Skip to content

Release

Release #122

Workflow file for this run

name: Release
on:
release:
types: created
env:
DEVELOPER_DIR: /Applications/Xcode_14.0.app/Contents/Developer
jobs:
release-build:
runs-on: self-hosted
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Set version
run: |
sed -i "" "s/\(static let version = \"\).*\(\"\)/\1${TAG}\2/" Sources/rswift/Config.swift
env:
TAG: ${{ github.event.release.tag_name }}
- name: Tarball source
run: |
tar -zcvf $TARGET --exclude .git .
env:
TARGET: ${{ runner.temp }}/source.tar.gz
- name: Attach tarball to release
uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ github.event.release.upload_url }}
asset_path: ${{ runner.temp }}/source.tar.gz
asset_name: rswift-${{ github.event.release.tag_name }}-source.tar.gz
asset_content_type: application/tar+gzip
- name: Build universal binary
run: |
swift build -c release --arch x86_64 --arch arm64
- name: Delete temp keychain from previous run
run: |
/usr/bin/security delete-keychain signing_temp.keychain || true
- name: Import Signing Certificates
uses: apple-actions/import-codesign-certs@v1
with:
p12-file-base64: ${{ secrets.APPLE_CERTIFICATES }}
p12-password: ${{ secrets.APPLE_CERTIFICATES_PASSWORD }}
- name: Code Sign
run: |
codesign --force --options runtime --sign "$IDENTITY" .build/apple/Products/Release/rswift
env:
IDENTITY: 'Developer ID Application: Nonstrict B.V. (WT5N9FK54M)'
- name: Store build artifact
uses: actions/upload-artifact@v3
with:
name: rswift-${{ github.event.release.tag_name }}
path: .build/apple/Products/Release/rswift
- name: Archive ZIP
run: zip --junk-paths $FILENAME .build/apple/Products/Release/rswift License && zip --recurse-paths $FILENAME Sources/RswiftResources
env:
FILENAME: ${{ runner.temp }}/rswift-${{ github.event.release.tag_name }}.zip
- name: Notarize ZIP
run: |
xcrun notarytool submit $FILENAME --apple-id $APPLE_ID --password $APP_PASSWORD --team-id $TEAM_ID --wait
env:
BUNDLE_ID: com.nonstrict.rswift
APPLE_ID: ${{ secrets.APPLE_IDENTIFIER }}
APP_PASSWORD: ${{ secrets.APPLE_IDENTIFIER_PASSWORD }}
TEAM_ID: WT5N9FK54M
FILENAME: ${{ runner.temp }}/rswift-${{ github.event.release.tag_name }}.zip
- name: Attach ZIP to release
uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ github.event.release.upload_url }}
asset_path: ${{ runner.temp }}/rswift-${{ github.event.release.tag_name }}.zip
asset_name: rswift-${{ github.event.release.tag_name }}.zip
asset_content_type: application/zip
- name: Make artifact bundle
run: |
set -ex
mkdir -p $ARTIFACT_BUNDLE_DIR/rswift/bin
cp .build/apple/Products/Release/rswift $ARTIFACT_BUNDLE_DIR/rswift/bin
cp License $ARTIFACT_BUNDLE_DIR/rswift
cat <<EOF > $ARTIFACT_BUNDLE_DIR/info.json
{
"schemaVersion": "1.0",
"artifacts": {
"rswift": {
"type": "executable",
"version": "$VERSION",
"variants": [
{
"path": "rswift/bin/rswift",
"supportedTriples": ["x86_64-apple-macosx", "arm64-apple-macosx"]
},
]
}
}
}
EOF
pushd $ARTIFACT_BUNDLE_DIR
zip -r $FILENAME .
popd
env:
VERSION: ${{ github.event.release.tag_name }}
ARTIFACT_BUNDLE_DIR: ${{ runner.temp }}/rswift.artifactbundle
FILENAME: ${{ runner.temp }}/rswift-${{ github.event.release.tag_name }}.artifactbundle.zip
- name: Notarize artifact bundle
run: |
xcrun notarytool submit $FILENAME --apple-id $APPLE_ID --password $APP_PASSWORD --team-id $TEAM_ID --wait
env:
BUNDLE_ID: com.nonstrict.rswift
APPLE_ID: ${{ secrets.APPLE_IDENTIFIER }}
APP_PASSWORD: ${{ secrets.APPLE_IDENTIFIER_PASSWORD }}
TEAM_ID: WT5N9FK54M
FILENAME: ${{ runner.temp }}/rswift-${{ github.event.release.tag_name }}.artifactbundle.zip
- name: Attach artifact bundle to release
uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ github.event.release.upload_url }}
asset_path: ${{ runner.temp }}/rswift-${{ github.event.release.tag_name }}.artifactbundle.zip
asset_name: rswift-${{ github.event.release.tag_name }}.artifactbundle.zip
asset_content_type: application/zip
- name: Archive PKG
run: |
mkdir -p $PKG_ROOT/$BINARY_ROOT
cp .build/apple/Products/Release/rswift $PKG_ROOT/$BINARY_ROOT
pkgbuild --root $PKG_ROOT --identifier $BUNDLE_ID --version $TAG_NAME --install-location "/" --sign "$IDENTITY" $FILENAME
env:
TAG_NAME: ${{ github.event.release.tag_name }}
FILENAME: ${{ runner.temp }}/rswift-${{ github.event.release.tag_name }}.pkg
BUNDLE_ID: com.nonstrict.rswift
IDENTITY: 'Developer ID Installer: Nonstrict B.V. (WT5N9FK54M)'
PKG_ROOT: ${{ runner.temp }}/pkgroot
BINARY_ROOT: /usr/local/bin
- name: Notarize PKG
run: |
xcrun notarytool submit $FILENAME --apple-id $APPLE_ID --password $APP_PASSWORD --team-id $TEAM_ID --wait
xcrun stapler staple $FILENAME
env:
BUNDLE_ID: com.nonstrict.rswift
APPLE_ID: ${{ secrets.APPLE_IDENTIFIER }}
APP_PASSWORD: ${{ secrets.APPLE_IDENTIFIER_PASSWORD }}
TEAM_ID: WT5N9FK54M
FILENAME: ${{ runner.temp }}/rswift-${{ github.event.release.tag_name }}.pkg
- name: Attach PKG to release
uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ github.event.release.upload_url }}
asset_path: ${{ runner.temp }}/rswift-${{ github.event.release.tag_name }}.pkg
asset_name: rswift-${{ github.event.release.tag_name }}.pkg
asset_content_type: application/pkg
- name: Delete temp keychain from this run
if: always()
run: |
/usr/bin/security delete-keychain signing_temp.keychain || true
- name: Publish to Cocoapods
run: |
export POD_VERSION=$TAG_NAME
pod trunk push --allow-warnings
env:
TAG_NAME: ${{ github.event.release.tag_name }}
COCOAPODS_TRUNK_TOKEN: ${{ secrets.COCOAPODS_TRUNK_TOKEN }}