81fff3aa32
Some checks failed
Test / wiki-sync (pull_request) Has been skipped
Test / rust-clippy (pull_request) Has been cancelled
Test / frontend-typecheck (pull_request) Has been cancelled
Test / rust-fmt-check (pull_request) Has been cancelled
Test / rust-tests (pull_request) Has been cancelled
Test / frontend-tests (pull_request) Has been cancelled
Make all release upload steps fail fast when expected artifacts are missing, replace existing same-name assets before uploading, and print HTTP/body details on upload failures so Linux/Windows publishing issues are diagnosable and reruns remain deterministic. Made-with: Cursor
344 lines
15 KiB
YAML
344 lines
15 KiB
YAML
name: Release
|
|
|
|
on:
|
|
push:
|
|
tags:
|
|
- 'v*'
|
|
|
|
jobs:
|
|
build-linux-amd64:
|
|
runs-on: linux-amd64
|
|
container:
|
|
image: rust:1.88-slim
|
|
steps:
|
|
- name: Checkout
|
|
run: |
|
|
apt-get update -qq && apt-get install -y -qq git
|
|
git init
|
|
git remote add origin http://172.0.0.29:3000/sarman/tftsr-devops_investigation.git
|
|
git fetch --depth=1 origin $GITHUB_SHA
|
|
git checkout FETCH_HEAD
|
|
- name: Install dependencies
|
|
run: |
|
|
apt-get update -qq && apt-get install -y -qq \
|
|
libwebkit2gtk-4.1-dev libssl-dev libgtk-3-dev \
|
|
libayatana-appindicator3-dev librsvg2-dev patchelf \
|
|
pkg-config curl perl jq
|
|
curl -fsSL https://deb.nodesource.com/setup_22.x | bash -
|
|
apt-get install -y nodejs
|
|
- name: Build
|
|
run: |
|
|
npm ci --legacy-peer-deps
|
|
rustup target add x86_64-unknown-linux-gnu
|
|
cargo install tauri-cli --version "^2" --locked
|
|
CI=true cargo tauri build --target x86_64-unknown-linux-gnu
|
|
- name: Upload artifacts
|
|
env:
|
|
RELEASE_TOKEN: ${{ secrets.RELEASE_TOKEN }}
|
|
run: |
|
|
set -eu
|
|
API="http://172.0.0.29:3000/api/v1/repos/$GITHUB_REPOSITORY"
|
|
TAG="$GITHUB_REF_NAME"
|
|
echo "Creating release for $TAG..."
|
|
curl -sf -X POST "$API/releases" \
|
|
-H "Authorization: token $RELEASE_TOKEN" \
|
|
-H "Content-Type: application/json" \
|
|
-d "{\"tag_name\":\"$TAG\",\"name\":\"TFTSR $TAG\",\"body\":\"Release $TAG\",\"draft\":false}" || true
|
|
RELEASE_ID=$(curl -sf "$API/releases/tags/$TAG" \
|
|
-H "Authorization: token $RELEASE_TOKEN" | jq -r '.id')
|
|
if [ -z "$RELEASE_ID" ] || [ "$RELEASE_ID" = "null" ]; then
|
|
echo "ERROR: Failed to get release ID for $TAG"
|
|
exit 1
|
|
fi
|
|
echo "Release ID: $RELEASE_ID"
|
|
ARTIFACTS=$(find src-tauri/target/x86_64-unknown-linux-gnu/release/bundle -type f \
|
|
\( -name "*.deb" -o -name "*.rpm" -o -name "*.AppImage" \))
|
|
if [ -z "$ARTIFACTS" ]; then
|
|
echo "ERROR: No Linux amd64 artifacts were found to upload."
|
|
exit 1
|
|
fi
|
|
printf '%s\n' "$ARTIFACTS" | while IFS= read -r f; do
|
|
NAME=$(basename "$f")
|
|
echo "Uploading $NAME..."
|
|
EXISTING_IDS=$(curl -sf "$API/releases/$RELEASE_ID" \
|
|
-H "Authorization: token $RELEASE_TOKEN" \
|
|
| jq -r --arg name "$NAME" '.assets[]? | select(.name == $name) | .id')
|
|
if [ -n "$EXISTING_IDS" ]; then
|
|
printf '%s\n' "$EXISTING_IDS" | while IFS= read -r id; do
|
|
[ -n "$id" ] || continue
|
|
echo "Deleting existing asset id=$id name=$NAME before upload..."
|
|
curl -sf -X DELETE "$API/releases/$RELEASE_ID/assets/$id" \
|
|
-H "Authorization: token $RELEASE_TOKEN"
|
|
done
|
|
fi
|
|
RESP_FILE=$(mktemp)
|
|
HTTP_CODE=$(curl -sS -o "$RESP_FILE" -w "%{http_code}" -X POST "$API/releases/$RELEASE_ID/assets" \
|
|
-H "Authorization: token $RELEASE_TOKEN" \
|
|
-F "attachment=@$f;filename=$NAME")
|
|
if [ "$HTTP_CODE" -ge 200 ] && [ "$HTTP_CODE" -lt 300 ]; then
|
|
echo "✓ Uploaded $NAME"
|
|
else
|
|
echo "✗ Upload failed for $NAME (HTTP $HTTP_CODE)"
|
|
python - "$RESP_FILE" <<'PY'
|
|
import pathlib, sys
|
|
print(pathlib.Path(sys.argv[1]).read_text(errors="replace")[:2000])
|
|
PY
|
|
exit 1
|
|
fi
|
|
done
|
|
|
|
build-windows-amd64:
|
|
runs-on: linux-amd64
|
|
container:
|
|
image: rust:1.88-slim
|
|
steps:
|
|
- name: Checkout
|
|
run: |
|
|
apt-get update -qq && apt-get install -y -qq git
|
|
git init
|
|
git remote add origin http://172.0.0.29:3000/sarman/tftsr-devops_investigation.git
|
|
git fetch --depth=1 origin $GITHUB_SHA
|
|
git checkout FETCH_HEAD
|
|
- name: Install dependencies
|
|
run: |
|
|
apt-get update -qq && apt-get install -y -qq mingw-w64 curl nsis perl make jq
|
|
curl -fsSL https://deb.nodesource.com/setup_22.x | bash -
|
|
apt-get install -y nodejs
|
|
- name: Build
|
|
env:
|
|
CC_x86_64_pc_windows_gnu: x86_64-w64-mingw32-gcc
|
|
CXX_x86_64_pc_windows_gnu: x86_64-w64-mingw32-g++
|
|
AR_x86_64_pc_windows_gnu: x86_64-w64-mingw32-ar
|
|
CARGO_TARGET_X86_64_PC_WINDOWS_GNU_LINKER: x86_64-w64-mingw32-gcc
|
|
OPENSSL_NO_VENDOR: "0"
|
|
OPENSSL_STATIC: "1"
|
|
run: |
|
|
npm ci --legacy-peer-deps
|
|
rustup target add x86_64-pc-windows-gnu
|
|
cargo install tauri-cli --version "^2" --locked
|
|
CI=true cargo tauri build --target x86_64-pc-windows-gnu
|
|
- name: Upload artifacts
|
|
env:
|
|
RELEASE_TOKEN: ${{ secrets.RELEASE_TOKEN }}
|
|
run: |
|
|
set -eu
|
|
API="http://172.0.0.29:3000/api/v1/repos/$GITHUB_REPOSITORY"
|
|
TAG="$GITHUB_REF_NAME"
|
|
echo "Creating release for $TAG..."
|
|
curl -sf -X POST "$API/releases" \
|
|
-H "Authorization: token $RELEASE_TOKEN" \
|
|
-H "Content-Type: application/json" \
|
|
-d "{\"tag_name\":\"$TAG\",\"name\":\"TFTSR $TAG\",\"body\":\"Release $TAG\",\"draft\":false}" || true
|
|
RELEASE_ID=$(curl -sf "$API/releases/tags/$TAG" \
|
|
-H "Authorization: token $RELEASE_TOKEN" | jq -r '.id')
|
|
if [ -z "$RELEASE_ID" ] || [ "$RELEASE_ID" = "null" ]; then
|
|
echo "ERROR: Failed to get release ID for $TAG"
|
|
exit 1
|
|
fi
|
|
echo "Release ID: $RELEASE_ID"
|
|
ARTIFACTS=$(find src-tauri/target/x86_64-pc-windows-gnu/release/bundle -type f \
|
|
\( -name "*.exe" -o -name "*.msi" \) 2>/dev/null)
|
|
if [ -z "$ARTIFACTS" ]; then
|
|
echo "ERROR: No Windows amd64 artifacts were found to upload."
|
|
exit 1
|
|
fi
|
|
printf '%s\n' "$ARTIFACTS" | while IFS= read -r f; do
|
|
NAME=$(basename "$f")
|
|
echo "Uploading $NAME..."
|
|
EXISTING_IDS=$(curl -sf "$API/releases/$RELEASE_ID" \
|
|
-H "Authorization: token $RELEASE_TOKEN" \
|
|
| jq -r --arg name "$NAME" '.assets[]? | select(.name == $name) | .id')
|
|
if [ -n "$EXISTING_IDS" ]; then
|
|
printf '%s\n' "$EXISTING_IDS" | while IFS= read -r id; do
|
|
[ -n "$id" ] || continue
|
|
echo "Deleting existing asset id=$id name=$NAME before upload..."
|
|
curl -sf -X DELETE "$API/releases/$RELEASE_ID/assets/$id" \
|
|
-H "Authorization: token $RELEASE_TOKEN"
|
|
done
|
|
fi
|
|
RESP_FILE=$(mktemp)
|
|
HTTP_CODE=$(curl -sS -o "$RESP_FILE" -w "%{http_code}" -X POST "$API/releases/$RELEASE_ID/assets" \
|
|
-H "Authorization: token $RELEASE_TOKEN" \
|
|
-F "attachment=@$f;filename=$NAME")
|
|
if [ "$HTTP_CODE" -ge 200 ] && [ "$HTTP_CODE" -lt 300 ]; then
|
|
echo "✓ Uploaded $NAME"
|
|
else
|
|
echo "✗ Upload failed for $NAME (HTTP $HTTP_CODE)"
|
|
python - "$RESP_FILE" <<'PY'
|
|
import pathlib, sys
|
|
print(pathlib.Path(sys.argv[1]).read_text(errors="replace")[:2000])
|
|
PY
|
|
exit 1
|
|
fi
|
|
done
|
|
|
|
build-macos-arm64:
|
|
runs-on: macos-arm64
|
|
steps:
|
|
- name: Checkout
|
|
run: |
|
|
git init
|
|
git remote add origin http://172.0.0.29:3000/sarman/tftsr-devops_investigation.git
|
|
git fetch --depth=1 origin $GITHUB_SHA
|
|
git checkout FETCH_HEAD
|
|
- name: Build
|
|
env:
|
|
MACOSX_DEPLOYMENT_TARGET: "11.0"
|
|
run: |
|
|
npm ci --legacy-peer-deps
|
|
rustup target add aarch64-apple-darwin
|
|
cargo install tauri-cli --version "^2" --locked
|
|
# Build the .app bundle only (no DMG yet so we can sign before packaging)
|
|
CI=true cargo tauri build --target aarch64-apple-darwin --bundles app
|
|
APP=$(find src-tauri/target/aarch64-apple-darwin/release/bundle/macos -maxdepth 1 -type d -name "*.app" | head -n 1)
|
|
if [ -z "$APP" ]; then
|
|
echo "ERROR: Could not find macOS app bundle"
|
|
exit 1
|
|
fi
|
|
APP_NAME=$(basename "$APP" .app)
|
|
# Ad-hoc sign: changes Gatekeeper error from "damaged" to "unidentified developer"
|
|
codesign --deep --force --sign - "$APP"
|
|
# Create DMG from the signed .app
|
|
mkdir -p src-tauri/target/aarch64-apple-darwin/release/bundle/dmg
|
|
DMG=src-tauri/target/aarch64-apple-darwin/release/bundle/dmg/${APP_NAME}.dmg
|
|
hdiutil create -volname "$APP_NAME" -srcfolder "$APP" -ov -format UDZO "$DMG"
|
|
- name: Upload artifacts
|
|
env:
|
|
RELEASE_TOKEN: ${{ secrets.RELEASE_TOKEN }}
|
|
run: |
|
|
set -eu
|
|
API="http://172.0.0.29:3000/api/v1/repos/$GITHUB_REPOSITORY"
|
|
TAG="$GITHUB_REF_NAME"
|
|
# Create release (idempotent)
|
|
echo "Creating release for $TAG..."
|
|
curl -sf -X POST "$API/releases" \
|
|
-H "Authorization: token $RELEASE_TOKEN" \
|
|
-H "Content-Type: application/json" \
|
|
-d "{\"tag_name\":\"$TAG\",\"name\":\"TFTSR $TAG\",\"body\":\"Release $TAG\",\"draft\":false}" || true
|
|
# Get release ID
|
|
RELEASE_ID=$(curl -sf "$API/releases/tags/$TAG" \
|
|
-H "Authorization: token $RELEASE_TOKEN" | jq -r '.id')
|
|
if [ -z "$RELEASE_ID" ] || [ "$RELEASE_ID" = "null" ]; then
|
|
echo "ERROR: Failed to get release ID for $TAG"
|
|
echo "Attempting to list recent releases..."
|
|
curl -sf "$API/releases" -H "Authorization: token $RELEASE_TOKEN" | jq -r '.[] | "\(.tag_name): \(.id)"' | head -5
|
|
exit 1
|
|
fi
|
|
echo "Release ID: $RELEASE_ID"
|
|
ARTIFACTS=$(find src-tauri/target/aarch64-apple-darwin/release/bundle -type f -name "*.dmg")
|
|
if [ -z "$ARTIFACTS" ]; then
|
|
echo "ERROR: No macOS arm64 DMG artifacts were found to upload."
|
|
exit 1
|
|
fi
|
|
printf '%s\n' "$ARTIFACTS" | while IFS= read -r f; do
|
|
NAME=$(basename "$f")
|
|
echo "Uploading $NAME..."
|
|
EXISTING_IDS=$(curl -sf "$API/releases/$RELEASE_ID" \
|
|
-H "Authorization: token $RELEASE_TOKEN" \
|
|
| jq -r --arg name "$NAME" '.assets[]? | select(.name == $name) | .id')
|
|
if [ -n "$EXISTING_IDS" ]; then
|
|
printf '%s\n' "$EXISTING_IDS" | while IFS= read -r id; do
|
|
[ -n "$id" ] || continue
|
|
echo "Deleting existing asset id=$id name=$NAME before upload..."
|
|
curl -sf -X DELETE "$API/releases/$RELEASE_ID/assets/$id" \
|
|
-H "Authorization: token $RELEASE_TOKEN"
|
|
done
|
|
fi
|
|
RESP_FILE=$(mktemp)
|
|
HTTP_CODE=$(curl -sS -o "$RESP_FILE" -w "%{http_code}" -X POST "$API/releases/$RELEASE_ID/assets" \
|
|
-H "Authorization: token $RELEASE_TOKEN" \
|
|
-F "attachment=@$f;filename=$NAME")
|
|
if [ "$HTTP_CODE" -ge 200 ] && [ "$HTTP_CODE" -lt 300 ]; then
|
|
echo "✓ Uploaded $NAME"
|
|
else
|
|
echo "✗ Upload failed for $NAME (HTTP $HTTP_CODE)"
|
|
python - "$RESP_FILE" <<'PY'
|
|
import pathlib, sys
|
|
print(pathlib.Path(sys.argv[1]).read_text(errors="replace")[:2000])
|
|
PY
|
|
exit 1
|
|
fi
|
|
done
|
|
|
|
build-linux-arm64:
|
|
runs-on: linux-arm64
|
|
container:
|
|
image: rust:1.88-slim
|
|
steps:
|
|
- name: Checkout
|
|
run: |
|
|
apt-get update -qq && apt-get install -y -qq git
|
|
git init
|
|
git remote add origin http://172.0.0.29:3000/sarman/tftsr-devops_investigation.git
|
|
git fetch --depth=1 origin $GITHUB_SHA
|
|
git checkout FETCH_HEAD
|
|
- name: Install dependencies
|
|
run: |
|
|
# Native ARM64 build (no cross-compilation needed)
|
|
apt-get update -qq && apt-get install -y -qq \
|
|
libwebkit2gtk-4.1-dev libssl-dev libgtk-3-dev \
|
|
libayatana-appindicator3-dev librsvg2-dev patchelf \
|
|
pkg-config curl perl jq
|
|
curl -fsSL https://deb.nodesource.com/setup_22.x | bash -
|
|
apt-get install -y nodejs
|
|
- name: Build
|
|
run: |
|
|
npm ci --legacy-peer-deps
|
|
cargo install tauri-cli --version "^2" --locked
|
|
# Native ARM64 build - no explicit target needed
|
|
CI=true cargo tauri build
|
|
- name: Upload artifacts
|
|
env:
|
|
RELEASE_TOKEN: ${{ secrets.RELEASE_TOKEN }}
|
|
run: |
|
|
set -eu
|
|
API="http://172.0.0.29:3000/api/v1/repos/$GITHUB_REPOSITORY"
|
|
TAG="$GITHUB_REF_NAME"
|
|
echo "Creating release for $TAG..."
|
|
curl -sf -X POST "$API/releases" \
|
|
-H "Authorization: token $RELEASE_TOKEN" \
|
|
-H "Content-Type: application/json" \
|
|
-d "{\"tag_name\":\"$TAG\",\"name\":\"TFTSR $TAG\",\"body\":\"Release $TAG\",\"draft\":false}" || true
|
|
RELEASE_ID=$(curl -sf "$API/releases/tags/$TAG" \
|
|
-H "Authorization: token $RELEASE_TOKEN" | jq -r '.id')
|
|
if [ -z "$RELEASE_ID" ] || [ "$RELEASE_ID" = "null" ]; then
|
|
echo "ERROR: Failed to get release ID for $TAG"
|
|
exit 1
|
|
fi
|
|
echo "Release ID: $RELEASE_ID"
|
|
ARTIFACTS=$(find src-tauri/target/release/bundle -type f \
|
|
\( -name "*.deb" -o -name "*.rpm" -o -name "*.AppImage" \))
|
|
if [ -z "$ARTIFACTS" ]; then
|
|
echo "ERROR: No Linux arm64 artifacts were found to upload."
|
|
exit 1
|
|
fi
|
|
printf '%s\n' "$ARTIFACTS" | while IFS= read -r f; do
|
|
NAME=$(basename "$f")
|
|
echo "Uploading $NAME..."
|
|
EXISTING_IDS=$(curl -sf "$API/releases/$RELEASE_ID" \
|
|
-H "Authorization: token $RELEASE_TOKEN" \
|
|
| jq -r --arg name "$NAME" '.assets[]? | select(.name == $name) | .id')
|
|
if [ -n "$EXISTING_IDS" ]; then
|
|
printf '%s\n' "$EXISTING_IDS" | while IFS= read -r id; do
|
|
[ -n "$id" ] || continue
|
|
echo "Deleting existing asset id=$id name=$NAME before upload..."
|
|
curl -sf -X DELETE "$API/releases/$RELEASE_ID/assets/$id" \
|
|
-H "Authorization: token $RELEASE_TOKEN"
|
|
done
|
|
fi
|
|
RESP_FILE=$(mktemp)
|
|
HTTP_CODE=$(curl -sS -o "$RESP_FILE" -w "%{http_code}" -X POST "$API/releases/$RELEASE_ID/assets" \
|
|
-H "Authorization: token $RELEASE_TOKEN" \
|
|
-F "attachment=@$f;filename=$NAME")
|
|
if [ "$HTTP_CODE" -ge 200 ] && [ "$HTTP_CODE" -lt 300 ]; then
|
|
echo "✓ Uploaded $NAME"
|
|
else
|
|
echo "✗ Upload failed for $NAME (HTTP $HTTP_CODE)"
|
|
python - "$RESP_FILE" <<'PY'
|
|
import pathlib, sys
|
|
print(pathlib.Path(sys.argv[1]).read_text(errors="replace")[:2000])
|
|
PY
|
|
exit 1
|
|
fi
|
|
done
|