diff --git a/workflow-templates/appstore-build-publish.properties.json b/workflow-templates/appstore-build-publish.properties.json new file mode 100644 index 00000000..11b3722a --- /dev/null +++ b/workflow-templates/appstore-build-publish.properties.json @@ -0,0 +1,5 @@ +{ + "name": "Build, sign and push to the appstore", + "description": "On release, build a npm app, sign it, attach to the release and publish to the appstore.`", + "iconName": "appstore-build-publish" +} diff --git a/workflow-templates/appstore-build-publish.svg b/workflow-templates/appstore-build-publish.svg new file mode 100644 index 00000000..b9264d43 --- /dev/null +++ b/workflow-templates/appstore-build-publish.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/workflow-templates/appstore-build-publish.yml b/workflow-templates/appstore-build-publish.yml new file mode 100644 index 00000000..2ff6fda2 --- /dev/null +++ b/workflow-templates/appstore-build-publish.yml @@ -0,0 +1,113 @@ +# This workflow is provided via the organization template repository +# +# https://github.com/nextcloud/.github +# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization + +name: Build and publish app release + +on: + release: + types: [published] + +env: + PHP_VERSION: 7.4 + +jobs: + build_and_publish: + runs-on: ubuntu-latest + + # Only allowed to be run on nextcloud-releases repositories + if: ${{ github.repository_owner === 'nextcloud-releases' }} + + steps: + - name: Check actor permission + uses: skjnldsv/check-actor-permission@v2 + with: + require: admin + + - name: Set app env + run: | + # Split and keep last + echo "APP_NAME=${GITHUB_REPOSITORY##*/}" >> $GITHUB_ENV + echo "APP_VERSION=${GITHUB_REF##*/}" >> $GITHUB_ENV + + - name: Checkout + uses: actions/checkout@v2 + with: + path: ${{ env.APP_NAME }} + + - name: Get appinfo data + id: appinfo + uses: skjnldsv/xpath-action@master + with: + filename: ${{ env.APP_NAME }}/appinfo/info.xml + expression: '//info//dependencies//nextcloud/@min-version' + + - name: Read package.json node and npm engines version + uses: skjnldsv/read-package-engines-version-actions@v1.1 + id: versions + with: + path: ${{ env.APP_NAME }} + fallbackNode: '^12' + fallbackNpm: '^6' + + - name: Set up node ${{ steps.versions.outputs.nodeVersion }} + uses: actions/setup-node@v2 + with: + node-version: ${{ steps.versions.outputs.nodeVersion }} + + - name: Set up npm ${{ steps.versions.outputs.npmVersion }} + run: npm i -g npm@"${{ steps.versions.outputs.npmVersion }}" + + - name: Set up php ${{ env.PHP_VERSION }} + uses: shivammathur/setup-php@v2 + with: + php-version: ${{ env.PHP_VERSION }} + coverage: none + + - name: Build ${{ env.APP_NAME }} ${{ env.APP_VERSION }} + run: | + cd ${{ env.APP_NAME }} + npm ci + npm run build + krankerl package || make appstore + + - name: Checkout server ${{ fromJSON(steps.appinfo.outputs.result).nextcloud.min-version }} + run: | + NCVERSION=${{ fromJSON(steps.appinfo.outputs.result).nextcloud.min-version }} + wget --quiet https://download.nextcloud.com/server/releases/latest-$NCVERSION.zip + unzip latest-$NCVERSION.zip + + - name: Sign app + run: | + # Extracting release + cd ${{ env.APP_NAME }}/build/artifacts + tar -xvf ${{ env.APP_NAME }}.tar.gz + cd ../../../ + # Setting up keys + echo "${{ secrets.APP_PRIVATE_KEY }}" > ${{ env.APP_NAME }}.key + wget --quiet "https://github.com/nextcloud/app-certificate-requests/raw/master/${{ env.APP_NAME }}/${{ env.APP_NAME }}.crt" + # Signing + php nextcloud/occ integrity:sign-app --privateKey=../${{ env.APP_NAME }}.key --certificate=../${{ env.APP_NAME }}.crt --path=../${{ env.APP_NAME }}/build/artifacts/${{ env.APP_NAME }} + # Rebuilding archive + cd ${{ env.APP_NAME }}/build/artifacts + tar -zcvf ${{ env.APP_NAME }}.tar.gz ${{ env.APP_NAME }} + + - name: Attach tarball to github release + uses: svenstaro/upload-release-action@v2 + id: attach_to_release + with: + repo_token: ${{ secrets.GITHUB_TOKEN }} + file: ${{ env.APP_NAME }}/build/artifacts/${{ env.APP_NAME }}.tar.gz + asset_name: ${{ env.APP_NAME }}-${{ env.APP_VERSION }}.tar.gz + tag: ${{ github.ref }} + overwrite: true + + - name: Upload app to Nextcloud appstore + if: ${{ secrets.APPSTORE_TOKEN }} + uses: R0Wi/nextcloud-appstore-push-action@v1 + with: + app_name: ${{ env.APP_NAME }} + appstore_token: ${{ secrets.APPSTORE_TOKEN }} + download_url: ${{ steps.attach_to_release.outputs.browser_download_url }} + app_private_key: ${{ secrets.APP_PRIVATE_KEY }}