ci: fix branch trigger in release #2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| push: | |
| branches: | |
| - main | |
| env: | |
| CARGO_INCREMENTAL: 0 | |
| CARGO_NET_RETRY: 10 | |
| RUST_BACKTRACE: short | |
| RUSTUP_MAX_RETRIES: 10 | |
| MACOSX_DEPLOYMENT_TARGET: 10.7 | |
| jobs: | |
| # Update release PR | |
| release_please: | |
| name: Release Please | |
| runs-on: ubuntu-latest | |
| if: github.repository == 'orbiter-rs/orbiter' | |
| outputs: | |
| release_created: ${{ steps.release.outputs.release_created }} | |
| tag_name: ${{ steps.release.outputs.tag_name }} | |
| steps: | |
| - uses: google-github-actions/release-please-action@v4 | |
| id: release | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| release-type: rust | |
| # Build sources for every OS | |
| github_build: | |
| name: Build release binaries | |
| needs: release_please | |
| if: ${{ needs.release_please.outputs.release_created == 'true' }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - target: x86_64-unknown-linux-gnu | |
| os: ubuntu-latest | |
| name: orbiter-x86_64-unknown-linux-gnu.tar.gz | |
| - target: x86_64-unknown-linux-musl | |
| os: ubuntu-latest | |
| name: orbiter-x86_64-unknown-linux-musl.tar.gz | |
| - target: i686-unknown-linux-musl | |
| os: ubuntu-latest | |
| name: orbiter-i686-unknown-linux-musl.tar.gz | |
| - target: aarch64-unknown-linux-musl | |
| os: ubuntu-latest | |
| name: orbiter-aarch64-unknown-linux-musl.tar.gz | |
| - target: arm-unknown-linux-musleabihf | |
| os: ubuntu-latest | |
| name: orbiter-arm-unknown-linux-musleabihf.tar.gz | |
| # - target: x86_64-apple-darwin | |
| # os: macOS-11 | |
| # name: orbiter-x86_64-apple-darwin.tar.gz | |
| # - target: aarch64-apple-darwin | |
| # os: macOS-11 | |
| # name: orbiter-aarch64-apple-darwin.tar.gz | |
| # - target: x86_64-pc-windows-msvc | |
| # os: windows-latest | |
| # name: orbiter-x86_64-pc-windows-msvc.zip | |
| # rustflags: -C target-feature=+crt-static | |
| # - target: i686-pc-windows-msvc | |
| # os: windows-latest | |
| # name: orbiter-i686-pc-windows-msvc.zip | |
| # rustflags: -C target-feature=+crt-static | |
| # - target: aarch64-pc-windows-msvc | |
| # os: windows-latest | |
| # name: orbiter-aarch64-pc-windows-msvc.zip | |
| # rustflags: -C target-feature=+crt-static | |
| # - target: x86_64-unknown-freebsd | |
| # os: ubuntu-latest | |
| # name: orbiter-x86_64-unknown-freebsd.tar.gz | |
| runs-on: ${{ matrix.os }} | |
| continue-on-error: true | |
| env: | |
| RUSTFLAGS: ${{ matrix.rustflags || '' }} | |
| steps: | |
| - name: Setup | Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup | Rust | |
| uses: dtolnay/rust-toolchain@master | |
| with: | |
| toolchain: stable | |
| target: ${{ matrix.target }} | |
| - name: Setup | Install cargo-wix [Windows] | |
| continue-on-error: true | |
| # aarch64 is only supported in wix 4.0 development builds | |
| if: matrix.os == 'windows-latest' && matrix.target != 'aarch64-pc-windows-msvc' | |
| run: cargo install --version 0.3.4 cargo-wix | |
| env: | |
| # cargo-wix does not require static crt | |
| RUSTFLAGS: "" | |
| - name: Setup | Install cross [Linux] | |
| if: matrix.os == 'ubuntu-latest' | |
| uses: taiki-e/install-action@cross | |
| - name: Build | Build [Cargo] | |
| if: matrix.os != 'ubuntu-latest' | |
| run: cargo build --release --locked --target ${{ matrix.target }} | |
| - name: Build | Build [Cross] | |
| if: matrix.os == 'ubuntu-latest' | |
| run: cross build --release --locked --target ${{ matrix.target }} | |
| - name: Build | Installer [Windows] | |
| continue-on-error: true | |
| if: matrix.os == 'windows-latest' && matrix.target != 'aarch64-pc-windows-msvc' | |
| run: > | |
| cargo wix -v --no-build --nocapture -I install/windows/main.wxs | |
| --target ${{ matrix.target }} | |
| --output target/wix/orbiter-${{ matrix.target }}.msi | |
| - name: Post Build | Prepare artifacts [Windows] | |
| if: matrix.os == 'windows-latest' | |
| run: | | |
| cd target/${{ matrix.target }}/release | |
| 7z a ../../../${{ matrix.name }} orbiter.exe | |
| cd - | |
| - name: Post Build | Prepare artifacts [-nix] | |
| if: matrix.os != 'windows-latest' | |
| run: | | |
| cd target/${{ matrix.target }}/release | |
| tar czvf ../../../${{ matrix.name }} orbiter | |
| cd - | |
| - name: Release | Upload artifacts | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: ${{ matrix.name }} | |
| path: ${{ matrix.name }} | |
| - name: Release | Upload installer artifacts [Windows] | |
| continue-on-error: true | |
| if: matrix.os == 'windows-latest' && matrix.target != 'aarch64-pc-windows-msvc' | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: orbiter-${{ matrix.target }}.msi | |
| path: target/wix/orbiter-${{ matrix.target }}.msi | |
| # # Notarize orbiter binaries for MacOS and build notarized pkg installers | |
| # notarize_and_pkgbuild: | |
| # runs-on: macos-latest | |
| # continue-on-error: true | |
| # needs: [github_build, merge_crowdin_pr] | |
| # strategy: | |
| # fail-fast: false | |
| # matrix: | |
| # include: | |
| # - target: x86_64-apple-darwin | |
| # arch: x86_64 | |
| # name: orbiter-x86_64-apple-darwin.tar.gz | |
| # pkgname: orbiter-x86_64-apple-darwin.pkg | |
| # - target: aarch64-apple-darwin | |
| # arch: aarch64 | |
| # name: orbiter-aarch64-apple-darwin.tar.gz | |
| # pkgname: orbiter-aarch64-apple-darwin.pkg | |
| # env: | |
| # KEYCHAIN_FILENAME: app-signing.keychain-db | |
| # KEYCHAIN_ENTRY: AC_PASSWORD | |
| # STARSHIP_VERSION: ${{ needs.release_please.outputs.tag_name }} | |
| # steps: | |
| # - name: Checkout repository | |
| # uses: actions/checkout@v4 | |
| # with: | |
| # # Required to include the recently merged Crowdin PR | |
| # ref: master | |
| # - name: Notarize | Set up secrets | |
| # env: | |
| # APP_CERTIFICATE_BASE64: ${{ secrets.APPLEDEV_APPSIGNKEY_BASE64 }} | |
| # INSTALL_CERTIFICATE_BASE64: ${{ secrets.APPLEDEV_INSTALLERSIGNKEY_BASE64 }} | |
| # P12_PASSWORD: ${{ secrets.APPLEDEV_SIGNKEY_PASS }} | |
| # KEYCHAIN_PASSWORD: ${{ secrets.APPLEDEV_SIGNKEY_PASS }} | |
| # APPLEID_USERNAME: ${{ secrets.APPLEDEV_ID_NAME }} | |
| # APPLEID_TEAMID: ${{ secrets.APPLEDEV_TEAM_ID }} | |
| # APPLEID_PASSWORD: ${{ secrets.APPLEDEV_PASSWORD }} | |
| # run: | | |
| # APP_CERTIFICATE_PATH="$RUNNER_TEMP/app_certificate.p12" | |
| # INSTALL_CERTIFICATE_PATH="$RUNNER_TEMP/install_certificate.p12" | |
| # KEYCHAIN_PATH="$RUNNER_TEMP/$KEYCHAIN_FILENAME" | |
| # # import certificates from secrets | |
| # echo -n "$APP_CERTIFICATE_BASE64" | base64 --decode --output $APP_CERTIFICATE_PATH | |
| # echo -n "$INSTALL_CERTIFICATE_BASE64" | base64 --decode --output $INSTALL_CERTIFICATE_PATH | |
| # # create temporary keychain | |
| # security create-keychain -p "$KEYCHAIN_PASSWORD" "$KEYCHAIN_PATH" | |
| # security set-keychain-settings -lut 21600 "$KEYCHAIN_PATH" | |
| # security unlock-keychain -p "$KEYCHAIN_PASSWORD" "$KEYCHAIN_PATH" | |
| # # import certificates to keychain | |
| # security import $APP_CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH | |
| # security import $INSTALL_CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH | |
| # security list-keychain -d user -s $KEYCHAIN_PATH | |
| # # Add Apple Developer ID credentials to keychain | |
| # xcrun notarytool store-credentials "$KEYCHAIN_ENTRY" --team-id "$APPLEID_TEAMID" --apple-id "$APPLEID_USERNAME" --password "$APPLEID_PASSWORD" --keychain "$KEYCHAIN_PATH" | |
| # - name: Setup | Node | |
| # uses: actions/setup-node@v3 | |
| # with: | |
| # node-version: 16 | |
| # - name: Notarize | Build docs | |
| # run: | | |
| # cd docs | |
| # npm install | |
| # npm run build | |
| # - name: Notarize | Download artifacts | |
| # uses: actions/download-artifact@v3 | |
| # with: | |
| # name: ${{ matrix.name }} | |
| # path: artifacts | |
| # - name: Notarize | Unpack Binaries | |
| # run: tar xf artifacts/${{ matrix.name }} | |
| # - name: Notarize | Build, Sign, and Notarize Pkg | |
| # run: bash install/macos_packages/build_and_notarize.sh orbiter docs ${{ matrix.arch }} ${{ matrix.pkgname }} | |
| # - name: Notarize | Upload Notarized Flat Installer | |
| # uses: actions/upload-artifact@v3 | |
| # with: | |
| # name: ${{ matrix.pkgname }} | |
| # path: ${{ matrix.pkgname }} | |
| # - name: Notarize | Package Notarized Binary | |
| # run: tar czvf ${{ matrix.name }} orbiter | |
| # - name: Notarize | Upload Notarized Binary | |
| # uses: actions/upload-artifact@v3 | |
| # with: | |
| # name: ${{ matrix.name }} | |
| # path: ${{ matrix.name }} | |
| # - name: Cleanup Secrets | |
| # if: ${{ always() }} | |
| # run: | | |
| # KEYCHAIN_PATH="$RUNNER_TEMP/$KEYCHAIN_FILENAME" | |
| # security delete-keychain $KEYCHAIN_PATH | |
| # Create GitHub release with Rust build targets and release notes | |
| upload_artifacts: | |
| name: Add Build Artifacts to Release | |
| # needs: [release_please, github_build, notarize_and_pkgbuild] | |
| needs: [release_please, github_build] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Setup | Artifacts | |
| uses: actions/download-artifact@v3 | |
| - name: Setup | Checksums | |
| run: for file in orbiter-*/orbiter-*; do openssl dgst -sha256 -r "$file" | awk '{print $1}' > "${file}.sha256"; done | |
| - name: Setup | Publish Release | |
| run: gh release edit ${{ needs.release_please.outputs.tag_name }} --draft=false --repo=orbiter-rs/orbiter | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Build | Add Artifacts to Release | |
| uses: softprops/action-gh-release@v1 | |
| with: | |
| files: orbiter-*/orbiter-* | |
| tag_name: ${{ needs.release_please.outputs.tag_name }} | |
| # Publish orbiter to Crates.io | |
| cargo_publish: | |
| name: Publish Cargo Package | |
| runs-on: ubuntu-latest | |
| needs: [release_please, upload_artifacts] | |
| if: ${{ needs.release_please.outputs.release_created == 'true' }} | |
| steps: | |
| - name: Setup | Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup | Rust | |
| uses: dtolnay/rust-toolchain@stable | |
| - name: Build | Publish | |
| run: cargo publish --token ${{ secrets.CARGO_REGISTRY_TOKEN }} | |
| # update_brew_formula: | |
| # name: Update Brew Formula | |
| # runs-on: ubuntu-latest | |
| # needs: [release_please, upload_artifacts] | |
| # if: ${{ needs.release_please.outputs.release_created == 'true' }} | |
| # steps: | |
| # - uses: mislav/[email protected] | |
| # with: | |
| # formula-name: orbiter | |
| # tag-name: ${{ needs.release_please.outputs.tag_name }} | |
| # env: | |
| # # Used for creating the formula update PR | |
| # COMMITTER_TOKEN: ${{ secrets.GH_PAT }} | |
| # # Used for verifying the SHA256 sum of the draft release | |
| # GITHUB_TOKEN: ${{ secrets.GH_PAT }} | |
| # winget_update: | |
| # name: Update Winget Manifest | |
| # runs-on: windows-latest | |
| # needs: [release_please, github_build, upload_artifacts] | |
| # if: ${{ needs.release_please.outputs.release_created == 'true' }} | |
| # env: | |
| # URL_64: https://github.com/orbiter-rs/orbiter/releases/download/${{ needs.release_please.outputs.tag_name }}/orbiter-x86_64-pc-windows-msvc.msi | |
| # URL_32: https://github.com/orbiter-rs/orbiter/releases/download/${{ needs.release_please.outputs.tag_name }}/orbiter-i686-pc-windows-msvc.msi | |
| # steps: | |
| # - run: | | |
| # $version = '${{ needs.release_please.outputs.tag_name }}'.replace('v', '') | |
| # iwr https://aka.ms/wingetcreate/latest -OutFile wingetcreate.exe | |
| # ./wingetcreate.exe update Orbiter.Orbiter -s -v $version -u $env:URL_64 $env:URL_32 -t ${{ secrets.GH_PAT }} | |
| # choco_update: | |
| # name: Update Chocolatey Package | |
| # runs-on: windows-latest | |
| # needs: [release_please, github_build, upload_artifacts] | |
| # if: ${{ needs.release_please.outputs.release_created == 'true' }} | |
| # steps: | |
| # - name: Setup | Checkout | |
| # uses: actions/checkout@v4 | |
| # - name: Setup | Artifacts | |
| # uses: actions/download-artifact@v3 | |
| # - run: pwsh ./install/windows/choco/update.ps1 | |
| # env: | |
| # ORBITER_VERSION: ${{ needs.release_please.outputs.tag_name }} | |
| # PUSH_TOKEN: ${{ secrets.CHOCO_TOKEN }} | |
| # merge_crowdin_pr: | |
| # name: Merge Crowdin PR | |
| # runs-on: ubuntu-latest | |
| # needs: release_please | |
| # if: ${{ needs.release_please.outputs.release_created == 'true' }} | |
| # continue-on-error: true | |
| # steps: | |
| # - name: Setup | Checkout | |
| # uses: actions/checkout@v4 | |
| # - name: Merge | Merge Crowdin PR | |
| # run: gh pr merge i18n_master --squash --repo=orbiter-rs/orbiter | |
| # env: | |
| # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| # publish_docs: | |
| # name: Trigger docs deployment | |
| # runs-on: ubuntu-latest | |
| # needs: merge_crowdin_pr | |
| # steps: | |
| # - name: Setup | Checkout | |
| # uses: actions/checkout@v4 | |
| # - name: Trigger workflow dispatch | |
| # run: gh workflow run publish-docs.yml | |
| # env: | |
| # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |