Add ConsentDocuments.imdi to non-files export #432
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build/release | |
on: | |
push: | |
branches: | |
- V2 | |
- beta | |
- release | |
workflow_dispatch: | |
jobs: | |
release: | |
runs-on: ${{ matrix.os }} | |
strategy: | |
# don't quit checking one OS just because another failed | |
fail-fast: false | |
matrix: | |
os: [windows-latest, macos-latest] | |
steps: | |
- name: Sync clock (see https://github.com/actions/runner/issues/2996) | |
if: startsWith(matrix.os, 'macos') # in dec 2023, github action macs were having trouble with time | |
run: sudo sntp -sS time.windows.com | |
- name: Check out Git repository | |
uses: actions/checkout@v3 | |
- name: Install Node.js, NPM and Yarn as specified in package.json | |
uses: volta-cli/action@v4 | |
- name: Install dependencies | |
run: yarn install --frozen-lockfile --network-timeout 1000000 | |
- name: Write out segment key | |
env: | |
SEGMENT_API: ${{ secrets.SEGMENT_API }} | |
run: | | |
# note: not really hidden from a determined user | |
echo "$SEGMENT_API" > ./assets/.segment | |
shell: bash | |
- name: Prepare for app notarization (macOS) # REVIEW: this may not be used anymore with the switch from altool to notarize | |
if: startsWith(matrix.os, 'macos') | |
# Import Apple API key for app notarization on macOS | |
run: | | |
mkdir -p ~/private_keys/ | |
echo '${{ secrets.api_key }}' > ~/private_keys/AuthKey_${{ secrets.api_key_id }}.p8 | |
- name: Build/release Electron app | |
# Let's only do this if the commit is tagged with a version | |
#if: startsWith(github.ref, 'refs/tags/v') | |
uses: samuelmeuli/action-electron-builder@v1.6.0 | |
with: | |
# GitHub token, automatically provided to the action | |
# (No need to define this secret in the repo settings) | |
github_token: ${{ secrets.github_token }} | |
# If the commit is tagged with a version (e.g. "v1.0.0"), | |
# release the app after building | |
release: true # ${{ startsWith(github.ref, 'refs/tags/v') }} | |
env: | |
CSC_LINK: ${{ secrets.PROD_MACOS_CERTIFICATE }} | |
CSC_KEY_PASSWORD: ${{ secrets.PROD_MACOS_CERTIFICATE_PWD }} | |
# it's not clear which of these are used I see both in other people's yml | |
APPLEID: ${{ secrets.PROD_MACOS_NOTARIZATION_APPLE_ID}} | |
APPLEIDPASS: ${{ secrets.PROD_MACOS_NOTARIZATION_PWD }} # this is the "app-specific password", not the account password | |
APPLETEAMID: ${{ secrets.PROD_MACOS_NOTARIZATION_TEAM_ID }} | |
# These underline versions from https://github.com/karaggeorge/electron-builder-notarize | |
APPLE_ID: ${{ secrets.PROD_MACOS_NOTARIZATION_APPLE_ID }} | |
APPLE_ID_PASSWORD: ${{ secrets.PROD_MACOS_NOTARIZATION_PWD }} # this is the "app-specific password", not the account password | |
APPLE_TEAM_ID: ${{ secrets.PROD_MACOS_NOTARIZATION_TEAM_ID }} | |
# got an error specifically asking for this | |
APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.PROD_MACOS_NOTARIZATION_PWD }} | |
- name: Make new release on Sentry | |
env: | |
LAMETA_SENTRY_AUTH_TOKEN: ${{ secrets.LAMETA_SENTRY_AUTH_TOKEN }} | |
# Mac only because we only need this once per version, not once per operating system. | |
# this curl version doesn't work on windows because it calls `sudo` | |
if: startsWith(github.ref, 'refs/tags/v') && startsWith(matrix.os, 'macos') | |
run: | | |
curl -sL https://sentry.io/get-cli/ | bash | |
./make-sentry-release.sh |