release: v0.1.20 (#594) #69
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Tauri build on macOS | |
| on: | |
| push: | |
| tags: | |
| - "v*" | |
| workflow_dispatch: | |
| permissions: | |
| contents: write | |
| jobs: | |
| build-macos: | |
| strategy: | |
| matrix: | |
| include: | |
| - args: --target aarch64-apple-darwin | |
| target: 'aarch64-apple-darwin' | |
| - args: --target x86_64-apple-darwin | |
| target: 'x86_64-apple-darwin' | |
| runs-on: macos-latest | |
| env: | |
| APPLE_ID: ${{ secrets.APPLE_ID }} | |
| APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v5 | |
| - name: Add UV Package Manager To Tauri Project | |
| run: | | |
| cd frontend/src-tauri | |
| mkdir -p binaries | |
| ARCH=$(uname -m) | |
| echo "Current runner architecture: $ARCH" | |
| echo "Matrix target: ${{ matrix.args }}" | |
| # Download both architectures since we're building for both | |
| for UV_ARCH in aarch64-apple-darwin x86_64-apple-darwin; do | |
| echo "Downloading uv for $UV_ARCH..." | |
| curl -L -f -o uv-${UV_ARCH}.tar.gz "https://github.com/astral-sh/uv/releases/download/0.9.9/uv-${UV_ARCH}.tar.gz" | |
| # Extract tar.gz file to temporary directory | |
| mkdir -p temp_${UV_ARCH} | |
| tar -xzf uv-${UV_ARCH}.tar.gz -C temp_${UV_ARCH} | |
| # Find uv executable file after extraction | |
| UV_PATH=$(find temp_${UV_ARCH} -name "uv" -type f | head -1) | |
| if [ -z "$UV_PATH" ]; then | |
| echo "Error: uv executable not found for $UV_ARCH after extraction" | |
| echo "Contents of temp_${UV_ARCH}:" | |
| ls -la temp_${UV_ARCH}/ | |
| exit 1 | |
| fi | |
| echo "Found uv at: $UV_PATH" | |
| # Move uv to binaries directory with architecture suffix | |
| mv "$UV_PATH" "binaries/uv-${UV_ARCH}" | |
| chmod +x "binaries/uv-${UV_ARCH}" | |
| # Clean up | |
| rm -rf temp_${UV_ARCH} uv-${UV_ARCH}.tar.gz | |
| done | |
| # Debug: List all files in binaries directory | |
| echo "Contents of binaries directory:" | |
| ls -lah binaries/ | |
| echo "Verifying uv executables:" | |
| file binaries/uv-* || echo "No uv files found" | |
| - name: Import Apple Developer Certificate | |
| env: | |
| APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }} | |
| APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }} | |
| KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }} | |
| run: | | |
| echo "::add-mask::$APPLE_CERTIFICATE_PASSWORD" | |
| echo "::add-mask::$KEYCHAIN_PASSWORD" | |
| echo "::add-mask::${{ secrets.SECRET_INFO }}" | |
| echo $APPLE_CERTIFICATE | base64 --decode > certificate.p12 | |
| security create-keychain -p "$KEYCHAIN_PASSWORD" build.keychain 2>&1 | grep -v "password" || true | |
| security default-keychain -s build.keychain | |
| security unlock-keychain -p "$KEYCHAIN_PASSWORD" build.keychain 2>&1 | grep -v "password" || true | |
| security set-keychain-settings -t 3600 -u build.keychain | |
| security import certificate.p12 -k build.keychain -P "$APPLE_CERTIFICATE_PASSWORD" -T /usr/bin/codesign 2>&1 | grep -v "password" || true | |
| security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k "$KEYCHAIN_PASSWORD" build.keychain 2>&1 | grep -v "password" || true | |
| # Suppress certificate details output | |
| security find-identity -v -p codesigning build.keychain > /dev/null 2>&1 || true | |
| - name: Verify Certificate | |
| run: | | |
| CERT_INFO=$(security find-identity -v -p codesigning build.keychain 2>/dev/null | grep "Developer ID Application" || true) | |
| CERT_ID=$(echo "$CERT_INFO" | awk -F'"' '{print $2}') | |
| if [ -n "$CERT_ID" ]; then | |
| echo "::add-mask::$CERT_ID" | |
| echo "CERT_ID=$CERT_ID" >> $GITHUB_ENV | |
| echo "Certificate imported successfully." | |
| else | |
| echo "Error: Certificate not found" | |
| exit 1 | |
| fi | |
| - name: Setup Bun | |
| uses: oven-sh/setup-bun@v2 | |
| with: | |
| bun-version-file: "./frontend/package.json" | |
| - name: Install Dependencies | |
| run: | | |
| cd frontend | |
| bun install | |
| - name: Setup Rust | |
| uses: dtolnay/rust-toolchain@stable | |
| with: | |
| # Those targets are only used on macos runners so it's in an `if` to slightly speed up windows and linux builds. | |
| targets: aarch64-apple-darwin,x86_64-apple-darwin | |
| - name: Rust cache | |
| uses: swatinem/rust-cache@v2 | |
| with: | |
| workspaces: './src-tauri -> target' | |
| - uses: tauri-apps/tauri-action@v0 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }} | |
| APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }} | |
| APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} | |
| APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }} | |
| APPLE_SIGNING_IDENTITY: ${{ env.CERT_ID }} | |
| TAURI_SIGNING_PRIVATE_KEY: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY }} | |
| TAURI_SIGNING_PRIVATE_KEY_PASSWORD: ${{secrets.TAURI_SIGNING_PRIVATE_KEY_PASSWORD}} | |
| with: | |
| tagName: ${{ github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v') && 'v__VERSION__' || '' }} | |
| releaseName: ${{ github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v') && 'ValueCell-__VERSION__-beta' || '' }} | |
| releaseDraft: ${{ github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v') }} | |
| prerelease: false | |
| assetNamePattern: ValueCell-[version]-beta-[platform]-[arch][ext] | |
| args: ${{ matrix.args }} | |
| - name: Upload Artifacts | |
| uses: actions/upload-artifact@v5 | |
| if: ${{ !startsWith(github.ref, 'refs/tags/v') }} | |
| with: | |
| path: frontend/src-tauri/target/${{ matrix.target }}/release/bundle/dmg/*.dmg | |
| name: ValueCell-${{ matrix.target }}-${{ github.sha }} | |
| retention-days: 3 |