview site build_tauri:
# uses: mshick/add-pr-comment@v2 needs: changes
# with: if: needs.changes.outputs.tauri == 'true'
# message-id: preview-comment-${{needs.changes.outputs.preview_folder}} runs-on: ${{ matrix.platform.os }}
# message: | strategy:
# **preview is at**: matrix:
# <a href="https://${{steps.preview_setup.outputs.domain}}" target="_blank">here</a> platform:
# ```bash - os: macos-11
# https://${{steps.preview_setup.outputs.domain}} name: darwin+x86-64
# ``` id: mac_latest
# copy-paste into a browser to view - os: ubuntu-latest
name: linux+x86-64
id: linux
- os: [self-hosted, macOS, ARM64]
name: darwin+aarch64
id: mac_m1
# err: Package atk was not found in the pkg-config search path.
# requires atk >= 2.18
# - os: [self-hosted, linux, ARM64]
# name: linux+aarch64
container: ${{ matrix.platform.container }}
steps:
- uses: actions/checkout@v3
# build_tauri: - name: build tauri for MacOS
# needs: changes # uses: teaxyz/setup@v0
# if: needs.changes.outputs.tauri == 'true' if: startsWith(matrix.platform.name, 'darwin')
# runs-on: ${{ matrix.platform.os }} # FROM: https://tauri.app/v1/guides/distribution/sign-macos
# strategy: env:
# matrix: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# platform: ENABLE_CODE_SIGNING: ${{ secrets.GUI_APPLE_CERTIFICATE }}
# - os: macos-11 APPLE_CERTIFICATE: ${{ secrets.GUI_APPLE_CERTIFICATE }}
# name: darwin+x86-64 APPLE_CERTIFICATE_PASSWORD: ${{ secrets.GUI_APPLE_CERTIFICATE_PASSWORD }}
# id: mac_latest APPLE_SIGNING_IDENTITY: ${{ secrets.APPLE_SIGNING_IDENTITY }}
# - os: ubuntu-latest # TODO: uncomment once isolated m1 runner is setup with latest xcode
# name: linux+x86-64 # only used for notarization
# id: linux # APPLE_ID: ${{ secrets.APPLE_ID }}
# - os: [self-hosted, macOS, ARM64] # APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
# name: darwin+aarch64 run: |
# id: mac_m1 sh <(curl https://tea.xyz) -ES xc build
# # err: Package atk was not found in the pkg-config search path.
# # requires atk >= 2.18
# # - os: [self-hosted, linux, ARM64]
# # name: linux+aarch64
# container: ${{ matrix.platform.container }}
# steps:
# - uses: actions/checkout@v3
# - name: build tauri for MacOS - name: build tauri for Linux
# # uses: teaxyz/setup@v0 # uses: teaxyz/setup@v0
# if: startsWith(matrix.platform.name, 'darwin') if: startsWith(matrix.platform.name, 'linux')
# # FROM: https://tauri.app/v1/guides/distribution/sign-macos # TODO: https://tauri.app/v1/guides/distribution/sign-linux
# env: uses: docker://getneil/tea-builder:latest
# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# ENABLE_CODE_SIGNING: ${{ secrets.GUI_APPLE_CERTIFICATE }}
# APPLE_CERTIFICATE: ${{ secrets.GUI_APPLE_CERTIFICATE }}
# APPLE_CERTIFICATE_PASSWORD: ${{ secrets.GUI_APPLE_CERTIFICATE_PASSWORD }}
# APPLE_SIGNING_IDENTITY: ${{ secrets.APPLE_SIGNING_IDENTITY }}
# # TODO: uncomment once isolated m1 runner is setup with latest xcode
# # only used for notarization
# # APPLE_ID: ${{ secrets.APPLE_ID }}
# # APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
# run: |
# sh <(curl https://tea.xyz) -ES xc build
# - name: build tauri for Linux - name: build platform output
# # uses: teaxyz/setup@v0 id: build_platform
# if: startsWith(matrix.platform.name, 'linux') env:
# # TODO: https://tauri.app/v1/guides/distribution/sign-linux platform: ${{ matrix.platform.name }}
# uses: docker://getneil/tea-builder:latest run: |
EXTENSION=dmg
BUILD_PLATFORM=$(echo $platform | sed -e "s/darwin+//g" | sed -e "s/linux+//g")
[[ $BUILD_PLATFORM = "x86-64" ]] && BUILD_PLATFORM="x64" || BUILD_PLATFORM=$BUILD_PLATFORM
[[ $platform = "linux+x86-64" ]] && BUILD_PLATFORM="amd64" || BUILD_PLATFORM=$BUILD_PLATFORM
[[ $platform = "linux+x86-64" ]] && EXTENSION="deb"
echo "build_platform=$BUILD_PLATFORM" >> $GITHUB_OUTPUT
echo "extension=$EXTENSION" >> $GITHUB_OUTPUT
# - name: build platform output - name: zip .app for MacOS
# id: build_platform if: matrix.platform.name == 'darwin+x86-64' || matrix.platform.name == 'darwin+aarch64'
# env: run: |
# platform: ${{ matrix.platform.name }} cd ./modules/gui/src-tauri/target/release/bundle/macos/ && zip -r tea.zip tea.app
# run: |
# EXTENSION=dmg
# BUILD_PLATFORM=$(echo $platform | sed -e "s/darwin+//g" | sed -e "s/linux+//g")
# [[ $BUILD_PLATFORM = "x86-64" ]] && BUILD_PLATFORM="x64" || BUILD_PLATFORM=$BUILD_PLATFORM
# [[ $platform = "linux+x86-64" ]] && BUILD_PLATFORM="amd64" || BUILD_PLATFORM=$BUILD_PLATFORM
# [[ $platform = "linux+x86-64" ]] && EXTENSION="deb"
# echo "build_platform=$BUILD_PLATFORM" >> $GITHUB_OUTPUT
# echo "extension=$EXTENSION" >> $GITHUB_OUTPUT
# - name: zip .app for MacOS - uses: aws-actions/configure-aws-credentials@v1
# if: matrix.platform.name == 'darwin+x86-64' || matrix.platform.name == 'darwin+aarch64' with:
# run: | aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
# cd ./modules/gui/src-tauri/target/release/bundle/macos/ && zip -r tea.zip tea.app aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-1
# - uses: aws-actions/configure-aws-credentials@v1 - name: cp package images from prod to preview bucket
# with: env:
# aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} prefix: ${{ needs.changes.outputs.preview_folder }}
# aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} platform: ${{ steps.build_platform.outputs.build_platform }}
# aws-region: us-east-1 extension: ${{ steps.build_platform.outputs.extension }}
run: |
aws s3 cp "./modules/gui/src-tauri/target/release/bundle/$extension/tea_0.1.0_$platform.$extension" \
"s3://preview.gui.tea.xyz/$prefix/tea_$platform.$extension"
# - name: cp package images from prod to preview bucket - name: cp package zip for MacOS
# env: if: matrix.platform.name == 'darwin+x86-64' || matrix.platform.name == 'darwin+aarch64'
# prefix: ${{ needs.changes.outputs.preview_folder }} env:
# platform: ${{ steps.build_platform.outputs.build_platform }} prefix: ${{ needs.changes.outputs.preview_folder }}
# extension: ${{ steps.build_platform.outputs.extension }} platform: ${{ steps.build_platform.outputs.build_platform }}
# run: | run: |
# aws s3 cp "./modules/gui/src-tauri/target/release/bundle/$extension/tea_0.1.0_$platform.$extension" \ aws s3 cp ./modules/gui/src-tauri/target/release/bundle/macos/tea.zip "s3://preview.gui.tea.xyz/$prefix/tea_$platform.zip"
# "s3://preview.gui.tea.xyz/$prefix/tea_$platform.$extension"
# - name: cp package zip for MacOS - name: comment install for Linux
# if: matrix.platform.name == 'darwin+x86-64' || matrix.platform.name == 'darwin+aarch64' if: startsWith(matrix.platform.name, 'linux')
# env: uses: mshick/add-pr-comment@v2
# prefix: ${{ needs.changes.outputs.preview_folder }} with:
# platform: ${{ steps.build_platform.outputs.build_platform }} message-id: ${{ matrix.platform.id }}-comment
# run: | message: |
# aws s3 cp ./modules/gui/src-tauri/target/release/bundle/macos/tea.zip "s3://preview.gui.tea.xyz/$prefix/tea_$platform.zip" **installer for Linux ${{ matrix.platform.name }} is at**:
<a href="http://preview.gui.tea.xyz.s3-website-us-east-1.amazonaws.com/${{ needs.changes.outputs.preview_folder }}/tea_${{steps.build_platform.outputs.build_platform}}.${{steps.build_platform.outputs.extension}}" target="_blank">here</a>
# - name: comment install for Linux ```bash
# if: startsWith(matrix.platform.name, 'linux') http://preview.gui.tea.xyz.s3-website-us-east-1.amazonaws.com/${{ needs.changes.outputs.preview_folder }}/tea_${{ steps.build_platform.outputs.build_platform }}.${{ steps.build_platform.outputs.extension }}
# uses: mshick/add-pr-comment@v2 ```
# with: copy-paste into a browser to download
# message-id: ${{ matrix.platform.id }}-comment
# message: |
# **installer for Linux ${{ matrix.platform.name }} is at**:
# <a href="http://preview.gui.tea.xyz.s3-website-us-east-1.amazonaws.com/${{ needs.changes.outputs.preview_folder }}/tea_${{steps.build_platform.outputs.build_platform}}.${{steps.build_platform.outputs.extension}}" target="_blank">here</a>
# ```bash - name: comment install for MacOS
# http://preview.gui.tea.xyz.s3-website-us-east-1.amazonaws.com/${{ needs.changes.outputs.preview_folder }}/tea_${{ steps.build_platform.outputs.build_platform }}.${{ steps.build_platform.outputs.extension }} if: startsWith(matrix.platform.name, 'darwin')
# ``` uses: mshick/add-pr-comment@v2
# copy-paste into a browser to download with:
message-id: ${{ matrix.platform.id }}-comment
message: |
**installers for MacOS ${{ matrix.platform.name }} is at**:
<a href="http://preview.gui.tea.xyz.s3-website-us-east-1.amazonaws.com/${{ needs.changes.outputs.preview_folder }}/tea_${{steps.build_platform.outputs.build_platform}}.zip" target="_blank">.zip</a>
or
<a href="http://preview.gui.tea.xyz.s3-website-us-east-1.amazonaws.com/${{ needs.changes.outputs.preview_folder }}/tea_${{steps.build_platform.outputs.build_platform}}.dmg" target="_blank">.dmg</a>
# - name: comment install for MacOS ```bash
# if: startsWith(matrix.platform.name, 'darwin') http://preview.gui.tea.xyz.s3-website-us-east-1.amazonaws.com/${{ needs.changes.outputs.preview_folder }}/tea_${{ steps.build_platform.outputs.build_platform }}.zip
# uses: mshick/add-pr-comment@v2 http://preview.gui.tea.xyz.s3-website-us-east-1.amazonaws.com/${{ needs.changes.outputs.preview_folder }}/tea_${{ steps.build_platform.outputs.build_platform }}.dmg
# with: ```
# message-id: ${{ matrix.platform.id }}-comment copy-paste into a browser to download
# message: |
# **installers for MacOS ${{ matrix.platform.name }} is at**:
# <a href="http://preview.gui.tea.xyz.s3-website-us-east-1.amazonaws.com/${{ needs.changes.outputs.preview_folder }}/tea_${{steps.build_platform.outputs.build_platform}}.zip" target="_blank">.zip</a>
# or
# <a href="http://preview.gui.tea.xyz.s3-website-us-east-1.amazonaws.com/${{ needs.changes.outputs.preview_folder }}/tea_${{steps.build_platform.outputs.build_platform}}.dmg" target="_blank">.dmg</a>
# ```bash
# http://preview.gui.tea.xyz.s3-website-us-east-1.amazonaws.com/${{ needs.changes.outputs.preview_folder }}/tea_${{ steps.build_platform.outputs.build_platform }}.zip
# http://preview.gui.tea.xyz.s3-website-us-east-1.amazonaws.com/${{ needs.changes.outputs.preview_folder }}/tea_${{ steps.build_platform.outputs.build_platform }}.dmg
# ```
# copy-paste into a browser to download

33
.github/workflows/main.yml vendored
View file

@ -4,8 +4,6 @@ on:
push: push:
branches: branches:
- main - main
- notorize
jobs: jobs:
changes: changes:
@ -66,6 +64,12 @@ jobs:
- name: build tauri for MacOS - name: build tauri for MacOS
if: startsWith(matrix.platform.name, 'darwin') if: startsWith(matrix.platform.name, 'darwin')
run: tea -ES xc build run: tea -ES xc build
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
ENABLE_CODE_SIGNING: ${{ secrets.GUI_APPLE_CERTIFICATE }}
APPLE_CERTIFICATE: ${{ secrets.GUI_APPLE_CERTIFICATE }}
APPLE_CERTIFICATE_PASSWORD: ${{ secrets.GUI_APPLE_CERTIFICATE_PASSWORD }}
APPLE_SIGNING_IDENTITY: ${{ secrets.APPLE_SIGNING_IDENTITY }}
- name: build tauri for Linux - name: build tauri for Linux
if: startsWith(matrix.platform.name, 'linux') if: startsWith(matrix.platform.name, 'linux')
@ -85,9 +89,25 @@ jobs:
notorize_tauri: notorize_tauri:
needs: [build_tauri] needs: [build_tauri]
runs-on: macos-11 runs-on: macos-11
strategy:
matrix:
platform:
- darwin+x86-64
- darwin+aarch64
steps: steps:
- run: > - uses: actions/download-artifact@v3
true with:
name: ${{ matrix.platform }}
- run: tar xzf artifacts.tgz
- run: cd ./macos/ && zip -r tea.zip tea.app
# Notarize. Can take up to 10 minutes (and fail) asynchronously
- run: xcrun altool --notarize-app --username "$APPLE_ID" --password "$APPLE_PASSWORD" --primary-bundle-id "com.tea.xyz" --file ./macos/tea.zip
env:
APPLE_ID: ${{ secrets.APPLE_ID }}
APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
upload: upload:
needs: [build_tauri, notorize_tauri] needs: [build_tauri, notorize_tauri]
@ -148,11 +168,6 @@ jobs:
echo "build_platform=$BUILD_PLATFORM" >> $GITHUB_OUTPUT echo "build_platform=$BUILD_PLATFORM" >> $GITHUB_OUTPUT
echo "extension=$EXTENSION" >> $GITHUB_OUTPUT echo "extension=$EXTENSION" >> $GITHUB_OUTPUT
- name: zip .app for MacOS
if: startsWith(matrix.platform, 'darwin')
run: |
cd ./macos/ && zip -r tea.zip tea.app
# - name: cp package images from prod to gui bucket # - name: cp package images from prod to gui bucket
# env: # env:
# platform: ${{ steps.build_platform.outputs.build_platform }} # platform: ${{ steps.build_platform.outputs.build_platform }}