Update release.yaml #59
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "Build app & create release" | |
| on: | |
| push: | |
| tags: | |
| - v*.*.* | |
| jobs: | |
| build-wireguard-go: | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| architecture: [arm64, amd64] | |
| runs-on: [self-hosted, macOS] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| repository: WireGuard/wireguard-go | |
| ref: master | |
| fetch-depth: 0 | |
| - name: Set up Go | |
| uses: actions/setup-go@v4 | |
| with: | |
| go-version: '1.20' | |
| - name: Build wireguard-go binary | |
| run: make | |
| env: | |
| GOOS: darwin | |
| GOARCH: ${{ matrix.architecture }} | |
| - name: Upload binary artifact arm64 | |
| if: matrix.architecture == 'arm64' | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: wireguard-go-aarch64-apple-darwin | |
| path: wireguard-go | |
| - name: Upload binary artifact amd64 | |
| if: matrix.architecture == 'amd64' | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: wireguard-go-x86_64-apple-darwin | |
| path: wireguard-go | |
| create-release: | |
| name: create-release | |
| runs-on: self-hosted | |
| outputs: | |
| upload_url: ${{ steps.release.outputs.upload_url }} | |
| steps: | |
| - name: Create GitHub release | |
| id: release | |
| uses: softprops/action-gh-release@v1 | |
| if: startsWith(github.ref, 'refs/tags/') | |
| with: | |
| draft: true | |
| generate_release_notes: true | |
| build-linux: | |
| needs: | |
| - create-release | |
| runs-on: | |
| - self-hosted | |
| - Linux | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| submodules: "recursive" | |
| - name: Write release version | |
| run: | | |
| VERSION=$(echo ${GITHUB_REF_NAME#v} | cut -d '-' -f1) | |
| echo Version: $VERSION | |
| echo "VERSION=$VERSION" >> $GITHUB_ENV | |
| - uses: actions/setup-node@v3 | |
| with: | |
| node-version: "20" | |
| - uses: pnpm/action-setup@v2 | |
| with: | |
| version: 8 | |
| run_install: false | |
| - name: Get pnpm store directory | |
| shell: bash | |
| run: | | |
| echo "STORE_PATH=$(pnpm store path --silent)" >> $GITHUB_ENV | |
| - uses: actions/cache@v3 | |
| name: Setup pnpm cache | |
| with: | |
| path: ${{ env.STORE_PATH }} | |
| key: ${{ runner.os }}-pnpm-build-store-${{ hashFiles('**/pnpm-lock.yaml') }} | |
| restore-keys: | | |
| ${{ runner.os }}-pnpm-build-store- | |
| - name: Install deps | |
| run: pnpm install --frozen-lockfile | |
| - uses: dtolnay/rust-toolchain@stable | |
| - name: install linux deps | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y libgtk-3-dev libwebkit2gtk-4.0-dev libappindicator3-dev librsvg2-dev patchelf libssl-dev unzip | |
| - name: install protobuf compiler | |
| run: | | |
| PB_REL='https://github.com/protocolbuffers/protobuf/releases' | |
| PB_VERSION='3.20.0' && curl -LO $PB_REL/download/v$PB_VERSION/protoc-$PB_VERSION-linux-x86_64.zip | |
| sudo unzip protoc-$PB_VERSION-linux-x86_64.zip bin/protoc include/google/* -d /usr/local | |
| - name: Build packages | |
| uses: tauri-apps/tauri-action@v0 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Upload DEB | |
| uses: actions/[email protected] | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| upload_url: ${{ needs.create-release.outputs.upload_url }} | |
| asset_path: src-tauri/target/release/bundle/deb/defguard-client_${{ env.VERSION }}_amd64.deb | |
| asset_name: defguard-client_${{ env.VERSION }}_amd64.deb | |
| asset_content_type: application/octet-stream | |
| - name: Upload AppImage | |
| uses: actions/[email protected] | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| upload_url: ${{ needs.create-release.outputs.upload_url }} | |
| asset_path: src-tauri/target/release/bundle/appimage/defguard-client_${{ env.VERSION }}_amd64.AppImage | |
| asset_name: defguard-client_${{ env.VERSION }}_amd64.AppImage | |
| asset_content_type: application/octet-stream | |
| - name: Rename client binary | |
| run: mv src-tauri/target/release/defguard-client defguard-client-linux-x86_64-${{ github.ref_name }} | |
| - name: Tar client binary | |
| uses: a7ul/[email protected] | |
| with: | |
| command: c | |
| files: | | |
| defguard-client-linux-x86_64-${{ github.ref_name }} | |
| outPath: defguard-client-linux-x86_64-${{ github.ref_name }}.tar.gz | |
| - name: Upload client archive | |
| uses: actions/[email protected] | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| upload_url: ${{ needs.create-release.outputs.upload_url }} | |
| asset_path: defguard-client-linux-x86_64-${{ github.ref_name }}.tar.gz | |
| asset_name: defguard-client-linux-x86_64-${{ github.ref_name }}.tar.gz | |
| asset_content_type: application/octet-stream | |
| - name: Rename daemon binary | |
| run: mv src-tauri/target/release/defguard-service defguard-service-linux-x86_64-${{ github.ref_name }} | |
| - name: Tar daemon binary | |
| uses: a7ul/[email protected] | |
| with: | |
| command: c | |
| files: | | |
| defguard-service-linux-x86_64-${{ github.ref_name }} | |
| outPath: defguard-service-linux-x86_64-${{ github.ref_name }}.tar.gz | |
| - name: Upload daemon archive | |
| uses: actions/[email protected] | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| upload_url: ${{ needs.create-release.outputs.upload_url }} | |
| asset_path: defguard-service-linux-x86_64-${{ github.ref_name }}.tar.gz | |
| asset_name: defguard-service-linux-x86_64-${{ github.ref_name }}.tar.gz | |
| asset_content_type: application/octet-stream | |
| build-macos: | |
| needs: | |
| - create-release | |
| - build-wireguard-go | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| target: [aarch64-apple-darwin, x86_64-apple-darwin] | |
| runs-on: | |
| - self-hosted | |
| - macOS | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| submodules: "recursive" | |
| - name: Write release version | |
| run: | | |
| VERSION=$(echo ${GITHUB_REF_NAME#v} | cut -d '-' -f1) | |
| echo Version: $VERSION | |
| echo "VERSION=$VERSION" >> $GITHUB_ENV | |
| - uses: actions/setup-node@v3 | |
| with: | |
| node-version: "20" | |
| - uses: pnpm/action-setup@v2 | |
| with: | |
| version: 8 | |
| run_install: false | |
| - name: Get pnpm store directory | |
| shell: bash | |
| run: echo "STORE_PATH=$(pnpm store path --silent)" >> $GITHUB_ENV | |
| - uses: actions/cache@v3 | |
| name: Setup pnpm cache | |
| with: | |
| path: ${{ env.STORE_PATH }} | |
| key: ${{ runner.os }}-pnpm-build-store-${{ hashFiles('**/pnpm-lock.yaml') }} | |
| restore-keys: | | |
| ${{ runner.os }}-pnpm-build-store- | |
| - name: Install deps | |
| run: pnpm install --frozen-lockfile | |
| - uses: dtolnay/rust-toolchain@stable | |
| - name: Install protobuf compiler | |
| run: brew install protobuf | |
| - name: Install ARM target | |
| run: rustup target add aarch64-apple-darwin | |
| - name: Download wireguard-go binary | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: wireguard-go-${{ matrix.target }} | |
| path: src-tauri/resources-macos/binaries/wireguard-go-${{ matrix.target }} | |
| - name: Unlock keychain | |
| run: security -v unlock-keychain -p "${{ secrets.KEYCHAIN_PASSWORD }}" /Users/admin/Library/Keychains/login.keychain | |
| - name: Build app | |
| uses: tauri-apps/tauri-action@v0 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| APPLE_SIGNING_IDENTITY: "Developer ID Application: TEONITE (6WD6W6WQNV)" | |
| APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }} | |
| APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }} | |
| APPLE_ID: "[email protected]" | |
| APPLE_PASSWORD: ${{ secrets.NOTARYTOOL_APP_SPECIFIC_PASSWORD }} | |
| APPLE_TEAM_ID: "6WD6W6WQNV" | |
| with: | |
| args: --target ${{ matrix.target }} -v | |
| - name: Build installation package | |
| run: | | |
| bash build-macos-package.sh src-tauri/target/${{ matrix.target }} src-tauri/resources-macos/scripts "Developer ID Installer: TEONITE (6WD6W6WQNV)" /Users/admin/Library/Keychains/login.keychain | |
| xcrun notarytool submit --wait --apple-id [email protected] --password ${{ secrets.NOTARYTOOL_APP_SPECIFIC_PASSWORD }} --team-id 6WD6W6WQNV src-tauri/target/${{ matrix.target }}/product-signed/defguard.pkg | |
| xcrun stapler staple src-tauri/target/${{ matrix.target }}/product-signed/defguard.pkg | |
| - name: Upload installation package | |
| uses: actions/[email protected] | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| upload_url: ${{ needs.create-release.outputs.upload_url }} | |
| asset_path: src-tauri/target/${{ matrix.target }}/product-signed/defguard.pkg | |
| asset_name: defguard-${{ matrix.target }}-${{ env.VERSION }}.pkg | |
| asset_content_type: application/octet-stream | |
| build-windows: | |
| needs: | |
| - create-release | |
| runs-on: windows-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| submodules: "recursive" | |
| - name: Write release version | |
| run: | | |
| $env:VERSION=echo ($env:GITHUB_REF_NAME.Substring(1) -Split "-")[0] | |
| # $env:VERSION=echo ($env:GITHUB_REF_NAME#v -Split "-")[0] | |
| # $env:VERSION=$(echo ${$env:GITHUB_REF_NAME#v} | cut -d '-' -f1) | |
| # VERSION=$(echo ${GITHUB_REF_NAME#v} | cut -d '-' -f1) | |
| echo Version: $env:VERSION | |
| echo "VERSION=$env:VERSION" >> $env:GITHUB_ENV | |
| - uses: actions/setup-node@v3 | |
| with: | |
| node-version: "20" | |
| - uses: pnpm/action-setup@v2 | |
| with: | |
| version: 8 | |
| run_install: false | |
| - name: Get pnpm store directory | |
| shell: bash | |
| run: echo "STORE_PATH=$(pnpm store path --silent)" >> $env:GITHUB_ENV | |
| - uses: actions/cache@v3 | |
| name: Setup pnpm cache | |
| with: | |
| path: ${{ env.STORE_PATH }} | |
| key: ${{ runner.os }}-pnpm-build-store-${{ hashFiles('**/pnpm-lock.yaml') }} | |
| restore-keys: | | |
| ${{ runner.os }}-pnpm-build-store- | |
| - name: Install deps | |
| run: pnpm install --frozen-lockfile | |
| - uses: dtolnay/rust-toolchain@stable | |
| - name: Install Protoc | |
| uses: arduino/setup-protoc@v2 | |
| with: | |
| repo-token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Build packages | |
| uses: tauri-apps/tauri-action@v0 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Upload installer | |
| uses: actions/[email protected] | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| upload_url: ${{ needs.create-release.outputs.upload_url }} | |
| asset_path: src-tauri/target/release/bundle/msi/defguard-client_${{ env.VERSION }}_x64_en-US.msi | |
| asset_name: defguard-client_${{ env.VERSION }}_x64_en-US.msi | |
| asset_content_type: application/octet-stream | |