esdras/sistema-de-chamados
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

ci: fix expressions using secrets.* in if by moving to env-based guard; add Windows-safe key injection

Browse source
This commit is contained in:
Esdras Renan 2025-10-10 21:26:09 -03:00
parent 66a5e2751b
commit 55791a0503
2 changed files with 17 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

10
.github/workflows/ci-cd-web-desktop.yml vendored
View file

@ -332,6 +332,8 @@ jobs:
name: Desktop Release (Windows) name: Desktop Release (Windows)
if: ${{ startsWith(github.ref, 'refs/tags/v') }} if: ${{ startsWith(github.ref, 'refs/tags/v') }}
runs-on: [ self-hosted, windows, desktop ] runs-on: [ self-hosted, windows, desktop ]
env:
TAURI_PUBLIC_KEY: ${{ secrets.TAURI_PUBLIC_KEY }}
defaults: defaults:
run: run:
working-directory: apps/desktop working-directory: apps/desktop
@ -363,11 +365,11 @@ jobs:
projectPath: apps/desktop projectPath: apps/desktop
- name: Inject Tauri public key (post) - name: Inject Tauri public key (post)
if: ${{ secrets.TAURI_PUBLIC_KEY != '' }} if: ${{ env.TAURI_PUBLIC_KEY != '' }}
env: shell: pwsh
TAURI_PUBLIC_KEY: ${{ secrets.TAURI_PUBLIC_KEY }}
run: | run: |
sed -i "s/REPLACE_WITH_TAURI_PUBLIC_KEY/${TAURI_PUBLIC_KEY//\//\\\/}/" apps/desktop/src-tauri/tauri.conf.json || true $p = 'apps/desktop/src-tauri/tauri.conf.json'
(Get-Content $p) -replace 'REPLACE_WITH_TAURI_PUBLIC_KEY', $env:TAURI_PUBLIC_KEY | Set-Content $p
- name: Upload latest.json + bundles to VPS - name: Upload latest.json + bundles to VPS
uses: appleboy/scp-action@v0.1.7 uses: appleboy/scp-action@v0.1.7

15
.github/workflows/desktop-release.yml vendored
View file

@ -13,6 +13,8 @@ jobs:
build: build:
name: Build ${{ matrix.platform }} name: Build ${{ matrix.platform }}
runs-on: ${{ matrix.runner }} runs-on: ${{ matrix.runner }}
env:
TAURI_PUBLIC_KEY: ${{ secrets.TAURI_PUBLIC_KEY }}
strategy: strategy:
fail-fast: false fail-fast: false
matrix: matrix:
@ -50,14 +52,19 @@ jobs:
- name: Install pnpm deps - name: Install pnpm deps
run: pnpm -C apps/desktop install --frozen-lockfile run: pnpm -C apps/desktop install --frozen-lockfile
- name: Inject Tauri public key - name: Inject Tauri public key (Linux/macOS)
if: ${{ secrets.TAURI_PUBLIC_KEY != '' }} if: ${{ env.TAURI_PUBLIC_KEY != '' && matrix.platform != 'windows' }}
env:
TAURI_PUBLIC_KEY: ${{ secrets.TAURI_PUBLIC_KEY }}
run: | run: |
set -euo pipefail set -euo pipefail
sed -i "s/REPLACE_WITH_TAURI_PUBLIC_KEY/${TAURI_PUBLIC_KEY//\//\\\/}/" apps/desktop/src-tauri/tauri.conf.json sed -i "s/REPLACE_WITH_TAURI_PUBLIC_KEY/${TAURI_PUBLIC_KEY//\//\\\/}/" apps/desktop/src-tauri/tauri.conf.json
- name: Inject Tauri public key (Windows)
if: ${{ env.TAURI_PUBLIC_KEY != '' && matrix.platform == 'windows' }}
shell: pwsh
run: |
$p = 'apps/desktop/src-tauri/tauri.conf.json'
(Get-Content $p) -replace 'REPLACE_WITH_TAURI_PUBLIC_KEY', $env:TAURI_PUBLIC_KEY | Set-Content $p
- name: Build desktop - name: Build desktop
env: env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}