Run release only after testing is ok also fix warning #10
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Release | |
on: | |
push: | |
branches: | |
- "main" | |
- "blacksmith" | |
pull_request: | |
branches: | |
- "main" | |
workflow_run: | |
workflows: | |
- "Testing" | |
types: | |
- completed | |
permissions: | |
contents: read | |
jobs: | |
release: | |
runs-on: ${{ matrix.os }} | |
permissions: | |
contents: write # to be able to publish a GitHub release | |
issues: write # to be able to comment on released issues | |
pull-requests: write # to be able to comment on released pull requests | |
strategy: | |
fail-fast: false | |
matrix: | |
include: | |
- os: macos-12 | |
- os: windows-2019 | |
- os: ubuntu-20.04 | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-node@v3 | |
with: | |
node-version: 18 | |
- run: npm install -g yarn | |
- if: runner.os == 'Linux' | |
run: sudo apt update && sudo apt install libudev-dev | |
- name: Cache node_modules | |
id: cache-node-modules | |
uses: actions/cache@v3 | |
with: | |
path: node_modules | |
key: ${{ runner.os }}-${{ hashFiles('package.json', 'yarn.lock') }} | |
- name: Install node_modules | |
if: steps.cache-node-modules.outputs.cache-hit != 'true' | |
run: yarn install --frozen-lockfile --network-timeout 300000 # sometimes yarn takes time, therefore, we increase the timeout | |
- if: runner.os == 'macOS' | |
name: Setup Apple certificates | |
env: | |
APPLE_INSTALLER_CERT_BASE64: ${{ secrets.APPLE_INSTALLER_CERT_BASE64 }} | |
APPLE_APPLICATION_CERT_BASE64: ${{ secrets.APPLE_APPLICATION_CERT_BASE64 }} | |
APPLE_CERT_PASSWORD: ${{ secrets.APPLE_CERT_PASSWORD }} | |
APPLE_KEYCHAIN_PASSWORD: ${{ secrets.APPLE_KEYCHAIN_PASSWORD }} | |
run: | | |
APPLE_INSTALLER_CERT_PATH=$RUNNER_TEMP/apple_installer.p12 | |
APPLE_APPLICATION_CERT_PATH=$RUNNER_TEMP/apple_application.p12 | |
KEYCHAIN_PATH=$RUNNER_TEMP/apple-signing.keychain-db | |
# create certificates from base64 | |
echo -n "$APPLE_INSTALLER_CERT_BASE64" | base64 --decode -o $APPLE_INSTALLER_CERT_PATH | |
echo -n "$APPLE_APPLICATION_CERT_BASE64" | base64 --decode -o $APPLE_APPLICATION_CERT_PATH | |
# create keychain stuff | |
security create-keychain -p "$APPLE_KEYCHAIN_PASSWORD" $KEYCHAIN_PATH | |
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH | |
security unlock-keychain -p "$APPLE_KEYCHAIN_PASSWORD" $KEYCHAIN_PATH | |
#import certificates | |
echo "Importing installer cert" | |
security import $APPLE_INSTALLER_CERT_PATH -P "$APPLE_CERT_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH | |
echo "Importing application cert" | |
security import $APPLE_APPLICATION_CERT_PATH -P "$APPLE_CERT_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH | |
security list-keychain -d user -s $KEYCHAIN_PATH | |
# - run: yarn run lint | |
- if: runner.os == 'macOS' | |
name: Build for MacOS | |
env: | |
APPLE_ID: ${{ secrets.APPLEID }} | |
APPLE_ID_PASSWORD: ${{ secrets.APPLEIDPASS }} | |
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} | |
run: yarn run make | |
# - name: | |
# env: | |
# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
# run: yarn run semantic-release | |
# we need another job to deploy the release |