fleet/.github/workflows/generate-desktop-targets.yml
Zach Wasserman 1a521133f4
Upgrade Go version to 1.19.8 (#11057)
# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [x] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
2023-04-07 12:05:22 -07:00

126 lines
4.1 KiB
YAML

name: Generate Fleet Desktop targets for Orbit
on:
push:
branches:
- main
paths:
# The workflow can be triggered by modifying FLEET_DESKTOP_VERSION env.
- '.github/workflows/generate-desktop-targets.yml'
pull_request:
paths:
# The workflow can be triggered by modifying FLEET_DESKTOP_VERSION env.
- '.github/workflows/generate-desktop-targets.yml'
workflow_dispatch:
# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id}}
cancel-in-progress: true
defaults:
run:
# fail-fast using bash -eo pipefail. See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference
shell: bash
env:
FLEET_DESKTOP_VERSION: 1.3.1
permissions:
contents: read
jobs:
desktop-macos:
runs-on: macos-latest
steps:
- name: Install Go
uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f # v2
with:
go-version: '^1.19.8'
- name: Checkout
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v2
- name: Import signing keys
env:
APPLE_APPLICATION_CERTIFICATE: ${{ secrets.APPLE_APPLICATION_CERTIFICATE }}
APPLE_APPLICATION_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_APPLICATION_CERTIFICATE_PASSWORD }}
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
run: |
echo "$APPLE_APPLICATION_CERTIFICATE" | base64 --decode > certificate.p12
security create-keychain -p $KEYCHAIN_PASSWORD build.keychain
security default-keychain -s build.keychain
security unlock-keychain -p $KEYCHAIN_PASSWORD build.keychain
security import certificate.p12 -k build.keychain -P $APPLE_APPLICATION_CERTIFICATE_PASSWORD -T /usr/bin/codesign
security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k $KEYCHAIN_PASSWORD build.keychain
security find-identity -vv
rm certificate.p12
- name: Generate desktop.app.tar.gz
env:
AC_USERNAME: ${{ secrets.APPLE_USERNAME }}
AC_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
AC_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
CODESIGN_IDENTITY: 51049B247B25B3119FAE7E9C0CC4375A43E47237
run: |
AC_USERNAME=$AC_USERNAME \
AC_PASSWORD=$AC_PASSWORD \
AC_TEAM_ID=$AC_TEAM_ID \
FLEET_DESKTOP_APPLE_AUTHORITY=$CODESIGN_IDENTITY \
FLEET_DESKTOP_NOTARIZE=true \
FLEET_DESKTOP_VERSION=$FLEET_DESKTOP_VERSION \
make desktop-app-tar-gz
- name: Upload desktop.app.tar.gz
uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v2
with:
name: desktop.app.tar.gz
path: desktop.app.tar.gz
desktop-windows:
runs-on: ubuntu-latest
steps:
- name: Install Go
uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f # v2
with:
go-version: '^1.19.8'
- name: Checkout
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v2
- name: Generate fleet-desktop.exe
run: |
FLEET_DESKTOP_VERSION=$FLEET_DESKTOP_VERSION \
make desktop-windows
- name: Upload fleet-desktop.exe
uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v2
with:
name: fleet-desktop.exe
path: fleet-desktop.exe
desktop-linux:
runs-on: ubuntu-latest
steps:
- name: Install Go
uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f # v2
with:
go-version: '^1.19.8'
- name: Checkout
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v2
- name: Generate desktop.tar.gz
run: |
FLEET_DESKTOP_VERSION=$FLEET_DESKTOP_VERSION \
make desktop-linux
- name: Upload desktop.tar.gz
uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v2
with:
name: desktop.tar.gz
path: desktop.tar.gz