ci: correctly add github token #100
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "Release" | |
| on: | |
| push: | |
| branches: | |
| - main | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| jobs: | |
| release-please: | |
| if: ${{ !contains(github.event.head_commit.message, '[skip ci]') }} | |
| runs-on: ubuntu-latest | |
| outputs: | |
| releases_created: ${{ steps.release-please.outputs.releases_created }} | |
| tag_name: ${{ steps.release-please.outputs.tag_name }} | |
| sha: ${{ steps.release-please.outputs.sha }} | |
| release_id: ${{ steps.get-release-id.outputs.release_id }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Run release-please | |
| id: release-please | |
| uses: google-github-actions/release-please-action@v3 | |
| with: | |
| command: manifest | |
| release-type: node | |
| - name: Get release id | |
| id: get-release-id | |
| if: ${{ steps.release-please.outputs.releases_created }} | |
| run: echo "release_id=$(gh release view ${{ steps.release-please.outputs.tag_name }} --json id --template "{{.id}}")" >> "$GITHUB_OUTPUT" | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| build-tauri: | |
| if: ${{ !contains(github.event.head_commit.message, '[skip ci]') && needs.release-please.outputs.releases_created }} | |
| needs: release-please | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| platform: [macos-latest, ubuntu-latest, windows-latest] | |
| runs-on: ${{ matrix.platform }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ needs.release-please.outputs.sha }} | |
| - uses: pnpm/action-setup@v2 | |
| with: | |
| version: 8 | |
| - name: setup node | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: lts/* | |
| cache: pnpm | |
| - name: install Rust stable | |
| uses: actions-rs/toolchain@v1 | |
| with: | |
| toolchain: stable | |
| - name: cache Rust dependencies | |
| uses: Swatinem/rust-cache@v2 | |
| with: | |
| workspaces: src-tauri | |
| - name: install dependencies (ubuntu only) | |
| if: matrix.platform == 'ubuntu-latest' | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y libgtk-3-dev libwebkit2gtk-4.0-dev libappindicator3-dev librsvg2-dev patchelf libudev-dev build-essential curl wget libssl-dev libpcsclite-dev | |
| - name: install app dependencies and build it | |
| run: pnpm install && pnpm build | |
| - uses: tauri-apps/tauri-action@v0 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| TAURI_PRIVATE_KEY: ${{ secrets.TAURI_PRIVATE_KEY }} | |
| TAURI_KEY_PASSWORD: ${{ secrets.TAURI_KEY_PASSWORD }} | |
| with: | |
| releaseId: ${{ needs.release-please.outputs.release_id }} | |
| tauriScript: pnpm tauri | |
| publish-release: | |
| permissions: | |
| contents: write | |
| runs-on: ubuntu-latest | |
| needs: [release-please, build-tauri] | |
| steps: | |
| - name: publish release | |
| id: publish-release | |
| uses: actions/github-script@v6 | |
| env: | |
| release_id: ${{ needs.release-please.outputs.release_id }} | |
| with: | |
| script: | | |
| github.rest.repos.updateRelease({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| release_id: process.env.release_id, | |
| draft: false, | |
| prerelease: false | |
| }) |