Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build for mac-arm64 | |
on: | |
workflow_dispatch: | |
release: | |
types: [published] | |
env: | |
CARGO_TERM_COLOR: always | |
TARGET: aarch64-apple-darwin | |
FILENAME: tagoio-relay-mac-arm64 | |
jobs: | |
build: | |
runs-on: macOS-latest | |
environment: PROD | |
env: | |
CARGO_SERVER_SSL_CA: ${{ secrets.SERVER_SSL_CA }} | |
CARGO_SERVER_SSL_CERT: ${{ secrets.SERVER_SSL_CERT }} | |
CARGO_SERVER_SSL_KEY: ${{ secrets.SERVER_SSL_KEY }} | |
steps: | |
# Checkout the code | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Install Rust toolchain and components | |
uses: dtolnay/rust-toolchain@stable | |
with: | |
targets: "${{ env.TARGET }}" | |
- name: Setup Cache | |
uses: Swatinem/rust-cache@v2 | |
- name: Create empty .env file | |
run: touch .env | |
# Build the modules | |
- name: Build Binary | |
run: cargo build --verbose --locked --release --target ${{ env.TARGET }} | |
# Run tests | |
- name: Run tests | |
run: cargo test --verbose | |
# # Sign the executable | |
# - name: Codesign binary | |
# env: | |
# MACOS_CERTIFICATE: ${{ secrets.MACOS_CERTIFICATE }} | |
# MACOS_CERTIFICATE_PWD: ${{ secrets.MACOS_CERTIFICATE_PWD }} | |
# MACOS_FULL_IDENTITY: ${{ secrets.MACOS_FULL_IDENTITY }} | |
# run: | | |
# echo $MACOS_CERTIFICATE | openssl base64 -d -A > certificate.p12 | |
# security create-keychain -p $MACOS_CERTIFICATE_PWD build.keychain | |
# security default-keychain -s build.keychain | |
# security unlock-keychain -p $MACOS_CERTIFICATE_PWD build.keychain | |
# security import certificate.p12 -k build.keychain -P $MACOS_CERTIFICATE_PWD -T /usr/bin/codesign | |
# security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k $MACOS_CERTIFICATE_PWD build.keychain | |
# cd __build__binary__ | |
# /usr/bin/codesign -f -s "$MACOS_FULL_IDENTITY" --entitlements ../.github/macos-build-entitlements.plist --options=runtime --timestamp ./mqttrelay | |
# zip ./mqttrelay.zip ./mqttrelay | |
# /usr/bin/codesign -f -s "$MACOS_FULL_IDENTITY" --options=runtime --timestamp ./mqttrelay.zip | |
# # Notarize app using xcrun altool | |
# - name: Notarize binary | |
# env: | |
# MACOS_DEVELOPER_EMAIL: ${{ secrets.MACOS_DEVELOPER_EMAIL }} | |
# MACOS_DEVELOPER_PWD: ${{ secrets.MACOS_DEVELOPER_PWD }} | |
# MACOS_BUNDLE_ID: ${{ secrets.MACOS_BUNDLE_ID }} | |
# MACOS_ASC_PROVIDER: ${{ secrets.MACOS_ASC_PROVIDER }} | |
# run: xcrun altool --notarize-app --primary-bundle-id "$MACOS_BUNDLE_ID" -u "$MACOS_DEVELOPER_EMAIL" -p "$MACOS_DEVELOPER_PWD" --asc-provider "$MACOS_ASC_PROVIDER" -f ./__build__binary__/mqttrelay.zip | |
# Zip the binary | |
- name: Generate tar.gz | |
run: | | |
cd target/${{ env.TARGET }}/release | |
tar cvf - tagoio-relay | gzip > ../../../${{ env.FILENAME }}.tar.gz | |
# Upload the zip file as an artifact | |
- name: Upload artifact | |
if: github.event_name != 'release' | |
uses: actions/upload-artifact@v3 | |
with: | |
name: ${{ env.FILENAME }} | |
path: ./${{ env.FILENAME }}.tar.gz | |
- name: Generate SHA-256 checksum | |
if: github.event_name == 'release' | |
run: | | |
shasum -a 256 ${{ env.FILENAME }}.tar.gz > ${{ env.FILENAME }}.tar.gz.sha256 | |
# Upload the artifact to the release | |
- name: Upload to Release | |
if: github.event_name == 'release' | |
uses: softprops/action-gh-release@v2 | |
with: | |
files: | | |
./${{ env.FILENAME }}.tar.gz | |
./${{ env.FILENAME }}.tar.gz.sha256 |