Publish debug builds #408

Workflow file for this run

.github/workflows/publish-debug.yml at f948251

	name: Publish (Debug)
	run-name: Publish debug builds
	on:
	push:
	branches:
	- main
	paths:
	- 'android/**'
	- 'ios/**'
	- 'messages/**'
	- 'project.inlang/**'
	- 'src/**'
	- 'src-tauri/**'
	- 'static/**'
	- 'package.json'
	- 'pnpm-lock.yaml'
	- '.vercelignore'
	- 'svelte.config.js'
	- 'postcss.config.js'
	- 'tailwind.config.js'
	- 'capacitor.config.ts'
	- 'vite/config.prod.mjs'
	- '.github/workflows/publish-debug.yml'
	workflow_dispatch:

	defaults:
	run:
	shell: bash

	jobs:
	metadata:
	name: Retrieve metadata
	runs-on: ubuntu-22.04
	concurrency:
	group: 'publish-debug'
	cancel-in-progress: false

	steps:
	- name: Checkout
	uses: actions/checkout@v4

	- name: Specify version
	id: version
	run: echo "VERSION=$(jq -r '.version' package.json)" >> $GITHUB_OUTPUT

	- name: Specify current datetime
	id: current-datetime
	run: echo "CURRENT_DATETIME=$(date +'%m%d-%H%M%S')" >> $GITHUB_OUTPUT

	outputs:
	version: ${{ steps.version.outputs.VERSION }}
	current-datetime: ${{ steps.current-datetime.outputs.CURRENT_DATETIME }}
	version-name: ${{ steps.version.outputs.VERSION }}_${{ steps.current-datetime.outputs.CURRENT_DATETIME }}

	publish-web:
	name: Publish to Sentry, GitHub Pages and LeanCloud
	runs-on: ubuntu-22.04
	if: github.event_name == 'push'
	needs: metadata
	permissions:
	contents: read
	pages: write
	id-token: write
	concurrency:
	group: 'publish-debug-web'
	cancel-in-progress: false
	environment:
	name: github-pages
	url: ${{ steps.deployment.outputs.page_url }}

	steps:
	- name: Confirm build version and datetime
	run: \|
	echo "Version: ${{ needs.metadata.outputs.version }}"
	echo "Build datetime: ${{ needs.metadata.outputs.current-datetime }}"

	- name: Checkout
	uses: actions/checkout@v4
	with:
	fetch-depth: 0

	- name: Setup Node.js
	uses: actions/setup-node@v4
	with:
	node-version: lts/*

	- name: Setup pnpm
	uses: pnpm/action-setup@v4

	- name: Install dependencies
	run: pnpm i

	- name: Create build
	run: pnpm build:only
	env:
	PUBLIC_SENTRY_DSN: ${{ vars.PUBLIC_SENTRY_DSN }}
	PATH_BASE: /player

	- name: Create Sentry release
	uses: getsentry/action-release@v1
	env:
	SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
	SENTRY_ORG: phizone
	SENTRY_PROJECT: player
	with:
	environment: production
	version: ${{ needs.metadata.outputs.version-name }}
	sourcemaps: './build'

	- name: Setup Pages
	uses: actions/configure-pages@v5

	- name: Upload artifact
	uses: actions/upload-pages-artifact@v3
	with:
	path: './build'

	- name: Deploy to GitHub Pages
	id: deployment
	uses: actions/deploy-pages@v4

	- name: Deploy to LeanCloud
	run: \|
	wget ${{ vars.LC_CLI_DOWNLOAD }} -O /tmp/${{ vars.LC_EXE }}
	chmod +x /tmp/${{ vars.LC_EXE }}
	/tmp/${{ vars.LC_EXE }} login ${{ secrets.LC_LOGIN }}
	/tmp/${{ vars.LC_EXE }} switch ${{ secrets.LC_SWITCH }}
	/tmp/${{ vars.LC_EXE }} deploy --prod

	publish-capacitor-ios:
	name: Build for iOS
	runs-on: macos-15
	needs: metadata
	permissions:
	contents: write
	concurrency:
	group: 'publish-debug-ios'
	cancel-in-progress: false

	steps:
	- name: Confirm build version and datetime
	run: \|
	echo "Version: ${{ needs.metadata.outputs.version }}"
	echo "Build datetime: ${{ needs.metadata.outputs.current-datetime }}"

	- name: Checkout
	uses: actions/checkout@v4

	- name: Setup Node.js
	uses: actions/setup-node@v4
	with:
	node-version: lts/*

	- name: Setup pnpm
	uses: pnpm/action-setup@v4

	- name: Setup Ruby
	uses: ruby/setup-ruby@v1
	with:
	ruby-version: '3.3'

	- name: Install dependencies
	run: pnpm i

	- name: Install iOS dependencies
	run: \|
	cd ios/App
	pod install

	- name: Download iOS SDK
	run: \|
	rm -rf ~/Library/Caches/com.apple.dt.Xcode
	rm -rf ~/Library/Developer/Xcode/DerivedData
	xcrun simctl delete all
	xcodebuild -downloadPlatform iOS

	- name: Create build
	run: pnpm build
	env:
	PUBLIC_SENTRY_DSN: ${{ vars.PUBLIC_SENTRY_DSN }}

	- name: Generate icons and splash screen
	run: if [ -d "./resources" ]; then pnpm i -D @capacitor/assets && pnpm capacitor-assets generate --ios; fi

	- name: Install code-signing certificate, provisioning profiles and API key
	env:
	BUILD_CERTIFICATE_BASE64: ${{ secrets.APPLE_CERTIFICATE }}
	P12_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }}
	PROVISIONING_PROFILE_BASE64: ${{ secrets.APPLE_PROVISIONING_PROFILE }}
	PROVISIONING_PROFILE_SE_BASE64: ${{ secrets.APPLE_PROVISIONING_PROFILE_SHARE_EXTENSION }}
	KEYCHAIN_PASSWORD: ${{ secrets.APPLE_KEYCHAIN_PASSWORD }}
	ASC_API_KEY_BASE64: ${{ secrets.APPLE_ASC_API_KEY }}
	ASC_API_KEY_ID: ${{ secrets.APPLE_ASC_API_KEY_ID }}
	run: \|
	CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
	PP_PATH=$RUNNER_TEMP/app.mobileprovision
	PPSE_PATH=$RUNNER_TEMP/share-extension.mobileprovision
	KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
	ASC_API_KEY_PATH=$RUNNER_TEMP/AuthKey_${ASC_API_KEY_ID}.p8

	echo -n "$BUILD_CERTIFICATE_BASE64" \| base64 --decode -o $CERTIFICATE_PATH
	echo -n "$PROVISIONING_PROFILE_BASE64" \| base64 --decode -o $PP_PATH
	echo -n "$PROVISIONING_PROFILE_SE_BASE64" \| base64 --decode -o $PPSE_PATH

	security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
	security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
	security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH

	security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
	security set-key-partition-list -S apple-tool:,apple: -k "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
	security list-keychain -d user -s $KEYCHAIN_PATH

	mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles
	cp $PP_PATH $PPSE_PATH ~/Library/MobileDevice/Provisioning\ Profiles

	echo -n "$ASC_API_KEY_BASE64" \| base64 --decode -o $ASC_API_KEY_PATH

	- name: Build project
	run: \|
	xcodebuild -workspace ios/App/App.xcworkspace -scheme App \
	-archivePath $RUNNER_TEMP/App.xcarchive \
	-destination generic/platform=iOS \
	-sdk iphoneos \
	clean archive

	- name: Assemble IPA
	env:
	EXPORT_OPTIONS_PLIST: ${{ secrets.APPLE_EXPORT_OPTIONS_IPA }}
	ASC_API_KEY_ID: ${{ secrets.APPLE_ASC_API_KEY_ID }}
	ASC_API_KEY_ISSUER_ID: ${{ secrets.APPLE_ASC_API_KEY_ISSUER_ID }}
	run: \|
	EXPORT_OPTIONS_PATH=$RUNNER_TEMP/ExportOptionsIPA.plist
	ASC_API_KEY_PATH=$RUNNER_TEMP/AuthKey_${ASC_API_KEY_ID}.p8

	echo -n "$EXPORT_OPTIONS_PLIST" \| base64 --decode -o $EXPORT_OPTIONS_PATH

	xcodebuild archive -archivePath $RUNNER_TEMP/App.xcarchive \
	-exportArchive -exportOptionsPlist $EXPORT_OPTIONS_PATH \
	-exportPath $RUNNER_TEMP/build \
	-allowProvisioningUpdates \
	-authenticationKeyID $ASC_API_KEY_ID \
	-authenticationKeyIssuerID $ASC_API_KEY_ISSUER_ID \
	-authenticationKeyPath $ASC_API_KEY_PATH

	- name: Move and rename build
	run: \|
	mkdir -p ~/artifacts/ios/
	mv $RUNNER_TEMP/build/App.ipa ~/artifacts/ios/PhiZone.Player_${{ needs.metadata.outputs.version-name }}.ipa
	ls -l ~/artifacts/ios/

	- name: Upload artifact
	uses: actions/upload-artifact@v4
	with:
	name: capacitor-ios-${{ needs.metadata.outputs.version-name }}
	path: ~/artifacts/ios/*

	- name: Clean up keychain, provisioning profiles and artifacts
	if: ${{ always() }}
	run: \|
	security delete-keychain $RUNNER_TEMP/app-signing.keychain-db
	rm ~/Library/MobileDevice/Provisioning\ Profiles/app.mobileprovision
	rm ~/Library/MobileDevice/Provisioning\ Profiles/share-extension.mobileprovision
	rm -rf ~/artifacts/

	- name: Clean Xcode caches and derived data
	if: ${{ always() }}
	run: \|
	rm -rf ~/Library/Caches/com.apple.dt.Xcode
	rm -rf ~/Library/Developer/Xcode/DerivedData
	xcrun simctl delete all

	publish-capacitor-android:
	name: Build for Android
	runs-on: ubuntu-22.04
	needs: metadata
	permissions:
	contents: write
	concurrency:
	group: 'publish-debug-android'
	cancel-in-progress: false

	steps:
	- name: Confirm build version and datetime
	run: \|
	echo "Version: ${{ needs.metadata.outputs.version }}"
	echo "Build datetime: ${{ needs.metadata.outputs.current-datetime }}"

	- name: Checkout
	uses: actions/checkout@v4

	- name: Setup Node.js
	uses: actions/setup-node@v4
	with:
	node-version: lts/*

	- name: Setup pnpm
	uses: pnpm/action-setup@v4

	- name: Setup Java
	uses: actions/setup-java@v4
	with:
	distribution: 'zulu'
	java-version: '21'

	- name: Install dependencies
	run: pnpm i

	- name: Create build
	run: pnpm build
	env:
	PUBLIC_SENTRY_DSN: ${{ vars.PUBLIC_SENTRY_DSN }}

	- name: Generate icons and splash screen
	run: if [ -d "./resources" ]; then pnpm i -D @capacitor/assets && pnpm capacitor-assets generate --android; fi

	- name: Build app bundle
	run: cd android && chmod +x ./gradlew && ./gradlew bundle && ./gradlew assembleRelease

	- name: Sign APK
	id: sign-apk
	uses: kevin-david/zipalign-sign-android-release@v2
	with:
	releaseDirectory: android/app/build/outputs/apk/release/
	signingKeyBase64: ${{ secrets.RELEASE_KEYSTORE }}
	keyStorePassword: ${{ secrets.RELEASE_KEYSTORE_PASSWORD }}
	zipAlign: true
	env:
	BUILD_TOOLS_VERSION: "36.0.0"

	- name: Move and rename builds
	run: \|
	mkdir -p ~/artifacts/android/
	mv android/app/build/outputs/bundle/release/app-release.aab ~/artifacts/android/PhiZone.Player_${{ needs.metadata.outputs.version-name }}.aab
	mv ${{ steps.sign-apk.outputs.signedReleaseFile }} ~/artifacts/android/PhiZone.Player_${{ needs.metadata.outputs.version-name }}.apk
	ls -l ~/artifacts/android/

	- name: Upload artifact
	uses: actions/upload-artifact@v4
	with:
	name: capacitor-android-${{ needs.metadata.outputs.version-name }}
	path: ~/artifacts/android/*

	- name: Clean up artifacts
	if: ${{ always() }}
	run: \|
	rm -rf ~/artifacts/

	publish-tauri:
	name: Build with Tauri
	needs: metadata
	permissions:
	contents: write
	concurrency:
	group: 'publish-debug-tauri-${{ matrix.platform }}-${{ matrix.args }}'
	cancel-in-progress: false

	strategy:
	fail-fast: false
	matrix:
	include:
	- platform: 'ubuntu-22.04'
	args: ''
	- platform: 'ubuntu-22.04-arm'
	args: ''
	- platform: 'windows-latest'
	args: ''
	- platform: 'windows-latest'
	args: '--target aarch64-pc-windows-msvc'
	- platform: 'macos-latest'
	args: '--target aarch64-apple-darwin'
	- platform: 'macos-latest'
	args: '--target x86_64-apple-darwin'

	runs-on: ${{ matrix.platform }}
	steps:
	- name: Confirm build version and datetime
	run: \|
	echo "Version: ${{ needs.metadata.outputs.version }}"
	echo "Build datetime: ${{ needs.metadata.outputs.current-datetime }}"

	- name: Checkout
	uses: actions/checkout@v4

	- name: Setup Node.js
	uses: actions/setup-node@v4
	with:
	node-version: lts/*

	- name: Setup pnpm
	uses: pnpm/action-setup@v4

	- name: Install Rust stable
	uses: dtolnay/rust-toolchain@stable
	with:
	targets: ${{ matrix.platform == 'macos-latest' && 'aarch64-apple-darwin,x86_64-apple-darwin' \|\| (matrix.platform == 'windows-latest' && 'aarch64-pc-windows-msvc' \|\| '') }}

	- name: Cache Cargo
	uses: Swatinem/rust-cache@v2
	with:
	workspaces: 'src-tauri -> target'

	- name: Install dependencies (Ubuntu only)
	if: startsWith(matrix.platform, 'ubuntu-')
	run: \|
	sudo apt-get update
	sudo apt-get install -y libwebkit2gtk-4.1-dev libappindicator3-dev librsvg2-dev patchelf xdg-utils libasound2-dev

	- name: Install frontend dependencies
	run: pnpm i

	- name: Install code-signing certificate and API key
	if: startsWith(matrix.platform, 'macos-')
	env:
	APPLE_CERTIFICATE: ${{ secrets.APPLE_DIA_CERTIFICATE }}
	APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_DIA_CERTIFICATE_PASSWORD }}
	KEYCHAIN_PASSWORD: ${{ secrets.APPLE_KEYCHAIN_PASSWORD }}
	ASC_API_KEY_BASE64: ${{ secrets.APPLE_ASC_API_KEY }}
	ASC_API_KEY_ID: ${{ secrets.APPLE_ASC_API_KEY_ID }}
	run: \|
	ASC_API_KEY_PATH=$RUNNER_TEMP/AuthKey_${ASC_API_KEY_ID}.p8

	echo $APPLE_CERTIFICATE \| base64 --decode > certificate.p12
	security create-keychain -p "$KEYCHAIN_PASSWORD" build.keychain
	security default-keychain -s build.keychain
	security unlock-keychain -p "$KEYCHAIN_PASSWORD" build.keychain
	security import certificate.p12 -k build.keychain -P "$APPLE_CERTIFICATE_PASSWORD" -T /usr/bin/codesign
	security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k "$KEYCHAIN_PASSWORD" build.keychain
	security find-identity -v -p codesigning build.keychain
	security set-keychain-settings -t 3600 -u build.keychain

	echo -n "$ASC_API_KEY_BASE64" \| base64 --decode -o $ASC_API_KEY_PATH

	- name: Obtain certificate ID and API key path
	id: apple-signing
	if: startsWith(matrix.platform, 'macos-')
	env:
	ASC_API_KEY_ID: ${{ secrets.APPLE_ASC_API_KEY_ID }}
	run: \|
	CERT_INFO=$(security find-identity -v -p codesigning build.keychain \| grep "Developer ID Application")
	CERT_ID=$(echo "$CERT_INFO" \| awk -F'"' '{print $2}')
	ASC_API_KEY_PATH=$RUNNER_TEMP/AuthKey_${ASC_API_KEY_ID}.p8

	echo "CERT_ID=$CERT_ID" >> $GITHUB_OUTPUT
	echo "ASC_API_KEY_PATH=$ASC_API_KEY_PATH" >> $GITHUB_OUTPUT

	- name: Build
	id: build
	uses: tauri-apps/tauri-action@v0
	env:
	GITHUB_TOKEN: ${{ secrets.ACCESS_TOKEN }}
	PUBLIC_SENTRY_DSN: ${{ vars.PUBLIC_SENTRY_DSN }}
	APPLE_CERTIFICATE: ${{ startsWith(matrix.platform, 'macos-') && secrets.APPLE_DIA_CERTIFICATE \|\| '' }}
	APPLE_CERTIFICATE_PASSWORD: ${{ startsWith(matrix.platform, 'macos-') && secrets.APPLE_DIA_CERTIFICATE_PASSWORD \|\| '' }}
	APPLE_SIGNING_IDENTITY: ${{ startsWith(matrix.platform, 'macos-') && steps.apple-signing.outputs.CERT_ID \|\| '' }}
	APPLE_API_KEY: ${{ startsWith(matrix.platform, 'macos-') && secrets.APPLE_ASC_API_KEY_ID \|\| '' }}
	APPLE_API_ISSUER: ${{ startsWith(matrix.platform, 'macos-') && secrets.APPLE_ASC_API_KEY_ISSUER_ID \|\| '' }}
	APPLE_API_KEY_PATH: ${{ startsWith(matrix.platform, 'macos-') && steps.apple-signing.outputs.ASC_API_KEY_PATH \|\| '' }}
	with:
	includeDebug: true
	args: ${{ matrix.args }}

	- name: Move and rename builds
	run: \|
	IFS=','
	SPACE='.SPACE_PLACEHOLDER.'
	mkdir -p ~/artifacts/tauri/
	artifact_paths=$(echo '${{ steps.build.outputs.artifactPaths }}' \| sed -e 's/\[//g; s/\]//g' -e 's/["]//g' -e 's/ /$SPACE/g')
	for artifact_path in $artifact_paths; do
	original_path=$(echo "$artifact_path" \| sed -e 's/$SPACE/ /g')
	if [[ "$original_path" == *.app ]]; then
	echo "Skipping $original_path"
	continue
	fi
	renamed_path=$(echo "$original_path" \| sed -E "s/PhiZone Player[_-]${{ needs.metadata.outputs.version }}(-1)?/PhiZone.Player_${{ needs.metadata.outputs.version-name }}/g")
	echo "Renaming: $original_path -> $renamed_path"
	mv "$original_path" "$renamed_path"
	mv "$renamed_path" ~/artifacts/tauri/
	done

	# Handle debug binaries for each platform
	if [[ -f "src-tauri/debug/phizone-player.exe" ]]; then
	mv src-tauri/debug/phizone-player.exe ~/artifacts/tauri/PhiZone.Player_${{ needs.metadata.outputs.version-name }}_windows-x86_64.exe
	elif [[ -f "src-tauri/target/aarch64-pc-windows-msvc/debug/phizone-player.exe" ]]; then
	mv src-tauri/target/aarch64-pc-windows-msvc/debug/phizone-player.exe ~/artifacts/tauri/PhiZone.Player_${{ needs.metadata.outputs.version-name }}_windows-arm64.exe
	elif [[ -f "src-tauri/target/debug/phizone-player" ]]; then
	mv src-tauri/target/debug/phizone-player ~/artifacts/tauri/PhiZone.Player_${{ needs.metadata.outputs.version-name }}_linux-${{ endsWith(matrix.platform, '-arm') && 'arm64' \|\| 'x86_64' }}
	elif [[ -f "src-tauri/target/aarch64-apple-darwin/debug/phizone-player" ]]; then
	mv src-tauri/target/aarch64-apple-darwin/debug/phizone-player ~/artifacts/tauri/PhiZone.Player_${{ needs.metadata.outputs.version-name }}_macos-arm64
	elif [[ -f "src-tauri/target/x86_64-apple-darwin/debug/phizone-player" ]]; then
	mv src-tauri/target/x86_64-apple-darwin/debug/phizone-player ~/artifacts/tauri/PhiZone.Player_${{ needs.metadata.outputs.version-name }}_macos-x86_64
	fi

	- name: Generate artifact info
	id: info
	run: echo "name=tauri-${{ matrix.platform }}-$(echo ${{ matrix.args \|\| '--target x86_64' }} \| sed 's/.* //')-${{ needs.metadata.outputs.version-name }}" >> $GITHUB_OUTPUT

	- name: Upload artifact
	uses: actions/upload-artifact@v4
	with:
	name: ${{ steps.info.outputs.name }}
	path: ~/artifacts/tauri/*

	- name: Clean up artifacts
	if: ${{ always() }}
	run: \|
	rm -rf ~/artifacts/

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Publish debug builds #408

Workflow file

Publish debug builds #408

Uh oh!

Workflow file for this run