chore: comment out Apple certificate signing for now #29

Workflow file for this run

.github/workflows/release.yml at 2545cab

	name: Release

	on:
	push:
	tags:
	- "v*"

	permissions:
	contents: write

	jobs:
	build:
	strategy:
	fail-fast: false
	matrix:
	include:
	- platform: macos-latest
	args: --target aarch64-apple-darwin
	target: aarch64-apple-darwin
	- platform: macos-latest
	args: --target x86_64-apple-darwin
	target: x86_64-apple-darwin
	- platform: ubuntu-22.04
	args: ""
	target: x86_64-unknown-linux-gnu
	- platform: windows-latest
	args: ""
	target: x86_64-pc-windows-msvc

	runs-on: ${{ matrix.platform }}

	steps:
	- name: Checkout repository
	uses: actions/checkout@v4

	- name: Install dependencies (Ubuntu only)
	if: matrix.platform == 'ubuntu-22.04'
	run: \|
	sudo apt-get update
	sudo apt-get install -y libwebkit2gtk-4.1-dev libappindicator3-dev librsvg2-dev patchelf libasound2-dev

	- name: Setup Node.js
	uses: actions/setup-node@v4
	with:
	node-version: "20"

	- name: Install pnpm
	uses: pnpm/action-setup@v3
	with:
	version: 9

	- name: Install Rust stable
	uses: dtolnay/rust-toolchain@stable
	with:
	targets: ${{ matrix.target }}

	- name: Rust cache
	uses: swatinem/rust-cache@v2
	with:
	workspaces: "./packages/app/src-tauri -> target"

	- name: Install frontend dependencies
	run: pnpm install

	# - name: Import Apple certificate (macOS only)
	# if: runner.os == 'macOS'
	# env:
	# APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }}
	# APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }}
	# run: \|
	# CERTIFICATE_PATH=$RUNNER_TEMP/certificate.p12
	# KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
	# KEYCHAIN_PASSWORD=$(openssl rand -base64 32)

	# # 解码证书
	# echo -n "$APPLE_CERTIFICATE" \| base64 --decode -o $CERTIFICATE_PATH

	# # 创建临时钥匙串
	# security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
	# security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
	# security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH

	# # 导入证书到临时钥匙串
	# security import $CERTIFICATE_PATH -P "$APPLE_CERTIFICATE_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
	# security set-key-partition-list -S apple-tool:,apple: -k "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
	# security list-keychain -d user -s $KEYCHAIN_PATH

	- name: Build Tauri app
	uses: tauri-apps/tauri-action@v0
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	# macOS 代码签名
	APPLE_SIGNING_IDENTITY: ${{ secrets.APPLE_SIGNING_IDENTITY }}
	# macOS 公证（Notarization）
	APPLE_ID: ${{ secrets.APPLE_ID }}
	APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
	APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
	with:
	projectPath: "./packages/app"
	tagName: ${{ github.ref_name }}
	releaseName: "ReadAny ${{ github.ref_name }}"
	releaseBody: "See ASSETS to download and install this version."
	releaseDraft: true
	prerelease: false
	args: ${{ matrix.args }}

	create-updater-json:
	needs: build
	runs-on: ubuntu-latest

	steps:
	- name: Checkout repository
	uses: actions/checkout@v4

	- name: Get version
	id: version
	run: \|
	VERSION=${GITHUB_REF_NAME#v}
	echo "version=$VERSION" >> $GITHUB_OUTPUT

	- name: Wait for release
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	run: \|
	# Wait for release to be created
	for i in {1..30}; do
	if gh release view ${{ github.ref_name }} --json tagName --jq '.tagName' 2>/dev/null; then
	echo "Release found"
	break
	fi
	sleep 5
	done

	# Check if release is a draft
	IS_DRAFT=$(gh release view ${{ github.ref_name }} --json isDraft --jq '.')
	if [ "$IS_DRAFT" = "true" ]; then
	echo "Release is a draft, skipping latest.json upload"
	exit 0
	fi

	- name: Generate latest.json
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	run: \|
	VERSION="${{ steps.version.outputs.version }}"
	REPO="${{ github.repository }}"

	cat > latest.json << EOF
	{
	"version": "${VERSION}",
	"notes": "See https://github.com/${REPO}/releases/tag/${{ github.ref_name }} for details",
	"pub_date": "$(date -u +"%Y-%m-%dT%H:%M:%SZ")",
	"platforms": {
	"darwin-aarch64": {
	"signature": "",
	"url": "https://github.com/${REPO}/releases/download/${{ github.ref_name }}/ReadAny_aarch64.app.tar.gz"
	},
	"darwin-x86_64": {
	"signature": "",
	"url": "https://github.com/${REPO}/releases/download/${{ github.ref_name }}/ReadAny_x64.app.tar.gz"
	},
	"windows-x86_64": {
	"signature": "",
	"url": "https://github.com/${REPO}/releases/download/${{ github.ref_name }}/ReadAny_${VERSION}_x64-setup.exe"
	},
	"linux-x86_64": {
	"signature": "",
	"url": "https://github.com/${REPO}/releases/download/${{ github.ref_name }}/readany_${VERSION}_amd64.deb"
	}
	}
	}
	EOF

	- name: Upload latest.json
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	run: \|
	gh release upload ${{ github.ref_name }} latest.json --clobber

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore: comment out Apple certificate signing for now #29

Workflow file

chore: comment out Apple certificate signing for now #29

Uh oh!

Workflow file for this run