fleet/.github/workflows/generate-desktop-targets.yml
2023-07-26 11:09:22 -07:00

126 lines
4.0 KiB
YAML

name: Generate Fleet Desktop targets for Orbit
on:
push:
branches:
- main
paths:
# The workflow can be triggered by modifying FLEET_DESKTOP_VERSION env.
- '.github/workflows/generate-desktop-targets.yml'
pull_request:
paths:
# The workflow can be triggered by modifying FLEET_DESKTOP_VERSION env.
- '.github/workflows/generate-desktop-targets.yml'
workflow_dispatch:
# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id}}
cancel-in-progress: true
defaults:
run:
# fail-fast using bash -eo pipefail. See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference
shell: bash
env:
FLEET_DESKTOP_VERSION: 1.10.0
permissions:
contents: read
jobs:
desktop-macos:
runs-on: macos-latest
steps:
- name: Install Go
uses: actions/setup-go@v4.0.1
with:
go-version: '^1.19.11'
- name: Checkout
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v2
- name: Import signing keys
env:
APPLE_APPLICATION_CERTIFICATE: ${{ secrets.APPLE_APPLICATION_CERTIFICATE }}
APPLE_APPLICATION_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_APPLICATION_CERTIFICATE_PASSWORD }}
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
run: |
echo "$APPLE_APPLICATION_CERTIFICATE" | base64 --decode > certificate.p12
security create-keychain -p $KEYCHAIN_PASSWORD build.keychain
security default-keychain -s build.keychain
security unlock-keychain -p $KEYCHAIN_PASSWORD build.keychain
security import certificate.p12 -k build.keychain -P $APPLE_APPLICATION_CERTIFICATE_PASSWORD -T /usr/bin/codesign
security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k $KEYCHAIN_PASSWORD build.keychain
security find-identity -vv
rm certificate.p12
- name: Generate desktop.app.tar.gz
env:
AC_USERNAME: ${{ secrets.APPLE_USERNAME }}
AC_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
AC_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
CODESIGN_IDENTITY: 51049B247B25B3119FAE7E9C0CC4375A43E47237
run: |
AC_USERNAME=$AC_USERNAME \
AC_PASSWORD=$AC_PASSWORD \
AC_TEAM_ID=$AC_TEAM_ID \
FLEET_DESKTOP_APPLE_AUTHORITY=$CODESIGN_IDENTITY \
FLEET_DESKTOP_NOTARIZE=true \
FLEET_DESKTOP_VERSION=$FLEET_DESKTOP_VERSION \
make desktop-app-tar-gz
- name: Upload desktop.app.tar.gz
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v2
with:
name: desktop.app.tar.gz
path: desktop.app.tar.gz
desktop-windows:
runs-on: ubuntu-latest
steps:
- name: Install Go
uses: actions/setup-go@v4.0.1
with:
go-version: '^1.19.11'
- name: Checkout
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v2
- name: Generate fleet-desktop.exe
run: |
FLEET_DESKTOP_VERSION=$FLEET_DESKTOP_VERSION \
make desktop-windows
- name: Upload fleet-desktop.exe
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v2
with:
name: fleet-desktop.exe
path: fleet-desktop.exe
desktop-linux:
runs-on: ubuntu-latest
steps:
- name: Install Go
uses: actions/setup-go@v4.0.1
with:
go-version: '^1.19.11'
- name: Checkout
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v2
- name: Generate desktop.tar.gz
run: |
FLEET_DESKTOP_VERSION=$FLEET_DESKTOP_VERSION \
make desktop-linux
- name: Upload desktop.tar.gz
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v2
with:
name: desktop.tar.gz
path: desktop.tar.gz