name: Build on: push: tags: - "v*" paths-ignore: - "**.md" - "**.spec.js" - ".idea" - ".vscode" - ".dockerignore" - "Dockerfile" - ".gitignore" - ".github/**" - "!.github/workflows/build.yml" permissions: contents: write jobs: build: runs-on: ${{ matrix.os }} strategy: matrix: include: - os: macos-latest arch: arm64 - os: macos-13 arch: x64 - os: windows-latest arch: x64 steps: - name: Checkout Code uses: actions/checkout@v4 - name: Setup Node.js uses: actions/setup-node@v4 with: node-version: 20 - name: Setup Python uses: actions/setup-python@v4 with: python-version: "3.11" - name: Install Python Dependencies run: | python -m pip install --upgrade pip pip install uv - name: Install Dependencies run: npm install # Step for macOS builds with signing - name: Build Release Files (macOS with signing) if: runner.os == 'macOS' run: npm run build -- --arch ${{ matrix.arch }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} CSC_LINK: ${{ secrets.CERT_P12 }} CSC_KEY_PASSWORD: ${{ secrets.CERT_PASSWORD }} APPLE_ID: ${{ secrets.APPLE_ID }} APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.APPLE_APP_SPECIFIC_PASSWORD }} APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} VITE_BASE_URL: ${{ secrets.VITE_BASE_URL }} VITE_STACK_PROJECT_ID: ${{ secrets.VITE_STACK_PROJECT_ID }} VITE_STACK_PUBLISHABLE_CLIENT_KEY: ${{ secrets.VITE_STACK_PUBLISHABLE_CLIENT_KEY }} VITE_STACK_SECRET_SERVER_KEY: ${{ secrets.VITE_STACK_SECRET_SERVER_KEY }} # Step for Windows builds without signing - name: Build Release Files (Windows without signing) if: runner.os == 'Windows' run: npm run build -- --arch ${{ matrix.arch }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Signing variables (CSC_LINK, CSC_KEY_PASSWORD) are omitted for Windows VITE_BASE_URL: ${{ secrets.VITE_BASE_URL }} VITE_STACK_PROJECT_ID: ${{ secrets.VITE_STACK_PROJECT_ID }} VITE_STACK_PUBLISHABLE_CLIENT_KEY: ${{ secrets.VITE_STACK_PUBLISHABLE_CLIENT_KEY }} VITE_STACK_SECRET_SERVER_KEY: ${{ secrets.VITE_STACK_SECRET_SERVER_KEY }} - name: Upload Artifact uses: actions/upload-artifact@v4 with: name: release-${{ matrix.os }}-${{ matrix.arch }} path: | release/* !release/builder-debug.yml !release/builder-effective-config.yaml retention-days: 5 merge-release: needs: build runs-on: ubuntu-latest steps: - name: Create directories run: | mkdir -p release/mac-x64 release/mac-arm64 release/win-x64 # Download all artifacts with correct names - name: Download mac-x64 artifact uses: actions/download-artifact@v4 with: name: release-macos-13-x64 path: temp-mac-x64 - name: Download mac-arm64 artifact uses: actions/download-artifact@v4 with: name: release-macos-latest-arm64 path: temp-mac-arm64 - name: Download win-x64 artifact uses: actions/download-artifact@v4 with: name: release-windows-latest-x64 path: temp-win-x64 # Move files to final release directory, removing any nested release/ directory - name: Move files to clean folders shell: bash run: | # mac-x64 if [ -d "temp-mac-x64/release" ]; then mv temp-mac-x64/release/* release/mac-x64/ || true else mv temp-mac-x64/* release/mac-x64/ || true fi # mac-arm64 if [ -d "temp-mac-arm64/release" ]; then mv temp-mac-arm64/release/* release/mac-arm64/ || true else mv temp-mac-arm64/* release/mac-arm64/ || true fi # win-x64 if [ -d "temp-win-x64/release" ]; then mv temp-win-x64/release/* release/win-x64/ || true else mv temp-win-x64/* release/win-x64/ || true fi - name: Rename duplicate files run: | mv release/mac-x64/latest-mac.yml release/mac-x64/latest-x64-mac.yml || true mv release/mac-arm64/latest-mac.yml release/mac-arm64/latest-arm64-mac.yml || true # Create GitHub Release - name: Create GitHub Release if: startsWith(github.ref, 'refs/tags/') uses: softprops/action-gh-release@v1 with: files: | release/mac-x64/* release/mac-arm64/* release/win-x64/* env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}