chore(release)): v0.6.0 #28

Workflow file for this run

.github/workflows/release.yml at fbb3070

	name: Release Build

	on:
	push:
	branches:
	- release

	jobs:
	release:
	permissions:
	contents: write
	strategy:
	fail-fast: false
	matrix:
	include:
	- platform: 'macos-latest'
	args: '--target aarch64-apple-darwin'
	- platform: 'macos-latest'
	args: '--target x86_64-apple-darwin'
	- platform: 'ubuntu-22.04'
	args: ''
	- platform: 'windows-latest'
	args: ''

	runs-on: ${{ matrix.platform }}
	steps:
	- uses: actions/checkout@v4

	- name: Setup Node.js
	uses: actions/setup-node@v4
	with:
	node-version: 20

	- name: Install Rust stable
	uses: dtolnay/rust-toolchain@stable
	with:
	targets: ${{ matrix.platform == 'macos-latest' && 'aarch64-apple-darwin,x86_64-apple-darwin' \|\| '' }}

	- name: Install dependencies (Ubuntu only)
	if: matrix.platform == 'ubuntu-22.04'
	run: \|
	sudo apt-get update
	sudo apt-get install -y libwebkit2gtk-4.1-dev libappindicator3-dev librsvg2-dev patchelf

	- name: Install frontend dependencies
	run: yarn install

	- name: Get version from package.json
	id: version
	shell: bash
	run: echo "VERSION=$(node -p "require('./package.json').version")" >> $GITHUB_OUTPUT

	- name: Check signing configuration
	shell: bash
	run: \|
	if [ -n "${{ secrets.TAURI_SIGNING_PRIVATE_KEY }}" ]; then
	echo "✓ TAURI_SIGNING_PRIVATE_KEY is set (length: ${#TAURI_SIGNING_PRIVATE_KEY})"
	else
	echo "✗ TAURI_SIGNING_PRIVATE_KEY is NOT set"
	fi
	if [ -n "${{ secrets.TAURI_SIGNING_PRIVATE_KEY_PASSWORD }}" ]; then
	echo "✓ TAURI_SIGNING_PRIVATE_KEY_PASSWORD is set"
	else
	echo "✗ TAURI_SIGNING_PRIVATE_KEY_PASSWORD is NOT set"
	fi
	env:
	TAURI_SIGNING_PRIVATE_KEY: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY }}

	- name: Extract changelog for this version
	id: changelog
	shell: bash
	run: \|
	VERSION="${{ steps.version.outputs.VERSION }}"
	# Extract the section for this version from CHANGELOG.md
	# Finds content between ## [VERSION] and the next ## [
	CHANGELOG=$(awk "/## \[${VERSION}\]/{flag=1; next} /## \[/{flag=0} flag" CHANGELOG.md)

	# Output to GitHub Actions in multiline format
	echo "CHANGELOG<<EOF" >> $GITHUB_OUTPUT
	echo "$CHANGELOG" >> $GITHUB_OUTPUT
	echo "EOF" >> $GITHUB_OUTPUT

	echo "Extracted changelog:"
	echo "$CHANGELOG"

	- uses: tauri-apps/tauri-action@v0
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	TAURI_SIGNING_PRIVATE_KEY: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY }}
	TAURI_SIGNING_PRIVATE_KEY_PASSWORD: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY_PASSWORD }}
	POSTHOG_API_KEY: ${{ secrets.POSTHOG_API_KEY }}
	PUBLIC_SUPABASE_URL: ${{ secrets.PUBLIC_SUPABASE_URL }}
	PUBLIC_SUPABASE_ANON_KEY: ${{ secrets.PUBLIC_SUPABASE_ANON_KEY }}
	PUBLIC_SENTRY_DSN: ${{ secrets.PUBLIC_SENTRY_DSN }}
	with:
	tagName: v${{ steps.version.outputs.VERSION }}
	releaseName: 'Dota Keeper v${{ steps.version.outputs.VERSION }}'
	releaseBody: ${{ steps.changelog.outputs.CHANGELOG }}
	releaseDraft: true
	prerelease: false
	args: ${{ matrix.args }}

	- name: Verify signature files were created
	shell: bash
	run: \|
	echo "Checking for .sig files in target directory..."
	find src-tauri/target -name "*.sig" -type f \|\| echo "No .sig files found"
	echo ""
	echo "Listing all files in bundle directories:"
	find src-tauri/target -type d -name "bundle" -exec sh -c 'echo "=== {} ==="; ls -la "{}" 2>/dev/null \|\| true' \;
	echo ""
	echo "Searching for any signature-related files:"
	find src-tauri/target -type f $ -name ".sig" -o -name "signature*" $ 2>/dev/null \|\| echo "No signature files found"

	- name: List all release assets
	shell: bash
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	run: \|
	echo "Listing all assets in the draft release..."
	gh release view "v${{ steps.version.outputs.VERSION }}" --json assets --jq '.assets[].name' \|\| echo "Could not list release assets"

	update-release-json:
	needs: release
	runs-on: ubuntu-latest
	permissions:
	contents: write
	steps:
	- uses: actions/checkout@v4
	with:
	ref: release

	- name: Get version from package.json
	id: version
	run: echo "VERSION=$(node -p "require('./package.json').version")" >> $GITHUB_OUTPUT

	- name: Download and inspect release signatures
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	run: \|
	VERSION="${{ steps.version.outputs.VERSION }}"
	echo "=== Release assets for v${VERSION} ==="
	gh release view "v${VERSION}" --json assets --jq '.assets[].name' \|\| echo "Could not list assets"

	mkdir -p ./signatures

	# Download all .sig files
	echo ""
	echo "=== Downloading .sig files ==="
	gh release download "v${VERSION}" --pattern "*.sig" --dir ./signatures 2>&1 \|\| \
	echo "Warning: gh release download failed or no .sig files found"

	echo ""
	echo "=== Downloaded signature files ==="
	ls -la ./signatures/ 2>/dev/null \|\| echo "No files downloaded"

	- name: Update latest.json
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	run: \|
	VERSION="${{ steps.version.outputs.VERSION }}"
	PUB_DATE=$(date -u +"%Y-%m-%dT%H:%M:%SZ")

	WIN_SIG=""
	LINUX_SIG=""
	MACOS_X64_SIG=""
	MACOS_ARM_SIG=""

	# Classify each downloaded .sig file by its name.
	# Order matters: aarch64 before x64, amd64 before x64, .app.tar.gz before plain x64.
	for f in ./signatures/*.sig; do
	[ -f "$f" ] \|\| continue
	name=$(basename "$f")
	echo "Classifying: $name"
	case "$name" in
	aarch64) MACOS_ARM_SIG=$(cat "$f"); echo " → macOS ARM" ;;
	amd64) LINUX_SIG=$(cat "$f"); echo " → Linux x64" ;;
	*x64.app.tar.gz.sig) MACOS_X64_SIG=$(cat "$f"); echo " → macOS x64" ;;
	x64) WIN_SIG=$(cat "$f"); echo " → Windows x64" ;;
	*) echo " → unrecognised, skipping" ;;
	esac
	done

	echo ""
	echo "Windows sig present: $([ -n "$WIN_SIG" ] && echo yes \|\| echo NO)"
	echo "Linux sig present: $([ -n "$LINUX_SIG" ] && echo yes \|\| echo NO)"
	echo "macOS x64 sig present: $([ -n "$MACOS_X64_SIG" ] && echo yes \|\| echo NO)"
	echo "macOS ARM sig present: $([ -n "$MACOS_ARM_SIG" ] && echo yes \|\| echo NO)"

	mkdir -p meta/autoupdate

	cat > meta/autoupdate/latest.json << EOF
	{
	"version": "${VERSION}",
	"notes": "Release v${VERSION}",
	"pub_date": "${PUB_DATE}",
	"platforms": {
	"windows-x86_64": {
	"signature": "${WIN_SIG}",
	"url": "https://github.com/stringhandler/dota-keeper/releases/download/v${VERSION}/Dota.Keeper_${VERSION}_x64_en-US.msi"
	},
	"linux-x86_64": {
	"signature": "${LINUX_SIG}",
	"url": "https://github.com/stringhandler/dota-keeper/releases/download/v${VERSION}/Dota.Keeper_${VERSION}_amd64.AppImage.tar.gz"
	},
	"darwin-x86_64": {
	"signature": "${MACOS_X64_SIG}",
	"url": "https://github.com/stringhandler/dota-keeper/releases/download/v${VERSION}/Dota.Keeper_x64.app.tar.gz"
	},
	"darwin-aarch64": {
	"signature": "${MACOS_ARM_SIG}",
	"url": "https://github.com/stringhandler/dota-keeper/releases/download/v${VERSION}/Dota.Keeper_aarch64.app.tar.gz"
	}
	}
	}
	EOF

	echo ""
	echo "=== Generated latest.json ==="
	cat meta/autoupdate/latest.json

	- name: Commit latest.json to repo
	run: \|
	git config user.name "github-actions[bot]"
	git config user.email "github-actions[bot]@users.noreply.github.com"
	git add meta/autoupdate/latest.json
	git diff --cached --quiet \|\| git commit -m "chore: update latest.json for v${{ steps.version.outputs.VERSION }}"
	git push

	- name: Upload latest.json to release
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	run: \|
	VERSION="${{ steps.version.outputs.VERSION }}"
	gh release upload "v${VERSION}" meta/autoupdate/latest.json --clobber

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(release)): v0.6.0 #28

Workflow file

chore(release)): v0.6.0 #28

Uh oh!

Workflow file for this run