130d17f45e
commit 4897b2bcf7f044080fce81bd725515e62fc4eb29
Author: vansangpfiev <vansangpfiev@gmail.com>
Date: Fri Apr 25 15:32:37 2025 +0700
chore: cleanup tauri config
commit 66c5676ec146b25c89cccb570ede7c070dbc5853
Author: vansangpfiev <vansangpfiev@gmail.com>
Date: Fri Apr 25 14:37:04 2025 +0700
fix: store path
commit bc6560c576873e55f84c4b21764bedbdd9dbd5a8
Author: vansangpfiev <vansangpfiev@gmail.com>
Date: Thu Apr 24 09:39:50 2025 +0700
chore: Linux CI
commit b036275dc9f1df7614aaca3b358b9c6493082512
Author: vansangpfiev <vansangpfiev@gmail.com>
Date: Wed Apr 23 16:41:22 2025 +0700
chore: updater windows
commit e91b543dbdd82bd4a44db7550ffb993897b56081
Merge: dea80a83 4a54a378
Author: vansangpfiev <vansangpfiev@gmail.com>
Date: Wed Apr 23 16:39:24 2025 +0700
Merge branch 'chore/tauri-cicd' of https://github.com/menloresearch/jan into chore/tauri-cicd-windows
commit dea80a83966113b108137c385a3c28920d2adda4
Author: Minh141120 <minh.itptit@gmail.com>
Date: Wed Apr 23 11:47:04 2025 +0700
chore: update azuresigntool install method
commit 2ec2234082be57e53887192153fa982a134ea535
Author: Minh141120 <minh.itptit@gmail.com>
Date: Wed Apr 23 11:01:31 2025 +0700
chore: add verbose option build tauri and targets app and dmg for macos build
commit 42c7592cc89641130545551d4d864268cde3d5b0
Author: Minh141120 <minh.itptit@gmail.com>
Date: Wed Apr 23 10:35:27 2025 +0700
chore: update targets build
commit 4c8ba44ff60cdef8b639fa189f5729dc69c5aff6
Author: Minh141120 <minh.itptit@gmail.com>
Date: Wed Apr 23 09:53:21 2025 +0700
refactor: remove debug step and upload electron build artifact
commit 158c08b465e18823e0f2b9a30fd5ecd589d08934
Author: Minh141120 <minh.itptit@gmail.com>
Date: Wed Apr 23 09:21:08 2025 +0700
chore: add script codesign on windows
commit 4545b2bcd852029472298e530176494992dd0950
Author: vansangpfiev <vansangpfiev@gmail.com>
Date: Tue Apr 22 13:39:49 2025 +0700
chore: update csp setting
commit f64a1e1ca958e3c1c685485a06d45956ddcf14a0
Author: Minh141120 <minh.itptit@gmail.com>
Date: Tue Apr 22 10:15:14 2025 +0700
chore: update azuresigntool installation
commit 1f4b9d18b332d5205685a6fe68f5dfaf973d273c
Author: Minh141120 <minh.itptit@gmail.com>
Date: Tue Apr 22 09:49:42 2025 +0700
chore: update signcommand
commit 911a3ab3540f872f6fe906c8e2135440d39f108c
Author: Minh141120 <minh.itptit@gmail.com>
Date: Mon Apr 21 19:19:23 2025 +0700
chore: update codesign tauri windows
commit fba15c4c2de43b4cb87308ef998cdd8dc88b1ce6
Author: Minh141120 <minh.itptit@gmail.com>
Date: Mon Apr 21 19:04:29 2025 +0700
chore: update path azuresigntool
commit 8b8c950b56f5aa42baf76aba064fc99b50758150
Author: Minh141120 <minh.itptit@gmail.com>
Date: Mon Apr 21 18:38:56 2025 +0700
chore: update azuresigntool path
commit bd67a2b7908b5f3a126c634a840e0b941373a3c6
Author: Minh141120 <minh.itptit@gmail.com>
Date: Mon Apr 21 17:47:33 2025 +0700
chore: update azuresigntool url
commit f70effca7c09cd2fe9b5866b4f194b64a13294b9
Author: Minh141120 <minh.itptit@gmail.com>
Date: Mon Apr 21 17:33:32 2025 +0700
chore: update azuretoolsign download
commit 667910772f30369b9afa554ad06e4378f93d0b1a
Author: Minh141120 <minh.itptit@gmail.com>
Date: Mon Apr 21 16:56:25 2025 +0700
chore: update path azuresigntool
commit f1610bfd80dfa996db4a777bb58475f2e6d02cc6
Author: Minh141120 <minh.itptit@gmail.com>
Date: Mon Apr 21 16:52:36 2025 +0700
chore: update azuresigntool path
commit 0873d56fb88fb66c884eff31d3f63aa99858f038
Author: Minh141120 <minh.itptit@gmail.com>
Date: Mon Apr 21 16:19:46 2025 +0700
chore: add debug step
commit 88e0b1a697ed478375429686eb1c03ae71a3b447
Author: Minh141120 <minh.itptit@gmail.com>
Date: Mon Apr 21 15:58:39 2025 +0700
ci(windows): download AzureSignTool to src-tauri for Tauri code signing
commit 47f94e86589826c3941a3d602298f188d6480980
Author: Minh141120 <minh.itptit@gmail.com>
Date: Mon Apr 21 15:21:20 2025 +0700
fix: AzureSignTool signcommand Path
commit dc014a7905fd0b49b5972e24b4d5773c5dc29ea5
Author: Minh141120 <minh.itptit@gmail.com>
Date: Mon Apr 21 15:00:02 2025 +0700
chore: add debug step azuresigntool tauri windows
commit ee7b6163a8419604dfba7dc2f967026be4884da4
Author: Minh141120 <minh.itptit@gmail.com>
Date: Mon Apr 21 14:33:33 2025 +0700
chore: tauri windows codesign
commit 6607090857120531d8a096f45ff556c3f2553e53
Author: vansangpfiev <vansangpfiev@gmail.com>
Date: Thu Apr 17 10:29:50 2025 +0700
chore: add windows download script
commit 4b1a5cc29c77eecca75978a1ab3126d2c710e738
Author: Nguyen Ngoc Minh <kuuhakuu@Nguyens-MacBook-Air.local>
Date: Mon Apr 21 13:44:34 2025 +0700
chore: tauri codesign windows
315 lines
13 KiB
YAML
315 lines
13 KiB
YAML
name: build-macos
|
|
on:
|
|
workflow_call:
|
|
inputs:
|
|
ref:
|
|
required: true
|
|
type: string
|
|
default: 'refs/heads/main'
|
|
public_provider:
|
|
required: true
|
|
type: string
|
|
default: none
|
|
description: 'none: build only, github: build and publish to github, aws s3: build and publish to aws s3'
|
|
new_version:
|
|
required: true
|
|
type: string
|
|
default: ''
|
|
aws_s3_prefix:
|
|
required: false
|
|
type: string
|
|
default: '/latest/'
|
|
beta:
|
|
required: false
|
|
type: boolean
|
|
default: false
|
|
nightly:
|
|
required: false
|
|
type: boolean
|
|
default: false
|
|
cortex_api_port:
|
|
required: false
|
|
type: string
|
|
default: null
|
|
secrets:
|
|
DELTA_AWS_S3_BUCKET_NAME:
|
|
required: false
|
|
DELTA_AWS_ACCESS_KEY_ID:
|
|
required: false
|
|
DELTA_AWS_SECRET_ACCESS_KEY:
|
|
required: false
|
|
CODE_SIGN_P12_BASE64:
|
|
required: false
|
|
CODE_SIGN_P12_PASSWORD:
|
|
required: false
|
|
APPLE_ID:
|
|
required: false
|
|
APPLE_APP_SPECIFIC_PASSWORD:
|
|
required: false
|
|
DEVELOPER_ID:
|
|
required: false
|
|
TAURI_SIGNING_PRIVATE_KEY:
|
|
required: false
|
|
TAURI_SIGNING_PRIVATE_KEY_PASSWORD:
|
|
required: false
|
|
TAURI_SIGNING_PUBLIC_KEY:
|
|
required: false
|
|
|
|
jobs:
|
|
build-macos:
|
|
runs-on: macos-latest
|
|
environment: production
|
|
permissions:
|
|
contents: write
|
|
steps:
|
|
- name: Getting the repo
|
|
uses: actions/checkout@v3
|
|
with:
|
|
ref: ${{ inputs.ref }}
|
|
|
|
- name: Replace Icons for Beta Build
|
|
if: inputs.beta == true && inputs.nightly != true
|
|
shell: bash
|
|
run: |
|
|
rm -rf electron/icons/*
|
|
|
|
cp electron/icons_dev/jan-beta-512x512.png electron/icons/512x512.png
|
|
cp electron/icons_dev/jan-beta.ico electron/icons/icon.ico
|
|
cp electron/icons_dev/jan-beta.png electron/icons/icon.png
|
|
cp electron/icons_dev/jan-beta-tray@2x.png electron/icons/icon-tray@2x.png
|
|
cp electron/icons_dev/jan-beta-tray.png electron/icons/icon-tray.png
|
|
|
|
- name: Replace Icons for Nightly Build
|
|
if: inputs.nightly == true && inputs.beta != true
|
|
shell: bash
|
|
run: |
|
|
rm -rf electron/icons/*
|
|
|
|
cp electron/icons_dev/jan-nightly-512x512.png electron/icons/512x512.png
|
|
cp electron/icons_dev/jan-nightly.ico electron/icons/icon.ico
|
|
cp electron/icons_dev/jan-nightly.png electron/icons/icon.png
|
|
cp electron/icons_dev/jan-nightly-tray@2x.png electron/icons/icon-tray@2x.png
|
|
cp electron/icons_dev/jan-nightly-tray.png electron/icons/icon-tray.png
|
|
|
|
- name: Installing node
|
|
uses: actions/setup-node@v1
|
|
with:
|
|
node-version: 20
|
|
|
|
- name: Install jq
|
|
uses: dcarbone/install-jq-action@v2.0.1
|
|
|
|
- name: Install ctoml
|
|
run: |
|
|
cargo install ctoml
|
|
|
|
- name: Update app version based on latest release tag with build number
|
|
if: inputs.public_provider != 'github'
|
|
run: |
|
|
echo "Version: ${{ inputs.new_version }}"
|
|
# Update tauri.conf.json
|
|
jq --arg version "${{ inputs.new_version }}" '.version = $version | .bundle.createUpdaterArtifacts = true' ./src-tauri/tauri.conf.json > /tmp/tauri.conf.json
|
|
mv /tmp/tauri.conf.json ./src-tauri/tauri.conf.json
|
|
|
|
chmod +x .github/scripts/rename-tauri-app.sh
|
|
.github/scripts/rename-tauri-app.sh ./src-tauri/tauri.conf.json nightly
|
|
|
|
echo ./src-tauri/tauri.conf.json
|
|
|
|
# Update Cargo.toml
|
|
ctoml ./src-tauri/Cargo.toml package.name "Jan-nightly"
|
|
ctoml ./src-tauri/Cargo.toml package.version "${{ inputs.new_version }}"
|
|
echo "------------------"
|
|
cat ./src-tauri/Cargo.toml
|
|
|
|
# Update the version in electron/package.json
|
|
# jq --arg version "${{ inputs.new_version }}" '.version = $version' electron/package.json > /tmp/package.json
|
|
# mv /tmp/package.json electron/package.json
|
|
|
|
jq --arg version "${{ inputs.new_version }}" '.version = $version' web/package.json > /tmp/package.json
|
|
mv /tmp/package.json web/package.json
|
|
|
|
# jq '.build.publish = [{"provider": "generic", "url": "https://delta.jan.ai/nightly", "channel": "latest"}, {"provider": "s3", "acl": null, "bucket": "${{ secrets.DELTA_AWS_S3_BUCKET_NAME }}", "region": "${{ secrets.DELTA_AWS_REGION}}", "path": "temp-nightly", "channel": "latest"}]' electron/package.json > /tmp/package.json
|
|
# mv /tmp/package.json electron/package.json
|
|
|
|
# jq --arg teamid "${{ secrets.APPLE_TEAM_ID }}" '.build.mac.notarize.teamId = $teamid' electron/package.json > /tmp/package.json
|
|
# mv /tmp/package.json electron/package.json
|
|
|
|
# cat electron/package.json
|
|
# chmod +x .github/scripts/rename-app.sh
|
|
# .github/scripts/rename-app.sh ./electron/package.json nightly
|
|
# chmod +x .github/scripts/rename-workspace.sh
|
|
# .github/scripts/rename-workspace.sh ./package.json nightly
|
|
# echo "------------------------"
|
|
# cat ./electron/package.json
|
|
# echo "------------------------"
|
|
|
|
- name: Change App Name for beta version
|
|
if: inputs.beta == true
|
|
shell: bash
|
|
run: |
|
|
chmod +x .github/scripts/rename-app.sh
|
|
.github/scripts/rename-app.sh ./electron/package.json beta
|
|
chmod +x .github/scripts/rename-workspace.sh
|
|
.github/scripts/rename-workspace.sh ./package.json beta
|
|
echo "------------------------"
|
|
cat ./electron/package.json
|
|
echo "------------------------"
|
|
cat ./package.json
|
|
jq '.build.publish = [{"provider": "generic", "url": "https://delta.jan.ai/beta", "channel": "beta"}, {"provider": "s3", "acl": null, "bucket": "${{ secrets.DELTA_AWS_S3_BUCKET_NAME }}", "region": "${{ secrets.DELTA_AWS_REGION}}", "path": "temp-beta", "channel": "beta"}]' electron/package.json > /tmp/package.json
|
|
mv /tmp/package.json electron/package.json
|
|
cat electron/package.json
|
|
|
|
- name: Update app version base on tag
|
|
if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/') && inputs.public_provider == 'github'
|
|
run: |
|
|
jq --arg version "${VERSION_TAG#v}" '.version = $version' electron/package.json > /tmp/package.json
|
|
mv /tmp/package.json electron/package.json
|
|
jq --arg version "${VERSION_TAG#v}" '.version = $version' web/package.json > /tmp/package.json
|
|
mv /tmp/package.json web/package.json
|
|
jq --arg teamid "${{ secrets.APPLE_TEAM_ID }}" '.build.mac.notarize.teamId = $teamid' electron/package.json > /tmp/package.json
|
|
mv /tmp/package.json electron/package.json
|
|
cat electron/package.json
|
|
env:
|
|
VERSION_TAG: ${{ inputs.new_version }}
|
|
|
|
# - name: Get Cer for code signing
|
|
# run: |
|
|
# echo "$CODE_SIGN_P12_BASE64" > /tmp/certificate-base64.txt
|
|
# openssl base64 -in /tmp/codesign.p12 -out /tmp/certificate-base64.txt
|
|
# shell: bash
|
|
# env:
|
|
# CODE_SIGN_P12_BASE64: ${{ secrets.CODE_SIGN_P12_BASE64 }}
|
|
|
|
- name: Get key for notarize
|
|
run: base64 -d <<< "$NOTARIZE_P8_BASE64" > /tmp/notary-key.p8
|
|
shell: bash
|
|
env:
|
|
NOTARIZE_P8_BASE64: ${{ secrets.NOTARIZE_P8_BASE64 }}
|
|
|
|
- uses: apple-actions/import-codesign-certs@v2
|
|
continue-on-error: true
|
|
with:
|
|
p12-file-base64: ${{ secrets.CODE_SIGN_P12_BASE64 }}
|
|
p12-password: ${{ secrets.CODE_SIGN_P12_PASSWORD }}
|
|
|
|
- name: Inject Tauri Signing Public Key
|
|
run: |
|
|
if [ -f "src-tauri/tauri.conf.json" ]; then
|
|
echo "Injecting Tauri public key into configuration..."
|
|
# Use jq to update the pubkey field in the tauri.conf.json file
|
|
jq --arg pubkey "$TAURI_SIGNING_PUBLIC_KEY" '.plugins.updater.pubkey = $pubkey' src-tauri/tauri.conf.json > /tmp/tauri.conf.json
|
|
mv /tmp/tauri.conf.json src-tauri/tauri.conf.json
|
|
echo "Tauri configuration updated successfully"
|
|
else
|
|
echo "tauri.conf.json not found"
|
|
fi
|
|
env:
|
|
TAURI_SIGNING_PUBLIC_KEY: ${{ secrets.TAURI_SIGNING_PUBLIC_KEY }}
|
|
|
|
- name: Build and publish app to aws s3 r2 or github artifactory
|
|
if: inputs.public_provider != 'github'
|
|
run: |
|
|
# check public_provider is true or not
|
|
echo "public_provider is ${{ inputs.public_provider }}"
|
|
if [ "${{ inputs.public_provider }}" == "none" ]; then
|
|
make build
|
|
else
|
|
make build-and-publish
|
|
fi
|
|
env:
|
|
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
# CSC_LINK: '/tmp/codesign.p12'
|
|
# CSC_KEY_PASSWORD: ${{ secrets.CODE_SIGN_P12_PASSWORD }}
|
|
# CSC_IDENTITY_AUTO_DISCOVERY: 'true'
|
|
|
|
APP_PATH: '.'
|
|
# DEVELOPER_ID: ${{ secrets.DEVELOPER_ID }}
|
|
# AWS_ACCESS_KEY_ID: ${{ secrets.DELTA_AWS_ACCESS_KEY_ID }}
|
|
# AWS_SECRET_ACCESS_KEY: ${{ secrets.DELTA_AWS_SECRET_ACCESS_KEY }}
|
|
# AWS_DEFAULT_REGION: auto
|
|
# AWS_EC2_METADATA_DISABLED: 'true'
|
|
# AWS_MAX_ATTEMPTS: '5'
|
|
POSTHOG_KEY: ${{ secrets.POSTHOG_KEY }}
|
|
POSTHOG_HOST: ${{ secrets.POSTHOG_HOST }}
|
|
# CORTEX_API_PORT: ${{ inputs.cortex_api_port }}
|
|
APPLE_CERTIFICATE: ${{ secrets.CODE_SIGN_P12_BASE64 }}
|
|
APPLE_CERTIFICATE_PASSWORD: ${{ secrets.CODE_SIGN_P12_PASSWORD }}
|
|
APPLE_API_ISSUER: ${{ secrets.NOTARY_ISSUER }}
|
|
APPLE_API_KEY: ${{ secrets.NOTARY_KEY_ID }}
|
|
APPLE_API_KEY_PATH: /tmp/notary-key.p8
|
|
TAURI_SIGNING_PRIVATE_KEY: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY }}
|
|
TAURI_SIGNING_PRIVATE_KEY_PASSWORD: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY_PASSWORD }}
|
|
TAURI_SIGNING_PUBLIC_KEY: ${{ secrets.TAURI_SIGNING_PUBLIC_KEY }}
|
|
|
|
- name: Build and publish app to github
|
|
if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/') && inputs.public_provider == 'github' && inputs.beta == false
|
|
run: |
|
|
make build-and-publish
|
|
env:
|
|
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
# CSC_LINK: '/tmp/codesign.p12'
|
|
# CSC_KEY_PASSWORD: ${{ secrets.CODE_SIGN_P12_PASSWORD }}
|
|
# CSC_IDENTITY_AUTO_DISCOVERY: 'true'
|
|
# APPLE_ID: ${{ secrets.APPLE_ID }}
|
|
# APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.APPLE_APP_SPECIFIC_PASSWORD }}
|
|
APP_PATH: '.'
|
|
# DEVELOPER_ID: ${{ secrets.DEVELOPER_ID }}
|
|
POSTHOG_KEY: ${{ secrets.POSTHOG_KEY }}
|
|
POSTHOG_HOST: ${{ secrets.POSTHOG_HOST }}
|
|
APPLE_CERTIFICATE: ${{ secrets.CODE_SIGN_P12_BASE64 }}
|
|
APPLE_CERTIFICATE_PASSWORD: ${{ secrets.CODE_SIGN_P12_PASSWORD }}
|
|
APPLE_API_ISSUER: ${{ secrets.NOTARY_ISSUER }}
|
|
APPLE_API_KEY: ${{ secrets.NOTARY_KEY_ID }}
|
|
APPLE_API_KEY_PATH: /tmp/notary-key.p8
|
|
TAURI_SIGNING_PRIVATE_KEY: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY }}
|
|
TAURI_SIGNING_PRIVATE_KEY_PASSWORD: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY_PASSWORD }}
|
|
TAURI_SIGNING_PUBLIC_KEY: ${{ secrets.TAURI_SIGNING_PUBLIC_KEY }}
|
|
|
|
- name: Build and publish app to github
|
|
if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/') && inputs.public_provider == 'github' && inputs.beta == true
|
|
run: |
|
|
make build-and-publish
|
|
env:
|
|
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
# CSC_LINK: '/tmp/codesign.p12'
|
|
# CSC_KEY_PASSWORD: ${{ secrets.CODE_SIGN_P12_PASSWORD }}
|
|
# CSC_IDENTITY_AUTO_DISCOVERY: 'true'
|
|
# APPLE_ID: ${{ secrets.APPLE_ID }}
|
|
# APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.APPLE_APP_SPECIFIC_PASSWORD }}
|
|
APP_PATH: '.'
|
|
# DEVELOPER_ID: ${{ secrets.DEVELOPER_ID }}
|
|
# AWS_ACCESS_KEY_ID: ${{ secrets.DELTA_AWS_ACCESS_KEY_ID }}
|
|
# AWS_SECRET_ACCESS_KEY: ${{ secrets.DELTA_AWS_SECRET_ACCESS_KEY }}
|
|
# AWS_DEFAULT_REGION: auto
|
|
# AWS_EC2_METADATA_DISABLED: 'true'
|
|
# AWS_MAX_ATTEMPTS: '5'
|
|
POSTHOG_KEY: ${{ secrets.POSTHOG_KEY }}
|
|
POSTHOG_HOST: ${{ secrets.POSTHOG_HOST }}
|
|
APPLE_CERTIFICATE: ${{ secrets.CODE_SIGN_P12_BASE64 }}
|
|
APPLE_CERTIFICATE_PASSWORD: ${{ secrets.CODE_SIGN_P12_PASSWORD }}
|
|
APPLE_API_ISSUER: ${{ secrets.NOTARY_ISSUER }}
|
|
APPLE_API_KEY: ${{ secrets.NOTARY_KEY_ID }}
|
|
APPLE_API_KEY_PATH: /tmp/notary-key.p8
|
|
|
|
- name: Upload Artifact
|
|
if: inputs.public_provider != 'github'
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: jan-mac-universal-${{ inputs.new_version }}
|
|
path: |
|
|
./src-tauri/target/release/bundle/dmg/*.dmg
|
|
|
|
- name: zip Jan-nightly.app file
|
|
if: inputs.public_provider != 'github'
|
|
run: |
|
|
cd ./src-tauri/target/release/bundle/macos
|
|
zip -r jan-nightly.zip Jan-nightly.app
|
|
|
|
- name: Upload Artifact
|
|
if: inputs.public_provider != 'github'
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: jan-mac-universal-${{ inputs.new_version }}-tar-gz
|
|
path: |
|
|
./src-tauri/target/release/bundle/macos/jan-nightly.zip |