-
Notifications
You must be signed in to change notification settings - Fork 2
146 lines (127 loc) · 4.29 KB
/
release.yml
File metadata and controls
146 lines (127 loc) · 4.29 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
name: Release Events
on:
release:
types: [published]
workflow_dispatch:
inputs:
environment:
description: 'Environment to run tests against'
type: environment
required: true
permissions:
id-token: write
deployments: write
contents: write
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
jobs:
deploy-macos:
name: Publish macOS app
runs-on: macos-latest
environment:
name: prod
steps:
- name: ⬇️ Set up code
uses: actions/checkout@v6
with:
show-progress: false
- name: ⎔ Set up Node.js
uses: actions/setup-node@v6
with:
node-version: lts/*
cache: npm
- name: 🐍 Set up python
uses: actions/setup-python@v6
with:
python-version: 3.12
- name: 🧑🎓 Set up signing certificates
uses: apple-actions/import-codesign-certs@v6
with:
p12-file-base64: ${{ secrets.APPLE_CERTIFICATE }}
p12-password: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }}
- name: 💻 Set up app DMG
run: |
python3 -m pip install setuptools
npm install -g appdmg@0.6.6
- name: 📥 Install dependencies
run: npm ci
- name: 🚀 Build, Package, & Release
run: npm run publish -- --arch=universal
env:
NODE_ENV: production
APPLE_IDENTITY: ${{ secrets.APPLE_IDENTITY }}
APPLE_USER_ID: ${{ secrets.APPLE_USER_ID }}
APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
GCP_KEYRING_PATH: ${{ secrets.GCP_KEYRING_PATH }}
GCP_KEY_NAME: ${{ secrets.GCP_KEY_NAME }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
VITE_IS_BETA: ${{ github.event.release.prerelease == true }}
deploy-windows:
name: Publish windows app
runs-on: windows-latest
environment:
name: prod
steps:
- name: ⬇️ Set up code
uses: actions/checkout@v6
with:
show-progress: false
- name: ⎔ Set up Node.js
uses: actions/setup-node@v6
with:
node-version: lts/*
cache: npm
- name: 📥 Install dependencies
run: npm ci
- name: 📦 Cache CNG Provider
id: cache-cng
uses: actions/cache@v5
with:
path: C:\Users\runneradmin\AppData\Local\Temp\KmsCngInstall
key: cng-provider-v1.3-windows
- name: 🏗️ Install Google Cloud KMS Provider
shell: pwsh
run: .\build\install-kms.ps1
env:
CACHE_HIT: ${{ steps.cache-cng.outputs.cache-hit }}
- name: 🗝️ Authenticate to Google Cloud
id: auth
uses: google-github-actions/auth@v3
with:
access_token_scopes: 'openid, https://www.googleapis.com/auth/cloudkms, https://www.googleapis.com/auth/cloud-platform'
token_format: 'access_token'
workload_identity_provider: ${{ secrets.IDENTITY_PROVIDER }}
service_account: ${{ secrets.SERVICE_ACCOUNT_EMAIL }}
create_credentials_file: true
- name: 🚀 Build, Package, & Release
run: npm run publish
env:
NODE_ENV: production
GCP_KEYRING_PATH: ${{ secrets.GCP_KEYRING_PATH }}
GCP_KEY_NAME: ${{ secrets.GCP_KEY_NAME }}
GOOGLE_APPLICATION_CREDENTIALS: ${{ steps.auth.outputs.credentials_file_path }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
VITE_IS_BETA: ${{ github.event.release.prerelease == true }}
change-management:
name: Change management
needs: [deploy-macos, deploy-windows]
runs-on: ubuntu-latest
permissions:
contents: read
pull-requests: write
issues: write
steps:
- name: 🔔 Create deployment notification
uses: agrc/service-now-worknote-action@v1
with:
repo-token: ${{ github.token }}
username: ${{ secrets.SN_USERNAME }}
password: ${{ secrets.SN_PASSWORD }}
instance-name: ${{ secrets.SN_INSTANCE }}
table-name: ${{ secrets.SN_TABLE }}
system-id: ${{ secrets.SN_SYS_ID }}
- name: 💬 Comment on issues in release
uses: agrc/release-issue-notifications-action@v1
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}