87 lines
3.8 KiB
YAML
87 lines
3.8 KiB
YAML
name: "test-every-commit"
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- "test-build"
|
|
|
|
jobs:
|
|
test-tauri:
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
include:
|
|
- platform: "macos-latest" # for Arm based macs (M1 and above).
|
|
args: "--target aarch64-apple-darwin"
|
|
- platform: "macos-latest" # for Intel based macs.
|
|
args: "--target x86_64-apple-darwin"
|
|
- platform: "ubuntu-22.04" # for Tauri v1 you could replace this with ubuntu-20.04.
|
|
args: ""
|
|
- platform: "windows-latest"
|
|
args: ""
|
|
|
|
runs-on: ${{ matrix.platform }}
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: setup node
|
|
uses: actions/setup-node@v4
|
|
with:
|
|
node-version: lts/*
|
|
|
|
- name: install Rust stable
|
|
uses: dtolnay/rust-toolchain@stable
|
|
with:
|
|
# Those targets are only used on macos runners so it's in an `if` to slightly speed up windows and linux builds.
|
|
targets: ${{ matrix.platform == 'macos-latest' && 'aarch64-apple-darwin,x86_64-apple-darwin' || '' }}
|
|
|
|
- name: install dependencies (ubuntu only)
|
|
if: matrix.platform == 'ubuntu-22.04' # This must match the platform value defined above.
|
|
run: |
|
|
sudo apt-get update
|
|
sudo apt-get install -y libwebkit2gtk-4.0-dev libwebkit2gtk-4.1-dev libappindicator3-dev librsvg2-dev patchelf
|
|
# webkitgtk 4.0 is for Tauri v1 - webkitgtk 4.1 is for Tauri v2.
|
|
# You can remove the one that doesn't apply to your app to speed up the workflow a bit.
|
|
|
|
- name: install frontend dependencies
|
|
run: yarn install # change this to npm, pnpm or bun depending on which one you use.
|
|
|
|
- name: import Apple Developer Certificate
|
|
# Prevents keychain from locking automatically for 3600 seconds.
|
|
env:
|
|
APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }}
|
|
APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }}
|
|
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
|
|
run: |
|
|
echo $APPLE_CERTIFICATE | base64 --decode > certificate.p12
|
|
security create-keychain -p "$KEYCHAIN_PASSWORD" build.keychain
|
|
security default-keychain -s build.keychain
|
|
security unlock-keychain -p "$KEYCHAIN_PASSWORD" build.keychain
|
|
security set-keychain-settings -t 3600 -u build.keychain
|
|
security import certificate.p12 -k build.keychain -P "$APPLE_CERTIFICATE_PASSWORD" -T /usr/bin/codesign
|
|
security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k "$KEYCHAIN_PASSWORD" build.keychain
|
|
security find-identity -v -p codesigning build.keychain
|
|
|
|
- name: verify certificate
|
|
run: |
|
|
CERT_INFO=$(security find-identity -v -p codesigning build.keychain | grep "Developer ID Application")
|
|
CERT_ID=$(echo "$CERT_INFO" | awk -F'"' '{print $2}')
|
|
echo "CERT_ID=$CERT_ID" >> $GITHUB_ENV
|
|
echo "Certificate imported."
|
|
|
|
# If tagName and releaseId are omitted tauri-action will only build the app and won't try to upload any assets.
|
|
- uses: tauri-apps/tauri-action@v0
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
APPLE_ID: ${{ secrets.APPLE_ID }}
|
|
APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }}
|
|
APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
|
|
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
|
|
APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }}
|
|
APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }}
|
|
APPLE_SIGNING_IDENTITY: ${{ env.CERT_ID }}
|
|
AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
|
|
AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }}
|
|
AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
|
|
with:
|
|
args: ${{ matrix.args }}
|