Update electron-build.yml #71
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: 'electron-build' | |
| on: push | |
| jobs: | |
| release: | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| matrix: | |
| os: [macos-latest, desktop-build] | |
| steps: | |
| - name: Check out Git repository | |
| uses: actions/checkout@v1 | |
| - name: Read .nvmrc | |
| run: echo ::set-output name=NODE_VERSION::$(cat .nvmrc) | |
| id: nvm | |
| - name: Setup node js runtime | |
| uses: actions/setup-node@v1 | |
| with: | |
| node-version: ${{ steps.nvm.outputs.NODE_VERSION }} | |
| - uses: actions/setup-python@v4 #Install awscli on all platform | |
| with: | |
| python-version: '3.10' | |
| - name: Install AWSCLI Package | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install --upgrade pip | |
| pip install awscli | |
| - name: Configure AWS cli | |
| uses: aws-actions/configure-aws-credentials@v1 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: ${{ secrets.AWS_DEFAULT_REGION }} | |
| - name: Download fonts from S3 | |
| run: | | |
| aws s3 sync s3://lisk-desktop-files/fonts ./setup/react/assets/fonts/ | |
| - name: Install cpx | |
| if: startsWith(matrix.os, 'desktop-build') | |
| run: npm install -g cpx | |
| - name: Prepare for app notarization | |
| if: startsWith(matrix.os, 'macos') | |
| # Import the Apple API key for app notarization on macOS | |
| run: | | |
| mkdir -p ~/private_keys/ | |
| echo '${{ secrets.API_KEY }}' > ~/private_keys/SubscriptionKey_${{ secrets.API_KEY_ID }}.p8 | |
| echo API_KEY_PATH=~/private_keys/SubscriptionKey_${{ secrets.API_KEY_ID }}.p8 >> $GITHUB_ENV | |
| - name: Build and pack windows app | |
| if: startsWith(matrix.os, 'desktop-build') | |
| # codesigning | |
| uses: samuelmeuli/action-electron-builder@v1 | |
| with: | |
| build_script_name: pack:win | |
| github_token: ${{ secrets.github_token }} | |
| - name: Build and pack mac app | |
| if: startsWith(matrix.os, 'macos') | |
| env: | |
| build_script_name: pack | |
| mac_certs: ${{ secrets.MAC_CERTS }} | |
| mac_certs_password: ${{ secrets.MAC_CERTS_PASSWORD }} | |
| DEVELOPER_ID: ${{ secrets.DEVELOPER_ID }} | |
| github_token: ${{ secrets.github_token }} | |
| API_KEY: ${{ env.API_KEY_PATH }} | |
| API_KEY_ID: ${{ secrets.API_KEY_ID }} | |
| API_KEY_ISSUER_ID: ${{ secrets.API_KEY_ISSUER_ID }} | |
| run: | | |
| echo "$mac_certs" | base64 --decode > certificate.p12 | |
| security create-keychain -p $mac_certs_password build.keychain | |
| security default-keychain -s build.keychain | |
| security unlock-keychain -p $mac_certs_password build.keychain | |
| security import certificate.p12 -k build.keychain -P $mac_certs_password -T /usr/bin/codesign | |
| security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k $mac_certs_password build.keychain | |
| /usr/bin/codesign --force -s $DEVELOPER_ID ../../app -v |