name: publish-nym-wallet-ubuntu on: workflow_dispatch: release: types: [created] defaults: run: working-directory: nym-wallet jobs: publish-tauri: if: ${{ (startsWith(github.ref, 'refs/tags/nym-wallet-') && github.event_name == 'release') || github.event_name == 'workflow_dispatch' }} strategy: fail-fast: false matrix: platform: [ubuntu-22.04] runs-on: ${{ matrix.platform }} outputs: release_tag: ${{ github.ref_name }} steps: - uses: actions/checkout@v6 - name: Install system dependencies run: | sudo apt-get update && sudo apt-get install -y libdbus-1-dev libmnl-dev libnftnl-dev \ libwebkit2gtk-4.1-dev build-essential curl wget libssl-dev jq \ libgtk-3-dev squashfs-tools libayatana-appindicator3-dev make libfuse2 unzip librsvg2-dev file \ libsoup-3.0-dev libjavascriptcoregtk-4.1-dev - name: Setup pnpm uses: pnpm/action-setup@v5.0.0 with: version: 11.1.2 - name: Node uses: actions/setup-node@v4 with: node-version: 24 cache: 'pnpm' - name: Install Rust toolchain uses: dtolnay/rust-toolchain@stable with: toolchain: ${{ vars.REQUIRED_RUSTC_VERSION }} - name: Install project dependencies shell: bash run: cd .. && pnpm i - name: Install app dependencies run: pnpm i - name: Create env file uses: timheuer/base64-to-file@v1.2 with: fileName: '.env' encodedString: ${{ secrets.WALLET_ADMIN_ADDRESS }} - name: Build app run: pnpm build env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} TAURI_PRIVATE_KEY: ${{ secrets.TAURI_PRIVATE_KEY }} TAURI_KEY_PASSWORD: ${{ secrets.TAURI_KEY_PASSWORD }} TAURI_SIGNING_PRIVATE_KEY: ${{ secrets.TAURI_PRIVATE_KEY }} TAURI_SIGNING_PRIVATE_KEY_PASSWORD: ${{ secrets.TAURI_KEY_PASSWORD }} - name: Check bundle directory run: | echo "Checking bundle directory structure" ls -la target/release/bundle || echo "Bundle directory not found" if [ -d "target/release/bundle/appimage" ]; then echo "AppImage bundle directory exists, checking contents:" ls -la target/release/bundle/appimage else echo "AppImage bundle directory not found, checking alternatives:" find target/release/bundle -type d -name "*appimage*" -o -name "*AppImage*" || echo "No AppImage directories found" find target/release/bundle -name "*.AppImage" -o -name "*.appimage" || echo "No AppImage files found" fi - name: Inspect AppImage (hook + bundled graphics libs) shell: bash run: | set -euo pipefail APPIMAGE_REL=$(find target/release/bundle -name '*.AppImage' | head -n 1) if [ -z "${APPIMAGE_REL}" ]; then echo "No AppImage under target/release/bundle" exit 1 fi APPIMAGE_ABS="${GITHUB_WORKSPACE}/nym-wallet/${APPIMAGE_REL}" chmod +x "${APPIMAGE_ABS}" EXTRACT_DIR=$(mktemp -d) cd "${EXTRACT_DIR}" "${APPIMAGE_ABS}" --appimage-extract # Tauri only stages appimage "files" under /usr/ into the AppDir; paths like /apprun-hooks/ never reach the image. # Wayland + WEBKIT_DISABLE_DMABUF_RENDERER defaults are applied in main() instead (see configure_linux_wayland_defaults). HOOK=$(find squashfs-root -name '99-nym-wayland.sh' 2>/dev/null | head -n 1) if [ -n "${HOOK}" ]; then echo "Found legacy apprun hook at ${HOOK}" else echo "No apprun-hooks/99-nym-wayland.sh (expected): Wayland defaults are set in-process." fi find squashfs-root/usr/lib -maxdepth 6 \ \( -name 'libwayland-client.so*' -o -name 'libEGL.so*' -o -name 'libgbm.so*' \) \ 2>/dev/null | sort > "${GITHUB_WORKSPACE}/nym-wallet/appimage-bundled-graphics-libs.txt" wc -l "${GITHUB_WORKSPACE}/nym-wallet/appimage-bundled-graphics-libs.txt" head -50 "${GITHUB_WORKSPACE}/nym-wallet/appimage-bundled-graphics-libs.txt" || true - name: Upload AppImage graphics lib inventory uses: actions/upload-artifact@v6 with: name: nym-wallet-appimage-lib-inventory path: nym-wallet/appimage-bundled-graphics-libs.txt retention-days: 30 - name: Create AppImage tarball if needed run: | # Find the AppImage file APPIMAGE_FILE=$(find target/release/bundle -name "*.AppImage" | head -n 1) if [ -n "$APPIMAGE_FILE" ]; then echo "Found AppImage file: $APPIMAGE_FILE" APPIMAGE_DIR=$(dirname "$APPIMAGE_FILE") APPIMAGE_NAME=$(basename "$APPIMAGE_FILE") # Create tarball if it doesn't exist if [ ! -f "${APPIMAGE_FILE}.tar.gz" ]; then echo "Creating tarball for $APPIMAGE_NAME" cd "$APPIMAGE_DIR" tar -czf "${APPIMAGE_NAME}.tar.gz" "$APPIMAGE_NAME" cd - echo "Created tarball: ${APPIMAGE_FILE}.tar.gz" else echo "Tarball already exists: ${APPIMAGE_FILE}.tar.gz" fi else echo "WARNING: No AppImage file found!" fi - name: Upload Artifact uses: actions/upload-artifact@v7 with: name: nym-wallet-appimage.tar.gz path: | nym-wallet/target/release/bundle/appimage/*.AppImage.tar.gz nym-wallet/target/release/bundle/*/nym-wallet*.AppImage.tar.gz retention-days: 30 - id: create-release name: Upload to release based on tag name uses: softprops/action-gh-release@v2 if: github.event_name == 'release' with: files: | nym-wallet/target/release/bundle/appimage/*.AppImage nym-wallet/target/release/bundle/appimage/*.AppImage.tar.gz nym-wallet/target/release/bundle/*/nym-wallet*.AppImage nym-wallet/target/release/bundle/*/nym-wallet*.AppImage.tar.gz - name: Find AppImage tarball path for deployment id: find-appimage run: | APPIMAGE_TARBALL=$(find target/release/bundle -name "*.AppImage.tar.gz" | head -n 1) if [ -n "$APPIMAGE_TARBALL" ]; then echo "Found AppImage tarball: $APPIMAGE_TARBALL" echo "appimage_path=$APPIMAGE_TARBALL" >> $GITHUB_OUTPUT else echo "WARNING: No AppImage tarball found for deployment!" echo "appimage_path=target/release/bundle/appimage/nym-wallet*.AppImage.tar.gz" >> $GITHUB_OUTPUT fi push-release-data: if: ${{ (startsWith(github.ref, 'refs/tags/nym-wallet-') && github.event_name == 'release') || github.event_name == 'workflow_dispatch' }} uses: ./.github/workflows/release-calculate-hash.yml needs: publish-tauri with: release_tag: ${{ needs.publish-tauri.outputs.release_tag || github.ref_name }} secrets: inherit