chore(deps): bump dependabot/fetch-metadata from 2 to 3 #624
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: [ master ] | |
| pull_request: | |
| branches: [ master ] | |
| env: | |
| CARGO_TERM_COLOR: always | |
| RUST_BACKTRACE: 1 | |
| jobs: | |
| test: | |
| name: Test | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v5 | |
| - uses: mkroening/rust-toolchain-toml@main | |
| - uses: Swatinem/rust-cache@v2 | |
| # Linux-specific dependencies | |
| - name: Install Linux dependencies | |
| if: runner.os == 'Linux' | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y libgtk-3-dev libwebkit2gtk-4.1-dev libayatana-appindicator3-dev librsvg2-dev clang xdg-utils | |
| - name: Check formatting | |
| run: cargo fmt --all -- --check | |
| - name: Clippy | |
| run: cargo clippy --workspace --all-features -- -D warnings | |
| - name: Build | |
| run: cargo build --all-features | |
| - name: Test | |
| run: cargo test --all-features | |
| gui-build: | |
| name: GUI Build | |
| needs: test | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - os: ubuntu-latest | |
| target: x86_64-unknown-linux-gnu | |
| - os: macos-latest | |
| target: x86_64-apple-darwin | |
| - os: macos-latest | |
| target: aarch64-apple-darwin | |
| - os: windows-latest | |
| target: x86_64-pc-windows-msvc | |
| steps: | |
| - uses: actions/checkout@v5 | |
| # Install Rust toolchain | |
| - uses: mkroening/rust-toolchain-toml@main | |
| - uses: Swatinem/rust-cache@v2 | |
| # Import Apple certificate for macOS builds | |
| - name: Import Apple Certificate | |
| if: runner.os == 'macOS' && github.event_name != 'pull_request' | |
| env: | |
| APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }} | |
| APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }} | |
| KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }} | |
| run: | | |
| # Create variables | |
| CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12 | |
| KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db | |
| # Import certificate from secrets | |
| echo -n "$APPLE_CERTIFICATE" | base64 --decode -o $CERTIFICATE_PATH | |
| # Create temporary keychain | |
| security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH | |
| security set-keychain-settings -lut 21600 $KEYCHAIN_PATH | |
| security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH | |
| # Import certificate to keychain | |
| security import $CERTIFICATE_PATH -P "$APPLE_CERTIFICATE_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH | |
| security set-key-partition-list -S apple-tool:,apple: -k "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH | |
| security list-keychain -d user -s $KEYCHAIN_PATH | |
| # Add WASM target | |
| - name: Add WASM target | |
| run: rustup target add wasm32-unknown-unknown | |
| # Cache cargo-installed tools | |
| - name: Cache cargo tools | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/.cargo/bin | |
| key: ${{ runner.os }}-cargo-tools-trunk-tauri-${{ hashFiles('**/Cargo.lock') }} | |
| restore-keys: | | |
| ${{ runner.os }}-cargo-tools-trunk-tauri- | |
| ${{ runner.os }}-cargo-tools- | |
| # Install build tools | |
| - name: Install build tools | |
| shell: bash | |
| run: | | |
| # Check if trunk is already installed | |
| if ! command -v trunk &> /dev/null; then | |
| echo "Installing trunk..." | |
| cargo install trunk --locked | |
| else | |
| echo "trunk is already installed" | |
| fi | |
| # Check if tauri is already installed | |
| if ! command -v cargo-tauri &> /dev/null; then | |
| echo "Installing tauri-cli..." | |
| cargo install tauri-cli --locked | |
| else | |
| echo "tauri-cli is already installed" | |
| fi | |
| # Install tailwindcss standalone CLI | |
| - name: Install tailwindcss | |
| shell: bash | |
| run: | | |
| # Map runner OS and arch to tailwind binary names | |
| case "${{ runner.os }}-${{ runner.arch }}" in | |
| "Linux-X64") BINARY="tailwindcss-linux-x64"; DEST="/usr/local/bin/tailwindcss" ;; | |
| "macOS-X64") BINARY="tailwindcss-macos-x64"; DEST="/usr/local/bin/tailwindcss" ;; | |
| "macOS-ARM64") BINARY="tailwindcss-macos-arm64"; DEST="/usr/local/bin/tailwindcss" ;; | |
| "Windows-X64") BINARY="tailwindcss-windows-x64.exe"; DEST="$HOME/.cargo/bin/tailwindcss.exe" ;; | |
| esac | |
| echo "Installing $BINARY to $DEST" | |
| curl -sL "https://github.com/tailwindlabs/tailwindcss/releases/download/v4.1.11/${BINARY}" -o "$DEST" | |
| chmod +x "$DEST" | |
| # Linux-specific dependencies | |
| - name: Install Linux dependencies | |
| if: runner.os == 'Linux' | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y libgtk-3-dev libwebkit2gtk-4.1-dev libayatana-appindicator3-dev librsvg2-dev clang xdg-utils | |
| # Windows-specific dependencies | |
| - name: Install Windows dependencies | |
| if: runner.os == 'Windows' | |
| shell: cmd | |
| run: | | |
| vcpkg install openssl:x64-windows-static | |
| vcpkg install openssl:x64-windows-static-md | |
| vcpkg integrate install | |
| # Build frontends and GUI (without signing for PRs) | |
| - name: Build GUI | |
| if: github.event_name == 'pull_request' | |
| env: | |
| OPENSSL_STATIC: 1 | |
| run: cd crates/gui && cargo tauri build | |
| # Build frontends and GUI with signing (for pushes to master) | |
| - name: Build GUI and Sign | |
| if: github.event_name != 'pull_request' | |
| env: | |
| OPENSSL_STATIC: 1 | |
| APPLE_SIGNING_IDENTITY: ${{ secrets.APPLE_SIGNING_IDENTITY }} | |
| APPLE_ID: ${{ secrets.APPLE_ID }} | |
| APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }} | |
| APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} | |
| run: cd crates/gui && cargo tauri build | |
| # Notarize macOS app | |
| - name: Notarize macOS App | |
| if: runner.os == 'macOS' && github.event_name != 'pull_request' | |
| env: | |
| APPLE_ID: ${{ secrets.APPLE_ID }} | |
| APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }} | |
| APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} | |
| run: | | |
| # Find the DMG file | |
| DMG_FILE=$(find target/release/bundle/dmg -name "*.dmg" | head -1) | |
| if [ -n "$DMG_FILE" ]; then | |
| echo "Notarizing $DMG_FILE..." | |
| # Submit for notarization | |
| xcrun notarytool submit "$DMG_FILE" \ | |
| --apple-id "$APPLE_ID" \ | |
| --password "$APPLE_PASSWORD" \ | |
| --team-id "$APPLE_TEAM_ID" \ | |
| --wait | |
| # Staple the notarization ticket | |
| xcrun stapler staple "$DMG_FILE" | |
| echo "Notarization complete!" | |
| else | |
| echo "No DMG file found" | |
| exit 1 | |
| fi | |
| - name: Find and prepare artifacts | |
| shell: bash | |
| run: | | |
| mkdir -p artifacts | |
| # Tauri outputs to target/release/bundle | |
| if [[ "${{ runner.os }}" == "macOS" ]]; then | |
| # macOS: Look for DMG and app bundles | |
| if [[ -d "target/release/bundle" ]]; then | |
| echo "Found macOS bundles" | |
| cp -r target/release/bundle/dmg/*.dmg artifacts/ 2>/dev/null || true | |
| cp -r target/release/bundle/macos/*.app artifacts/ 2>/dev/null || true | |
| fi | |
| elif [[ "${{ runner.os }}" == "Linux" ]]; then | |
| # Linux: Look for deb and AppImage files | |
| if [[ -d "target/release/bundle" ]]; then | |
| echo "Found Linux bundles" | |
| cp -r target/release/bundle/deb/*.deb artifacts/ 2>/dev/null || true | |
| cp -r target/release/bundle/appimage/*.AppImage artifacts/ 2>/dev/null || true | |
| fi | |
| elif [[ "${{ runner.os }}" == "Windows" ]]; then | |
| # Windows: Look for MSI files | |
| if [[ -d "target/release/bundle" ]]; then | |
| echo "Found Windows bundles" | |
| cp -r target/release/bundle/msi/*.msi artifacts/ 2>/dev/null || true | |
| fi | |
| fi | |
| # List what we found | |
| echo "Artifacts found:" | |
| ls -la artifacts/ || echo "No artifacts directory" | |
| - name: Upload artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: gate-gui-${{ matrix.target }} | |
| path: artifacts/* | |
| if-no-files-found: warn |