.github/workflows/desktop.release.reuse.yml

Desktop Reusable Release Workflow #6

Workflow file for this run

.github/workflows/desktop.release.reuse.yml at 88207cf

	name: Desktop Reusable Release Workflow
Check failure on line 1 in .github/workflows/desktop.release.reuse.yml View workflow run for this annotation GitHub Actions / .github/workflows/desktop.release.reuse.yml Invalid workflow file `You have an error in your yaml syntax`

	on:
	workflow_call:
	inputs:
	channel:
	required: true
	type: string

	jobs:
	Mac:
	runs-on: macos-latest
	env:
	CSC_LINK: ${{ secrets.MAC_CI_KEYS }}
	CSC_KEY_PASSWORD: ${{ secrets.MAC_CI_KEYS_PASSWORD }}
	APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
	NOTARIZE_APPLE_ID: ${{ secrets.NOTARIZE_APPLE_ID }}
	NOTARIZE_APPLE_ID_PASSWORD: ${{ secrets.NOTARIZE_APPLE_ID_PASSWORD }}
	defaults:
	run:
	working-directory: packages/desktop
	steps:
	- uses: actions/checkout@v3
	- uses: actions/setup-node@v3
	with:
	registry-url: 'https://registry.npmjs.org'
	node-version-file: '.nvmrc'
	cache: 'yarn'
	- name: Setup Python
	uses: actions/setup-python@v4
	with:
	python-version: '3.10'
	- run: yarn install --immutable
	- name: Rebuild Electron Native Modules
	run: yarn workspace @standardnotes/desktop rebuild:home-server
	- run: yarn build:desktop
	- run: echo APP_VERSION=$(node -p "require('./../web/package.json').version") >> $GITHUB_ENV

	- name: Compile Mac
	run: yarn run webpack --config desktop.webpack.prod.js
	- name: MacX64
	run: \|
	yarn run electron-builder --mac --x64 --publish=never --c.extraMetadata.version=${{ env.APP_VERSION }}
	node scripts/fixMacZip.js ${{ env.APP_VERSION }}
	- name: MacArm64
	run: yarn run electron-builder --mac --arm64 --publish=never --c.extraMetadata.version=${{ env.APP_VERSION }}

	- name: Upload
	uses: actions/[email protected]
	with:
	name: mac-assets
	path: \|
	packages/desktop/dist/*.dmg
	packages/desktop/dist/*.zip
	packages/desktop/dist/*.blockmap
	packages/desktop/dist/*.yml
	packages/desktop/dist/*.yaml

	Linux-AppImage:
	name: Linux AppImage
	runs-on: ubuntu-latest
	defaults:
	run:
	working-directory: packages/desktop
	steps:
	- uses: actions/checkout@v3
	- uses: actions/setup-node@v3
	with:
	registry-url: 'https://registry.npmjs.org'
	node-version-file: '.nvmrc'
	cache: 'yarn'
	- name: Setup Python
	uses: actions/setup-python@v4
	with:
	python-version: '3.10'
	- name: Install FPM
	run: sudo gem install fpm -f

	- run: yarn install --immutable

	- name: Rebuild Electron Native Modules
	run: yarn workspace @standardnotes/desktop rebuild:home-server

	- run: yarn build:desktop

	- run: echo APP_VERSION=$(node -p "require('./../web/package.json').version") >> $GITHUB_ENV

	- name: Compile for AppImage
	run: yarn run webpack --config desktop.webpack.prod.js
	- name: AppImage
	run: yarn run electron-builder --linux --x64 -c.linux.target=AppImage --publish=never --c.extraMetadata.version=${{ env.APP_VERSION }}
	- name: AppImageX64
	run: yarn run electron-builder --linux --x64 -c.linux.target=AppImage --publish=never --c.extraMetadata.version=${{ env.APP_VERSION }}
	- name: AppImageArm64
	run: yarn run electron-builder --linux --arm64 -c.linux.target=AppImage --publish=never --c.extraMetadata.version=${{ env.APP_VERSION }}

	- name: Upload
	uses: actions/[email protected]
	with:
	name: linux-appimage-assets
	path: \|
	packages/desktop/dist/*.AppImage
	packages/desktop/dist/*.yml
	packages/desktop/dist/*.yaml

	Linux-Dir:
	name: Linux Dir
	runs-on: ubuntu-latest
	defaults:
	run:
	working-directory: packages/desktop
	steps:
	- uses: actions/checkout@v3
	- uses: actions/setup-node@v3
	with:
	registry-url: 'https://registry.npmjs.org'
	node-version-file: '.nvmrc'
	cache: 'yarn'
	- name: Setup Python
	uses: actions/setup-python@v4
	with:
	python-version: '3.10'
	- name: Install FPM
	run: sudo gem install fpm -f

	- run: yarn install --immutable

	- name: Rebuild Electron Native Modules
	run: yarn workspace @standardnotes/desktop rebuild:home-server

	- run: yarn build:desktop

	- run: echo APP_VERSION=$(node -p "require('./../web/package.json').version") >> $GITHUB_ENV

	- name: Dir
	run: \|
	yarn run webpack --config desktop.webpack.prod.js
	yarn run electron-builder --linux --x64 -c.linux.target=dir --publish=never --c.extraMetadata.version=${{ env.APP_VERSION }}
	- name: DirArm64
	run: \|
	yarn run webpack --config desktop.webpack.prod.js
	yarn run electron-builder --linux --arm64 -c.linux.target=dir --publish=never --c.extraMetadata.version=${{ env.APP_VERSION }}
	env:
	npm_config_target_arch: 'arm64'

	Linux-Deb:
	name: Linux Deb
	runs-on: ubuntu-latest
	defaults:
	run:
	working-directory: packages/desktop
	steps:
	- uses: actions/checkout@v3
	- uses: actions/setup-node@v3
	with:
	registry-url: 'https://registry.npmjs.org'
	node-version-file: '.nvmrc'
	cache: 'yarn'
	- name: Setup Python
	uses: actions/setup-python@v4
	with:
	python-version: '3.10'
	- name: Install FPM
	run: sudo gem install fpm -f

	- run: yarn install --immutable

	- name: Rebuild Electron Native Modules
	run: yarn workspace @standardnotes/desktop rebuild:home-server

	- run: yarn build:desktop

	- run: echo APP_VERSION=$(node -p "require('./../web/package.json').version") >> $GITHUB_ENV

	- name: Deb
	run: \|
	yarn run webpack --config desktop.webpack.prod.js --env deb
	yarn run electron-builder --linux --x64 -c.linux.target=deb --publish=never --c.extraMetadata.version=${{ env.APP_VERSION }}
	- name: DebArm64
	env:
	npm_config_target_arch: 'arm64'
	USE_SYSTEM_FPM: 'true'
	run: \|
	yarn run webpack --config desktop.webpack.prod.js --env deb
	yarn run electron-builder --linux --arm64 -c.linux.target=deb --publish=never --c.extraMetadata.version=${{ env.APP_VERSION }}

	- name: Upload
	uses: actions/[email protected]
	with:
	name: linux-deb-assets
	path: \|
	packages/desktop/dist/*.deb
	packages/desktop/dist/*.yml
	packages/desktop/dist/*.yaml

	Linux-Snap:
	name: Linux Snap
	runs-on: ubuntu-latest
	defaults:
	run:
	working-directory: packages/desktop
	steps:
	- uses: actions/checkout@v3
	- uses: actions/setup-node@v3
	with:
	registry-url: 'https://registry.npmjs.org'
	node-version-file: '.nvmrc'
	cache: 'yarn'
	- name: Setup Python
	uses: actions/setup-python@v4
	with:
	python-version: '3.10'
	- name: Install FPM
	run: sudo gem install fpm -f

	- run: yarn install --immutable

	- run: yarn build:desktop

	- run: echo APP_VERSION=$(node -p "require('./../web/package.json').version") >> $GITHUB_ENV

	- name: Install Snapcraft
	run: \|
	sudo snap install snapcraft --classic

	- name: Setup LXD
	uses: canonical/[email protected]

	- name: Install Review Tools
	run: sudo snap install review-tools

	- name: Package Snap
	run: \|
	yarn run webpack --config desktop.webpack.prod.js --env snap
	yarn run electron-builder --linux --x64 -c.linux.target=snap --publish=never --c.extraMetadata.version=${{ env.APP_VERSION }}

	- name: Review Snap
	run: review-tools.snap-review dist/standard-notes-${{ env.APP_VERSION }}-linux-amd64.snap

	- name: Upload
	uses: actions/[email protected]
	with:
	name: linux-snap-assets
	path: \|
	packages/desktop/dist/*.snap
	packages/desktop/dist/*.yml
	packages/desktop/dist/*.yaml

	Windows:
	runs-on: windows-latest
	env:
	SM_KEYPAIR_ALIAS: ${{ secrets.SM_KEYPAIR_ALIAS }}

	defaults:
	run:
	working-directory: packages/desktop

	steps:
	- name: Code signing with Software Trust Manager
	uses: digicert/[email protected]

	- name: Checkout
	uses: actions/checkout@v3

	- name: Setup Node
	uses: actions/setup-node@v3
	with:
	registry-url: 'https://registry.npmjs.org'
	node-version-file: '.nvmrc'
	cache: 'yarn'

	- name: Setup Python
	uses: actions/setup-python@v4
	with:
	python-version: '3.10'

	- name: Install Dependencies
	run: yarn install --immutable

	- name: Rebuild Electron Native Modules
	run: yarn workspace @standardnotes/desktop rebuild:home-server

	- name: Build
	run: yarn build:desktop

	- name: Webpack
	run: yarn run webpack --config desktop.webpack.prod.js

	- name: Set up certificate
	run: \|
	echo "${{ secrets.SM_CLIENT_CERT_FILE_B64 }}" \| base64 --decode > /d/Certificate_pkcs12.p12
	shell: bash

	- name: Set variables
	id: variables
	run: \|
	export DEBUG='electron-builder'

	echo "SM_HOST=${{ secrets.SM_HOST }}" >> "$GITHUB_ENV"
	echo "SM_API_KEY=${{ secrets.SM_API_KEY }}" >> "$GITHUB_ENV"
	echo "SM_CLIENT_CERT_FILE=D:\\Certificate_pkcs12.p12" >> "$GITHUB_ENV"
	echo "SM_CLIENT_CERT_PASSWORD=${{ secrets.SM_CLIENT_CERT_PASSWORD }}" >> "$GITHUB_ENV"

	echo "C:\Program Files (x86)\Windows Kits\10\App Certification Kit" >> $GITHUB_PATH
	echo "C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.8 Tools" >> $GITHUB_PATH
	echo "C:\Program Files\DigiCert\DigiCert Keylocker Tools" >> $GITHUB_PATH
	shell: bash

	- name: Setup Keylocker KSP on windows
	run: \|
	curl -X GET https://one.digicert.com/signingmanager/api-ui/v1/releases/Keylockertools-windows-x64.msi/download -H "x-api-key:%SM_API_KEY%" -o Keylockertools-windows-x64.msi
	msiexec /i Keylockertools-windows-x64.msi /quiet /qn
	smksp_registrar.exe list
	smctl.exe keypair ls
	C:\Windows\System32\certutil.exe -csp "DigiCert Signing Manager KSP" -key -user
	shell: cmd

	- name: Certificates Sync
	run: \|
	smctl windows certsync
	shell: cmd

	- name: Build & Sign With Electron Builder
	run: yarn run electron-builder --windows --x64 --ia32 --publish=never --c.extraMetadata.version=$(node -p "require('./../web/package.json').version")

	- name: Upload
	uses: actions/[email protected]
	with:
	name: windows-assets
	path: \|
	packages/desktop/dist/*.blockmap
	packages/desktop/dist/*.exe
	packages/desktop/dist/*.yml
	packages/desktop/dist/*.yaml

	Publish:
	runs-on: ubuntu-latest
	env:
	SNAPCRAFT_STORE_CREDENTIALS: ${{ secrets.SNAPCRAFT_STORE_CREDENTIALS }}
	if: ${{ always() }}
	needs: [Windows, Mac, Linux-AppImage, Linux-Dir, Linux-Deb, Linux-Snap]
	defaults:
	run:
	working-directory: packages/desktop
	steps:
	- uses: actions/checkout@v3
	- uses: actions/setup-node@v3
	with:
	registry-url: 'https://registry.npmjs.org'
	node-version-file: '.nvmrc'
	cache: 'yarn'

	- run: echo APP_VERSION=$(node -p "require('./../web/package.json').version") >> $GITHUB_ENV

	- run: yarn install --immutable

	- uses: actions/download-artifact@v4
	with:
	path: packages/desktop/dist
	pattern: *-assets

	- name: Generate Checksums
	run: node scripts/sums.mjs

	- name: Generate Release Notes
	uses: ./actions/release-notes
	with:
	package: web desktop
	id: release-notes

	- name: Release
	uses: softprops/action-gh-release@v1
	with:
	token: ${{ secrets.CI_PAT_TOKEN }}
	tag_name: "@standardnotes/desktop@${{ env.APP_VERSION }}"
	name: "Desktop ${{ env.APP_VERSION }}"
	body: ${{ steps.release-notes.outputs.result }}
	prerelease: true
	draft: false
	files: packages/desktop/dist/*

	- name: Publish Snap
	run: \|
	sudo snap install snapcraft --classic
	snapcraft upload dist/standard-notes-${{ env.APP_VERSION }}-linux-amd64.snap --release stable,candidate,beta,edge

	Notify:
	runs-on: ubuntu-latest
	needs: [Publish]
	steps:
	- name: Notify Release Update
	uses: peter-evans/repository-dispatch@v2
	with:
	token: ${{ secrets.CI_PAT_TOKEN }}
	repository: ${{ secrets.RELEASES_EVENT_RECEIVING_REPO }}
	event-type: releases-updated-event

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Desktop Reusable Release Workflow #6

Workflow file

Desktop Reusable Release Workflow #6

Jobs

Run details

Workflow file for this run

GitHub Actions / .github/workflows/desktop.release.reuse.yml