name: Release on: push: tags: - 'v*' jobs: build-and-release: runs-on: ubuntu container: ubuntu:22.04 env: PATH: /root/.cargo/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin steps: - name: Install base tools and runtimes run: | apt-get update apt-get install -y curl wget git sudo ca-certificates gnupg # Install Node.js 20 curl -fsSL https://deb.nodesource.com/setup_20.x | bash - apt-get install -y nodejs # Install Rust curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y rustc --version cargo --version node --version npm --version - name: Checkout uses: https://github.com/actions/checkout@v4 - name: Install Linux dependencies run: | apt-get install -y build-essential libwebkit2gtk-4.1-dev libappindicator3-dev librsvg2-dev patchelf jq libssl-dev xdg-utils - name: Install Windows cross-compile dependencies run: | apt-get install -y lld llvm clang nsis rustup target add x86_64-pc-windows-msvc cargo install --locked cargo-xwin - name: Install frontend dependencies run: npm ci - name: Build Tauri env: TAURI_SIGNING_PRIVATE_KEY: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY }} TAURI_SIGNING_PRIVATE_KEY_PASSWORD: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY_PASSWORD }} run: | npx tauri build --bundles deb,rpm - name: Build Tauri Windows env: TAURI_SIGNING_PRIVATE_KEY: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY }} TAURI_SIGNING_PRIVATE_KEY_PASSWORD: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY_PASSWORD }} run: | npx tauri build --runner cargo-xwin --target x86_64-pc-windows-msvc - name: Collect release files run: | mkdir -p release-assets cp src-tauri/target/release/bundle/deb/*.deb release-assets/ 2>/dev/null || true cp src-tauri/target/release/bundle/deb/*.deb.sig release-assets/ 2>/dev/null || true cp src-tauri/target/release/bundle/rpm/*.rpm release-assets/ 2>/dev/null || true cp src-tauri/target/release/bundle/rpm/*.rpm.sig release-assets/ 2>/dev/null || true cp src-tauri/target/x86_64-pc-windows-msvc/release/bundle/nsis/*.exe release-assets/ 2>/dev/null || true cp src-tauri/target/x86_64-pc-windows-msvc/release/bundle/nsis/*.exe.sig release-assets/ 2>/dev/null || true ls -la release-assets/ - name: Copy changelogs to public run: | cp CHANGELOG.md public/CHANGELOG.md cp CHANGELOG.fr.md public/CHANGELOG.fr.md - name: Extract changelog id: changelog run: | TAG="${GITHUB_REF_NAME#v}" NOTES=$(sed -n "/^## \[${TAG}\]/,/^## /{/^## \[${TAG}\]/d;/^## /d;p}" CHANGELOG.md) if [ -z "$NOTES" ]; then NOTES=$(sed -n "/^## ${TAG}/,/^## /{/^## ${TAG}/d;/^## /d;p}" CHANGELOG.md) fi NOTES=$(echo "$NOTES" | sed -e '/./,$!d' -e :a -e '/^\n*$/{$d;N;ba}') { echo "notes<> "$GITHUB_OUTPUT" - name: Generate latest.json env: CHANGELOG_NOTES: ${{ steps.changelog.outputs.notes }} run: | TAG="${GITHUB_REF_NAME}" VERSION="${GITHUB_REF_NAME#v}" PUB_DATE=$(date -u +"%Y-%m-%dT%H:%M:%SZ") BASE_URL="${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}/releases/download/${TAG}" LINUX_SIG="" LINUX_DEB="" WINDOWS_SIG="" WINDOWS_EXE="" for f in release-assets/*.deb.sig; do [ -f "$f" ] && LINUX_SIG=$(cat "$f") done for f in release-assets/*.deb; do [ -f "$f" ] && LINUX_DEB=$(basename "$f") done for f in release-assets/*-setup.exe.sig; do [ -f "$f" ] && WINDOWS_SIG=$(cat "$f") done for f in release-assets/*-setup.exe; do [ -f "$f" ] && WINDOWS_EXE=$(basename "$f") done PLATFORMS="{}" if [ -n "$LINUX_SIG" ] && [ -n "$LINUX_DEB" ]; then PLATFORMS=$(echo "$PLATFORMS" | jq \ --arg sig "$LINUX_SIG" \ --arg url "${BASE_URL}/${LINUX_DEB}" \ '. + {"linux-x86_64": {"signature": $sig, "url": $url}}') fi if [ -n "$WINDOWS_SIG" ] && [ -n "$WINDOWS_EXE" ]; then PLATFORMS=$(echo "$PLATFORMS" | jq \ --arg sig "$WINDOWS_SIG" \ --arg url "${BASE_URL}/${WINDOWS_EXE}" \ '. + {"windows-x86_64": {"signature": $sig, "url": $url}}') fi jq -n \ --arg version "$VERSION" \ --arg notes "$CHANGELOG_NOTES" \ --arg pub_date "$PUB_DATE" \ --argjson platforms "$PLATFORMS" \ '{version: $version, notes: $notes, pub_date: $pub_date, platforms: $platforms}' \ > release-assets/latest.json echo "Generated latest.json:" cat release-assets/latest.json - name: Create release and upload assets env: FORGEJO_TOKEN: ${{ secrets.GITHUB_TOKEN }} CHANGELOG_NOTES: ${{ steps.changelog.outputs.notes }} run: | TAG="${GITHUB_REF_NAME}" API_URL="${GITHUB_SERVER_URL}/api/v1" REPO="${GITHUB_REPOSITORY}" BODY="${CHANGELOG_NOTES} --- ## Installation **Windows** : Téléchargez le fichier \`.exe\` ci-dessous. **Linux** : Téléchargez le fichier \`.deb\` ou \`.AppImage\` ci-dessous." # Delete existing release for this tag (if any) to allow re-creation EXISTING=$(curl -s "${API_URL}/repos/${REPO}/releases/tags/${TAG}" \ -H "Authorization: token ${FORGEJO_TOKEN}") EXISTING_ID=$(echo "$EXISTING" | jq -r '.id // empty') if [ -n "$EXISTING_ID" ]; then echo "Deleting existing release ID: $EXISTING_ID" curl -s -X DELETE \ "${API_URL}/repos/${REPO}/releases/${EXISTING_ID}" \ -H "Authorization: token ${FORGEJO_TOKEN}" fi # Create release RELEASE_RESPONSE=$(curl -s -X POST \ "${API_URL}/repos/${REPO}/releases" \ -H "Authorization: token ${FORGEJO_TOKEN}" \ -H "Content-Type: application/json" \ -d "$(jq -n \ --arg tag "$TAG" \ --arg name "Simpl'Résultat ${TAG}" \ --arg body "$BODY" \ '{tag_name: $tag, name: $name, body: $body, draft: false, prerelease: false}')") RELEASE_ID=$(echo "$RELEASE_RESPONSE" | jq -r '.id') echo "Created release ID: $RELEASE_ID" if [ "$RELEASE_ID" = "null" ] || [ -z "$RELEASE_ID" ]; then echo "ERROR: Failed to create release" echo "$RELEASE_RESPONSE" exit 1 fi # Upload all assets for file in release-assets/*; do FILENAME=$(basename "$file") ENCODED_FILENAME=$(printf '%s' "$FILENAME" | jq -sRr @uri) FILESIZE=$(stat -c%s "$file") echo "Uploading: $FILENAME (${FILESIZE} bytes)" HTTP_CODE=$(curl -w "%{http_code}" --max-time 300 -X POST \ "${API_URL}/repos/${REPO}/releases/${RELEASE_ID}/assets?name=${ENCODED_FILENAME}" \ -H "Authorization: token ${FORGEJO_TOKEN}" \ -H "Content-Type: application/octet-stream" \ --data-binary "@${file}" \ -o /tmp/upload_response.json) echo "HTTP $HTTP_CODE" if [ "$HTTP_CODE" != "201" ]; then echo "Upload failed:" cat /tmp/upload_response.json echo "" fi done echo "Release created: ${GITHUB_SERVER_URL}/${REPO}/releases/tag/${TAG}" - name: Publish latest.json to package registry env: FORGEJO_TOKEN: ${{ secrets.PACKAGE_TOKEN }} run: | # DELETE uses API v1, PUT uses the package upload API DELETE_URL="${GITHUB_SERVER_URL}/api/v1/packages/${GITHUB_REPOSITORY_OWNER}/generic/simpl-resultat/latest" UPLOAD_URL="${GITHUB_SERVER_URL}/api/packages/${GITHUB_REPOSITORY_OWNER}/generic/simpl-resultat/latest" # Delete the old package version to avoid 409 conflicts echo "Deleting old package version (if any)..." DEL_CODE=$(curl -s -w "%{http_code}" -X DELETE \ "${DELETE_URL}" \ -H "Authorization: token ${FORGEJO_TOKEN}" \ -o /tmp/del_response.json) echo "Delete HTTP $DEL_CODE" # 204 = deleted, 404 = didn't exist (both OK) if [ "$DEL_CODE" != "204" ] && [ "$DEL_CODE" != "404" ]; then echo "WARNING: Unexpected delete response:" cat /tmp/del_response.json fi echo "Uploading latest.json to package registry..." HTTP_CODE=$(curl -w "%{http_code}" -X PUT \ "${UPLOAD_URL}/latest.json" \ -H "Authorization: token ${FORGEJO_TOKEN}" \ -H "Content-Type: application/json" \ --data-binary "@release-assets/latest.json" \ -o /tmp/pkg_response.json) echo "Upload HTTP $HTTP_CODE" if [ "$HTTP_CODE" != "201" ]; then echo "ERROR: Failed to publish latest.json:" cat /tmp/pkg_response.json exit 1 fi