ci: update to checkoutv4 #275

Workflow file for this run

.github/workflows/build-installers.yml at 5b4846a

	name: 📦🚀 Build & Release

	on:
	push:
	tags:
	- '**'
	pull_request:
	branches:
	- '**'

	concurrency:
	# SHA is added to the end if on `main` to let all main workflows run
	group: ${{ github.ref }}-${{ github.workflow }}-${{ github.event_name }}-${{ github.ref == 'refs/heads/main' && github.sha \|\| '' }}
	cancel-in-progress: true

	permissions:
	id-token: write
	contents: write

	defaults:
	run:
	shell: bash

	jobs:
	build:
	name: 👷 ${{ matrix.os.emoji }} ${{ matrix.preconfiguration.name }} ${{ matrix.os.name }} ${{ matrix.arch.name }}
	runs-on: ${{ matrix.os.runs-on[matrix.arch.matrix] }}
	strategy:
	fail-fast: false
	matrix:
	configuration:
	- token-driver-artifact-ref: '' # Set to blank string for latest version
	python-version: [3.9]
	os:
	# TODO: use old versions for improved compatibility?
	- name: Linux
	matrix: linux
	emoji: 🐧
	runs-on:
	arm: [Linux, ARM64]
	intel: [ubuntu-latest]
	electron-builder-options: --linux
	electron-builder-unpacked: linux-unpacked
	executable-extension: ''
	build-result-pattern: '"climate-wallet"*".deb"'
	artifact-name: linux
	- name: macOS
	matrix: macos
	emoji: 🍎
	runs-on:
	arm: [macOS, ARM64]
	intel: [macos-12]
	electron-builder-options: --macos
	electron-builder-unpacked: mac
	executable-extension: ''
	build-result-pattern: '"Climate Wallet-"*".dmg"'
	artifact-name: macos
	- name: Windows
	matrix: windows
	emoji: 🪟
	runs-on:
	intel: [windows-latest]
	electron-builder-options: --windows
	electron-builder-unpacked: win-unpacked
	executable-extension: '.exe'
	build-result-pattern: '"Climate Wallet Setup "*".exe"'
	artifact-name: windows
	arch:
	- name: ARM
	matrix: arm
	artifact-name: arm64
	electron-builder-options: --arm64
	- name: Intel
	matrix: intel
	artifact-name: x64
	electron-builder-options: --x64
	preconfiguration:
	- name: default
	cadt-api-server-host: 'https://observer.climateactiondata.org/api'
	cadt-ui-host: 'https://observer.climateactiondata.org'
	- name: testneta
	cadt-api-server-host: 'https://chia-cadt-demo.chiamanaged.com/observer'
	cadt-ui-host: 'https://chia-cadt-demo.chiamanaged.com/'
	exclude:
	- os:
	matrix: windows
	arch:
	matrix: arm

	steps:
	- name: Clean workspace
	uses: Chia-Network/actions/clean-workspace@main

	- name: Checkout Code
	uses: actions/checkout@v4
	with:
	fetch-depth: 0

	- name: Setup Node 18.x
	uses: actions/setup-node@v3
	with:
	node-version: '18'

	- name: install dmg-license
	if: matrix.os.matrix == 'macos'
	run: \|
	npm install dmg-license

	- name: Download Token Driver Client from release
	env:
	GH_TOKEN: ${{ secrets.GH_READ_REPOS }}
	DESTINATION: extraResources/token-driver-client${{ matrix.os.executable-extension }}
	run: \|
	gh release download ${{ matrix.configuration.token-driver-artifact-ref }} \
	--repo chia-network/climate-token-driver \
	--pattern climate-token-driver_${{ matrix.os.matrix}}_*_${{ matrix.arch.artifact-name }}.zip \
	--dir downloaded-artifacts/
	pushd downloaded-artifacts
	unzip *.zip
	rm -f *.zip
	popd
	mkdir -p extraResources/
	mv downloaded-artifacts/* "${DESTINATION}"
	chmod a+x "${DESTINATION}"
	ls -la extraResources/ \|\| true
	if: matrix.preconfiguration.name == 'default'

	- name: Download Token Driver Client from artifact for custom config
	env:
	GH_TOKEN: ${{ secrets.GH_READ_REPOS }}
	DESTINATION: extraResources/token-driver-client${{ matrix.os.executable-extension }}
	run: \|
	RUN_ID=$(gh run list ${{ matrix.configuration.token-driver-artifact-ref }} \
	--repo chia-network/climate-token-driver \
	--branch $(gh release view \
	--repo chia-network/climate-token-driver \
	--json tagName \
	--jq '.tagName') \
	--workflow "Build & Release" \
	--status completed \
	--limit 1 \
	--json databaseId \
	--jq '.[0].databaseId')

	gh run download $RUN_ID \
	--repo chia-network/climate-token-driver \
	--name climate-token-driver-${{ matrix.preconfiguration.name }}-${{ matrix.os.artifact-name }}-${{ matrix.arch.artifact-name }} \
	--dir downloaded-artifacts/

	mkdir -p extraResources/
	mv downloaded-artifacts/* "${DESTINATION}"
	chmod a+x "${DESTINATION}"
	ls -la extraResources/ \|\| true
	if: matrix.preconfiguration.name != 'default'

	- name: Prep .env file
	run: \|
	cp .env.example .env

	- name: Populate .env file for custom builds
	run: \|
	perl -pi -e 's{CADT_API_SERVER_HOST=.*}{CADT_API_SERVER_HOST=${{ matrix.preconfiguration.cadt-api-server-host }}}g' .env
	perl -pi -e 's{CADT_UI_HOST=.*}{CADT_UI_HOST=${{ matrix.preconfiguration.cadt-ui-host }}}g' .env
	cat .env
	if: matrix.preconfiguration.name != 'default'

	- name: Import Apple installer signing certificate
	if: matrix.os.matrix == 'macos'
	uses: Apple-Actions/import-codesign-certs@v2
	with:
	p12-file-base64: ${{ secrets.APPLE_DEV_ID_APP }}
	p12-password: ${{ secrets.APPLE_DEV_ID_APP_PASS }}

	- name: Prepare for Linux ARM electron-builder
	if: matrix.os.matrix == 'linux' && matrix.arch.matrix == 'arm'
	run: \|
	# TODO: make this an action?
	# https://github.com/Chia-Network/chia-blockchain/blob/9b8cdd36daebf2efe8777c98e212e564f4cdd475/build_scripts/build_linux_deb-2-installer.sh#L72
	#
	# Install Ruby Version Manager
	gpg --keyserver keyserver.ubuntu.com --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB
	curl -sSL https://get.rvm.io \| bash -s stable
	source ~/.rvm/scripts/rvm
	rvm reload
	# Install ruby3
	rvm install ruby-3.2.1
	rvm use ruby-3.2.1
	ruby --version
	gem install public_suffix -v 4.0.7
	gem install fpm
	echo "USE_SYSTEM_FPM=true" >> "${GITHUB_ENV}"

	- name: Build electron app
	if: (matrix.os.matrix == 'linux' && matrix.arch.matrix == 'intel') \|\| matrix.os.matrix == 'windows'
	run: \|
	npm install
	npm run build
	npm run package-none -- ${{ matrix.os.electron-builder-options }} ${{ matrix.arch.electron-builder-options }}

	- name: Build electron app (Linux ARM)
	if: matrix.os.matrix == 'linux' && matrix.arch.matrix == 'arm'
	run: \|
	source ~/.rvm/scripts/rvm
	npm install
	npm run build
	npm run package-none -- ${{ matrix.os.electron-builder-options }} ${{ matrix.arch.electron-builder-options }}

	- name: Build electron app (macOS)
	if: matrix.os.matrix == 'macos'
	env:
	# macos
	CSC_FOR_PULL_REQUEST: 'true'
	run: \|
	npm install
	npm run build
	npm run package-none -- ${{ matrix.os.electron-builder-options }} ${{ matrix.arch.electron-builder-options }}

	- name: Copy to artifacts/
	run: \|
	ls -la dist \|\| true
	mkdir -p artifacts/
	cp -v dist/${{ matrix.os.build-result-pattern }} artifacts/

	- name: Notarize
	if: matrix.os.matrix == 'macos'
	run: \|
	DMG_FILE=$(find ${{ github.workspace }}/artifacts/ -type f -name '*.dmg')
	xcrun notarytool submit \
	--wait \
	--apple-id "${{ secrets.APPLE_NOTARIZE_USERNAME }}" \
	--password "${{ secrets.APPLE_NOTARIZE_PASSWORD }}" \
	--team-id "${{ secrets.APPLE_TEAM_ID }}" \
	"$DMG_FILE"

	# Windows Code Signing
	- name: Get installer name for signing
	if: matrix.os.matrix == 'windows'
	shell: bash
	run: \|
	FILE=$(find artifacts -type f -maxdepth 1 -name '*.exe')
	echo "Installer file is $FILE"
	echo "INSTALLER_FILE=$FILE" >> "$GITHUB_ENV"

	- name: Sign windows artifacts
	if: matrix.os.matrix == 'windows'
	uses: chia-network/actions/digicert/windows-sign@main
	with:
	sm_api_key: ${{ secrets.SM_API_KEY }}
	sm_client_cert_file_b64: ${{ secrets.SM_CLIENT_CERT_FILE_B64 }}
	sm_client_cert_password: ${{ secrets.SM_CLIENT_CERT_PASSWORD }}
	sm_code_signing_cert_sha1_hash: ${{ secrets.SM_CODE_SIGNING_CERT_SHA1_HASH }}
	file: '${{ github.workspace }}/${{ env.INSTALLER_FILE }}'

	- name: Release
	uses: softprops/[email protected]
	with:
	files: artifacts/*
	fail_on_unmatched_files: true
	target_commitish: ${{ github.sha }}
	if: startsWith(github.ref, 'refs/tags/') && matrix.preconfiguration.name == 'default'

	# Create aritifacts so we have builds to test from pull requests
	- name: Upload installer to artifacts
	uses: actions/upload-artifact@v3
	with:
	name: ${{ matrix.os.artifact-name }}-${{ matrix.arch.artifact-name}}-installer
	path: 'artifacts/*'
	if: matrix.preconfiguration.name == 'default'

	- name: Upload custom installers to artifacts
	uses: actions/upload-artifact@v3
	with:
	name: ${{ matrix.os.artifact-name }}-${{ matrix.arch.artifact-name}}-${{ matrix.preconfiguration.name }}-installer
	path: 'artifacts/*'
	if: matrix.preconfiguration.name != 'default'

	# We want to delete this no matter what happened in the previous steps (failures, success, etc)
	- name: Delete signing keychain
	if: always()
	run: security delete-keychain signing_temp.keychain \|\| true

	release:
	runs-on: ubuntu-latest
	if: startsWith(github.ref, 'refs/tags/')
	needs:
	- build
	steps:
	- name: Get repo name
	id: repo-name
	run: \|
	echo "REPO_NAME=$(echo "$GITHUB_REPOSITORY" \| cut -d "/" -f 2)" >>$GITHUB_OUTPUT

	- name: Get tag name
	id: tag-name
	run: \|
	echo "TAGNAME=$(echo $GITHUB_REF \| cut -d / -f 3)" >>$GITHUB_OUTPUT

	- name: Trigger apt repo update
	uses: Chia-Network/actions/github/glue@main
	with:
	json_data: '{"climate_tokenization_repo":"${{ steps.repo-name.outputs.REPO_NAME }}","application_name":"[\"climate-wallet\"]","release_version":"${{ steps.tag-name.outputs.TAGNAME }}","add_debian_version":"false","arm64":"available"}'
	glue_url: ${{ secrets.GLUE_API_URL }}
	glue_project: 'climate-tokenization'
	glue_path: 'trigger'

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

ci: update to checkoutv4 #275

Workflow file

ci: update to checkoutv4 #275

Jobs

Run details

Workflow file for this run