Release #55
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "Release" | |
| on: | |
| push: | |
| tags: | |
| - 'v*' | |
| workflow_dispatch: | |
| inputs: | |
| tag: | |
| description: 'Tag name (e.g. v1.0.0)' | |
| required: true | |
| type: string | |
| # Add permissions block | |
| permissions: | |
| contents: write | |
| id-token: write | |
| jobs: | |
| build-mac: | |
| name: Build MacOS | |
| runs-on: macos | |
| environment: signing | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: DeterminateSystems/nix-installer-action@main | |
| - uses: DeterminateSystems/flakehub-cache-action@main | |
| - uses: DeterminateSystems/flake-checker-action@main | |
| - uses: Swatinem/rust-cache@v2 | |
| with: | |
| env-vars: CARGO USE_VENDOR_FEATURE | |
| - name: Build | |
| run: nix develop --command bash -c "bash scripts/build-macos.sh" | |
| - name: Sign macOS | |
| env: | |
| MACOS_CERTIFICATE: ${{ secrets.MACOS_CERTIFICATE }} | |
| MACOS_CERTIFICATE_PWD: ${{ secrets.MACOS_CERTIFICATE_PWD }} | |
| MACOS_CERTIFICATE_NAME: ${{ secrets.MACOS_CERTIFICATE_NAME }} | |
| MACOS_CI_KEYCHAIN_PWD: ${{ secrets.MACOS_CI_KEYCHAIN_PWD }} | |
| MACOS_NOTARIZATION_APPLE_ID: ${{ secrets.MACOS_NOTARIZATION_APPLE_ID }} | |
| MACOS_NOTARIZATION_TEAM_ID: ${{ secrets.MACOS_NOTARIZATION_TEAM_ID }} | |
| MACOS_NOTARIZATION_PWD: ${{ secrets.MACOS_NOTARIZATION_PWD }} | |
| run: nix develop --command bash -c "scripts/sign-macos.sh" | |
| - name: Package DMG | |
| run: nix develop --command bash -c "bash scripts/package-macos.sh" | |
| - name: Create Release and Upload Assets | |
| uses: softprops/action-gh-release@v2 | |
| with: | |
| name: Release ${{ github.event.inputs.tag || github.ref_name }} | |
| tag_name: ${{ github.event.inputs.tag || github.ref_name }} | |
| draft: true | |
| prerelease: false | |
| generate_release_notes: true | |
| files: target/release/macos/harbor.dmg | |
| build-linux: | |
| name: Build linux | |
| runs-on: ubuntu-22.04 | |
| environment: signing | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: DeterminateSystems/nix-installer-action@main | |
| - uses: DeterminateSystems/flakehub-cache-action@main | |
| - uses: DeterminateSystems/flake-checker-action@main | |
| - uses: Swatinem/rust-cache@v2 | |
| with: | |
| env-vars: CARGO USE_VENDOR_FEATURE | |
| - name: Build with Nix | |
| run: | | |
| # Build using nix environment only - no system deps | |
| nix develop --command bash -c "cargo build --release --features vendored -p harbor-ui" | |
| - name: Package Linux .deb | |
| run: nix develop --command bash -c "bash scripts/package-linux.sh package" | |
| - name: Set artifact path | |
| run: | | |
| echo "ARTIFACT_PATH=$(nix develop --command bash -c 'bash scripts/package-linux.sh archive_path')" >> "$GITHUB_ENV" | |
| echo "DEB_PATH=$(nix develop --command bash -c 'bash scripts/package-linux.sh deb_path')" >> "$GITHUB_ENV" | |
| - name: Upload artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: linux | |
| path: | | |
| ${{ env.ARTIFACT_PATH }} | |
| ${{ env.DEB_PATH }} | |
| - name: Create Release and Upload Assets | |
| uses: softprops/action-gh-release@v2 | |
| with: | |
| name: Release ${{ github.event.inputs.tag || github.ref_name }} | |
| tag_name: ${{ github.event.inputs.tag || github.ref_name }} | |
| draft: true | |
| prerelease: false | |
| generate_release_notes: true | |
| files: | | |
| ${{ env.ARTIFACT_PATH }} | |
| ${{ env.DEB_PATH }} |