mirror of
https://github.com/cryptomator/cryptomator.git
synced 2026-05-14 08:41:28 +00:00
ebe28ad272
Bumps the github-actions group with 6 updates: | Package | From | To | | --- | --- | --- | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `7.0.0` | `7.0.1` | | [softprops/action-gh-release](https://github.com/softprops/action-gh-release) | `2.5.0` | `3.0.0` | | [actions/download-artifact](https://github.com/actions/download-artifact) | `8.0.0` | `8.0.1` | | [SamKirkland/FTP-Deploy-Action](https://github.com/samkirkland/ftp-deploy-action) | `4.3.6` | `4.4.0` | | [actions/cache](https://github.com/actions/cache) | `5.0.4` | `5.0.5` | | [actions/github-script](https://github.com/actions/github-script) | `8.0.0` | `9.0.0` | Updates `actions/upload-artifact` from 7.0.0 to 7.0.1 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](bbbca2ddaa...043fb46d1a) Updates `softprops/action-gh-release` from 2.5.0 to 3.0.0 - [Release notes](https://github.com/softprops/action-gh-release/releases) - [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md) - [Commits](https://github.com/softprops/action-gh-release/compare/v2.5.0...b4309332981a82ec1c5618f44dd2e27cc8bfbfda) Updates `actions/download-artifact` from 8.0.0 to 8.0.1 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/v8...3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c) Updates `SamKirkland/FTP-Deploy-Action` from 4.3.6 to 4.4.0 - [Release notes](https://github.com/samkirkland/ftp-deploy-action/releases) - [Commits](a51268f67f...110f9186c0) Updates `actions/cache` from 5.0.4 to 5.0.5 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](668228422a...27d5ce7f10) Updates `actions/github-script` from 8.0.0 to 9.0.0 - [Release notes](https://github.com/actions/github-script/releases) - [Commits](ed597411d8...3a2844b7e9) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: 7.0.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: softprops/action-gh-release dependency-version: 3.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/download-artifact dependency-version: 8.0.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: SamKirkland/FTP-Deploy-Action dependency-version: 4.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/cache dependency-version: 5.0.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/github-script dependency-version: 9.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>
158 lines
6.5 KiB
YAML
158 lines
6.5 KiB
YAML
name: Draft a Cryptomator Release
|
|
|
|
on:
|
|
push:
|
|
tags:
|
|
- '*'
|
|
|
|
env:
|
|
JAVA_DIST: 'temurin'
|
|
JAVA_VERSION: '25.0.2+10.0.LTS'
|
|
|
|
defaults:
|
|
run:
|
|
shell: bash
|
|
|
|
jobs:
|
|
get-version:
|
|
uses: ./.github/workflows/get-version.yml
|
|
with:
|
|
version: ''
|
|
|
|
create-release-draft:
|
|
name: Compile and Test
|
|
runs-on: ubuntu-latest
|
|
needs: get-version
|
|
if: needs.get-version.outputs.versionType != 'unknown'
|
|
steps:
|
|
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
|
|
with:
|
|
fetch-depth: 0
|
|
- name: Check the git tag is signed
|
|
run: git cat-file -p "${GITHUB_REF_NAME}" | grep "BEGIN SSH SIGNATURE"
|
|
- name: Check the git tag is on release or main branch
|
|
run: git branch -r --contains "${GITHUB_REF_NAME}" | grep -E '^\s*origin/(main|release/.*)\s*$'
|
|
- uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5.2.0
|
|
with:
|
|
distribution: ${{ env.JAVA_DIST }}
|
|
java-version: ${{ env.JAVA_VERSION }}
|
|
cache: 'maven'
|
|
- name: Build and Test
|
|
run: xvfb-run mvn -B verify -Plinux
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
|
|
- name: Draft a release
|
|
uses: softprops/action-gh-release@b4309332981a82ec1c5618f44dd2e27cc8bfbfda # v3.0.0
|
|
with:
|
|
draft: true
|
|
discussion_category_name: releases
|
|
token: ${{ secrets.CRYPTOBOT_RELEASE_TOKEN }}
|
|
generate_release_notes: true
|
|
body_path: .github/release-body.md.template
|
|
- name: Download source tarball
|
|
run: |
|
|
curl --silent --fail-with-body --proto "=https" -L -H "Accept: application/vnd.github+json" https://github.com/cryptomator/cryptomator/archive/${{ github.ref }}.tar.gz --output cryptomator-${{ github.ref_name }}.tar.gz
|
|
- name: Sign source tarball with key 615D449FE6E6A235
|
|
run: |
|
|
echo "${GPG_PRIVATE_KEY}" | gpg --batch --quiet --import
|
|
echo "${GPG_PASSPHRASE}" | gpg --batch --quiet --passphrase-fd 0 --pinentry-mode loopback -u 615D449FE6E6A235 --detach-sign -a cryptomator-*.tar.gz
|
|
env:
|
|
GPG_PRIVATE_KEY: ${{ secrets.RELEASES_GPG_PRIVATE_KEY }}
|
|
GPG_PASSPHRASE: ${{ secrets.RELEASES_GPG_PASSPHRASE }}
|
|
- name: Publish asc on GitHub Releases
|
|
uses: softprops/action-gh-release@b4309332981a82ec1c5618f44dd2e27cc8bfbfda # v3.0.0
|
|
with:
|
|
draft: true
|
|
fail_on_unmatched_files: true
|
|
token: ${{ secrets.CRYPTOBOT_RELEASE_TOKEN }}
|
|
files: |
|
|
cryptomator-*.tar.gz.asc
|
|
|
|
build-exe-and-msi:
|
|
needs: [get-version, create-release-draft]
|
|
uses: ./.github/workflows/win-exe.yml
|
|
with:
|
|
semVerNum: ${{needs.get-version.outputs.semVerNum}}
|
|
revisionNum: ${{needs.get-version.outputs.revNum}}
|
|
semVerSuffix: ${{needs.get-version.outputs.semVerSuffix}}
|
|
secrets: inherit
|
|
|
|
build-dmg-arm64:
|
|
needs: [get-version, create-release-draft]
|
|
uses: ./.github/workflows/mac-dmg.yml
|
|
with:
|
|
semVerNum: ${{needs.get-version.outputs.semVerNum}}
|
|
revisionNum: ${{needs.get-version.outputs.revNum}}
|
|
semVerSuffix: ${{needs.get-version.outputs.semVerSuffix}}
|
|
secrets: inherit
|
|
|
|
build-dmg-x64:
|
|
needs: [get-version, create-release-draft]
|
|
uses: ./.github/workflows/mac-dmg-x64.yml
|
|
with:
|
|
semVerNum: ${{needs.get-version.outputs.semVerNum}}
|
|
revisionNum: ${{needs.get-version.outputs.revNum}}
|
|
semVerSuffix: ${{needs.get-version.outputs.semVerSuffix}}
|
|
secrets: inherit
|
|
|
|
build-appimages:
|
|
needs: [get-version, create-release-draft]
|
|
uses: ./.github/workflows/appimage.yml
|
|
with:
|
|
semVerNum: ${{needs.get-version.outputs.semVerNum}}
|
|
revisionNum: ${{needs.get-version.outputs.revNum}}
|
|
semVerSuffix: ${{needs.get-version.outputs.semVerSuffix}}
|
|
secrets: inherit
|
|
|
|
update-sha256sums:
|
|
runs-on: ubuntu-latest
|
|
needs: [get-version, build-exe-and-msi, build-dmg-arm64, build-dmg-x64, build-appimages]
|
|
env:
|
|
TAG: ${{ github.ref_name }}
|
|
SEMVER: ${{ needs.get-version.outputs.semVerStr }}
|
|
GH_TOKEN: ${{ secrets.CRYPTOBOT_RELEASE_TOKEN }}
|
|
steps:
|
|
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
|
|
- name: Compute source tarball SHA256
|
|
id: src-sha256
|
|
run: |
|
|
curl --silent --fail-with-body --proto "=https" -L \
|
|
-H "Accept: application/vnd.github+json" \
|
|
"https://github.com/cryptomator/cryptomator/archive/refs/tags/${TAG}.tar.gz" \
|
|
--output "cryptomator-${SEMVER}.tar.gz"
|
|
read -ra CMD_OUTPUT < <(sha256sum "cryptomator-${SEMVER}.tar.gz")
|
|
echo "value=${CMD_OUTPUT[0]}" >> $GITHUB_OUTPUT
|
|
- name: Update release body with checksums
|
|
run: |
|
|
CURRENT_BODY=$(gh release view "${TAG}" --json body --jq .body)
|
|
RELEASE_BODY=$(printf '%s\n' "${CURRENT_BODY}" | sed '/<!-- HEADER -->/,/<!-- \/HEADER -->/c\
|
|
<!-- HEADER -->\
|
|
> [!NOTE]\
|
|
> Release artifacts finished building successfully.\
|
|
>\
|
|
> SHA-256 checksums have been updated below.\
|
|
<!-- /HEADER -->')
|
|
|
|
export TARBALL="${SRC_SHA} cryptomator-${SEMVER}.tar.gz"
|
|
export MSI="${MSI_SHA} Cryptomator-${SEMVER}-x64.msi"
|
|
export EXE="${EXE_SHA} Cryptomator-${SEMVER}-x64.exe"
|
|
export DMG_arm64="${DMG_ARM64_SHA} Cryptomator-${SEMVER}-arm64.dmg"
|
|
export DMG_x64="${DMG_X64_SHA} Cryptomator-${SEMVER}-x64.dmg"
|
|
export APPIMAGE_x86_64="${APPIMAGE_X64_SHA} cryptomator-${SEMVER}-x86_64.AppImage"
|
|
export APPIMAGE_aarch64="${APPIMAGE_AARCH64_SHA} cryptomator-${SEMVER}-aarch64.AppImage"
|
|
|
|
envsubst '$VERSION $TARBALL $EXE $MSI $DMG_x64 $DMG_arm64 $APPIMAGE_x86_64 $APPIMAGE_aarch64' \
|
|
<<< "${RELEASE_BODY}" \
|
|
> release-body.md
|
|
|
|
gh release edit "${TAG}" --draft --notes-file release-body.md
|
|
env:
|
|
VERSION: ${{ needs.get-version.outputs.semVerStr }}
|
|
SRC_SHA: ${{ steps.src-sha256.outputs.value }}
|
|
MSI_SHA: ${{ needs.build-exe-and-msi.outputs.sha256-msi }}
|
|
EXE_SHA: ${{ needs.build-exe-and-msi.outputs.sha256-exe }}
|
|
DMG_ARM64_SHA: ${{ needs.build-dmg-arm64.outputs.sha256-dmg }}
|
|
DMG_X64_SHA: ${{ needs.build-dmg-x64.outputs.sha256-dmg }}
|
|
APPIMAGE_X64_SHA: ${{ needs.build-appimages.outputs.sha256-appimage-x64 }}
|
|
APPIMAGE_AARCH64_SHA: ${{ needs.build-appimages.outputs.sha256-appimage-aarch64 }}
|