.github/workflows/appstore-build-publish.yml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146

# This workflow is provided via the organization template repository
#
# https://github.com/nextcloud/.github
# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization

name: Build and publish app release

on:
  release:
    types: [published]

env:
  PHP_VERSION: 7.4

jobs:
  build_and_publish:
    runs-on: ubuntu-latest

    # Only allowed to be run on nextcloud-releases repositories
    if: ${{ github.repository_owner == 'nextcloud-releases' }}

    steps:
      - name: Check actor permission
        uses: skjnldsv/check-actor-permission@v2
        with:
          require: admin

      - name: Set app env
        run: |
          # Split and keep last 
          echo "APP_NAME=${GITHUB_REPOSITORY##*/}" >> $GITHUB_ENV
          echo "APP_VERSION=${GITHUB_REF##*/}" >> $GITHUB_ENV

      - name: Checkout
        uses: actions/checkout@v2
        with:
          path: ${{ env.APP_NAME }}

      - name: Get appinfo data
        id: appinfo
        uses: skjnldsv/xpath-action@master
        with:
          filename: ${{ env.APP_NAME }}/appinfo/info.xml
          expression: '//info//dependencies//nextcloud/@min-version'

      - name: Read package.json node and npm engines version
        uses: skjnldsv/read-package-engines-version-actions@v1.1
        id: versions
        # Continue if no package.json
        continue-on-error: true
        with:
          path: ${{ env.APP_NAME }}
          fallbackNode: '^12'
          fallbackNpm: '^6'

      - name: Set up node ${{ steps.versions.outputs.nodeVersion }}
        # Skip if no package.json
        if: ${{ steps.versions.outputs.nodeVersion }}
        uses: actions/setup-node@v2
        with:
          node-version: ${{ steps.versions.outputs.nodeVersion }}

      - name: Set up npm ${{ steps.versions.outputs.npmVersion }}
        # Skip if no package.json
        if: ${{ steps.versions.outputs.npmVersion }}
        run: npm i -g npm@"${{ steps.versions.outputs.npmVersion }}"

      - name: Set up php ${{ env.PHP_VERSION }}
        uses: shivammathur/setup-php@v2
        with:
          php-version: ${{ env.PHP_VERSION }}
          coverage: none

      - name: Check composer.json
        id: check_composer
        uses: andstor/file-existence-action@v1
        with:
          files: "${{ env.APP_NAME }}/composer.json"

      - name: Install composer dependencies
        if: steps.check_composer.outputs.files_exists == 'true'
        run: |
          cd ${{ env.APP_NAME }}
          composer install --no-dev

      - name: Build ${{ env.APP_NAME }}
        # Skip if no package.json
        if: ${{ steps.versions.outputs.nodeVersion }}
        run: |
          cd ${{ env.APP_NAME }}
          npm ci
          npm run build

      - name: Package ${{ env.APP_NAME }} ${{ env.APP_VERSION }}
        # Try krankerl, fallback to makefile
        run: |
          cd ${{ env.APP_NAME }}
          krankerl package || make appstore

      - name: Checkout server ${{ fromJSON(steps.appinfo.outputs.result).nextcloud.min-version }}
        continue-on-error: true
        id: server-checkout
        run: |
          NCVERSION=${{ fromJSON(steps.appinfo.outputs.result).nextcloud.min-version }}
          wget --quiet https://download.nextcloud.com/server/releases/latest-$NCVERSION.zip
          unzip latest-$NCVERSION.zip

      - name: Checkout server master fallback
        uses: actions/checkout@v2
        if: ${{ steps.server-checkout.outcome != 'success' }}
        with:
          repository: nextcloud/server
          path: nextcloud

      - name: Sign app
        run: |
          # Extracting release
          cd ${{ env.APP_NAME }}/build/artifacts
          tar -xvf ${{ env.APP_NAME }}.tar.gz
          cd ../../../
          # Setting up keys
          echo "${{ secrets.APP_PRIVATE_KEY }}" > ${{ env.APP_NAME }}.key
          wget --quiet "https://github.com/nextcloud/app-certificate-requests/raw/master/${{ env.APP_NAME }}/${{ env.APP_NAME }}.crt"
          # Signing
          php nextcloud/occ integrity:sign-app --privateKey=../${{ env.APP_NAME }}.key --certificate=../${{ env.APP_NAME }}.crt --path=../${{ env.APP_NAME }}/build/artifacts/${{ env.APP_NAME }}
          # Rebuilding archive
          cd ${{ env.APP_NAME }}/build/artifacts
          tar -zcvf ${{ env.APP_NAME }}.tar.gz ${{ env.APP_NAME }}

      - name: Attach tarball to github release
        uses: svenstaro/upload-release-action@v2
        id: attach_to_release
        with:
          repo_token: ${{ secrets.GITHUB_TOKEN }}
          file: ${{ env.APP_NAME }}/build/artifacts/${{ env.APP_NAME }}.tar.gz
          asset_name: ${{ env.APP_NAME }}-${{ env.APP_VERSION }}.tar.gz
          tag: ${{ github.ref }}
          overwrite: true

      - name: Upload app to Nextcloud appstore
        uses: nextcloud-releases/nextcloud-appstore-push-action@v1
        with:
          app_name: ${{ env.APP_NAME }}
          appstore_token: ${{ secrets.APPSTORE_TOKEN }}
          download_url: ${{ steps.attach_to_release.outputs.browser_download_url }}
          app_private_key: ${{ secrets.APP_PRIVATE_KEY }}