renamed back to hc-stress-test, bumped version number #2

Workflow file for this run

.github/workflows/release-codesigned.yaml at a8398b4

	name: "publish"
	on:
	push:
	branches:
	- release-codesigned-testing

	jobs:
	publish-tauri:
	permissions:
	contents: write
	strategy:
	fail-fast: false
	matrix:
	platform: [windows-2019, macos-11, ubuntu-20.04]
	env:
	MACOSX_DEPLOYMENT_TARGET: 10.13

	runs-on: ${{ matrix.platform }}
	steps:
	- uses: actions/checkout@v2
	- name: setup node
	uses: actions/setup-node@v1
	with:
	node-version: 16
	- name: install Rust stable
	uses: actions-rs/toolchain@v1
	with:
	override: true
	toolchain: stable
	- name: install Go stable
	uses: actions/setup-go@v4
	with:
	go-version: 'stable'
	- name: install app dependencies and info
	run: npm install && npm run tauri info

	- name: install dependencies (ubuntu only)
	if: matrix.platform == 'ubuntu-20.04'
	run: \|
	sudo apt-get update
	sudo apt-get install -y libwebkit2gtk-4.0-dev libcanberra-gtk-module libcanberra-gtk3-module build-essential curl wget libssl-dev libgtk-3-dev squashfs-tools libgtksourceview-3.0-dev libappindicator3-dev patchelf librsvg2-dev ayatana-indicator-application

	- name: generate dist folder
	run: npm run dist

	- name: build the app (macOS and Linux only)
	if: matrix.platform == 'ubuntu-20.04' \|\| matrix.platform == 'macos-11' # HELP remove this line if Windows code signing is NOT wanted
	uses: tauri-apps/tauri-action@dev
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	ENABLE_CODE_SIGNING: ${{ secrets.APPLE_CERTIFICATE }}
	APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }}
	APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }}
	APPLE_SIGNING_IDENTITY: ${{ secrets.APPLE_SIGNING_IDENTITY }}
	APPLE_ID: ${{ secrets.APPLE_ID }}
	APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
	TAURI_PRIVATE_KEY: ${{ secrets.TAURI_PRIVATE_KEY }}
	TAURI_KEY_PASSWORD: ${{ secrets.TAURI_KEY_PASSWORD }}

	with:
	projectPath: src-tauri # specifying to prevent action from looking for artifacts in crates/hc_launch/src-tauri
	tagName: v__VERSION__ # the action automatically replaces \_\_VERSION\_\_ with the app version
	releaseName: "hc-stress-test v__VERSION__"
	releaseBody: "See assets below to download and install this version."
	releaseDraft: true
	prerelease: true
	args: --verbose


	### Everything below this line is code signing for Windows via azure key vault, following these instructions:
	### https://melatonin.dev/blog/how-to-code-sign-windows-installers-with-an-ev-cert-on-github-actions/
	### HELP Remove everything below if Windows code signing is NOT wanted.

	- name: build and sign the app (Windows only)
	if: matrix.platform == 'windows-2019'
	run: \|

	npm run dist
	npm run tauri -- build --verbose # building in verbose mode to get reasonable logging output in case of failure

	dotnet tool install --global AzureSignTool

	# replace-me -- HELP
	# 1. replace all occurrences of [[GITHUB_REPO_NAME]] with the name you of your GitHub repository
	# 2. replace all occurrences of [[productName]] with the productName field in tauri.conf.json
	# 3. replace all occurrences of [[version]] with the version field in tauri.conf.json
	# !! NOTE: The version field needs to be updated manually here with each new version of your app, otherwise the Windows build will fail.

	AzureSignTool sign -kvu "${{ secrets.AZURE_KEY_VAULT_URI }}" -kvi "${{ secrets.AZURE_CLIENT_ID }}" -kvt "${{ secrets.AZURE_TENANT_ID }}" -kvs "${{ secrets.AZURE_CLIENT_SECRET }}" -kvc ${{ secrets.AZURE_CERT_NAME }} -tr http://timestamp.digicert.com -v "D:\a\holochain-kangaroo\holochain-kangaroo\target\release\bundle\msi\hc-stress-test_0.0.2_x64_en-US.msi"

	# remove the .msi.zip and .msi.zip.sig files generated by tauri's build command as they are not code signed
	rm "D:\a\holochain-kangaroo\holochain-kangaroo\src-tauri\target\release\bundle\msi\hc-stress-test_0.0.2_x64_en-US.msi.zip"
	rm "D:\a\holochain-kangaroo\holochain-kangaroo\src-tauri\target\release\bundle\msi\hc-stress-test_0.0.2_x64_en-US.msi.zip.sig"

	# zip and sign the code signed .msi
	7z a -mx=0 "D:\a\holochain-kangaroo\holochain-kangaroo\src-tauri\target\release\bundle\msi\hc-stress-test_0.0.2_x64_en-US.msi.zip" "D:\a\holochain-kangaroo\holochain-kangaroo\target\release\bundle\msi\hc-stress-test_0.0.2_x64_en-US.msi"
	npm run tauri signer sign "D:\a\holochain-kangaroo\src-tauri\holochain-kangaroo\target\release\bundle\msi\hc-stress-test_0.0.2_x64_en-US.msi.zip" -- -k ${{ secrets.TAURI_PRIVATE_KEY }} -p "${{ secrets.TAURI_KEY_PASSWORD }}"

	# log hashes before and after code signing to verify that the uploaded assets are the right ones
	CertUtil -hashfile "D:\a\holochain-kangaroo\holochain-kangaroo\src-tauri\target\release\bundle\msi\hc-stress-test_0.0.2_x64_en-US.msi" SHA256
	CertUtil -hashfile "D:\a\holochain-kangaroo\holochain-kangaroo\src-tauri\target\release\bundle\msi\hc-stress-test_0.0.2_x64_en-US.msi.zip" SHA256
	CertUtil -hashfile "D:\a\holochain-kangaroo\holochain-kangaroo\src-tauri\target\release\bundle\msi\hc-stress-test_0.0.2_x64_en-US.msi.zip.sig" SHA256

	env:
	TAURI_PRIVATE_KEY: ${{ secrets.TAURI_PRIVATE_KEY }}
	TAURI_KEY_PASSWORD: ${{ secrets.TAURI_KEY_PASSWORD }}


	- name: upload signed .msi, .msi.zip, .msi.zip.sig files to github release (Windows only)
	uses: matthme/tauri-action-ev-signing@dist
	if: matrix.platform == 'windows-2019'
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	with:
	projectPath: src-tauri # specifying to prevent action from looking for artifacts in crates/hc_launch/src-tauri
	tagName: v__VERSION__ # the action automatically replaces \_\_VERSION\_\_ with the app version
	releaseName: "hc-stress-test v__VERSION__"
	releaseBody: "See assets below to download and install this version."
	releaseDraft: true
	prerelease: true
	args: --verbose

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

renamed back to hc-stress-test, bumped version number #2

Workflow file

renamed back to hc-stress-test, bumped version number #2

Jobs

Run details

Workflow file for this run