mirror of
https://github.com/cryptomator/cryptomator.git
synced 2026-04-18 16:46:53 -04:00
144 lines
5.4 KiB
YAML
144 lines
5.4 KiB
YAML
name: Create a Cryptomator Release
|
|
|
|
on:
|
|
workflow_dispatch:
|
|
push:
|
|
tags:
|
|
- '*'
|
|
|
|
env:
|
|
JAVA_DIST: 'temurin'
|
|
JAVA_VERSION: 25
|
|
|
|
defaults:
|
|
run:
|
|
shell: bash
|
|
|
|
jobs:
|
|
get-version:
|
|
uses: ./.github/workflows/get-version.yml
|
|
with:
|
|
version: ''
|
|
|
|
create-release:
|
|
name: Compile and Test
|
|
runs-on: ubuntu-latest
|
|
needs: get-version
|
|
if: github.ref_type == 'tag' && needs.get-version.outputs.versionType != 'unknown'
|
|
steps:
|
|
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
|
|
- uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5.2.0
|
|
with:
|
|
distribution: ${{ env.JAVA_DIST }}
|
|
java-version: ${{ env.JAVA_VERSION }}
|
|
cache: 'maven'
|
|
- name: Build and Test
|
|
run: xvfb-run mvn -B verify -Plinux
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
|
|
- name: Draft a release
|
|
uses: softprops/action-gh-release@a06a81a03ee405af7f2048a818ed3f03bbf83c7b # v2.5.0
|
|
with:
|
|
draft: true
|
|
discussion_category_name: releases
|
|
token: ${{ secrets.CRYPTOBOT_RELEASE_TOKEN }}
|
|
generate_release_notes: true
|
|
body_path: .github/release-body.md.template
|
|
- name: Download source tarball
|
|
run: |
|
|
curl --silent --fail-with-body --proto "=https" -L -H "Accept: application/vnd.github+json" https://github.com/cryptomator/cryptomator/archive/${{ github.ref }}.tar.gz --output cryptomator-${{ github.ref_name }}.tar.gz
|
|
- name: Sign source tarball with key 615D449FE6E6A235
|
|
run: |
|
|
echo "${GPG_PRIVATE_KEY}" | gpg --batch --quiet --import
|
|
echo "${GPG_PASSPHRASE}" | gpg --batch --quiet --passphrase-fd 0 --pinentry-mode loopback -u 615D449FE6E6A235 --detach-sign -a cryptomator-*.tar.gz
|
|
env:
|
|
GPG_PRIVATE_KEY: ${{ secrets.RELEASES_GPG_PRIVATE_KEY }}
|
|
GPG_PASSPHRASE: ${{ secrets.RELEASES_GPG_PASSPHRASE }}
|
|
- name: Publish asc on GitHub Releases
|
|
uses: softprops/action-gh-release@a06a81a03ee405af7f2048a818ed3f03bbf83c7b # v2.5.0
|
|
with:
|
|
draft: true
|
|
fail_on_unmatched_files: true
|
|
token: ${{ secrets.CRYPTOBOT_RELEASE_TOKEN }}
|
|
files: |
|
|
cryptomator-*.tar.gz.asc
|
|
|
|
build-exe-and-msi:
|
|
needs: create-release
|
|
uses: ./.github/workflows/win-exe.yml
|
|
with:
|
|
is-release: true
|
|
secrets: inherit
|
|
|
|
build-dmg-arm64:
|
|
needs: create-release
|
|
uses: ./.github/workflows/mac-dmg.yml
|
|
with:
|
|
is-release: true
|
|
secrets: inherit
|
|
|
|
build-dmg-x64:
|
|
needs: create-release
|
|
uses: ./.github/workflows/mac-dmg-x64.yml
|
|
with:
|
|
is-release: true
|
|
secrets: inherit
|
|
|
|
build-appimages:
|
|
needs: create-release
|
|
uses: ./.github/workflows/appimage.yml
|
|
with:
|
|
is-release: true
|
|
secrets: inherit
|
|
|
|
update-sha256sums:
|
|
runs-on: ubuntu-latest
|
|
needs: [get-version, build-exe-and-msi, build-dmg-arm64, build-dmg-x64, build-appimages]
|
|
env:
|
|
TAG: ${{ github.ref_name }}
|
|
SEMVER: ${{ needs.get-version.outputs.semVerStr }}
|
|
GH_TOKEN: ${{ secrets.CRYPTOBOT_RELEASE_TOKEN }}
|
|
steps:
|
|
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
|
|
- name: Compute source tarball SHA256
|
|
id: src-sha256
|
|
run: |
|
|
curl --silent --fail-with-body --proto "=https" -L \
|
|
-H "Accept: application/vnd.github+json" \
|
|
"https://github.com/cryptomator/cryptomator/archive/refs/tags/${TAG}.tar.gz" \
|
|
--output "cryptomator-${SEMVER}.tar.gz"
|
|
read -ra CMD_OUTPUT < <(sha256sum "cryptomator-${SEMVER}.tar.gz")
|
|
echo "value=${CMD_OUTPUT[0]}" >> $GITHUB_OUTPUT
|
|
- name: Update release body with checksums
|
|
run: |
|
|
CURRENT_BODY=$(gh release view "${TAG}" --json body --jq .body)
|
|
RELEASE_BODY=$(printf '%s\n' "${CURRENT_BODY}" | sed '/<!-- HEADER -->/,/<!-- \/HEADER -->/c\
|
|
<!-- HEADER -->\
|
|
> [!SUCCESS]\
|
|
> Release artifacts finished building successfully.\
|
|
>\
|
|
> SHA-256 checksums have been updated below.\
|
|
<!-- /HEADER -->')
|
|
|
|
export TARBALL="${SRC_SHA} cryptomator-${SEMVER}.tar.gz"
|
|
export MSI="${MSI_SHA} Cryptomator-${SEMVER}-x64.msi"
|
|
export EXE="${EXE_SHA} Cryptomator-${SEMVER}-x64.exe"
|
|
export DMG_arm64="${DMG_ARM64_SHA} Cryptomator-${SEMVER}-arm64.dmg"
|
|
export DMG_x64="${DMG_X64_SHA} Cryptomator-${SEMVER}-x64.dmg"
|
|
export APPIMAGE_x86_64="${APPIMAGE_X64_SHA} cryptomator-${SEMVER}-x86_64.AppImage"
|
|
export APPIMAGE_aarch64="${APPIMAGE_AARCH64_SHA} cryptomator-${SEMVER}-aarch64.AppImage"
|
|
|
|
envsubst '$TARBALL $EXE $MSI $DMG_x64 $DMG_arm64 $APPIMAGE_x86_64 $APPIMAGE_aarch64' \
|
|
<<< "${RELEASE_BODY}" \
|
|
> release-body.md
|
|
|
|
gh release edit "${TAG}" --draft --notes-file release-body.md
|
|
env:
|
|
SRC_SHA: ${{ steps.src-sha256.outputs.value }}
|
|
MSI_SHA: ${{ needs.build-exe-and-msi.outputs.sha256-msi }}
|
|
EXE_SHA: ${{ needs.build-exe-and-msi.outputs.sha256-exe }}
|
|
DMG_ARM64_SHA: ${{ needs.build-dmg-arm64.outputs.sha256-dmg }}
|
|
DMG_X64_SHA: ${{ needs.build-dmg-x64.outputs.sha256-dmg }}
|
|
APPIMAGE_X64_SHA: ${{ needs.build-appimages.outputs.sha256-appimage-x64 }}
|
|
APPIMAGE_AARCH64_SHA: ${{ needs.build-appimages.outputs.sha256-appimage-aarch64 }}
|