tauri-build #4
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: tauri-build | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| env_name: | |
| description: "Frontend build mode (development/production/test)" | |
| required: false | |
| default: "production" | |
| release: | |
| types: [published] | |
| push: | |
| tags: | |
| - "v*" | |
| jobs: | |
| build: | |
| runs-on: windows-latest | |
| permissions: | |
| contents: write | |
| env: | |
| # 前端构建参数 | |
| # build.cjs reads ENV_NAME; default production | |
| ENV_NAME: ${{ inputs.env_name || 'production' }} | |
| # Release 相关上下文(同时支持 release 和 push tag 触发) | |
| # - RELEASE_TAG: 优先使用 release 事件中的 tag_name,否则回退到 ref_name(如 v0.1.3) | |
| # - RELEASE_NOTES: 在 release 事件中存在,push tag 时为空字符串 | |
| RELEASE_TAG: ${{ github.event.release.tag_name || github.ref_name }} | |
| RELEASE_NOTES: ${{ github.event.release.body || '' }} | |
| RELEASE_REPO: Simprint/simprint-release | |
| # R2 相关配置(若未配置对应 Secret,则相关功能会被跳过或报错) | |
| R2_ACCOUNT_ID: ${{ secrets.R2_ACCOUNT_ID }} | |
| R2_ACCESS_KEY_ID: ${{ secrets.R2_ACCESS_KEY_ID }} | |
| R2_SECRET_ACCESS_KEY: ${{ secrets.R2_SECRET_ACCESS_KEY }} | |
| R2_BUCKET: ${{ secrets.R2_BUCKET }} | |
| R2_PUBLIC_BASE_URL: ${{ secrets.R2_PUBLIC_BASE_URL }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup pnpm | |
| uses: pnpm/action-setup@v4 | |
| with: | |
| version: latest | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 20 | |
| cache: pnpm | |
| - name: Install dependencies | |
| run: pnpm install --frozen-lockfile | |
| - name: Setup Rust toolchain | |
| uses: dtolnay/rust-toolchain@stable | |
| with: | |
| components: rustfmt, clippy | |
| - name: Rust cache | |
| uses: Swatinem/rust-cache@v2 | |
| with: | |
| workspaces: | | |
| src-tauri -> target | |
| # 在 CI 构建期间使用 fixed 版本的 Tauri 配置 | |
| # 先将 src-tauri/tauri.conf.fixed.json 覆盖为 src-tauri/tauri.conf.json, | |
| # 然后再由 prepare-version.mjs 统一写入最终版本号,确保参与打包的配置版本正确。 | |
| - name: Use fixed Tauri config | |
| shell: bash | |
| run: | | |
| set -euo pipefail | |
| cp src-tauri/tauri.conf.fixed.json src-tauri/tauri.conf.json | |
| - name: Prepare version from tag | |
| # For release events, GITHUB_REF_NAME is usually "vX.Y.Z" as well. | |
| run: node deploy/prepare-version.mjs | |
| # Build and bundle the Tauri app. | |
| # It will run `beforeBuildCommand` from `src-tauri/tauri.conf.json` (node build.cjs -> pnpm build:<env>) | |
| - name: Build Tauri app | |
| uses: tauri-apps/tauri-action@v0 | |
| env: | |
| # 使用统一的 GT_TOKEN 作为凭证来源 | |
| GITHUB_TOKEN: ${{ secrets.GT_TOKEN }} | |
| # Optional: enable updater signing / release signing if you configure them later | |
| TAURI_PRIVATE_KEY: ${{ secrets.TAURI_PRIVATE_KEY }} | |
| TAURI_KEY_PASSWORD: ${{ secrets.TAURI_KEY_PASSWORD }} | |
| with: | |
| projectPath: . | |
| # 与本地一致,使用 production feature 进行构建 | |
| args: --features production | |
| # If you create a GitHub Release (tag v*), this will attach artifacts. | |
| releaseId: ${{ github.event.release.id }} | |
| - name: Generate latest.json | |
| run: node deploy/generate-latest-json.mjs | |
| - name: Publish artifacts to simprint-release (Release/Tag) | |
| # 同时支持 release 事件和 push tag 事件 | |
| if: github.event_name == 'release' || github.event_name == 'push' | |
| shell: bash | |
| env: | |
| # NOTE: GITHUB_TOKEN cannot upload to a different repo. | |
| # 请在当前仓库中创建名为 GT_TOKEN 的 Secret, | |
| # 该 token 需要拥有对 Simprint/simprint-release 的发布权限。 | |
| GH_TOKEN: ${{ secrets.GT_TOKEN }} | |
| run: | | |
| set -euo pipefail | |
| TAG="${{ env.RELEASE_TAG }}" | |
| REPO="${{ env.RELEASE_REPO }}" | |
| # Find NSIS installer produced by Tauri | |
| INSTALLER="$(ls -1 src-tauri/target/release/bundle/nsis/*.exe | head -n 1)" | |
| # Create the release if missing, then upload assets | |
| gh release view "$TAG" --repo "$REPO" >/dev/null 2>&1 || \ | |
| gh release create "$TAG" --repo "$REPO" --title "Simprint $TAG" --notes "${{ github.event.release.body }}" | |
| gh release upload "$TAG" --repo "$REPO" "$INSTALLER" latest.json --clobber | |
| - name: Upload installer to R2 storage | |
| # 同时支持 release 事件和 push tag 事件 | |
| if: github.event_name == 'release' || github.event_name == 'push' | |
| shell: bash | |
| run: | | |
| set -euo pipefail | |
| TAG="${{ env.RELEASE_TAG }}" | |
| # 去掉前缀 v,得到纯版本号,如 0.1.0 | |
| VERSION="${TAG#v}" | |
| # 找到 NSIS 安装包 | |
| INSTALLER="$(ls -1 src-tauri/target/release/bundle/nsis/*.exe | head -n 1)" | |
| if [ ! -f "$INSTALLER" ]; then | |
| echo "NSIS installer not found under src-tauri/target/release/bundle/nsis" | |
| exit 1 | |
| fi | |
| # 配置 AWS 兼容凭证(Cloudflare R2 使用 S3 协议) | |
| export AWS_ACCESS_KEY_ID="$R2_ACCESS_KEY_ID" | |
| export AWS_SECRET_ACCESS_KEY="$R2_SECRET_ACCESS_KEY" | |
| export AWS_EC2_METADATA_DISABLED=true | |
| ENDPOINT="https://${R2_ACCOUNT_ID}.r2.cloudflarestorage.com" | |
| DEST="s3://${R2_BUCKET}/${VERSION}/simprint_setup.exe" | |
| echo "Uploading $INSTALLER to R2: $DEST" | |
| aws s3 cp "$INSTALLER" "$DEST" --endpoint-url "$ENDPOINT" --region auto | |
| - name: Upload latest.json artifact (manual runs) | |
| if: github.event_name == 'workflow_dispatch' | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: latest-json | |
| path: latest.json | |