feat: Generate a build passing the store as provider and uploading th… #2
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Store Release | ||
| on: | ||
| release: | ||
| types: | ||
| - published | ||
| concurrency: | ||
| group: release-${{ github.ref }} | ||
| cancel-in-progress: true | ||
| defaults: | ||
| run: | ||
| shell: 'bash' | ||
| jobs: | ||
| strategy: | ||
| fail-fast: true | ||
| matrix: | ||
| os: [ macos-latest, windows-latest ] | ||
| store: [ itch.io ] | ||
| runs-on: ${{ matrix.os }} | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| fetch-depth: 0 | ||
| fetch-tags: true | ||
| - name: Set up Node.js | ||
| uses: actions/setup-node@v4 | ||
| with: | ||
| cache: 'npm' | ||
| - name: Install dependencies | ||
| run: npm ci | ||
| env: | ||
| PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: 1 | ||
| - name: Get Release Tag | ||
| id: release_tag | ||
| run: | | ||
| echo "RELEASE_TAG=${GITHUB_REF##*/}" >> $GITHUB_OUTPUT | ||
| - name: Build Release for ${{ matrix.store }} | ||
| run: npm run build | ||
| env: | ||
| MODE: production | ||
| VITE_PROVIDER: ${{ matrix.store }} | ||
| # Segment API Key | ||
| VITE_SEGMENT_API_KEY: ${{ secrets.SEGMENT_API_KEY }} | ||
| # Sentry AUTH Token | ||
| SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} | ||
| VITE_SENTRY_DSN: ${{ secrets.SENTRY_DSN }} | ||
| # AWS Secrets | ||
| VITE_AWS_ACCESS_KEY_ID: ${{ secrets.EXPLORER_TEAM_AWS_ACCESS_KEY_ID }} | ||
| VITE_AWS_SECRET_ACCESS_KEY: ${{ secrets.EXPLORER_TEAM_AWS_SECRET_ACCESS_KEY }} | ||
| VITE_AWS_DEFAULT_REGION: ${{ secrets.EXPLORER_TEAM_AWS_DEFAULT_REGION }} | ||
| VITE_AWS_S3_BUCKET: ${{ secrets.EXPLORER_TEAM_S3_BUCKET }} | ||
| VITE_AWS_S3_BUCKET_PUBLIC_URL: ${{ vars.EXPLORER_TEAM_S3_BUCKET_PUBLIC_URL }} | ||
| # Download 'SSLcom/esigner-codesign' to a folder called 'esigner-codesign' in the root of the project | ||
| - name: Checkout esigner-codesign repository (Windows) | ||
| if: ${{ matrix.os == 'windows-latest' }} | ||
| uses: actions/checkout@v3 | ||
| with: | ||
| repository: 'SSLcom/esigner-codesign' | ||
| path: esigner-codesign | ||
| - name: Compile artifacts and upload them to S3 | ||
| # I use this action because it is capable of retrying multiple times if there are any issues with the distribution server | ||
| uses: nick-fields/retry@v3 | ||
| with: | ||
| timeout_minutes: 15 | ||
| max_attempts: 6 | ||
| retry_wait_seconds: 15 | ||
| retry_on: error | ||
| shell: 'bash' | ||
| command: npx electron-builder --config electron-store-builder.cjs \ | ||
| -c.extraMetadata.version=${{ steps.release_tag.outputs.release_tag }} \ | ||
| -c.mac.notarize.teamId=${{ env.APPLE_TEAM_ID }} \ | ||
| --publish always | ||
| env: | ||
| # Code Signing params | ||
| # See https://www.electron.build/code-signing | ||
| CSC_LINK: ${{ secrets.MACOS_CSC_LINK }} | ||
| CSC_KEY_PASSWORD: ${{ secrets.MACOS_CSC_KEY_PASSWORD }} | ||
| # Notarization params | ||
| # See https://www.electron.build/configuration/mac#NotarizeNotaryOptions | ||
| APPLE_ID: ${{ secrets.MACOS_NOTARIZATION_APPLE_ID }} | ||
| APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.MACOS_NOTARIZATION_PWD }} | ||
| APPLE_TEAM_ID: ${{ secrets.MACOS_NOTARIZATION_TEAM_ID }} | ||
| # Publishing artifacts | ||
| RELEASE_TAG: ${{ steps.release_tag.outputs.release_tag }} | ||
| GH_TOKEN: ${{ secrets.github_token }} # GitHub token, automatically provided (No need to define this secret in the repo settings) | ||
| # The following are the parameters required by the esigner-codesign action to work, we must explicitly pass in even the optional ones since we're not using the action directly, but from the checked out repo | ||
| CODE_SIGN_SCRIPT_PATH: "${{ github.workspace }}\\esigner-codesign\\dist\\index.js" | ||
| INPUT_COMMAND: "sign" | ||
| INPUT_FILE_PATH: "${{ github.workspace }}\\dist\\Decentraland Launcher-win-x64.exe" | ||
| INPUT_OVERRIDE: "true" | ||
| INPUT_MALWARE_BLOCK: "false" | ||
| INPUT_CLEAN_LOGS: "false" | ||
| INPUT_JVM_MAX_MEMORY: "1024M" | ||
| INPUT_ENVIRONMENT_NAME: "PROD" | ||
| INPUT_USERNAME: ${{ secrets.ES_USERNAME }} | ||
| INPUT_PASSWORD: ${{ secrets.ES_PASSWORD }} | ||
| INPUT_TOTP_SECRET: ${{ secrets.ES_TOTP_SECRET }} | ||
| INPUT_CREDENTIAL_ID: ${{ secrets.WINDOWS_CREDENTIAL_ID_SIGNER }} | ||
| # S3 Params | ||
| PROVIDER: ${{ matrix.store }} | ||
| AWS_ACCESS_KEY_ID: ${{ secrets.EXPLORER_TEAM_AWS_ACCESS_KEY_ID }} | ||
| AWS_SECRET_ACCESS_KEY: ${{ secrets.EXPLORER_TEAM_AWS_SECRET_ACCESS_KEY }} | ||
| AWS_S3_BUCKET: ${{ secrets.EXPLORER_TEAM_S3_BUCKET }} | ||
| AWS_DEFAULT_REGION: ${{ secrets.EXPLORER_TEAM_AWS_DEFAULT_REGION }} | ||
