ivabus/gui
1
0
Fork 0
mirror of https://github.com/ivabus/gui synced 2025-04-23 14:07:14 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

#220 make reusable build-sign-notarize jobs (#221)

Browse source 
* #220 make reusable build-sign-notarize jobs

* #220 update main and release to reuse build-sign job

---------

Co-authored-by: neil <neil@neils-MacBook-Pro.local>
This commit is contained in:
Neil 2023-02-22 10:55:30 +08:00 committed by GitHub
parent 17a924db98
commit e5fd744c3f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 293 additions and 563 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

245
.github/workflows/build-sign-notarize.yml vendored Normal file
View file

@ -0,0 +1,245 @@
name: build-sign-notarize
on:
workflow_call:
inputs:
platform:
required: true
type: string
s3-prefix:
required: true
type: string
outputs:
s3-installers-artifact-key:
description: 'The S3 build key includes the installer files: [zip, dmg, etc, yml]'
value: ${{ jobs.notarize-mac-installers.outputs.s3-installers-key }}
jobs:
get-platform:
runs-on: ubuntu-latest
outputs:
os: ${{ steps.platform.outputs.os }}
cache-set: ${{ steps.platform.outputs.cache-set }}
steps:
- uses: actions/checkout@v3
with:
repository: teaxyz/pantry.core
- uses: actions/cache@v3
with:
path: |
~/.deno
~/.cache/deno
key: ${{ runner.os }}-deno-get-platform-${{ hashFiles('deno.jsonc')}}
- uses: teaxyz/setup@v0
- run: scripts/get-platform.ts
id: platform
env:
PLATFORM: ${{ inputs.platform }}
build:
needs: [get-platform]
runs-on: ${{ fromJson(needs.get-platform.outputs.os) }}
outputs:
s3-artifacts-key: ${{ steps.s3-artifact-uploader.outputs.key }}
steps:
- uses: teaxyz/setup@v0
- uses: actions/checkout@v3
- name: get gui version
id: gui-version
run: |
tea +stedolan.github.io/jq
export version=$(echo $(cat modules/desktop/package.json) | jq --raw-output .version)
export postfix=
if GIT_DIR=/path/to/repo/.git git rev-parse $1 >/dev/null 2>&1
then
echo "Found tag"
else
export postfix=-dev
fi
echo "version=$version$postfix" >> $GITHUB_OUTPUT
- name: cache node_modules build
# TODO: cache issue in our self-hosted macos runner ESPIPE: invalid seek, read
# but its ok to ignore, its still the fastest builder
# NOTE: enabling cache in the self hosted runner slows down the pipeline by 4m because post-cache builder error ^
if: startsWith(inputs.platform, 'linux') || matrix.platform.name == 'darwin+x86-64'
uses: actions/cache@v3
with:
key: ${{ runner.os }}-pnpm
path: |
./pnpm
./.pnpm-store
./node_modules
./modules/desktop/node_modules
./modules/ui/node_modules
- name: cache electron build
uses: actions/cache@v3
with:
key: ${{ runner.os }}-electron
path: |
./modules/desktop/.svelte-kit
./modules/desktop/build
- name: build
if: startsWith(inputs.platform, 'darwin')
# run: tea -ES xc dist # temporary tea installs 19
run: tea -ES +nodejs.org@18 xc dist
env:
PUBLIC_VERSION: ${{ steps.gui-version.outputs.version }}
USE_HARD_LINKS: false
CSC_FOR_PULL_REQUEST: true
CSC_LINK: ${{ secrets.GUI_APPLE_CERTIFICATE }}
CSC_KEY_PASSWORD: ${{ secrets.GUI_APPLE_CERTIFICATE_PASSWORD }}
CSC_NAME: ${{ secrets.APPLE_IDENTITY_NO_PREFIX }}
# NOTE: you might think the ff will work, it wont unless PR is properly tagged
# TODO: get this notarized here to save time
# PUBLISH_FOR_PULL_REQUEST: true
# GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# APPLE_ID: ${{ secrets.APPLE_ID }}
# APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
- name: build artifacts for publishing and notarization
run: |
mkdir -p target
cp -r ./modules/desktop/dist/.icon-icns ./target/
cp ./modules/desktop/dist/*.{zip,dmg,yml,blockmap} ./target/
tar -czvf artifacts.tgz -C ./target/ .
- uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-1
- name: s3 artifact upload
id: s3-artifact-uploader
env:
prefix: ${{ inputs.s3-prefix }}
run: |
S3_KEY=s3://preview.gui.tea.xyz/$prefix/artifacts.tgz
aws s3 cp artifacts.tgz $S3_KEY
echo key=$S3_KEY >> $GITHUB_OUTPUT
notarize-mac-installers:
# TODO: run only for mac, create separate Job for linux
needs: [get-platform, build]
runs-on: macos-11
outputs:
s3-installers-key: ${{ steps.s3-installers-upload.outputs.s3-key }}
strategy:
matrix:
platform:
# no need for x86-64
- darwin+aarch64
steps:
- uses: teaxyz/setup@v0
- run: rm -rf ./*.{dmg,zip} || true
- uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-1
- name: s3 artifact download
env:
S3_KEY: ${{ needs.build.outputs.s3-artifacts-key }}
run: aws s3 cp $S3_KEY artifacts.tgz
# prepare folders
- run: mkdir dist
- run: tar xzf artifacts.tgz -C dist
- name: get .zip of arm64 and x86+64
id: app_files
working-directory: ./dist
run: |
ARM64_ZIP=$(ls | grep -Ev blockmap | grep arm64-mac.zip)
X86_ZIP=$(ls | grep -Ev blockmap | grep -Ev arm64 | grep mac.zip)
ARM64_DMG=$(ls | grep -Ev blockmap | grep arm64.dmg)
X86_DMG=$(ls | grep -Ev blockmap | grep -Ev arm64 | grep dmg)
echo zip_arm64=$ARM64_ZIP >> $GITHUB_OUTPUT
echo zip_x86=$X86_ZIP >> $GITHUB_OUTPUT
echo dmg_arm64=$ARM64_DMG >> $GITHUB_OUTPUT
echo dmg_x86=$X86_DMG >> $GITHUB_OUTPUT
# Notarize. Can take up to 10 minutes (and fail) asynchronously
# sometimes this might fail because exact the same zip has been uploaded already
- name: notarize .app arm64
run: xcrun altool --notarize-app --username "$APPLE_ID" --password "$APPLE_PASSWORD" --primary-bundle-id "com.tea.xyz" --file dist/$ZIP_FILE || true
env:
APPLE_ID: ${{ secrets.APPLE_ID }}
APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
ZIP_FILE: ${{ steps.app_files.outputs.zip_arm64 }}
- name: notarize .app x86+64
run: xcrun altool --notarize-app --username "$APPLE_ID" --password "$APPLE_PASSWORD" --primary-bundle-id "com.tea.xyz" --file dist/$ZIP_FILE || true
env:
APPLE_ID: ${{ secrets.APPLE_ID }}
APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
ZIP_FILE: ${{ steps.app_files.outputs.zip_x86 }}
# prepare for DMG creation
- name: prepare installer folders
run: |
mkdir x86_installer && mkdir arm64_installer
tar xzf dist/$ZIP_FILE_X86 -C x86_installer/
tar xzf dist/$ZIP_FILE_ARM64 -C arm64_installer/
cp -r ./dist/.icon-icns x86_installer/
cp -r ./dist/.icon-icns arm64_installer/
env:
ZIP_FILE_X86: ${{ steps.app_files.outputs.zip_x86 }}
ZIP_FILE_ARM64: ${{ steps.app_files.outputs.zip_arm64 }}
- name: create x86 dmg
run: |
tea create-dmg \
--volname "Tea Installer" \
--window-pos 200 120 \
--window-size 800 400 \
--icon-size 100 \
--icon "tea.app" 200 190 \
--hide-extension "tea.app" \
--app-drop-link 600 185 \
--sandbox-safe \
"$filename" \
"$installer_folder"
env:
filename: ${{ steps.app_files.outputs.dmg_x86 }}
installer_folder: x86_installer/
- name: create arm64 dmg
run: |
tea create-dmg \
--volname "Tea Installer" \
--window-pos 200 120 \
--window-size 800 400 \
--icon-size 100 \
--icon "tea.app" 200 190 \
--hide-extension "tea.app" \
--app-drop-link 600 185 \
--sandbox-safe \
"$filename" \
"$installer_folder"
env:
filename: ${{ steps.app_files.outputs.dmg_arm64 }}
installer_folder: arm64_installer/
# finalize dist artifacts
- name: replace old DMG files in dist folder
run: |
mv $x86dmg dist
mv $arm64dmg dist
tar -czvf dist.tgz -C dist/ .
env:
x86dmg: ${{ steps.app_files.outputs.dmg_x86 }}
arm64dmg: ${{ steps.app_files.outputs.dmg_arm64 }}
- name: s3 installers upload
id: s3-installers-upload
env:
prefix: ${{ inputs.s3-prefix }}
run: |
export S3_INSTALLERS_KEY=s3://preview.gui.tea.xyz/$prefix/dist.tgz
aws s3 cp dist.tgz $S3_INSTALLERS_KEY
echo s3-key=$S3_INSTALLERS_KEY >> $GITHUB_OUTPUT

206
.github/workflows/ci.yml vendored
View file

@ -98,206 +98,19 @@ jobs:
copy-paste into a browser to view
build_desktop:
needs: changes
if: needs.changes.outputs.desktop == 'true'
runs-on: ${{ matrix.platform.os }}
# if: needs.changes.outputs.desktop == 'true'
strategy:
matrix:
platform:
# X86+64 is built with ARM64 also
- os: [self-hosted, macOS, ARM64]
name: darwin+aarch64
# TODO: #181 build for linux
# - os: ubuntu-latest
# name: linux+x86-64
# err: Package atk was not found in the pkg-config search path.
# requires atk >= 2.18
# - os: [self-hosted, linux, ARM64]
# name: linux+aarch64
steps:
- uses: actions/checkout@v3
- uses: teaxyz/setup@v0
- name: get gui version
id: gui-version
run: |
tea +stedolan.github.io/jq
export version=$(echo $(cat modules/desktop/package.json) | jq --raw-output .version)
echo "version=$version" >> $GITHUB_OUTPUT
- name: cache node_modules build
# TODO: cache issue in our self-hosted macos runner ESPIPE: invalid seek, read
# but its ok to ignore, its still the fastest builder
# NOTE: enabling cache in the self hosted runner slows down the pipeline by 4m because post-cache builder error ^
if: startsWith(matrix.platform.name, 'linux') || matrix.platform.name == 'darwin+x86-64'
uses: actions/cache@v3
with:
key: ${{matrix.platform.name}}-pnpm
path: |
./pnpm
./.pnpm-store
./node_modules
./modules/desktop/node_modules
./modules/ui/node_modules
- name: cache electron build
uses: actions/cache@v3
with:
key: ${{matrix.platform.name}}-electron
path: |
./modules/desktop/.svelte-kit
./modules/desktop/build
./modules/desktop/dist
- run: rm -rf modules/desktop/dist || true
- name: build
if: startsWith(matrix.platform.name, 'darwin')
# run: tea -ES xc dist # temporary tea installs 19
run: tea -ES +nodejs.org@18 xc dist
env:
PUBLIC_VERSION: ${{ steps.gui-version.outputs.version }}-dev
USE_HARD_LINKS: false
CSC_FOR_PULL_REQUEST: true
CSC_LINK: ${{ secrets.GUI_APPLE_CERTIFICATE }}
CSC_KEY_PASSWORD: ${{ secrets.GUI_APPLE_CERTIFICATE_PASSWORD }}
CSC_NAME: ${{ secrets.APPLE_IDENTITY_NO_PREFIX }}
# NOTE: you might think the ff will work, it wont unless PR is properly tagged
# PUBLISH_FOR_PULL_REQUEST: true
# GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# APPLE_ID: ${{ secrets.APPLE_ID }}
# APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
- run: mkdir -p target
# build artifacts for publishing and notarization
- run: cp -r ./modules/desktop/dist/.icon-icns ./target/
- run: cp ./modules/desktop/dist/*.{zip,dmg,yml,blockmap} ./target/
- run: tar -czvf artifacts.tgz -C ./target/ .
- uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-1
- name: s3 artifact upload
env:
prefix: ${{ needs.changes.outputs.preview_folder }}
run: |
aws s3 cp artifacts.tgz "s3://preview.gui.tea.xyz/$prefix/artifacts.tgz"
notarize_desktop:
needs: [build_desktop, changes]
runs-on: macos-11
strategy:
matrix:
platform:
# no need for x86-64
- darwin+aarch64
steps:
- uses: teaxyz/setup@v0
- run: rm -rf ./*.{dmg,zip} || true
- uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-1
- name: s3 artifact download
env:
prefix: ${{ needs.changes.outputs.preview_folder }}
run: |
aws s3 cp "s3://preview.gui.tea.xyz/$prefix/artifacts.tgz" artifacts.tgz
# prepare folders
- run: mkdir dist
- run: tar xzf artifacts.tgz -C dist
- name: get .zip of arm64 and x86+64
id: app_files
working-directory: ./dist
run: |
ARM64_ZIP=$(ls | grep -Ev blockmap | grep arm64-mac.zip)
X86_ZIP=$(ls | grep -Ev blockmap | grep -Ev arm64 | grep mac.zip)
ARM64_DMG=$(ls | grep -Ev blockmap | grep arm64.dmg)
X86_DMG=$(ls | grep -Ev blockmap | grep -Ev arm64 | grep dmg)
echo zip_arm64=$ARM64_ZIP >> $GITHUB_OUTPUT
echo zip_x86=$X86_ZIP >> $GITHUB_OUTPUT
echo dmg_arm64=$ARM64_DMG >> $GITHUB_OUTPUT
echo dmg_x86=$X86_DMG >> $GITHUB_OUTPUT
# Notarize. Can take up to 10 minutes (and fail) asynchronously
- name: notarize .app arm64
run: xcrun altool --notarize-app --username "$APPLE_ID" --password "$APPLE_PASSWORD" --primary-bundle-id "com.tea.xyz" --file dist/$ZIP_FILE || true
env:
APPLE_ID: ${{ secrets.APPLE_ID }}
APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
ZIP_FILE: ${{ steps.app_files.outputs.zip_arm64 }}
- name: notarize .app x86+64
run: xcrun altool --notarize-app --username "$APPLE_ID" --password "$APPLE_PASSWORD" --primary-bundle-id "com.tea.xyz" --file dist/$ZIP_FILE || true
env:
APPLE_ID: ${{ secrets.APPLE_ID }}
APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
ZIP_FILE: ${{ steps.app_files.outputs.zip_x86 }}
# prepare for DMG creation
- name: prepare installer folders
run: |
mkdir x86_installer && mkdir arm64_installer
tar xzf dist/$ZIP_FILE_X86 -C x86_installer/
tar xzf dist/$ZIP_FILE_ARM64 -C arm64_installer/
cp -r ./dist/.icon-icns x86_installer/
cp -r ./dist/.icon-icns arm64_installer/
env:
ZIP_FILE_X86: ${{ steps.app_files.outputs.zip_x86 }}
ZIP_FILE_ARM64: ${{ steps.app_files.outputs.zip_arm64 }}
- name: create x86 dmg
run: |
tea create-dmg \
--volname "Tea Installer" \
--window-pos 200 120 \
--window-size 800 400 \
--icon-size 100 \
--icon "tea.app" 200 190 \
--hide-extension "tea.app" \
--app-drop-link 600 185 \
--sandbox-safe \
"$filename" \
"$installer_folder"
env:
filename: ${{ steps.app_files.outputs.dmg_x86 }}
installer_folder: x86_installer/
- name: create arm64 dmg
run: |
tea create-dmg \
--volname "Tea Installer" \
--window-pos 200 120 \
--window-size 800 400 \
--icon-size 100 \
--icon "tea.app" 200 190 \
--hide-extension "tea.app" \
--app-drop-link 600 185 \
--sandbox-safe \
"$filename" \
"$installer_folder"
env:
filename: ${{ steps.app_files.outputs.dmg_arm64 }}
installer_folder: arm64_installer/
# finalize artifacts
- run: |
mv $x86dmg dist
mv $arm64dmg dist
env:
x86dmg: ${{ steps.app_files.outputs.dmg_x86 }}
arm64dmg: ${{ steps.app_files.outputs.dmg_arm64 }}
- run: tar -czvf dist.tgz -C dist/ .
- name: s3 artifact upload
env:
prefix: ${{ needs.changes.outputs.preview_folder }}
run: |
aws s3 cp dist.tgz "s3://preview.gui.tea.xyz/$prefix/dist.tgz"
uses: ./.github/workflows/build-sign-notarize.yml
with:
platform: ${{ matrix.platform }}
s3-prefix: ${{ needs.changes.outputs.preview_folder || 'dev-pr' }}
secrets: inherit
upload:
needs: [notarize_desktop, changes]
needs: [build_desktop, changes]
runs-on: ubuntu-latest
strategy:
matrix:
@ -317,9 +130,8 @@ jobs:
aws-region: us-east-1
- name: s3 artifact download
env:
prefix: ${{ needs.changes.outputs.preview_folder }}
run: |
aws s3 cp "s3://preview.gui.tea.xyz/$prefix/dist.tgz" dist.tgz
S3_INSTALLER_KEY: ${{ needs.build_desktop.outputs.s3-installers-artifact-key }}
run: aws s3 cp $S3_INSTALLER_KEY dist.tgz
- run: mkdir dist
- run: tar xzf dist.tgz -C dist

208
.github/workflows/main.yml vendored
View file

@ -27,200 +27,19 @@ jobs:
build_desktop:
needs: changes
if: needs.changes.outputs.desktop == 'true'
runs-on: ${{ matrix.platform.os }}
# if: needs.changes.outputs.desktop == 'true'
strategy:
matrix:
platform:
# x86 is not needed anymore we can build both in arm
- os: [self-hosted, macOS, ARM64]
# TODO: #181 build for linux
# - os: ubuntu-latest
# name: linux+x86-64
name: darwin+aarch64
# err: Package atk was not found in the pkg-config search path.
# requires atk >= 2.18
# - os: [self-hosted, linux, ARM64]
# name: linux+aarch64
steps:
- uses: actions/checkout@v3
- uses: teaxyz/setup@v0
- name: cache node_modules build
# TODO: cache issue in our self-hosted macos runner ESPIPE: invalid seek, read
# but its ok to ignore, its still the fastest builder
# NOTE: enabling cache in the self hosted runner slows down the pipeline by 4m because post-cache builder error ^
if: startsWith(matrix.platform.name, 'linux') || matrix.platform.name == 'darwin+x86-64'
uses: actions/cache@v3
with:
key: ${{matrix.platform.name}}-pnpm-prod
path: |
./pnpm
./.pnpm-store
./node_modules
./modules/desktop/node_modules
./modules/ui/node_modules
- name: cache electron build
uses: actions/cache@v3
with:
key: ${{matrix.platform.name}}-electron-prod
path: |
./modules/desktop/.svelte-kit
./modules/desktop/build
./modules/desktop/dist
- name: get gui version
id: gui-version
run: |
tea +stedolan.github.io/jq
export version=$(echo $(cat modules/desktop/package.json) | jq --raw-output .version)
echo "version=$version" >> $GITHUB_OUTPUT
- name: build
if: startsWith(matrix.platform.name, 'darwin')
run: tea -ES xc dist
env:
PUBLIC_VERSION: ${{ steps.gui-version.outputs.version }}-main
USE_HARD_LINKS: false
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
CSC_LINK: ${{ secrets.GUI_APPLE_CERTIFICATE }}
CSC_KEY_PASSWORD: ${{ secrets.GUI_APPLE_CERTIFICATE_PASSWORD }}
CSC_NAME: ${{ secrets.APPLE_IDENTITY_NO_PREFIX }}
- run: mkdir -p target
- run: cp -r ./modules/desktop/dist/.icon-icns ./target/
- run: cp ./modules/desktop/dist/*.{zip,dmg,yml,blockmap} ./target/
- run: tar -czvf artifacts.tgz -C ./target/ .
- uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-1
- name: s3 artifact upload
env:
prefix: main
run: |
aws s3 cp artifacts.tgz "s3://preview.gui.tea.xyz/$prefix/artifacts.tgz"
notarize_desktop:
needs: [build_desktop, changes]
runs-on: macos-11
strategy:
matrix:
platform:
# no need for x86-64
# X86+64 is built with ARM64 also
- darwin+aarch64
steps:
- uses: teaxyz/setup@v0
- uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-1
- name: s3 artifact download
env:
prefix: main
run: |
aws s3 cp "s3://preview.gui.tea.xyz/$prefix/artifacts.tgz" artifacts.tgz
# prepare folders
- run: mkdir dist
- run: tar xzf artifacts.tgz -C dist
# Notarize. Can take up to 10 minutes (and fail) asynchronously
- name: get .zip of arm64 and x86+64
id: app_files
working-directory: ./dist
run: |
ARM64_ZIP=$(ls | grep -Ev blockmap | grep arm64-mac.zip)
X86_ZIP=$(ls | grep -Ev blockmap | grep -Ev arm64 | grep mac.zip)
ARM64_DMG=$(ls | grep -Ev blockmap | grep arm64.dmg)
X86_DMG=$(ls | grep -Ev blockmap | grep -Ev arm64 | grep dmg)
echo zip_arm64=$ARM64_ZIP >> $GITHUB_OUTPUT
echo zip_x86=$X86_ZIP >> $GITHUB_OUTPUT
echo dmg_arm64=$ARM64_DMG >> $GITHUB_OUTPUT
echo dmg_x86=$X86_DMG >> $GITHUB_OUTPUT
# Notarize. Can take up to 10 minutes (and fail) asynchronously
- name: notarize .app arm64
run: xcrun altool --notarize-app --username "$APPLE_ID" --password "$APPLE_PASSWORD" --primary-bundle-id "com.tea.xyz" --file dist/$ZIP_FILE || true
env:
APPLE_ID: ${{ secrets.APPLE_ID }}
APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
ZIP_FILE: ${{ steps.app_files.outputs.zip_arm64 }}
- name: notarize .app x86+64
run: xcrun altool --notarize-app --username "$APPLE_ID" --password "$APPLE_PASSWORD" --primary-bundle-id "com.tea.xyz" --file dist/$ZIP_FILE || true
env:
APPLE_ID: ${{ secrets.APPLE_ID }}
APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
ZIP_FILE: ${{ steps.app_files.outputs.zip_x86 }}
# prepare for DMG creation
- name: prepare installer folders
run: |
mkdir x86_installer && mkdir arm64_installer
tar xzf dist/$ZIP_FILE_X86 -C x86_installer/
tar xzf dist/$ZIP_FILE_ARM64 -C arm64_installer/
cp -r ./dist/.icon-icns x86_installer/
cp -r ./dist/.icon-icns arm64_installer/
env:
ZIP_FILE_X86: ${{ steps.app_files.outputs.zip_x86 }}
ZIP_FILE_ARM64: ${{ steps.app_files.outputs.zip_arm64 }}
- name: create x86 dmg
run: |
tea create-dmg \
--volname "Tea Installer" \
--window-pos 200 120 \
--window-size 800 400 \
--icon-size 100 \
--icon "tea.app" 200 190 \
--hide-extension "tea.app" \
--app-drop-link 600 185 \
--sandbox-safe \
"$filename" \
"$installer_folder"
env:
filename: ${{ steps.app_files.outputs.dmg_x86 }}
installer_folder: x86_installer/
- name: create arm64 dmg
run: |
tea create-dmg \
--volname "Tea Installer" \
--window-pos 200 120 \
--window-size 800 400 \
--icon-size 100 \
--icon "tea.app" 200 190 \
--hide-extension "tea.app" \
--app-drop-link 600 185 \
--sandbox-safe \
"$filename" \
"$installer_folder"
env:
filename: ${{ steps.app_files.outputs.dmg_arm64 }}
installer_folder: arm64_installer/
# finalize artifacts
- run: |
mv $x86dmg dist
mv $arm64dmg dist
env:
x86dmg: ${{ steps.app_files.outputs.dmg_x86 }}
arm64dmg: ${{ steps.app_files.outputs.dmg_arm64 }}
- run: tar -czvf dist.tgz -C dist/ .
- name: s3 artifact upload
env:
prefix: main
run: |
aws s3 cp dist.tgz "s3://preview.gui.tea.xyz/$prefix/dist.tgz"
uses: ./.github/workflows/build-sign-notarize.yml
with:
platform: ${{ matrix.platform }}
s3-prefix: main
secrets: inherit
upload:
needs: [build_desktop, notarize_desktop]
needs: [build_desktop]
runs-on: ubuntu-latest
strategy:
matrix:
@ -237,12 +56,13 @@ jobs:
aws-region: us-east-1
- name: s3 artifact download
env:
prefix: main
run: |
aws s3 cp "s3://preview.gui.tea.xyz/$prefix/dist.tgz" dist.tgz
S3_INSTALLER_KEY: ${{ needs.build_desktop.outputs.s3-installers-artifact-key }}
run: aws s3 cp $S3_INSTALLER_KEY dist.tgz
- run: |
mkdir dist
tar xzf dist.tgz -C dist
- run: mkdir dist
- run: tar xzf dist.tgz -C dist
- name: get installer filenames of arm64 and x86+64
id: app_files
working-directory: ./dist

188
.github/workflows/release.yml vendored
View file

@ -5,168 +5,20 @@ on:
jobs:
build_desktop:
runs-on: ${{ matrix.platform.os }}
needs: changes
# if: needs.changes.outputs.desktop == 'true'
strategy:
matrix:
platform:
# - os: ubuntu-latest
# name: linux+x86-64
# no need for macos-11 arm will build for both
- os: [self-hosted, macOS, ARM64]
name: darwin+aarch64
# - os: [self-hosted, linux, ARM64]
# name: linux+aarch64
container: ${{ matrix.platform.container }}
steps:
- uses: actions/checkout@v3
- uses: teaxyz/setup@v0
- name: get gui version
id: gui-version
run: |
tea +stedolan.github.io/jq
export version=$(echo $(cat modules/desktop/package.json) | jq --raw-output .version)
echo "version=$version" >> $GITHUB_OUTPUT
- name: build
if: startsWith(matrix.platform.name, 'darwin')
run: tea -ES +nodejs.org@18 xc dist
env:
# PUBLISH_FOR_PULL_REQUEST: true
PUBLIC_VERSION: ${{ steps.gui-version.outputs.version }}
USE_HARD_LINKS: false
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
CSC_LINK: ${{ secrets.GUI_APPLE_CERTIFICATE }}
CSC_KEY_PASSWORD: ${{ secrets.GUI_APPLE_CERTIFICATE_PASSWORD }}
CSC_NAME: ${{ secrets.APPLE_IDENTITY_NO_PREFIX }}
# notarization doesnt work
# APPLE_ID: ${{ secrets.APPLE_ID }}
# APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
# AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
# AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
# AWS_REGION: us-east-1
# build artifacts for publishing and notarization
- run: mkdir -p target
- run: cp -r ./modules/desktop/dist/.icon-icns ./target/
- run: cp ./modules/desktop/dist/*.{zip,dmg,yml,blockmap} ./target/
- run: tar -czvf artifacts.tgz -C ./target/ .
- name: upload artifacts
uses: actions/upload-artifact@v3
with:
name: ${{ matrix.platform.name }}
path: artifacts.tgz
if-no-files-found: error
notarize_desktop:
needs: [build_desktop]
runs-on: macos-11
strategy:
matrix:
platform:
# no need for x86-64
# X86+64 is built with ARM64 also
- darwin+aarch64
steps:
- uses: teaxyz/setup@v0
- uses: actions/download-artifact@v3
with:
name: ${{ matrix.platform }}
# prepare folders
- run: mkdir dist
- run: tar xzf artifacts.tgz -C dist
- name: get .zip of arm64 and x86+64
id: app_files
working-directory: ./dist
run: |
ARM64_ZIP=$(ls | grep -Ev blockmap | grep arm64-mac.zip)
X86_ZIP=$(ls | grep -Ev blockmap | grep -Ev arm64 | grep mac.zip)
ARM64_DMG=$(ls | grep -Ev blockmap | grep arm64.dmg)
X86_DMG=$(ls | grep -Ev blockmap | grep -Ev arm64 | grep dmg)
echo zip_arm64=$ARM64_ZIP >> $GITHUB_OUTPUT
echo zip_x86=$X86_ZIP >> $GITHUB_OUTPUT
echo dmg_arm64=$ARM64_DMG >> $GITHUB_OUTPUT
echo dmg_x86=$X86_DMG >> $GITHUB_OUTPUT
# Notarize. Can take up to 10 minutes (and fail) asynchronously
- name: notarize .app arm64
run: xcrun altool --notarize-app --username "$APPLE_ID" --password "$APPLE_PASSWORD" --primary-bundle-id "com.tea.xyz" --file dist/$ZIP_FILE
env:
APPLE_ID: ${{ secrets.APPLE_ID }}
APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
ZIP_FILE: ${{ steps.app_files.outputs.zip_arm64 }}
- name: notarize .app x86+64
run: xcrun altool --notarize-app --username "$APPLE_ID" --password "$APPLE_PASSWORD" --primary-bundle-id "com.tea.xyz" --file dist/$ZIP_FILE
env:
APPLE_ID: ${{ secrets.APPLE_ID }}
APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
ZIP_FILE: ${{ steps.app_files.outputs.zip_x86 }}
# prepare for DMG creation
- run: |
mkdir x86_installer && mkdir arm64_installer
tar xzf dist/$ZIP_FILE_X86 -C x86_installer/
tar xzf dist/$ZIP_FILE_ARM64 -C arm64_installer/
cp -r ./dist/.icon-icns x86_installer/
cp -r ./dist/.icon-icns arm64_installer/
env:
ZIP_FILE_X86: ${{ steps.app_files.outputs.zip_x86 }}
ZIP_FILE_ARM64: ${{ steps.app_files.outputs.zip_arm64 }}
- name: create x86 dmg
run: |
tea create-dmg \
--volname "Tea Installer" \
--window-pos 200 120 \
--window-size 800 400 \
--icon-size 100 \
--icon "tea.app" 200 190 \
--hide-extension "tea.app" \
--app-drop-link 600 185 \
--sandbox-safe \
"$filename" \
"$installer_folder"
env:
filename: ${{ steps.app_files.outputs.dmg_x86 }}
installer_folder: x86_installer/
- name: create arm64 dmg
run: |
tea create-dmg \
--volname "Tea Installer" \
--window-pos 200 120 \
--window-size 800 400 \
--icon-size 100 \
--icon "tea.app" 200 190 \
--hide-extension "tea.app" \
--app-drop-link 600 185 \
--sandbox-safe \
"$filename" \
"$installer_folder"
env:
filename: ${{ steps.app_files.outputs.dmg_arm64 }}
installer_folder: arm64_installer/
# finalize artifacts
- run: |
mv $x86dmg dist
mv $arm64dmg dist
env:
x86dmg: ${{ steps.app_files.outputs.dmg_x86 }}
arm64dmg: ${{ steps.app_files.outputs.dmg_arm64 }}
- run: tar -czvf dist.tgz -C dist/ .
- name: upload artifacts
uses: actions/upload-artifact@v3
with:
name: ${{ matrix.platform }}-dist
path: dist.tgz
if-no-files-found: error
uses: ./.github/workflows/build-sign-notarize.yml
with:
platform: ${{ matrix.platform }}
s3-prefix: release
secrets: inherit
upload:
needs: [build_desktop, notarize_desktop]
needs: [build_desktop]
runs-on: ubuntu-latest
strategy:
matrix:
@ -177,11 +29,19 @@ jobs:
# - linux+aarch64
steps:
- uses: actions/checkout@v3
- uses: actions/download-artifact@v3
- uses: aws-actions/configure-aws-credentials@v1
with:
name: ${{ matrix.platform }}-dist
- run: mkdir dist
- run: tar xzf dist.tgz -C dist
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-1
- name: s3 artifact download
env:
S3_INSTALLER_KEY: ${{ needs.build_desktop.outputs.s3-installers-artifact-key }}
run: aws s3 cp $S3_INSTALLER_KEY dist.tgz
- run: |
mkdir dist
tar xzf dist.tgz -C dist
- name: get .zip of arm64 and x86+64
id: app_files
@ -241,11 +101,7 @@ jobs:
# TODO:
# - configure correct blockmap and checksum hash on latest-mac.yml
- name: publish release
env:
platform: ${{ steps.build_platform.outputs.build_platform }}
extension: ${{ steps.build_platform.outputs.extension }}
tag: ${{ steps.tag.outputs.tag }}
- name: publish release
run: |
cd dist && \
aws s3 sync . \

7
modules/desktop/src/components/Badges/Badges.svelte
View file

@ -1,9 +1,6 @@
<script lang="ts">
import '$appcss';
import Placeholder from '$components/Placeholder/Placeholder.svelte';
export let arg1: string;
import Placeholder from '$components/placeholder/placeholder.svelte';
</script>
<Placeholder label="Badges" />
<h1>{arg1 || 'tes'}</h1>
<Placeholder label="Badges" />

2
modules/desktop/src/routes/profile/+page.svelte
View file

@ -2,7 +2,7 @@
import '$appcss';
import PageHeader from '$components/page-header/page-header.svelte';
import ProfileBanner from '$components/profile-banner/profile-banner.svelte';
import Preflight from '$components/Preflight/Preflight.svelte';
import Preflight from '$components/preflight/preflight.svelte';
import Badges from '$components/badges/badges.svelte';
import InstalledPackages from '$components/installed-packages/installed-packages.svelte';
</script>