Upload files to the release after signing the binaries

bikmazefe · bikmazefe · commit c976d2fe530b · 2025-05-06T18:34:56.000+03:00
diff --git a/clients/cli/.github/workflows/release.yml b/clients/cli/.github/workflows/release.yml
@@ -32,12 +32,31 @@ jobs:
           API_TOKEN_GITHUB: ${{ secrets.API_TOKEN_GITHUB }}
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           VERSION: ${{ steps.version.outputs.VERSION }}
+      - name: Upload built binaries
+        uses: actions/upload-artifact@v4
+        with:
+          name: dist
+          path: dist/
+      - name: Create draft GitHub Release
+        uses: softprops/action-gh-release@v1
+        with:
+          draft: true
+          name: ${{ github.ref_name }}
+          tag_name: ${{ github.ref_name }}
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
   sign_and_notarize:
     runs-on: macos-latest
     needs: release
     steps:
       - name: Checkout
         uses: actions/checkout@v4
+      - name: Download built binaries
+        uses: actions/download-artifact@v4
+        with:
+          name: dist
+          path: dist
       - name: Sign CLI binaries
         run: bash ./build/sign.sh
         env:
@@ -46,6 +65,19 @@ jobs:
           SIGNING_IDENTITY: ${{ secrets.SIGNING_IDENTITY }}
           KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
           DIST_DIR: "dist"
+      - name: Upload signed binaries to Draft Release
+        uses: softprops/action-gh-release@v1
+        with:
+          files: dist/*
+          name: ${{ github.ref_name }}
+          tag_name: ${{ github.ref_name }}
+          draft: true
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: Publish GitHub Release
+        run: gh release edit ${{ github.ref_name }} --draft=false
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   brew:
     runs-on: ubuntu-latest
     needs: sign_and_notarize
diff --git a/clients/cli/build/release.sh b/clients/cli/build/release.sh
@@ -25,52 +25,4 @@ cp dist/phrase_linux_arm64 dist/linux/arm64
 
 docker buildx build --tag "${IMAGE}" --tag ${IMAGE_LATEST} --platform linux/amd64,linux/arm64 -f ./Dockerfile --push .
 
-# Create release
-function create_release_data()
-{
-  cat <<EOF
-{
-  "tag_name": "${VERSION}",
-  "name": "${VERSION}",
-  "draft": true,
-  "prerelease": false,
-  "body": "https://github.com/phrase/phrase-cli/blob/master/CHANGELOG.md"
-}
-EOF
-}
-
-echo "Create release $VERSION"
-api_url="https://api.github.com/repos/phrase/phrase-cli/releases"
-response="$(curl -H "Authorization: token ${GITHUB_TOKEN}" --data "$(create_release_data)" ${api_url})"
-release_id=$(echo $response | python -c "import sys, json; print(json.load(sys.stdin).get('id', ''))")
-
-if [ -z "$release_id" ]
-then
-  echo "Failed to create GitHub release"
-  echo $response
-  exit 1
-else
-  echo "New release created created with id: ${release_id}"
-fi
-
-# Upload artifacts
-DIST_DIR="./dist"
-for file in "$DIST_DIR"/*; do
-  if [ -f "$file" ]; then
-    echo "Uploading ${file}"
-    asset="https://uploads.github.com/repos/phrase/phrase-cli/releases/${release_id}/assets?name=$(basename "$file")"
-    curl -sS --data-binary @"$file" -H "Authorization: token ${GITHUB_TOKEN}" -H "Content-Type: application/octet-stream" $asset > /dev/null
-    echo Hash: $(sha256sum $file)
-  fi
-done
-
-echo "Publishing release"
-curl \
-  --silent \
-  -X PATCH \
-  -H "Authorization: token ${GITHUB_TOKEN}" \
-  -H "Accept: application/vnd.github.v3+json" \
-  "https://api.github.com/repos/phrase/phrase-cli/releases/${release_id}" \
-  -d '{"draft": false}' > /dev/null
-
-echo "Release successful"
+echo "Artifacts built and ready in dist/ directory. GitHub Release creation handled in GitHub Actions workflow."
