Version Upgrades #209
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Artifact CI | |
| on: | |
| push: | |
| env: | |
| JAVA_VERSION: 20 | |
| permissions: | |
| contents: write | |
| jobs: | |
| build_bot_artifacts: | |
| name: Build Discord Bot | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - uses: actions/setup-java@v3 | |
| with: | |
| distribution: 'temurin' | |
| java-version: ${{ env.JAVA_VERSION }} | |
| - name: Build plugin | |
| uses: gradle/gradle-build-action@v2 | |
| with: | |
| arguments: assembleBot | |
| - name: Upload plugin artifact | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: plugin | |
| path: bot/build/plugin/*.zip | |
| - name: Upload plugin bot | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: bot | |
| path: bot/build/bot/*.zip | |
| build_desktop_app: | |
| name: Build Desktop App | |
| strategy: | |
| matrix: | |
| os: [ubuntu-latest, macos-latest, windows-latest] | |
| runs-on: ${{ matrix.os }} | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - uses: actions/setup-java@v3 | |
| with: | |
| distribution: 'temurin' | |
| java-version: ${{env.JAVA_VERSION}} | |
| - uses: actions-rs/toolchain@v1 | |
| if: matrix.os == 'windows-latest' | |
| with: | |
| toolchain: 'stable' | |
| - name: Setup MacOS signing | |
| if: matrix.os == 'macos-latest' | |
| env: | |
| BUILD_CERTIFICATE_BASE64: ${{ secrets.MACOS_SIGNING_CERTIFICATE }} | |
| P12_PASSWORD: ${{ secrets.MAC_SIGNING_PASSWORD }} | |
| KEYCHAIN_PASSWORD: ${{ secrets.MAC_SIGNING_PASSWORD }} | |
| PASSWORD: ${{ secrets.APPLE_PASSWORD }} | |
| INSTALLER_CERTIFICATE_BASE64: ${{ secrets.APPLE_INSTALLER_KEY }} | |
| run: | | |
| # create variables | |
| CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12 | |
| INSTALLER_CERTIFICATE_PATH=$RUNNER_TEMP/installer_certificate.p12 | |
| KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db | |
| # import certificate and provisioning profile from secrets | |
| echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode -o $CERTIFICATE_PATH | |
| echo -n "$INSTALLER_CERTIFICATE_BASE64" | base64 --decode -o INSTALLER_CERTIFICATE_PATH | |
| # create temporary keychain | |
| security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH | |
| security set-keychain-settings -lut 21600 $KEYCHAIN_PATH | |
| security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH | |
| # import certificate to keychain | |
| security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH | |
| security import INSTALLER_CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH | |
| security list-keychain -d user -s $KEYCHAIN_PATH | |
| - name: Build App Distribution | |
| uses: gradle/gradle-build-action@v2 | |
| with: | |
| arguments: packageReleaseDistributionForCurrentOS -Pcompose.desktop.mac.sign=true | |
| - name: Package Linux Distribution | |
| uses: gradle/gradle-build-action@v2 | |
| if: matrix.os == 'ubuntu-latest' | |
| with: | |
| arguments: packageDistributable | |
| - name: Setup MSbuild | |
| if: matrix.os == 'windows-latest' | |
| uses: microsoft/setup-msbuild@v1.3.1 | |
| - name: Build MSIX | |
| if: matrix.os == 'windows-latest' | |
| run: | | |
| & 'C:/Program Files (x86)/Windows Kits/10/bin/10.0.22621.0/x64/makeappx.exe' pack /d app/desktop/build/msix-workspace /p Tonbrett.msix | |
| - name: Notarize MacOS installer | |
| #if: matrix.os == 'macos-latest' | |
| # waiting for https://github.com/JetBrains/compose-multiplatform/issues/3208 | |
| if: false | |
| uses: gradle/gradle-build-action@v2 | |
| env: | |
| NOTARIZATION_PASSWORD: ${{ secrets.NOTARIZATION_PASSWORD }} | |
| with: | |
| arguments: notarizeReleasePkg -Pcompose.desktop.mac.sign=true | |
| - name: Upload distributions | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: desktopapp-${{ matrix.os }} | |
| path: | | |
| *.msix | |
| app/desktop/build/compose/binaries/main-release/deb/*.deb | |
| app/desktop/build/compose/binaries/main-release/pkg/*.pkg | |
| app/desktop/build/distributions/*.tar.gz | |
| build_android_app: | |
| runs-on: ubuntu-latest | |
| name: Build Android App | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - uses: actions/setup-java@v3 | |
| with: | |
| distribution: 'temurin' | |
| java-version: ${{env.JAVA_VERSION}} | |
| - name: Decode Keystore | |
| uses: timheuer/base64-to-file@v1.2 | |
| with: | |
| fileName: 'android_keystore.jks' | |
| fileDir: 'keystore' | |
| encodedString: ${{ secrets.KEYSTORE }} | |
| - name: Build App Distribution | |
| uses: gradle/gradle-build-action@v2 | |
| env: | |
| SIGNING_KEY_ALIAS: ${{ secrets.KEY_ALIAS }} | |
| SIGNING_KEY_PASSWORD: ${{ secrets.KEY_PASSWORD }} | |
| SIGNING_STORE_PASSWORD: ${{ secrets.KEYSTORE_PASSWORD }} | |
| with: | |
| arguments: :app:android:bundleRelease :app:android:assembleRelease | |
| - uses: r0adkll/sign-android-release@v1 | |
| id: sign_bundle | |
| name: Sign AAB | |
| with: | |
| releaseDirectory: app/android/build/outputs/bundle/release/ | |
| signingKeyBase64: ${{ secrets.KEYSTORE }} | |
| alias: ${{ secrets.KEY_ALIAS }} | |
| keyStorePassword: ${{ secrets.KEYSTORE_PASSWORD }} | |
| keyPassword: ${{ secrets.KEY_PASSWORD }} | |
| - uses: r0adkll/sign-android-release@v1 | |
| id: sign_apk | |
| name: Sign APK | |
| with: | |
| releaseDirectory: app/android/build/outputs/apk/release/ | |
| signingKeyBase64: ${{ secrets.KEYSTORE }} | |
| alias: ${{ secrets.KEY_ALIAS }} | |
| keyStorePassword: ${{ secrets.KEYSTORE_PASSWORD }} | |
| keyPassword: ${{ secrets.KEY_PASSWORD }} | |
| - name: Upload APK | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: android-app | |
| path: app/android/build/outputs/apk/release/*.apk | |
| - uses: r0adkll/upload-google-play@v1 | |
| name: Release on Play Store | |
| if: startsWith(github.ref, 'refs/tags/') | |
| with: | |
| serviceAccountJsonPlainText: ${{ secrets.SERVICE_ACCOUNT_JSON }} | |
| packageName: dev.schlaubi.tonbrett.android | |
| status: draft | |
| releaseFiles: app/android/build/outputs/bundle/release/tonbrett-app-release.aab | |
| mappingFile: app/android/build/outputs/mapping/release/mapping.txt | |
| track: internal | |
| sign_windows_installer: | |
| name: Sign windows installer | |
| runs-on: windows-signing | |
| needs: build_desktop_app | |
| if: startsWith(github.ref, 'refs/tags/') | |
| steps: | |
| - uses: actions/download-artifact@v3 | |
| name: Download Artifacts from Windows | |
| with: | |
| name: desktopapp-windows-latest | |
| - name: Code Sign 2021 | |
| run: | | |
| & 'C:/Program Files (x86)/Windows Kits/10/bin/10.0.22621.0/x86/signtool.exe' sign /fd SHA256 /n "Open Source Developer, Michael Rittmeister" /t http://time.certum.pl/ /d Tonbrett Tonbrett.msix | |
| - name: Upload distributions | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: desktopapp-windows-signed | |
| path: "*.msix" | |
| create_release: | |
| name: Create Release | |
| runs-on: windows-latest # for some weird reason this job does not get picked on ubuntu | |
| needs: [build_bot_artifacts, build_desktop_app, build_android_app, sign_windows_installer] | |
| if: startsWith(github.ref, 'refs/tags/') | |
| steps: | |
| - uses: actions/download-artifact@v3 | |
| name: Download Artifacts from Ubuntu | |
| with: | |
| name: desktopapp-ubuntu-latest | |
| - uses: actions/download-artifact@v3 | |
| name: Download Artifacts from MacOS | |
| with: | |
| name: desktopapp-macos-latest | |
| - uses: actions/download-artifact@v3 | |
| name: Download Artifacts from Windows | |
| with: | |
| name: desktopapp-windows-signed | |
| - uses: actions/download-artifact@v3 | |
| name: Download Bot | |
| with: | |
| name: bot | |
| - uses: actions/download-artifact@v3 | |
| name: Download Plugin | |
| with: | |
| name: plugin | |
| - uses: actions/download-artifact@v3 | |
| name: Download Android App | |
| with: | |
| name: android-app | |
| - name: Release | |
| uses: softprops/action-gh-release@v1 | |
| with: | |
| files: | | |
| app/desktop/build/compose/binaries/main-release/deb/*.deb | |
| app/desktop/build/compose/binaries/main-release/pkg/*.pkg | |
| app/desktop/build/distributions/*.tar.gz | |
| *.msix | |
| *.zip | |
| *-signed.apk |