Skip to content

- fix: added certificate to keychain #186

- fix: added certificate to keychain

- fix: added certificate to keychain #186

Workflow file for this run

name: Release dev
on:
workflow_dispatch:
schedule:
- cron: "0 0 * * 2,4"
push:
branches:
- agallardol/shinkai-tray-node-integration
defaults:
run:
working-directory: ./
jobs:
# release-shinkai-visor:
# runs-on: ubuntu-latest
# environment: development
# steps:
# - name: Check out repository
# uses: actions/checkout@v4
# with:
# fetch-depth: 0
# - name: Setup Node version
# uses: actions/setup-node@v3
# with:
# node-version: 18
# check-latest: false
# registry-url: https://registry.npmjs.org
# cache: 'npm'
# cache-dependency-path: package-lock.json
# - name: Install dependencies
# run: |
# npm cache verify
# npm ci --no-audit --prefer-offline
# - name: get-npm-version
# id: package-version
# uses: martinbeentjes/[email protected]
# - name: Run NX build on shinkai-visor
# run: npx nx build shinkai-visor --skip-nx-cache
# env:
# VERSION: ${{ steps.package-version.outputs.current-version}}.${{github.run_number}}
# NAME_PREFIX: '[Dev]'
# DESCRIPTION_PREFIX: '[Dev]'
# - name: Zip extension
# run: cd ./dist/apps && zip -r shinkai-visor.zip shinkai-visor
# - name: Upload & Release
# uses: mnao305/[email protected]
# continue-on-error: true
# with:
# file-path: dist/apps/shinkai-visor.zip
# extension-id: ${{ secrets.CHROME_EXTENSION_ID }}
# client-id: ${{ secrets.CHROME_CLIENT_ID }}
# client-secret: ${{ secrets.CHROME_CLIENT_SECRET }}
# refresh-token: ${{ secrets.CHROME_REFRESH_TOKEN }}
# publish: false
# - uses: actions/upload-artifact@v3
# with:
# name: shinkai-visor
# path: dist/apps/shinkai-visor
# if-no-files-found: error
# retention-days: 5
release-shinkai-tray-macos:
name: Release Shinkai Tray
strategy:
matrix:
include:
# - arch: x86_64-unknown-linux-gnu
# os: ubuntu-22.04
- arch: aarch64-apple-darwin
os: macos-14
build_output_file_path: dist/apps/shinkai-tray/dmg/Shinkai Tray_${{ github.ref_name }}_aarch64.dmg
distributable_file_name: Shinkai-Tray-${{ github.ref_name }}_aarch64-apple-darwin.dmg
# - arch: x86_64-pc-windows-msvc
# os: windows-2022
runs-on: ${{ matrix.os }}
steps:
- name: Check out repository
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Cache cargo assets
id: cache
uses: actions/cache@v4
with:
path: |
~/.cargo/bin/
~/.cargo/registry/index/
~/.cargo/registry/cache/
~/.cargo/git/db/
target/
key: ${{ matrix.arch }}-build-cargo-${{ hashFiles('**/Cargo.lock') }}
- name: Setup Node version
uses: actions/setup-node@v3
with:
node-version: 18
check-latest: false
registry-url: https://registry.npmjs.org
cache: 'npm'
cache-dependency-path: package-lock.json
- name: Install dependencies
run: |
npm cache verify
npm ci --no-audit --prefer-offline
- name: get npm version
id: package-version
uses: Saionaro/[email protected]
- name: Install the Apple certificate and provisioning profile
env:
BUILD_CERTIFICATE_BASE64: ${{ secrets.APPLE_CERTIFICATE }}
P12_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }}
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
run: |
# create variables
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
# import certificate and provisioning profile from secrets
echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode -o $CERTIFICATE_PATH
# create temporary keychain
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
# import certificate to keychain
security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
security set-key-partition-list -S apple-tool:,apple: -k "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security list-keychain -d user -s $KEYCHAIN_PATH
- name: Run NX build on shinkai-tray
run: npx nx build shinkai-tray --skip-nx-cache
env:
APPLE_SIGNING_IDENTITY: ${{ secrets.APPLE_SIGNING_IDENTITY }}
APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }}
APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }}
# - name: Upload binaries to release
# uses: svenstaro/upload-release-action@v2
# with:
# repo_token: ${{ secrets.GITHUB_TOKEN }}
# file: ${{ matrix.build_output_file_path }}
# asset_name: ${{ matrix.distributable_file_name }}
# tag: ${{ github.ref }}
# overwrite: true
- name: Prepare binary files
run: |
mkdir files-to-r2
cp ${{ matrix.build_output_file_path }} files-to-r2/${{ matrix.distributable_file_name }}
- name: Upload binaries to R2 bucket
uses: shallwefootball/s3-upload-action@master
with:
endpoint: https://54bf1bf573b3e6471e574cc4d318db64.r2.cloudflarestorage.com
aws_key_id: ${{ secrets.R2_ACCESS_KEY_ID }}
aws_secret_access_key: ${{ secrets.R2_SECRET_ACCESS_KEY }}
aws_bucket: shinkai-download
source_dir: files-to-r2
destination_dir: ./shinkai-tray/binaries/${{ matrix.arch }}/
# At the moment we are not releasing android (CI was working)
# release-shinkai-app-android:
# runs-on: ubuntu-latest
# environment: development
# steps:
# - name: Check out repository
# uses: actions/checkout@v4
# with:
# fetch-depth: 0
# - name: Use nx set shas
# uses: nrwl/nx-set-shas@v3
# - name: Setup Node version
# uses: actions/setup-node@v3
# with:
# node-version: 18
# check-latest: false
# registry-url: https://registry.npmjs.org
# cache: 'npm'
# cache-dependency-path: package-lock.json
# - name: Install dependencies
# run: |
# npm cache verify
# npm ci --no-audit --prefer-offline
# - uses: actions/setup-java@v3
# with:
# java-version: '17'
# distribution: 'temurin'
# - name: Set mobile apps version
# run: |
# npx capacitor-set-version -v $VERSION -b $BUILD $APP_PATH
# env:
# VERSION: 0.0.0
# BUILD: ${{ github.run_number }}
# APP_PATH: ./apps/shinkai-app
# - name: Mount shinkai android keystore from secret
# run: |
# echo $KEYSTORE_BASE_64_STRING > $KEYSTORE_BASE_64_FILE_NAME
# base64 -d $KEYSTORE_BASE_64_FILE_NAME > $KEYSTORE_FILE_PATH
# env:
# KEYSTORE_BASE_64_STRING: ${{ secrets.ANDROID_KEYSTORE_BASE_64 }}
# KEYSTORE_BASE_64_FILE_NAME: shinkai-keystore-android-upload-base-64
# KEYSTORE_FILE_PATH: ./apps/shinkai-app/android/shinkai-keystore-android
# - name: Run NX build on shinkai-app-android
# run: |
# npx nx build:android shinkai-app
# env:
# ANDROID_KEYSTORE_FILE_PATH: shinkai-keystore-android
# ANDROID_KEYSTORE_PASS: ${{ secrets.ANDROID_KEYSTORE_PASS }}
# ANDROID_KEYSTORE_ALIAS: ${{ secrets.ANDROID_KEYSTORE_ALIAS }}
# ANDROID_KEYSTORE_ALIAS_PASS: ${{ secrets.ANDROID_KEYSTORE_ALIAS_PASS }}
# - name: Upload signed android .AAB file to Google Play Store
# uses: r0adkll/upload-google-play@v1
# with:
# serviceAccountJsonPlainText: ${{ secrets.ANDROID_SERVICE_ACCOUNT_JSON }}
# packageName: com.shinkai.app
# releaseFiles: ./dist/apps/shinkai-app-android/app-release-signed.aab
# track: internal
# status: draft