.github/workflows/release.yml

name: BuildAndReleaseMaster

on:
  push:
    tags:
      - "*"

jobs:
  create_release:
    name: Create release
    runs-on: ubuntu-latest
    outputs:
      upload_url: ${{ steps.create_release.outputs.upload_url }}
    env:
      PUBLISH_FOR_PULL_REQUEST: true
      CSC_FOR_PULL_REQUEST: true
    steps:
      - name: Release
        if: startsWith(github.ref, 'refs/tags/')
        id: create_release
        uses: softprops/action-gh-release@v1
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          prerelease: true
          tag_name: ${{ github.ref_name }}
          name: ${{ github.ref_name }}
  build_release:
    name: Build release
    needs: create_release
    runs-on: ${{ matrix.os }}
    env:
      PUBLISH_FOR_PULL_REQUEST: 1
      CSC_FOR_PULL_REQUEST: true
    strategy:
      matrix:
        os: [ubuntu-20.04, windows-latest, macos-13, macOS-latest]
        rust: [stable]
    steps:
      - name: Checkout
        uses: actions/checkout@v3
      - name: libudev-dev
        if: runner.os == 'Linux'
        run: sudo apt-get install -y libudev-dev
      - name: install ruby
        uses: ruby/setup-ruby@v1
        with:
          ruby-version: "3.0"
          bundler-cache: true
      - name: install ruby:gem::dotenv
        run: gem install dotenv
      - name: install ruby:gem::json
        run: gem install json
      - name: install node
        uses: actions/setup-node@master
        with:
          node-version: "current"
      - name: install rust
        uses: hecrj/setup-rust-action@v1
        with:
          rust-version: ${{ matrix.rust }}
      - name: cargo install nj-cli
        run: cargo install nj-cli
      - name: install wasm-pack
        run: curl https://rustwasm.github.io/wasm-pack/installer/init.sh -sSf | sh
      - name: setup keychain for signing and notarising
        if: runner.os == 'macOS'
        env:
          KEYCHAIN_NAME: "build.keychain"
          CSC_LINK: ${{ secrets.CSC_LINK }}
          CSC_KEY_PASSWORD: ${{ secrets.CSC_KEY_PASSWORD }}
          KEYCHAIN_PWD: ${{ secrets.KEYCHAIN_PWD }}
        run: |
          security create-keychain -p "$KEYCHAIN_PWD" "$KEYCHAIN_NAME"
          security default-keychain -s "$KEYCHAIN_NAME"
          certfile="${HOME}/buildcert.p12"
          echo "$CSC_LINK" | base64 -d > "$certfile"
          security import \
            "$certfile" \
            -P "$CSC_KEY_PASSWORD" \
            -A \
            -k "$KEYCHAIN_NAME"
          rm "$certfile"
          security set-key-partition-list \
            -S 'apple:' \
            -s \
            -k "$KEYCHAIN_PWD" \
            "$KEYCHAIN_NAME"
      - name: build release
        working-directory: ./application/holder
        run: |
          rake release:prod --trace
        env:
          KEYCHAIN_NAME: "build.keychain"
          CSC_LINK: ${{ secrets.CSC_LINK }}
          CSC_KEY_PASSWORD: ${{ secrets.CSC_KEY_PASSWORD }}
          APPLEID: ${{ secrets.APPLEID }}
          APPLEIDPASS: ${{ secrets.APPLEIDPASS }}
          TEAMID: ${{ secrets.TEAMID }}
          SIGNING_ID: ${{ secrets.SIGNING_ID }}
          KEYCHAIN_PWD: ${{ secrets.KEYCHAIN_PWD }}
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      - name: list release files
        working-directory: ./application/holder/release
        run: ls
      - name: upload files
        if: startsWith(github.ref, 'refs/tags/')
        uses: AButler/upload-release-assets@v2.0
        with:
          files: "./application/holder/release/*.tgz;./application/holder/release/*.zip"
          repo-token: ${{ secrets.GITHUB_TOKEN }}
          release-tag: ${{ github.ref_name }}
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  invoke_package_distribution:
    name: Invoke chipmunk package creation and distribution for different package managers
    needs: build_release
    runs-on: ubuntu-latest
    steps:
      - name: Checkout chipmunk-distribution
        uses: actions/checkout@v2
        with:
          repository: esrlabs/chipmunk-distribution
          path: './chipmunk-distribution'
          token: ${{secrets.PUSH_TOKEN}}
      - name: Push tag
        working-directory: ./chipmunk-distribution
        run: |
          git config user.name "esrlabs"
          git config user.email "esrlabs@gmail.com"
          git remote set-url origin "https://esrlabs:${{secrets.PUSH_TOKEN}}@github.com/esrlabs/chipmunk-distribution"
          git tag ${{ github.ref_name }}
          git push origin ${{ github.ref_name }}