Fix detekt #23
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Desktop MacOS Release | |
on: | |
push: | |
tags: | |
- '*-desktop' | |
jobs: | |
deploy: | |
runs-on: macos-latest | |
timeout-minutes: 60 | |
permissions: | |
contents: write | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: set up JDK | |
uses: actions/setup-java@v3 | |
with: | |
distribution: 'zulu' | |
java-version: 17.0.6 | |
- uses: gradle/[email protected] | |
with: | |
gradle-home-cache-cleanup: true | |
cache-read-only: false | |
- name: Import signing certificate into keychain | |
run: | | |
KEYCHAIN_FILE=default.keychain | |
security create-keychain -p $KEYCHAIN_PASSWORD_MACOS $KEYCHAIN_FILE | |
security default-keychain -s $KEYCHAIN_FILE | |
security unlock-keychain -p $KEYCHAIN_PASSWORD_MACOS $KEYCHAIN_FILE | |
security import <(echo $SIGNING_CERTIFICATE_P12_DATA | base64 --decode) \ | |
-f pkcs12 \ | |
-k $KEYCHAIN_FILE \ | |
-P $SIGNING_CERTIFICATE_PASSWORD \ | |
-T /usr/bin/codesign | |
security set-key-partition-list -S apple-tool:,apple: -s -k $KEYCHAIN_PASSWORD_MACOS $KEYCHAIN_FILE | |
env: | |
SIGNING_CERTIFICATE_P12_DATA: ${{ secrets.SIGNING_CERTIFICATE_P12_DATA_MACOS }} | |
SIGNING_CERTIFICATE_PASSWORD: ${{ secrets.SIGNING_CERTIFICATE_PASSWORD_MACOS }} | |
KEYCHAIN_PASSWORD_MACOS: ${{ secrets.KEYCHAIN_PASSWORD_MACOS }} | |
- name: Run Checks | |
run: ./gradlew detekt desktopTest jvmTest | |
- name: Upload reports | |
if: failure() | |
uses: actions/upload-artifact@v3 | |
with: | |
name: build-reports | |
path: | | |
**/build/reports/* | |
- name: Update Licenses file | |
run: ./gradlew desktopApp:exportLibraryDefinitions -PaboutLibraries.exportPath=src/main/resources/ | |
- name: Create path variables | |
id: path_variables | |
run: | | |
tag=$(git describe --tags --abbrev=0 --match "*-desktop") | |
version=$(echo "$tag" | sed 's/-desktop$//') | |
name="FeedFlow-${version}.dmg" | |
path="desktopApp/build/release/main-release/dmg/${name}" | |
echo "TAG=$tag" >> $GITHUB_OUTPUT | |
echo "VERSION=$version" >> $GITHUB_OUTPUT | |
echo "RELEASE_PATH=$path" >> $GITHUB_OUTPUT | |
- name: Create Properties file | |
run: | | |
echo "is_release=true" >> desktopApp/src/jvmMain/resources/props.properties | |
echo "sentry_dns=$SENTRY_DNS" >> desktopApp/src/jvmMain/resources/props.properties | |
echo "version=$VERSION" >> desktopApp/src/jvmMain/resources/props.properties | |
env: | |
SENTRY_DNS: ${{ secrets.SENTRY_DNS }} | |
VERSION: ${{ steps.path_variables.outputs.VERSION }} | |
- name: Create DMG | |
run: ./gradlew packageReleaseDmg | |
- name: Upload reports | |
if: failure() | |
uses: actions/upload-artifact@v3 | |
with: | |
name: reports | |
path: | | |
**/build/compose/logs/* | |
- name: Notarization | |
run: | | |
xcrun notarytool submit $RELEASE_PATH --apple-id $APPLE_ID_NOTARIZATION --password $NOTARIZATION_PWD --team-id $APPSTORE_TEAM_ID --wait | |
xcrun stapler staple $RELEASE_PATH | |
env: | |
APPLE_ID_NOTARIZATION: ${{ secrets.APPLE_ID_NOTARIZATION }} | |
APPSTORE_TEAM_ID: ${{ secrets.APPSTORE_TEAM_ID }} | |
NOTARIZATION_PWD: ${{ secrets.NOTARIZATION_PWD }} | |
RELEASE_PATH: ${{ steps.path_variables.outputs.RELEASE_PATH }} | |
- name: Upload binaries to release | |
uses: svenstaro/upload-release-action@v2 | |
with: | |
repo_token: ${{ secrets.GITHUB_TOKEN }} | |
file: ${{ steps.path_variables.outputs.RELEASE_PATH }} | |
tag: ${{ steps.path_variables.outputs.TAG }} | |
overwrite: true | |
body: "Release ${{ steps.path_variables.outputs.VERSION }}" | |
- name: Update website | |
run: | | |
file_path="website/data/hero.yml" | |
new_link="https://github.com/prof18/feed-flow/releases/download/$VERSION/FeedFlow-$VERSION.dmg" | |
awk -v new_link="$new_link" '/^button3Link:/ {print "button3Link: " new_link; next} 1' "$file_path" > tmpfile && mv tmpfile "$file_path" | |
env: | |
VERSION: ${{ steps.path_variables.outputs.VERSION }} | |
- name: Setup Hugo | |
uses: peaceiris/actions-hugo@v2 | |
with: | |
hugo-version: '0.101.0' | |
extended: true | |
- name: Build | |
run: | | |
cd website | |
HUGO_ENV=production hugo --gc --minify | |
- name: Deploy | |
uses: peaceiris/actions-gh-pages@v3 | |
with: | |
github_token: ${{ secrets.GITHUB_TOKEN }} | |
publish_dir: website/public |