# Сборка установщиков по тегу v* и выкладка файлов обновления в публичный репозиторий (ветка `updates`). # Secrets (имена без GITEA_* — зарезервировано на сервере): DND_UPDATE_FEED_URL, DND_UPDATES_SERVER, UPDATES_REPO, DND_UPDATES_PUSH_TOKEN — см. docs/GITEA_AUTO_UPDATE.md name: Release on: push: tags: - 'v*' env: CSC_IDENTITY_AUTO_DISCOVERY: 'false' jobs: build-windows: runs-on: windows-latest steps: - uses: actions/checkout@v4 - uses: actions/setup-node@v4 with: node-version: '22' cache: 'npm' - name: Version from tag shell: bash run: | TAG="${GITHUB_REF_NAME:-}" VERSION="${TAG#v}" npm version "$VERSION" --allow-same-version --no-git-tag-version - run: npm ci - run: npm run build - run: node scripts/release-win-prep.mjs - name: electron-builder (win) shell: bash env: DND_UPDATE_FEED_URL: ${{ secrets.DND_UPDATE_FEED_URL }} run: | set -euo pipefail if [[ -z "${DND_UPDATE_FEED_URL:-}" ]]; then echo "Secret DND_UPDATE_FEED_URL is not set (generic feed base URL, trailing slash)" >&2 exit 1 fi npx electron-builder --win --publish never \ --config.publish.provider=generic \ --config.publish.url="${DND_UPDATE_FEED_URL}" - name: Stage win artifacts shell: bash run: | mkdir -p _artifact_win shopt -s nullglob || true for f in release/*; do [[ -f "$f" ]] || continue base=$(basename "$f") case "$base" in *.yml|*.yaml|*.exe|*.blockmap|*.zip) cp -v "$f" _artifact_win/ ;; esac done ls -la _artifact_win - uses: actions/upload-artifact@v4 with: name: eb-win path: _artifact_win/ build-macos: runs-on: macos-latest steps: - uses: actions/checkout@v4 - uses: actions/setup-node@v4 with: node-version: '22' cache: 'npm' - name: Version from tag shell: bash run: | TAG="${GITHUB_REF_NAME:-}" VERSION="${TAG#v}" npm version "$VERSION" --allow-same-version --no-git-tag-version - run: npm ci - run: npm run build - name: electron-builder (mac) shell: bash env: DND_UPDATE_FEED_URL: ${{ secrets.DND_UPDATE_FEED_URL }} run: | set -euo pipefail if [[ -z "${DND_UPDATE_FEED_URL:-}" ]]; then echo "Secret DND_UPDATE_FEED_URL is not set" >&2 exit 1 fi npx electron-builder --mac --publish never \ --config.publish.provider=generic \ --config.publish.url="${DND_UPDATE_FEED_URL}" - name: Stage mac artifacts shell: bash run: | mkdir -p _artifact_mac shopt -s nullglob || true for f in release/*; do [[ -f "$f" ]] || continue base=$(basename "$f") case "$base" in *.yml|*.yaml|*.dmg|*.blockmap|*.zip|*.pkg) cp -v "$f" _artifact_mac/ ;; esac done ls -la _artifact_mac - uses: actions/upload-artifact@v4 with: name: eb-mac path: _artifact_mac/ publish-update-feed: runs-on: ubuntu-latest needs: [build-windows, build-macos] steps: - uses: actions/checkout@v4 - uses: actions/download-artifact@v4 with: name: eb-win path: _win - uses: actions/download-artifact@v4 with: name: eb-mac path: _mac - uses: actions/setup-node@v4 with: node-version: '22' - name: Push to public updates repo env: DND_UPDATES_SERVER: ${{ secrets.DND_UPDATES_SERVER }} UPDATES_REPO: ${{ secrets.UPDATES_REPO }} DND_UPDATES_PUSH_TOKEN: ${{ secrets.DND_UPDATES_PUSH_TOKEN }} ARTIFACT_WIN: ${{ github.workspace }}/_win ARTIFACT_MAC: ${{ github.workspace }}/_mac GIT_COMMIT_TAG: ${{ github.ref_name }} run: node scripts/sync-update-feed.mjs