chore: enable codesigning #10
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| push: | |
| branches: | |
| - publish.wf # TEMPORARY - Remove before merging to main | |
| tags: | |
| - 'v*' | |
| workflow_dispatch: | |
| inputs: | |
| tag: | |
| description: 'Release tag (e.g., v0.0.6)' | |
| required: true | |
| type: string | |
| jobs: | |
| build-macos: | |
| name: Build macOS (${{ matrix.arch }}) | |
| runs-on: macos-latest | |
| strategy: | |
| matrix: | |
| arch: [arm64, x64] | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup pnpm | |
| uses: pnpm/action-setup@v4 | |
| with: | |
| version: 10.13.1 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: '24' | |
| cache: 'pnpm' | |
| - name: Install dependencies | |
| run: pnpm install --frozen-lockfile | |
| - name: Download Node.js binaries | |
| working-directory: apps/desktop | |
| run: pnpm download-node:all | |
| - name: Import Developer ID cert | |
| uses: apple-actions/import-codesign-certs@v3 | |
| with: | |
| p12-file-base64: ${{ secrets.DEVELOPER_CERT_BASE64 }} | |
| p12-password: ${{ secrets.DEVELOPER_CERT_PASSPHRASE }} | |
| - name: Build artifacts | |
| working-directory: apps/desktop | |
| env: | |
| SKIP_CODESIGNING: false | |
| SKIP_NOTARIZATION: true | |
| APPLE_ID: ${{ secrets.APPLE_ID }} | |
| APPLE_APP_PASSWORD: ${{ secrets.APPLE_APP_PASSWORD }} | |
| APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} | |
| CODESIGNING_IDENTITY: ${{ secrets.CODESIGNING_IDENTITY }} | |
| run: | | |
| # Now make the distributables | |
| pnpm make:${{ matrix.arch }} | |
| - name: Get version from package.json | |
| id: package_version | |
| working-directory: apps/desktop | |
| run: echo "version=$(node -p "require('./package.json').version")" >> $GITHUB_OUTPUT | |
| - name: Upload artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: macos-${{ matrix.arch }} | |
| path: | | |
| apps/desktop/out/make/*-${{ matrix.arch }}.dmg | |
| apps/desktop/out/make/zip/darwin/${{ matrix.arch }}/*.zip | |
| release: | |
| name: Create Release | |
| needs: build-macos | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Get version from package.json | |
| id: package_version | |
| working-directory: apps/desktop | |
| run: echo "version=$(node -p "require('./package.json').version")" >> $GITHUB_OUTPUT | |
| - name: Download all artifacts | |
| uses: actions/download-artifact@v4 | |
| with: | |
| path: artifacts | |
| - name: List artifacts | |
| run: | | |
| echo "=== Full artifacts directory structure ===" | |
| find artifacts -type f -name "*.dmg" -o -name "*.zip" | sort | |
| echo "" | |
| echo "=== Detailed file listing ===" | |
| find artifacts -type f \( -name "*.dmg" -o -name "*.zip" \) -exec ls -la {} \; | |
| - name: Create Release | |
| uses: softprops/action-gh-release@v2 | |
| with: | |
| draft: true | |
| prerelease: true | |
| tag_name: ${{ github.event.inputs.tag || github.ref_name }} | |
| name: Amical Desktop v${{ steps.package_version.outputs.version }} | |
| body: | | |
| ## Amical Desktop v${{ steps.package_version.outputs.version }} | |
| ### What's New | |
| - Please update this section with actual changes | |
| ### Downloads | |
| #### macOS | |
| - **Apple Silicon (M1/M2/M3)**: Download the DMG or ZIP file for arm64 | |
| - **Intel**: Download the DMG or ZIP file for x64 | |
| ### Installation | |
| **macOS**: | |
| - **DMG**: Download and open the DMG file, then drag Amical to your Applications folder | |
| - **ZIP**: Download and extract the ZIP file, then drag Amical to your Applications folder | |
| The ZIP files are primarily for automatic updates. We recommend using the DMG files for initial installation. | |
| files: | | |
| artifacts/macos-arm64/*.dmg | |
| artifacts/macos-arm64/zip/darwin/arm64/*.zip | |
| artifacts/macos-x64/*.dmg | |
| artifacts/macos-x64/zip/darwin/x64/*.zip | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |