ci(signing): add signin to build workflow #46
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Wails build | |
| on: | |
| workflow_dispatch: | |
| push: | |
| tags: | |
| # Match any new tag | |
| - '*' | |
| env: | |
| # Necessary for most environments as build failure can occur due to OOM issues | |
| NODE_OPTIONS: "--max-old-space-size=4096" | |
| jobs: | |
| build: | |
| strategy: | |
| # Failure in one platform build won't impact the others | |
| fail-fast: false | |
| matrix: | |
| build: | |
| - name: 'mult-game_linux-amd64' | |
| platform: 'linux/amd64' | |
| os: 'ubuntu-latest' | |
| - name: 'mult-game_windows-amd64.exe' | |
| platform: 'windows/amd64' | |
| os: 'windows-latest' | |
| runs-on: ${{ matrix.build.os }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v2 | |
| with: | |
| submodules: recursive | |
| - name: Build & Deploy | |
| uses: dAppServer/[email protected] | |
| with: | |
| build-name: ${{ matrix.build.name }} | |
| build-platform: ${{ matrix.build.platform }} | |
| package: false | |
| go-version: 1.21 | |
| - name: Install cosign | |
| uses: sigstore/[email protected] | |
| - name: Sign Unix artifact | |
| if: ${{! startsWith(matrix.build.platform, 'windows')}} | |
| run: cosign sign-blob --yes */bin/${{ matrix.build.name }} --key env://COSIGN_PRIVATE_KEY | |
| env: | |
| COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }} | |
| COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }} | |
| GITHUB_TOKEN: ${{ secrets.TOKEN }} | |
| - name: Sign Windows artifact | |
| if: ${{ startsWith(matrix.build.platform, 'windows')}} | |
| run: cosign sign-blob --yes build\bin\${{ matrix.build.name }} --key env://COSIGN_PRIVATE_KEY | |
| env: | |
| COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }} | |
| COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }} | |
| GITHUB_TOKEN: ${{ secrets.TOKEN }} | |
| - name: Upload | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| path: | | |
| */bin/ | |
| *\bin\* | |
| - name: Release | |
| uses: softprops/action-gh-release@v1 | |
| if: ${{ startsWith(github.ref, 'refs/tags/') }} | |
| with: | |
| files: | | |
| */bin/* |