OpenList-Desktop/.github/workflows/release.yml

name: 'Build and Release'

on:
  workflow_dispatch:
    inputs:
      version:
        description: 'Version to release (e.g. v1.0.0)'
        required: true
        type: string

env:
  TAURI_PRIVATE_KEY: ${{ secrets.TAURI_PRIVATE_KEY }}
  TAURI_KEY_PASSWORD: ${{ secrets.TAURI_KEY_PASSWORD }}
  # macOS signing and notarization
  APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }}
  APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }}
  APPLE_ID: ${{ secrets.APPLE_ID }}
  APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
  APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}

jobs:
  changelog:
    name: Generate Changelog
    runs-on: ubuntu-latest
    outputs:
      changelog: ${{ steps.changelog.outputs.changelog }}
      tag: ${{ steps.tag.outputs.tag }}
    steps:
      - name: Checkout
        uses: actions/checkout@v4
        with:
          fetch-depth: 0

      - name: Get tag
        id: tag
        run: |
          if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then
            echo "tag=${{ github.event.inputs.version }}" >> $GITHUB_OUTPUT
          else
            echo "tag=${GITHUB_REF#refs/tags/}" >> $GITHUB_OUTPUT
          fi

      - name: Generate changelog
        id: changelog
        run: |
          # Get the previous tag
          PREVIOUS_TAG=$(git tag --sort=-version:refname | grep -v "^${{ steps.tag.outputs.tag }}$" | head -n 1)
          
          if [ -z "$PREVIOUS_TAG" ]; then
            echo "No previous tag found, generating changelog from first commit"
            COMMITS=$(git log --pretty=format:"- %s (%h)" --reverse)
          else
            echo "Generating changelog from $PREVIOUS_TAG to ${{ steps.tag.outputs.tag }}"
            COMMITS=$(git log --pretty=format:"- %s (%h)" $PREVIOUS_TAG..${{ steps.tag.outputs.tag }})
          fi
          
          # Create changelog
          CHANGELOG="## What's Changed"$'\n\n'"$COMMITS"
          
          # Save to file and output
          echo "$CHANGELOG" > changelog.md
          echo "changelog<<EOF" >> $GITHUB_OUTPUT
          echo "$CHANGELOG" >> $GITHUB_OUTPUT
          echo "EOF" >> $GITHUB_OUTPUT

      - name: Upload changelog
        uses: actions/upload-artifact@v4
        with:
          name: changelog
          path: changelog.md

  build:
    needs: changelog
    strategy:
      fail-fast: false
      matrix:
        include:
          - platform: 'macos-latest'
            args: '--target aarch64-apple-darwin'
            target: 'aarch64-apple-darwin'
          - platform: 'macos-latest'
            args: '--target x86_64-apple-darwin'
            target: 'x86_64-apple-darwin'
          - platform: 'ubuntu-20.04'
            args: '--target x86_64-unknown-linux-gnu'
            target: 'x86_64-unknown-linux-gnu'
          - platform: 'windows-latest'
            args: '--target x86_64-pc-windows-msvc'
            target: 'x86_64-pc-windows-msvc'

    runs-on: ${{ matrix.platform }}
    steps:
      - name: Checkout repository
        uses: actions/checkout@v4

      - name: Install dependencies (ubuntu only)
        if: matrix.platform == 'ubuntu-20.04'
        run: |
          sudo apt-get update
          sudo apt-get install -y libwebkit2gtk-4.0-dev libappindicator3-dev librsvg2-dev patchelf

      - name: Rust setup
        uses: dtolnay/rust-toolchain@stable
        with:
          targets: ${{ matrix.target }}

      - name: Rust cache
        uses: swatinem/rust-cache@v2
        with:
          workspaces: './src-tauri -> target'

      - name: Sync node version and setup cache
        uses: actions/setup-node@v4
        with:
          node-version: 'lts/*'
          cache: 'npm'

      - name: Install frontend dependencies
        run: npm ci

      - name: Import Apple Developer Certificate (macOS only)
        if: matrix.platform == 'macos-latest'
        uses: apple-actions/import-codesign-certs@v2
        with:
          p12-file-base64: ${{ secrets.APPLE_CERTIFICATE }}
          p12-password: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }}

      - name: Build the app
        uses: tauri-apps/tauri-action@v0
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          # macOS signing and notarization environment variables
          APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }}
          APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }}
          APPLE_ID: ${{ secrets.APPLE_ID }}
          APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
          APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
          # Enable signing and notarization for macOS
          APPLE_SIGNING_IDENTITY: ${{ secrets.APPLE_SIGNING_IDENTITY }}
          ENABLE_CODE_SIGNING: ${{ matrix.platform == 'macos-latest' && 'true' || 'false' }}
        with:
          tagName: ${{ needs.changelog.outputs.tag }}
          releaseName: 'OpenList Desktop ${{ needs.changelog.outputs.tag }}'
          releaseBody: ${{ needs.changelog.outputs.changelog }}
          releaseDraft: false
          prerelease: false
          args: ${{ matrix.args }}

  publish:
    needs: [changelog, build]
    runs-on: ubuntu-latest
    if: always() && needs.build.result == 'success'
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Download changelog
        uses: actions/download-artifact@v4
        with:
          name: changelog

      - name: Update release
        uses: softprops/action-gh-release@v1
        with:
          tag_name: ${{ needs.changelog.outputs.tag }}
          name: 'OpenList Desktop ${{ needs.changelog.outputs.tag }}'
          body_path: changelog.md
          draft: false
          prerelease: false
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

      - name: Update latest.json for auto-updater
        run: |
          # Get the latest release info
          RELEASE_INFO=$(curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
            "https://api.github.com/repos/${{ github.repository }}/releases/latest")
          
          # Extract version and download URLs
          VERSION=$(echo "$RELEASE_INFO" | jq -r '.tag_name')
          RELEASE_NOTES=$(echo "$RELEASE_INFO" | jq -r '.body')
          RELEASE_DATE=$(echo "$RELEASE_INFO" | jq -r '.published_at')
          
          # Create latest.json for Tauri updater
          cat > latest.json << EOF
          {
            "version": "$VERSION",
            "notes": $(echo "$RELEASE_NOTES" | jq -R -s .),
            "pub_date": "$RELEASE_DATE",
            "platforms": {
              "darwin-x86_64": {
                "signature": "",
                "url": "https://github.com/${{ github.repository }}/releases/download/$VERSION/OpenList-Desktop_${VERSION}_x64_mac.dmg.tar.gz"
              },
              "darwin-aarch64": {
                "signature": "",
                "url": "https://github.com/${{ github.repository }}/releases/download/$VERSION/OpenList-Desktop_${VERSION}_aarch64_mac.dmg.tar.gz"
              },
              "linux-x86_64": {
                "signature": "",
                "url": "https://github.com/${{ github.repository }}/releases/download/$VERSION/openlist-desktop_${VERSION}_amd64.AppImage.tar.gz"
              },
              "windows-x86_64": {
                "signature": "",
                "url": "https://github.com/${{ github.repository }}/releases/download/$VERSION/OpenList-Desktop_${VERSION}_x64_en-US.msi.zip"
              }
            }
          }
          EOF
          
          echo "Generated latest.json for auto-updater"
          cat latest.json

      - name: Commit and push latest.json
        run: |
          git config --local user.email "action@github.com"
          git config --local user.name "GitHub Action"
          
          # Check if there are changes to commit
          if [[ -n $(git status --porcelain) ]]; then
            git add latest.json
            git commit -m "Update latest.json for auto-updater [skip ci]"
            git push origin HEAD:main
          else
            echo "No changes to commit"
          fi
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}