# cimery — Release build workflow (Sprint 23: Tauri v2 bundle) # Triggered by pushing a version tag: git tag v0.1.0 && git push --tags # # Produces: # - Windows x64: .msi (WiX) + .exe (NSIS) + cimery-viewer.exe # - macOS arm64: .dmg + .app + cimery-viewer # - Linux x64: .deb + .AppImage + cimery-viewer # # Sidecar: cimery-viewer is built first, then bundled alongside cimery-app. # Code signing: placeholder (Azure Trusted Signing — ADR-003 A3). name: Release on: push: tags: - 'v*' permissions: contents: write env: CARGO_TERM_COLOR: always RUST_BACKTRACE: 1 jobs: # ── 1. Build sidecar viewer for each platform ────────────────────────────── build-viewer: name: viewer (${{ matrix.target }}) runs-on: ${{ matrix.os }} strategy: fail-fast: false matrix: include: - os: windows-latest target: x86_64-pc-windows-msvc viewer-bin: cimery-viewer.exe - os: macos-latest target: aarch64-apple-darwin viewer-bin: cimery-viewer - os: ubuntu-latest target: x86_64-unknown-linux-gnu viewer-bin: cimery-viewer steps: - uses: actions/checkout@v4 - uses: dtolnay/rust-toolchain@stable with: targets: ${{ matrix.target }} - uses: Swatinem/rust-cache@v2 with: key: viewer-${{ matrix.target }} - name: Install Linux system deps if: matrix.os == 'ubuntu-latest' run: | sudo apt-get update -qq sudo apt-get install -y \ libwebkit2gtk-4.1-dev \ libgtk-3-dev \ libayatana-appindicator3-dev \ librsvg2-dev \ patchelf - name: Build cimery-viewer (release) run: cargo build --release -p cimery-viewer --target ${{ matrix.target }} - name: Upload viewer binary uses: actions/upload-artifact@v4 with: name: viewer-${{ matrix.target }} path: target/${{ matrix.target }}/release/${{ matrix.viewer-bin }} retention-days: 1 # ── 2. Build Tauri app bundle (includes viewer sidecar) ─────────────────── build-tauri: name: tauri-bundle (${{ matrix.target }}) needs: build-viewer runs-on: ${{ matrix.os }} strategy: fail-fast: false matrix: include: - os: windows-latest target: x86_64-pc-windows-msvc viewer-bin: cimery-viewer.exe tauri-target: x86_64-pc-windows-msvc - os: macos-latest target: aarch64-apple-darwin viewer-bin: cimery-viewer tauri-target: aarch64-apple-darwin - os: ubuntu-latest target: x86_64-unknown-linux-gnu viewer-bin: cimery-viewer tauri-target: x86_64-unknown-linux-gnu steps: - uses: actions/checkout@v4 - uses: dtolnay/rust-toolchain@stable with: targets: ${{ matrix.target }} - uses: Swatinem/rust-cache@v2 with: key: tauri-${{ matrix.target }} - name: Install Linux system deps if: matrix.os == 'ubuntu-latest' run: | sudo apt-get update -qq sudo apt-get install -y \ libwebkit2gtk-4.1-dev \ libgtk-3-dev \ libayatana-appindicator3-dev \ librsvg2-dev \ patchelf # Download viewer sidecar built in previous job - name: Download viewer sidecar uses: actions/download-artifact@v4 with: name: viewer-${{ matrix.target }} path: crates/app/binaries/ - name: Make viewer executable (Unix) if: matrix.os != 'windows-latest' run: chmod +x crates/app/binaries/${{ matrix.viewer-bin }} # Install cargo-tauri CLI - name: Install tauri-cli run: cargo install tauri-cli --version "^2" --locked # Build Tauri app bundle - name: Build Tauri bundle working-directory: crates/app run: cargo tauri build --target ${{ matrix.tauri-target }} env: # Code signing (placeholder — fill in secrets for production) # APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }} # APPLE_CERTIFICATE_PWD: ${{ secrets.APPLE_CERTIFICATE_PWD }} # APPLE_SIGNING_IDENTITY: ${{ secrets.APPLE_SIGNING_IDENTITY }} # TAURI_SIGNING_PRIVATE_KEY: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY }} TAURI_SKIP_DEVSERVER_CHECK: "true" # Collect bundle artifacts - name: Collect Windows installers if: matrix.os == 'windows-latest' shell: pwsh run: | $bundleDir = "target\${{ matrix.target }}\release\bundle" New-Item -ItemType Directory -Force -Path dist # MSI (WiX) Get-ChildItem -Recurse $bundleDir -Filter "*.msi" | Copy-Item -Destination dist\ # NSIS exe Get-ChildItem -Recurse $bundleDir -Filter "*-setup.exe" | Copy-Item -Destination dist\ - name: Collect macOS bundles if: matrix.os == 'macos-latest' run: | bundleDir="target/${{ matrix.target }}/release/bundle" mkdir -p dist find "$bundleDir" -name "*.dmg" -exec cp {} dist/ \; find "$bundleDir" -name "*.app" -type d | while read app; do tar czf "dist/$(basename ${app%.app})-macos-arm64.tar.gz" -C "$(dirname $app)" "$(basename $app)" done - name: Collect Linux bundles if: matrix.os == 'ubuntu-latest' run: | bundleDir="target/${{ matrix.target }}/release/bundle" mkdir -p dist find "$bundleDir" -name "*.deb" -exec cp {} dist/ \; find "$bundleDir" -name "*.AppImage" -exec cp {} dist/ \; - name: Upload Tauri bundle artifacts uses: actions/upload-artifact@v4 with: name: bundle-${{ matrix.target }} path: dist/ retention-days: 7 # ── 3. Create GitHub Release ─────────────────────────────────────────────── create-release: name: Create GitHub Release needs: build-tauri runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 with: fetch-depth: 0 - name: Download all bundles uses: actions/download-artifact@v4 with: pattern: bundle-* merge-multiple: true path: dist/ - name: Generate changelog run: | PREV=$(git describe --tags --abbrev=0 HEAD^ 2>/dev/null || echo "") if [ -n "$PREV" ]; then git log "${PREV}..HEAD" --oneline > RELEASE_NOTES.md else git log --oneline > RELEASE_NOTES.md fi echo "" >> RELEASE_NOTES.md echo "---" >> RELEASE_NOTES.md echo "Built with Tauri v2 · Rust · egui+wgpu" >> RELEASE_NOTES.md - name: Publish GitHub Release uses: softprops/action-gh-release@v2 with: body_path: RELEASE_NOTES.md files: dist/** env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}