ci: use platform release asset names #26
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| # Run on version tags (releases) | |
| push: | |
| tags: | |
| - "v*" | |
| # Allow manual trigger | |
| workflow_dispatch: | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| env: | |
| # Necessary for most environments | |
| CGO_ENABLED: 1 | |
| jobs: | |
| release-please: | |
| if: ${{ !startsWith(github.ref, 'refs/tags/v') }} | |
| runs-on: ubuntu-latest | |
| outputs: | |
| release_created: ${{ steps.release.outputs.release_created }} | |
| tag_name: ${{ steps.release.outputs.tag_name }} | |
| steps: | |
| - uses: googleapis/release-please-action@v4 | |
| id: release | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| release-build: | |
| needs: release-please | |
| if: ${{ always() && (needs.release-please.outputs.release_created == 'true' || github.event_name == 'workflow_dispatch' || startsWith(github.ref, 'refs/tags/v')) }} | |
| name: Release Build | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| build: [linux, windows, macos] | |
| include: | |
| - build: linux | |
| os: ubuntu-latest | |
| platform: linux/amd64 | |
| - build: windows | |
| os: windows-latest | |
| platform: windows/amd64 | |
| - build: macos | |
| os: macos-latest | |
| platform: darwin/amd64 | |
| runs-on: ${{ matrix.os }} | |
| permissions: | |
| contents: write | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: recursive | |
| ref: ${{ needs.release-please.outputs.tag_name || github.ref }} | |
| - name: Setup Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: "1.25.0" | |
| check-latest: true | |
| - name: Setup Bun | |
| uses: oven-sh/setup-bun@v1 | |
| with: | |
| bun-version: latest | |
| - name: Install Linux dependencies | |
| if: matrix.os == 'ubuntu-latest' | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y libgtk-4-dev libwebkitgtk-6.0-dev | |
| - name: Install Task | |
| run: | | |
| go install github.com/go-task/task/v3/cmd/task@latest | |
| echo "$(go env GOPATH)/bin" >> "$GITHUB_PATH" | |
| shell: bash | |
| - name: Install Frontend Dependencies | |
| run: | | |
| cd frontend && bun install | |
| shell: bash | |
| - name: Install Wails CLI | |
| run: | | |
| go install github.com/wailsapp/wails/v3/cmd/wails3@latest | |
| GOPATH=$(go env GOPATH) | |
| # Create 'wails' alias for 'wails3' for future compatibility | |
| if [ "${{ matrix.os }}" = "windows-latest" ]; then | |
| cp "$GOPATH/bin/wails3.exe" "$GOPATH/bin/wails.exe" | |
| echo "$GOPATH/bin" >> $GITHUB_PATH | |
| elif [ "${{ matrix.os }}" = "macos-latest" ]; then | |
| ln -sf "$GOPATH/bin/wails3" "$GOPATH/bin/wails" | |
| echo "$GOPATH/bin" >> $GITHUB_PATH | |
| else | |
| sudo ln -sf "$GOPATH/bin/wails3" /usr/local/bin/wails | |
| fi | |
| shell: bash | |
| - name: Build Application | |
| run: | | |
| # Build for current platform (native runner) | |
| if [ "${{ matrix.os }}" = "macos-latest" ]; then | |
| # macOS: Build with code signing if certificates are available | |
| if [ -n "$MACOS_CERTIFICATE" ] && [ -n "$MACOS_CERTIFICATE_PASSWORD" ]; then | |
| echo "Building with code signing..." | |
| wails build -sign -signIdentity "Developer ID Application" | |
| else | |
| echo "Building without code signing (no certificates found)..." | |
| wails build | |
| fi | |
| else | |
| wails build | |
| fi | |
| shell: bash | |
| env: | |
| MACOS_CERTIFICATE: ${{ secrets.MACOS_CERTIFICATE }} | |
| MACOS_CERTIFICATE_PASSWORD: ${{ secrets.MACOS_CERTIFICATE_PASSWORD }} | |
| # Import macOS certificates for signing (optional - only if secrets are configured) | |
| - name: Import macOS Certificates | |
| if: matrix.os == 'macos-latest' && github.event_name != 'pull_request' && env.HAS_CERTS == 'true' | |
| uses: apple-actions/import-codesign-certs@v2 | |
| with: | |
| p12-file-base64: ${{ secrets.MACOS_CERTIFICATE }} | |
| p12-password: ${{ secrets.MACOS_CERTIFICATE_PASSWORD }} | |
| keychain: build | |
| keychain-password: ${{ secrets.MACOS_CERTIFICATE_PASSWORD }} | |
| env: | |
| HAS_CERTS: ${{ secrets.MACOS_CERTIFICATE != '' && secrets.MACOS_CERTIFICATE_PASSWORD != '' }} | |
| # Notarize macOS app (optional - only if secrets are configured and .app bundle exists) | |
| - name: Notarize macOS App | |
| if: matrix.os == 'macos-latest' && github.event_name != 'pull_request' && startsWith(github.ref, 'refs/tags/v') && env.HAS_NOTARIZE_SECRETS == 'true' | |
| run: | | |
| BINARY_NAME=$(ls bin/ | grep -i "devtoolbox" | head -1) | |
| if [ -d "bin/$BINARY_NAME.app" ]; then | |
| # Create a zip for notarization | |
| ditto -c -k --keepParent "bin/$BINARY_NAME.app" "bin/devtoolbox.zip" | |
| # Submit for notarization | |
| xcrun notarytool submit "bin/devtoolbox.zip" \ | |
| --apple-id "${{ secrets.APPLE_ID }}" \ | |
| --password "${{ secrets.APPLE_APP_SPECIFIC_PASSWORD }}" \ | |
| --team-id "${{ secrets.APPLE_TEAM_ID }}" \ | |
| --wait | |
| # Staple the notarization ticket | |
| xcrun stapler staple "bin/$BINARY_NAME.app" | |
| else | |
| echo "No .app bundle found, skipping notarization (binary-only build)" | |
| fi | |
| env: | |
| APPLE_ID: ${{ secrets.APPLE_ID }} | |
| APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.APPLE_APP_SPECIFIC_PASSWORD }} | |
| APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} | |
| HAS_NOTARIZE_SECRETS: ${{ secrets.APPLE_ID != '' && secrets.APPLE_APP_SPECIFIC_PASSWORD != '' && secrets.APPLE_TEAM_ID != '' }} | |
| # Package and upload build artifacts | |
| - name: Package Artifacts | |
| run: | | |
| mkdir -p release | |
| # Discover the actual binary name (DevToolbox, devtoolbox, etc.) | |
| BINARY_NAME=$(ls bin/ | grep -i "devtoolbox" | head -1) | |
| echo "Found binary: $BINARY_NAME" | |
| if [ -z "$BINARY_NAME" ]; then | |
| echo "ERROR: Could not find devtoolbox binary in bin/" | |
| ls -la bin/ | |
| exit 1 | |
| fi | |
| # Check if it's an .app bundle (macOS) or just a binary | |
| if [ -d "bin/$BINARY_NAME.app" ]; then | |
| # macOS with .app bundle | |
| echo "Found .app bundle, creating DMG..." | |
| brew install create-dmg | |
| create-dmg \ | |
| --volname "DevToolbox" \ | |
| --window-pos 200 120 \ | |
| --window-size 800 400 \ | |
| --icon-size 100 \ | |
| --app-drop-link 600 185 \ | |
| "release/DevToolbox-${{ matrix.build }}.dmg" \ | |
| "bin/$BINARY_NAME.app" | |
| elif [ "${{ matrix.os }}" = "windows-latest" ]; then | |
| # Windows: copy .exe | |
| cp "bin/$BINARY_NAME" "release/DevToolbox-${{ matrix.build }}.exe" | |
| else | |
| # Linux or macOS binary (no .app): create tar.gz | |
| tar -czf "release/DevToolbox-${{ matrix.build }}.tar.gz" -C bin "$BINARY_NAME" | |
| fi | |
| echo "=== Release contents ===" | |
| ls -la release/ | |
| shell: bash | |
| - name: Upload Artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: devtoolbox-${{ matrix.build }} | |
| path: release/* | |
| # Create Release and upload assets (only on tags) | |
| - name: Create Release | |
| if: startsWith(github.ref, 'refs/tags/v') | |
| uses: softprops/action-gh-release@v1 | |
| with: | |
| files: release/* | |
| draft: false | |
| prerelease: false | |
| generate_release_notes: true | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |