Skip to content

Try merge

Try merge #22

Workflow file for this run

name: Publish Release
permissions:
contents: write
on: push
jobs:
# publish_on_windows:
# runs-on: windows-latest
# steps:
# - uses: actions/checkout@v4
# - uses: actions/setup-node@v3
# with:
# node-version: 18.13
# - name: Install dependencies
# run: yarn install --network-timeout 600000
# - name: Install AzureSignTool
# run: dotnet tool install --global AzureSignTool
# - name: Build and publish release
# env:
# GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# AZURE_KEY_VAULT_URI: ${{ secrets.AZURE_KEY_VAULT_URI }}
# AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
# AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
# AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }}
# AZURE_CERT_NAME: ${{ secrets.AZURE_CERT_NAME }}
# run: yarn build

Check failure on line 27 in .github/workflows/publish.yml

View workflow run for this annotation

GitHub Actions / .github/workflows/publish.yml

Invalid workflow file

You have an error in your yaml syntax on line 27
publish_on_mac_arm64:
runs-on: [self-hosted, macOS, ARM64]
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v3
with:
node-version: 18.13
- name: Install dependencies
run: yarn
- name: Setup code signing
env:
APPLE_IFLABS_SIGNING_CERT: ${{ secrets.APPLE_IFLABS_SIGNING_CERT }}
APPLE_IFLABS_SIGNING_CERT_PASSWORD: ${{ secrets.APPLE_IFLABS_SIGNING_CERT_PASSWORD }}
APPLE_PROVISIONING_PROFILE: ${{ secrets.APPLE_PROVISIONING_PROFILE }}
APPLE_API_KEY: ${{ secrets.APPLE_API_KEY }}
run: |
# create variables
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
PP_PATH=$RUNNER_TEMP/build_pp.mobileprovision
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
API_KEY_PATH=$RUNNER_TEMP/api_key.p8
# import certificate and provisioning profile from secrets
echo -n "$APPLE_IFLABS_SIGNING_CERT" | base64 --decode -o $CERTIFICATE_PATH
echo -n "$APPLE_PROVISIONING_PROFILE" | base64 --decode -o $PP_PATH
echo -n "$APPLE_API_KEY" | base64 --decode -o $API_KEY_PATH
# create temporary keychain
security create-keychain -p "$APPLE_IFLABS_SIGNING_CERT_PASSWORD" $KEYCHAIN_PATH
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
security unlock-keychain -p "$APPLE_IFLABS_SIGNING_CERT_PASSWORD" $KEYCHAIN_PATH
# import certificate to keychain
security import $CERTIFICATE_PATH -P "$APPLE_IFLABS_SIGNING_CERT_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
security list-keychain -d user -s $KEYCHAIN_PATH
# apply provisioning profile
mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles
cp $PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles
ls $RUNNER_TEMP
- name: Build and publish release
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
APPLE_ID: ${{ secrets.APPLE_ID }}
APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.APPLE_APP_SPECIFIC_PASSWORD }}
run: yarn build
- name: Upload latest-mac-arm64.yml
uses: actions/upload-artifact@v3
with:
name: latest-mac-arm64.yml
path: dist/latest-mac.yml
- name: Clean up keychain and provisioning profile
if: ${{ always() }}
run: |
security delete-keychain $RUNNER_TEMP/app-signing.keychain-db
publish_on_mac:
runs-on: macos-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v3
with:
node-version: 18.13
- name: Install dependencies
run: yarn
- name: Setup code signing
env:
APPLE_IFLABS_SIGNING_CERT: ${{ secrets.APPLE_IFLABS_SIGNING_CERT }}
APPLE_IFLABS_SIGNING_CERT_PASSWORD: ${{ secrets.APPLE_IFLABS_SIGNING_CERT_PASSWORD }}
APPLE_PROVISIONING_PROFILE: ${{ secrets.APPLE_PROVISIONING_PROFILE }}
APPLE_API_KEY: ${{ secrets.APPLE_API_KEY }}
run: |
# create variables
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
PP_PATH=$RUNNER_TEMP/build_pp.mobileprovision
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
API_KEY_PATH=$RUNNER_TEMP/api_key.p8
# import certificate and provisioning profile from secrets
echo -n "$APPLE_IFLABS_SIGNING_CERT" | base64 --decode -o $CERTIFICATE_PATH
echo -n "$APPLE_PROVISIONING_PROFILE" | base64 --decode -o $PP_PATH
echo -n "$APPLE_API_KEY" | base64 --decode -o $API_KEY_PATH
# create temporary keychain
security create-keychain -p "$APPLE_IFLABS_SIGNING_CERT_PASSWORD" $KEYCHAIN_PATH
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
security unlock-keychain -p "$APPLE_IFLABS_SIGNING_CERT_PASSWORD" $KEYCHAIN_PATH
# import certificate to keychain
security import $CERTIFICATE_PATH -P "$APPLE_IFLABS_SIGNING_CERT_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
security list-keychain -d user -s $KEYCHAIN_PATH
# apply provisioning profile
mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles
cp $PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles
ls $RUNNER_TEMP
- name: Build and publish release
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
APPLE_ID: ${{ secrets.APPLE_ID }}
APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.APPLE_APP_SPECIFIC_PASSWORD }}
run: yarn build
- name: Upload latest-mac-x64.yml
uses: actions/upload-artifact@v3
with:
name: latest-mac-x64.yml
path: dist/latest-mac.yml
- name: Clean up keychain and provisioning profile
if: ${{ always() }}
run: |
security delete-keychain $RUNNER_TEMP/app-signing.keychain-db
update_mac_yml:
needs: [publish_on_mac, publish_on_mac_arm64]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: get-npm-version
id: package-version
uses: martinbeentjes/[email protected]
- name: Download latest-mac-arm64.yml
uses: actions/download-artifact@v3
with:
name: latest-mac-arm64.yml
path: output/latest-mac-arm64.yml
- name: Download latest-mac-x64.yml
uses: actions/download-artifact@v3
with:
name: latest-mac-x64.yml
path: output/latest-mac-x64.yml
- name: ls
run: ls output
- name: Install yq
uses: mikefarah/[email protected]
with:
cmd: yq '.files += load("output/latest-mac-arm64.yml").files' output/latest-mac-x64.yml > output/latest-mac.yml
- name: Delete old latest-mac.yml
uses: mknejp/delete-release-assets@v1
with:
tag: v${{ steps.package-version.outputs.current-version }}
assets: latest-mac.yml
- name: Upload latest-mac.yml
uses: softprops/action-gh-release@v1
with:
files: output/latest-mac.yml
tag_name: v${{ steps.package-version.outputs.current-version }}
# publish_on_linux:
# runs-on: ubuntu-latest
# steps:
# - uses: actions/checkout@v4
# - uses: actions/setup-node@v3
# with:
# node-version: 18.13
# - name: Install dependencies
# run: yarn
# - name: Build and publish release
# env:
# GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# run: yarn build