mirror of
https://github.com/ninxsoft/Mist.git
synced 2025-06-04 00:58:43 -04:00
91 lines
6 KiB
YAML
91 lines
6 KiB
YAML
name: Draft New Release
|
|
on: workflow_dispatch
|
|
jobs:
|
|
build:
|
|
name: Draft New Release
|
|
runs-on: macos-13
|
|
env:
|
|
APPLE_DEVELOPER_ID_APPLICATION_CERTIFICATE: ${{ secrets.APPLE_DEVELOPER_ID_APPLICATION_CERTIFICATE }}
|
|
APPLE_DEVELOPER_ID_APPLICATION_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_DEVELOPER_ID_APPLICATION_CERTIFICATE_PASSWORD }}
|
|
APPLE_DEVELOPER_ID_APPLICATION_SIGNING_IDENTITY: "Developer ID Application: Nindi Gill (7K3HVCLV7Z)"
|
|
APPLE_DEVELOPER_ID_INSTALLER_CERTIFICATE: ${{ secrets.APPLE_DEVELOPER_ID_INSTALLER_CERTIFICATE }}
|
|
APPLE_DEVELOPER_ID_INSTALLER_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_DEVELOPER_ID_INSTALLER_CERTIFICATE_PASSWORD }}
|
|
APPLE_DEVELOPER_ID_INSTALLER_SIGNING_IDENTITY: "Developer ID Installer: Nindi Gill (7K3HVCLV7Z)"
|
|
APPLE_DEVELOPER_CERTIFICATE_AUTHORITY: ${{ secrets.APPLE_DEVELOPER_CERTIFICATE_AUTHORITY }}
|
|
APPLE_DEVELOPER_KEYCHAIN_PASSWORD: ${{ secrets.APPLE_DEVELOPER_KEYCHAIN_PASSWORD }}
|
|
APPLE_DEVELOPER_APPLE_ID: ${{ secrets.APPLE_DEVELOPER_APPLE_ID }}
|
|
APPLE_DEVELOPER_APPLE_ID_PASSWORD: ${{ secrets.APPLE_DEVELOPER_APPLE_ID_PASSWORD }}
|
|
APPLE_DEVELOPER_TEAM_ID: "7K3HVCLV7Z"
|
|
KEYCHAIN_FILE: "apple-developer.keychain-db"
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
- uses: swift-actions/setup-swift@v1
|
|
- name: Install Apple Developer ID Certificates
|
|
run: |
|
|
APPLE_DEVELOPER_ID_APPLICATION_CERTIFICATE_PATH="$RUNNER_TEMP/apple-developer-id-application-certificate.p12"
|
|
APPLE_DEVELOPER_ID_INSTALLER_CERTIFICATE_PATH="$RUNNER_TEMP/apple-developer-id-installer-certificate.p12"
|
|
APPLE_DEVELOPER_CERTIFICATE_AUTHORITY_PATH="$RUNNER_TEMP/apple-developer-certificate-authority.cer"
|
|
echo -n "$APPLE_DEVELOPER_ID_APPLICATION_CERTIFICATE" | base64 --decode -i - -o "$APPLE_DEVELOPER_ID_APPLICATION_CERTIFICATE_PATH"
|
|
echo -n "$APPLE_DEVELOPER_ID_INSTALLER_CERTIFICATE" | base64 --decode -i - -o "$APPLE_DEVELOPER_ID_INSTALLER_CERTIFICATE_PATH"
|
|
echo -n "$APPLE_DEVELOPER_CERTIFICATE_AUTHORITY" | base64 --decode -i - -o "$APPLE_DEVELOPER_CERTIFICATE_AUTHORITY_PATH"
|
|
security create-keychain -p "$APPLE_DEVELOPER_KEYCHAIN_PASSWORD" "$RUNNER_TEMP/$KEYCHAIN_FILE"
|
|
security set-keychain-settings -lut 21600 "$RUNNER_TEMP/$KEYCHAIN_FILE"
|
|
security unlock-keychain -p "$APPLE_DEVELOPER_KEYCHAIN_PASSWORD" "$RUNNER_TEMP/$KEYCHAIN_FILE"
|
|
security import "$APPLE_DEVELOPER_ID_APPLICATION_CERTIFICATE_PATH" -P "$APPLE_DEVELOPER_ID_APPLICATION_CERTIFICATE_PASSWORD" -A -t cert -f pkcs12 -k "$RUNNER_TEMP/$KEYCHAIN_FILE"
|
|
security import "$APPLE_DEVELOPER_ID_INSTALLER_CERTIFICATE_PATH" -P "$APPLE_DEVELOPER_ID_INSTALLER_CERTIFICATE_PASSWORD" -A -t cert -f pkcs12 -k "$RUNNER_TEMP/$KEYCHAIN_FILE"
|
|
security import "$APPLE_DEVELOPER_CERTIFICATE_AUTHORITY_PATH" -P "$APPLE_DEVELOPER_CERTIFICATE_PASSWORD" -A -t cert -f pkcs7 -k "$RUNNER_TEMP/$KEYCHAIN_FILE"
|
|
security list-keychain -d user -s "$RUNNER_TEMP/$KEYCHAIN_FILE"
|
|
- name: Archive Mist
|
|
run: xcodebuild -scheme Mist clean archive -configuration release -archivePath Mist -quiet
|
|
- name: Export Mist
|
|
run: xcodebuild -exportArchive -archivePath Mist.xcarchive -exportPath Export -exportOptionsPlist ExportOptions.plist
|
|
- name: Notarize Mist
|
|
run: |
|
|
ditto -c -k --keepParent "Export/Mist.app" "Export/Mist.zip"
|
|
xcrun notarytool submit "Export/Mist.zip" --apple-id "$APPLE_DEVELOPER_APPLE_ID" --password "$APPLE_DEVELOPER_APPLE_ID_PASSWORD" --team-id "$APPLE_DEVELOPER_TEAM_ID" --wait
|
|
xcrun stapler staple "Export/Mist.app"
|
|
- name: Determine Exported App Version
|
|
run: echo "APP_VERSION=$(defaults read "$GITHUB_WORKSPACE/Export/Mist.app/Contents/Info.plist" CFBundleShortVersionString)" >> "$GITHUB_ENV"
|
|
- name: Create Disk Image
|
|
run: |
|
|
DISK_IMAGE_IDENTIFIER="com.ninxsoft.dmg.mist"
|
|
DISK_IMAGE_TEMP="$RUNNER_TEMP/$DISK_IMAGE_IDENTIFIER"
|
|
DISK_IMAGE_FILENAME="Mist.${{ env.APP_VERSION }}.dmg"
|
|
echo "DISK_IMAGE_FILENAME=$DISK_IMAGE_FILENAME" >> "$GITHUB_ENV"
|
|
mkdir -p "$DISK_IMAGE_TEMP"
|
|
ditto "Export/Mist.app" "$DISK_IMAGE_TEMP/Applications/Mist.app"
|
|
hdiutil create -fs "HFS+" -srcFolder "$DISK_IMAGE_TEMP" -volname "Mist" "$DISK_IMAGE_FILENAME"
|
|
- name: Notarize Disk Image
|
|
run: |
|
|
xcrun notarytool submit "${{ env.DISK_IMAGE_FILENAME }}" --apple-id "$APPLE_DEVELOPER_APPLE_ID" --password "$APPLE_DEVELOPER_APPLE_ID_PASSWORD" --team-id "$APPLE_DEVELOPER_TEAM_ID" --wait
|
|
xcrun stapler staple "${{ env.DISK_IMAGE_FILENAME }}"
|
|
- name: Create Package
|
|
run: |
|
|
PACKAGE_IDENTIFIER="com.ninxsoft.pkg.mist"
|
|
PACKAGE_TEMP="$RUNNER_TEMP/$PACKAGE_IDENTIFIER"
|
|
PACKAGE_FILENAME="Mist.${{ env.APP_VERSION }}.pkg"
|
|
echo "PACKAGE_FILENAME=$PACKAGE_FILENAME" >> "$GITHUB_ENV"
|
|
mkdir -p "$PACKAGE_TEMP/Applications"
|
|
ditto "Export/Mist.app" "$PACKAGE_TEMP/Applications/Mist.app"
|
|
pkgbuild --root "$PACKAGE_TEMP" \
|
|
--identifier "$PACKAGE_IDENTIFIER" \
|
|
--version "${{ env.APP_VERSION }}" \
|
|
--min-os-version "12.0" \
|
|
--sign "$APPLE_DEVELOPER_ID_INSTALLER_SIGNING_IDENTITY" \
|
|
"$PACKAGE_FILENAME"
|
|
- name: Notarize Package
|
|
run: |
|
|
xcrun notarytool submit "${{ env.PACKAGE_FILENAME }}" --apple-id "$APPLE_DEVELOPER_APPLE_ID" --password "$APPLE_DEVELOPER_APPLE_ID_PASSWORD" --team-id "$APPLE_DEVELOPER_TEAM_ID" --wait
|
|
xcrun stapler staple "${{ env.PACKAGE_FILENAME }}"
|
|
- name: Draft New Release
|
|
uses: softprops/action-gh-release@v1
|
|
with:
|
|
name: ${{ env.APP_VERSION }}
|
|
tag_name: v${{ env.APP_VERSION }}
|
|
draft: true
|
|
files: |
|
|
${{ env.DISK_IMAGE_FILENAME }}
|
|
${{ env.PACKAGE_FILENAME }}
|
|
- name: Remove Apple Developer Keychain
|
|
if: ${{ always() }}
|
|
run: security delete-keychain $RUNNER_TEMP/apple-developer.keychain-db
|