-
Notifications
You must be signed in to change notification settings - Fork 7
145 lines (141 loc) · 5.56 KB
/
nymvpn-desktop.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
name: "publish"
on:
push:
branches:
- main
jobs:
publish-tauri:
strategy:
fail-fast: false
matrix:
platform: [windows-latest, macos-latest, ubuntu-latest]
runs-on: ${{ matrix.platform }}
env:
working-directory: /nym-vpn/desktop
steps:
- name: try to fix windows path length
if: matrix.platform == 'windows-latest'
run: git config --system core.longpaths true
- name: Checkout tools repo
uses: actions/checkout@v4
with:
repository: nymtech/nym
ref: feature/nymvpn-desktop
- name: setup node
uses: actions/setup-node@v1
with:
node-version: 21
- name: install Rust stable
uses: actions-rs/toolchain@v1
with:
toolchain: 1.73
#fix this
- name: install ubuntu dependencies
if: matrix.platform == 'ubuntu-latest'
run: |
sudo apt update && sudo apt upgrade -y && sudo apt install build-essential \
pkg-config \
libgtk-3-dev \
libssl-dev \
libsoup2.4-dev \
libjavascriptcoregtk-4.0-dev \
libwebkit2gtk-4.0-dev \
libmnl-dev \
libnftnl-dev \
protobuf-compiler \
zip \
- name: install cargo dependencies
continue-on-error: true
run: |
cargo install cargo-deb
cargo install --force cargo-make
cargo install sd
cargo install ripgrep
cargo install cargo-about
cargo install cargo-generate-rpm
- name: install protobuf macos
continue-on-error: true
if: matrix.platform == 'macos-latest'
run: |
brew install protobuf
- name: install protobuf windows
if: matrix.platform == 'windows-latest'
uses: crazy-max/ghaction-chocolatey@v3
with:
args: install protoc
- name: Add msbuild to PATH
if: matrix.platform == 'windows-latest'
uses: microsoft/[email protected]
- name: setup go
continue-on-error: true
uses: actions/setup-go@v4
with:
go-version: "stable"
- name: build ubuntu deb package
if: matrix.platform == 'ubuntu-latest'
run: cargo make deb
working-directory: .${{ env.working-directory }}
- name: Install the Apple developer certificate for code signing
if: matrix.platform == 'macos-latest'
env:
APPLE_CERTIFICATE: ${{ secrets.APPLE_DEVELOPER_INSTALLER_PRIVATE_KEY }}
APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_DEVELOPER_INSTALLER_PRIVATE_KEY_PASSWORD }}
APPLE_TEAM_ID: ${{ secrets.APPLE_DEVELOPER_TEAM_ID }}
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASS }}
run: |
# create variables
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
# import certificate and provisioning profile from secrets
echo -n "$APPLE_CERTIFICATE" | base64 --decode --output $CERTIFICATE_PATH
# create temporary keychain
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
# import certificate to keychain
security import $CERTIFICATE_PATH -P "$APPLE_CERTIFICATE_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
security list-keychain -d user -s $KEYCHAIN_PATH
- name: build macos pkg
if: matrix.platform == 'macos-latest'
run: cargo make pkg
working-directory: .${{ env.working-directory }}
env:
APPLE_TEAM_ID: ${{ secrets.APPLE_DEVELOPER_TEAM_ID }}
KEYCHAIN_PATH: ${{ runner.temp }}/app-signing.keychain-db
APPLICATION_SIGNING_IDENTITY: ${{ secrets.APPLE_DEVELOPER_IDENTITY_ID }}
INSTALLER_SIGNING_IDENTITY: ${{ secrets.INSTALLER_SIGNING_IDENTITY }}
- name: install arc windows
if: matrix.platform == 'windows-latest'
uses: crazy-max/ghaction-chocolatey@v3
with:
args: install archiver
- name: Set path for candle and light
if: matrix.platform == 'windows-latest'
run: echo "C:\Program Files (x86)\WiX Toolset v3.11\bin" >> $GITHUB_PATH
shell: bash
- name: add signtool to path
if: matrix.platform == 'windows-latest'
run: |
curl -L https://github.com/Delphier/SignTool/releases/download/v10.0.22621.755/SignTool-10.0.22621.755.zip --output signtool.zip
arc unarchive signtool.zip ${{ github.workspace }}/nym-vpn/desktop
- name: Create env file
uses: timheuer/[email protected]
if: matrix.platform == 'windows-latest'
with:
fileName: "signing.pfx"
fileDir: ${{ github.workspace }}/nym-vpn/desktop
encodedString: ${{ secrets.WINDOWS_SIGNING_PFX_BASE64 }}
- name: build windows installer
if: matrix.platform == 'windows-latest'
run: cargo make msi
working-directory: .${{ env.working-directory }}
env:
SIGN: true
CERT_FILE: 'signing.pfx'
CERT_FILE_PASSWORD: ${{ secrets.WINDOWS_SIGNING_PFX_PASSWORD }}
- uses: actions/upload-artifact@v3
if: matrix.platform == 'ubuntu-latest'
with:
name: nymvpn.deb
# need to make this not hardcoded to single version
path: ${{ github.workspace }}/nym-vpn/desktop/target/x86_64-unknown-linux-gnu/debian/nymvpn_0.0.2-1_amd64.deb