name: Build on: push: branches: [main, master] tags: ["v*"] paths: - "landing/**" - "app/**" - "crates/**" - "Cargo.toml" - "Cargo.lock" - ".gitea/workflows/build.yaml" env: REGISTRY: git.realmanual.ru IMAGE_PREFIX: ${{ gitea.repository }} permissions: contents: read packages: write jobs: # --------------------------------------------------------------------------- # Decide what changed so we don't rebuild the (slow) DMG on a landing-only edit # and vice versa. Tags always build everything (release). # --------------------------------------------------------------------------- changes: name: Detect changes runs-on: ubuntu-22.04 container: catthehacker/ubuntu:act-latest outputs: landing: ${{ steps.filter.outputs.landing }} app: ${{ steps.filter.outputs.app }} steps: - uses: actions/checkout@v3 with: { fetch-depth: 2 } - id: filter uses: dorny/paths-filter@v3 with: filters: | landing: - 'landing/**' app: - 'app/**' - 'crates/**' - 'Cargo.toml' - 'Cargo.lock' # --------------------------------------------------------------------------- # Landing → static nginx image pushed to the Gitea registry. # --------------------------------------------------------------------------- landing: name: Build & push landing needs: changes if: needs.changes.outputs.landing == 'true' || startsWith(github.ref, 'refs/tags/') runs-on: ubuntu-22.04 container: catthehacker/ubuntu:act-latest outputs: version: ${{ steps.version.outputs.VERSION }} status: ${{ steps.build.outcome }} steps: - uses: actions/checkout@v3 - name: Read version id: version run: echo "VERSION=$(cat ./landing/VERSION)" >> $GITHUB_OUTPUT - name: Log in to Gitea Registry uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.TOKEN }} - name: Build and push id: build uses: docker/build-push-action@v6 with: context: ./landing file: ./landing/Dockerfile push: true tags: | ${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}/spacesh-landing:${{ steps.version.outputs.VERSION }} ${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}/spacesh-landing:latest # --------------------------------------------------------------------------- # macOS app → universal (Intel + Apple Silicon) .dmg. # REQUIRES a self-hosted macOS runner labelled `macos` — Tauri cannot # cross-compile a macOS bundle from Linux. The DMG is UNSIGNED (no Developer # ID secrets configured); Gatekeeper will warn on first open. To sign+notarize # later, set APPLE_CERTIFICATE / APPLE_SIGNING_IDENTITY / APPLE_ID secrets and # pass them through to `tauri build`. # --------------------------------------------------------------------------- dmg: name: Build macOS DMG needs: changes if: needs.changes.outputs.app == 'true' || startsWith(github.ref, 'refs/tags/') runs-on: macos outputs: version: ${{ steps.version.outputs.VERSION }} status: ${{ steps.build.outcome }} steps: - uses: actions/checkout@v3 - name: Read version id: version run: echo "VERSION=$(node -p "require('./app/src-tauri/tauri.conf.json').version")" >> $GITHUB_OUTPUT - name: Setup Node uses: actions/setup-node@v4 with: node-version: 20 - name: Install Rust + macOS targets run: | if ! command -v rustup >/dev/null; then curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y echo "$HOME/.cargo/bin" >> $GITHUB_PATH export PATH="$HOME/.cargo/bin:$PATH" fi rustup target add aarch64-apple-darwin x86_64-apple-darwin - name: Install frontend deps working-directory: app run: npm ci - name: Build universal DMG id: build working-directory: app run: npm run tauri build -- --target universal-apple-darwin - name: Collect DMG run: | set -euo pipefail mkdir -p dist cp app/src-tauri/target/universal-apple-darwin/release/bundle/dmg/*.dmg dist/ ls -lh dist - name: Upload DMG artifact uses: actions/upload-artifact@v3 with: name: spacesh-dmg-${{ steps.version.outputs.VERSION }} path: dist/*.dmg # --------------------------------------------------------------------------- # Summary → Max. # --------------------------------------------------------------------------- notify: name: Notify Max needs: [landing, dmg] if: always() runs-on: ubuntu-22.04 container: catthehacker/ubuntu:act-latest steps: - name: Compose & send summary run: | line_for() { local name="$1" result="$2" ver="$3" case "$result" in success) echo "✅ $name собран (\`$ver\`)";; failure) echo "❌ $name — ошибка сборки";; skipped) echo "➖ $name без изменений";; *) echo "❔ $name — $result";; esac } summary="" summary="$summary"$'\n'"$(line_for spacesh-landing '${{ needs.landing.result }}' '${{ needs.landing.outputs.version }}')" summary="$summary"$'\n'"$(line_for spacesh-dmg '${{ needs.dmg.result }}' '${{ needs.dmg.outputs.version }}')" url="${{ gitea.server_url }}/${{ gitea.repository }}/actions/runs/${{ gitea.run_number }}" text=$(printf '**Build**%s\n\n[лог](%s)' "$summary" "$url") curl -s -X POST "https://platform-api.max.ru/messages?chat_id=${{ secrets.MAX_CHAT_ID }}" \ -H "Authorization: ${{ secrets.MAX_BOT_TOKEN }}" \ -H "Content-Type: application/json" \ -d "$(jq -n --arg t "$text" '{text:$t,format:"markdown"}')"