github-personal/firezone
1
0
Fork 0
mirror of https://github.com/outbackdingo/firezone.git synced 2026-01-27 10:18:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
5db8e20f3bb01cc1ecc59f95afa2ff4f32ef683b
firezone/.github/workflows/_tauri.yml
Jamil 5db8e20f3b chore: release Apple and GUI clients (#8882) 
- Apple clients 1.4.12
- GUI clients 1.4.11
2025-04-21 21:45:16 +00:00

147 lines
5.8 KiB
YAML
Raw Blame History

name: Tauri
on:
workflow_call:
workflow_dispatch:
defaults:
run:
working-directory: ./rust/gui-client
# Never tolerate warnings. Source of truth is `_rust.yml`
env:
RUSTFLAGS: "-Dwarnings"
RUSTDOCFLAGS: "-D warnings"
jobs:
update-release-draft:
name: update-release-draft
runs-on: ubuntu-22.04
env:
# mark:next-gui-version
RELEASE_NAME: gui-client-1.4.12
steps:
- uses: release-drafter/release-drafter@b1476f6e6eb133afa41ed8589daba6dc69b4d3f5 # v6.1.0
if: "${{ github.event_name == 'workflow_dispatch' && github.ref_name == 'main' }}"
id: update-release-draft
with:
config-name: release-drafter-gui-client.yml
tag: ${{ env.RELEASE_NAME }}
version: ${{ env.RELEASE_NAME }}
name: ${{ env.RELEASE_NAME }}
commitish: ${{ github.sha }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
build-gui:
name: build-gui-${{ matrix.runs-on }}
needs: update-release-draft
runs-on: ${{ matrix.runs-on }}
permissions:
contents: write # for attaching the build artifacts to the release
id-token: write
strategy:
fail-fast: false
matrix:
include:
- runs-on: ubuntu-22.04
arch: x86_64
os: linux
pkg-extension: deb
- runs-on: ubuntu-22.04-arm
arch: aarch64
os: linux
pkg-extension: deb
- runs-on: windows-2019
arch: x86_64
os: windows
pkg-extension: msi
env:
# mark:next-gui-version
ARTIFACT_SRC: ./rust/gui-client/firezone-client-gui-${{ matrix.os }}_1.4.12_${{ matrix.arch }}
# mark:next-gui-version
ARTIFACT_DST: firezone-client-gui-${{ matrix.os }}_1.4.12_${{ matrix.arch }}
AZURE_KEY_VAULT_URI: ${{ secrets.AZURE_KEY_VAULT_URI }}
AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }}
AZURE_CERT_NAME: ${{ secrets.AZURE_CERT_NAME }}
# mark:next-gui-version
BINARY_DEST_PATH: firezone-client-gui-${{ matrix.os }}_1.4.12_${{ matrix.arch }}
# Seems like there's no way to de-dupe env vars that depend on each other
# mark:next-gui-version
FIREZONE_GUI_VERSION: 1.4.12
RENAME_SCRIPT: ../../scripts/build/tauri-rename-${{ matrix.os }}.sh
TEST_INSTALL_SCRIPT: ../../scripts/tests/gui-client-install-${{ matrix.os }}-${{ matrix.pkg-extension }}.sh
TARGET_DIR: ../target
UPLOAD_SCRIPT: ../../scripts/build/tauri-upload-${{ matrix.os }}.sh
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-tags: true # Otherwise we cannot embed the correct version into the build.
- uses: ./.github/actions/setup-node
- uses: ./.github/actions/setup-rust
- uses: ./.github/actions/setup-tauri-v2
# Installing new packages can take time
timeout-minutes: 10
- uses: matbour/setup-sentry-cli@3e938c54b3018bdd019973689ef984e033b0454b #v2.0.0
with:
token: ${{ secrets.SENTRY_AUTH_TOKEN }}
organization: firezone-inc
- name: Install pnpm deps
run: pnpm install
- name: Install AzureSignTool
if: ${{ runner.os == 'Windows' }}
shell: bash
# AzureSignTool >= 5 needs .NET 8. windows-2019 runner only has .NET 7.
run: dotnet tool install --global AzureSignTool --version 4.0.1
- name: Build release exe and MSI / deb
env:
CARGO_PROFILE_RELEASE_LTO: thin # Fat LTO is getting too slow / RAM-hungry on Tauri builds
# Signs the exe before bundling it into the MSI
run: pnpm build
- name: Ensure unmodified Git workspace
run: git diff --exit-code
# We need to sign the exe inside the MSI. Currently
# we do this in a "beforeBundleCommand" hook in tauri.windows.conf.json.
# But this will soon be natively supported in Tauri.
# TODO: Use Tauri's native MSI signing with support for EV certs
# See https://github.com/tauri-apps/tauri/pull/8718
- name: Sign the MSI
if: ${{ runner.os == 'Windows' }}
shell: bash
run: ../../scripts/build/sign.sh ../target/release/bundle/msi/Firezone_${{ env.FIREZONE_GUI_VERSION }}_x64_en-US.msi
- name: Rename artifacts and compute SHA256
shell: bash
run: ${{ env.RENAME_SCRIPT }}
- name: Upload deb / msi package
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
with:
name: ${{ env.ARTIFACT_DST }}-pkg
path: ${{ env.ARTIFACT_SRC }}.${{ matrix.pkg-extension }}
if-no-files-found: error
- name: Upload rpm package
if: "${{ runner.os == 'Linux' }}"
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
with:
name: ${{ env.ARTIFACT_DST }}-rpm
path: ${{ env.ARTIFACT_SRC }}.rpm
if-no-files-found: error
- name: Test installation
if: "${{ github.event_name == 'workflow_dispatch' }}"
shell: bash
run: ${{ env.TEST_INSTALL_SCRIPT }}
- name: Upload debug symbols to Sentry
if: "${{ github.event_name == 'workflow_dispatch' && github.ref_name == 'main' }}"
run: |
sentry-cli debug-files upload --log-level info --project gui-client --include-sources ../target
- name: Upload Release Assets
if: "${{ github.event_name == 'workflow_dispatch' && github.ref_name == 'main' }}"
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
REPOSITORY: ${{ github.repository }}
TAG_NAME: gui-client-${{ env.FIREZONE_GUI_VERSION }}
shell: bash
run: ${{ env.UPLOAD_SCRIPT }}
Reference in New Issue View Git Blame Copy Permalink