Skip to content

publish-nym-vpn-app #174

publish-nym-vpn-app

publish-nym-vpn-app #174

name: publish-nym-vpn-app
on:
schedule:
- cron: "4 4 * * *"
workflow_dispatch:
inputs:
tag_name:
description: "Tag name for release"
required: false
default: nym-vpn-app-nightly
pre_release:
description: "Pre-release"
required: false
type: boolean
default: false
dev_mode:
description: "Enable dev mode (in-app dev menu)"
required: true
type: boolean
default: false
core_release_tag:
description: "nym-vpn-core release tag to use for Windows build (as it bundles the daemon)"
required: false
type: string
windows_sign:
description: "Sign this release for Windows using SSL.com. Signing is billed per signature so be 100% sure you want a signed release (should be the case for stable rel only)"
required: false
type: boolean
default: false
push:
tags:
- nym-vpn-app-v[0-9]+.[0-9]+.[0-9]+*
jobs:
build-nym-vpn-app-linux:
uses: ./.github/workflows/build-nym-vpn-app-linux.yml
with:
dev_mode: ${{ github.event_name == 'schedule' || contains(github.ref_name, 'dev') || contains(github.ref_name, 'nightly') || inputs.dev_mode == true }}
secrets: inherit
build-nym-vpn-app-windows:
uses: ./.github/workflows/build-nym-vpn-app-windows.yml
with:
dev_mode: ${{ github.event_name == 'schedule' || contains(github.ref_name, 'dev') || contains(github.ref_name, 'nightly') || inputs.dev_mode == true }}
core_release_tag: ${{ inputs.core_release_tag }}
sign: ${{ inputs.windows_sign == true }}
secrets: inherit
generate-build-info-nym-vpn-app:
uses: ./.github/workflows/generate-build-info-nym-vpn-app.yml
needs: build-nym-vpn-app-linux
with:
build-profile: release
rust-version: ${{ needs.build-nym-vpn-app-linux.outputs.RUST_VERSION }}
publish:
needs:
- build-nym-vpn-app-linux
- build-nym-vpn-app-windows
- generate-build-info-nym-vpn-app
runs-on: ubuntu-22.04
outputs:
tag: ${{ steps.set_tag.outputs.tag }}
env:
# GH needed for gh cli
GH_REPO: ${{ github.repository }}
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
PKG_VERSION: ${{ needs.build-nym-vpn-app-linux.outputs.PKG_VERSION }}
UPLOAD_DIR_UBUNTU_22: ${{ needs.build-nym-vpn-app-linux.outputs.UPLOAD_DIR_LINUX }}
UPLOAD_DIR_WINDOWS: ${{ needs.build-nym-vpn-app-windows.outputs.UPLOAD_DIR_WINDOWS }}
permissions: write-all
steps:
- name: Checkout repo
uses: actions/checkout@v4
# Adding envsubst, gh cli
- name: Install system dependencies
run: |
sudo apt update && sudo apt install -y gettext-base gh
- name: Install rust toolchain
uses: dtolnay/rust-toolchain@stable
with:
components: rustfmt, clippy
- name: Get package version
id: package-version
uses: nicolaiunrein/cargo-get@master
with:
subcommand: package.version --entry nym-vpn-app/src-tauri
- name: Check tag name consistency
if: github.event_name == 'push'
shell: bash
run: |
if [[ nym-vpn-app-v${{ steps.package-version.outputs.metadata }} != ${{ github.ref_name }} ]]; then
exit 1
fi
- name: Download artifacts
uses: actions/download-artifact@v4
# Setup TAG_NAME, which is used as a general "name"
- if: github.event_name == 'workflow_dispatch'
run: echo "TAG_NAME=${{ github.event.inputs.tag_name }}" >> $GITHUB_ENV
- if: github.event_name == 'schedule'
run: echo "TAG_NAME=nym-vpn-app-nightly" >> $GITHUB_ENV
- if: github.event_name == 'push'
run: echo "TAG_NAME=${{ github.ref_name }}" >> $GITHUB_ENV
- name: Set tag
id: set_tag
run: echo "tag=${{ env.TAG_NAME }}" >> "$GITHUB_OUTPUT"
- name: Setting subject, prerelease and notes files (nightly)
if: ${{ contains(env.TAG_NAME, 'nym-vpn-app-nightly') }}
run: |
(echo "SUBJECT=nym-vpn-app-v${{ steps.package-version.outputs.metadata }} nightly prerelease build";
echo 'PRERELEASE=--prerelease';
echo 'NOTES_FILE=release-notes/release-notes-vpn-app-nightly.md') >> $GITHUB_ENV
gh release delete nym-vpn-app-nightly --yes || true
git push origin :nym-vpn-app-nightly || true
- name: Setting subject, prerelease and notes files
if: ${{ !contains(env.TAG_NAME, 'nym-vpn-app-nightly') }}
run: |
(echo "SUBJECT=$TAG_NAME"
echo 'PRERELEASE=${{ inputs.pre_release && '--prerelease' || '' }}';
echo 'NOTES_FILE=release-notes/release-notes-vpn-app.md') >> $GITHUB_ENV
- name: Generate checksums
run: |
pushd ${{ env.UPLOAD_DIR_UBUNTU_22 }} || exit 1
for f in *; do sha256sum "$f" > "$f.sha256sum"; done
popd
pushd ${{ env.UPLOAD_DIR_WINDOWS }} || exit 1
for f in *; do sha256sum "$f" > "$f.sha256sum"; done
popd
echo 'SHA256_CHECKSUMS<<EOF' >> $GITHUB_ENV
cat ${{ env.UPLOAD_DIR_UBUNTU_22 }}/*.sha256sum >> $GITHUB_ENV
cat ${{ env.UPLOAD_DIR_WINDOWS }}/*.sha256sum >> $GITHUB_ENV
echo 'EOF' >> $GITHUB_ENV
- name: Build info
run: |
echo 'BUILD_INFO<<EOF' >> $GITHUB_ENV
cat build-info/build-info.txt >> $GITHUB_ENV
echo 'EOF' >> $GITHUB_ENV
- name: Publish release
run: |
echo "build info"
echo "$BUILD_INFO"
echo "checksums"
echo "$SHA256_CHECKSUMS"
echo "Creating release notes"
envsubst < "$GITHUB_WORKSPACE/.github/workflows/$NOTES_FILE" > "$RUNNER_TEMP/release-notes.md"
echo "Creating release nodes: output"
cat $RUNNER_TEMP/release-notes.md
echo "Creating release"
gh release create $TAG_NAME ${{ env.PRERELEASE }} \
--notes-file "$RUNNER_TEMP/release-notes.md" \
--title "$SUBJECT" \
--target $GITHUB_SHA \
${{ env.UPLOAD_DIR_UBUNTU_22}}/* \
${{ env.UPLOAD_DIR_WINDOWS}}/*
gen-hashes:
uses: ./.github/workflows/gen-hashes-json.yml
needs: publish
with:
release_tag: ${{ needs.publish.outputs.tag }}
secrets: inherit