Skip to content

release: v2.11.4

release: v2.11.4 #2126

Workflow file for this run

name: build
on:
pull_request:
branches:
- main
push:
branches:
- "**"
paths-ignore:
- "**.md"
jobs:
skip_duplicates:
name: Skip Duplicate Runs
runs-on: ubuntu-latest
outputs:
should_skip: ${{ steps.skip_check.outputs.should_skip }}
steps:
- id: skip_check
uses: fkirc/skip-duplicate-actions@master
with:
concurrent_skipping: "same_content"
do_not_skip: '["push", "workflow_dispatch", "schedule"]'
build:
needs: skip_duplicates
if: ${{ needs.skip_duplicates.outputs.should_skip != 'true' }}
name: Test on node ${{ matrix.node-version }} and ${{ matrix.os }}
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
node-version: [18.x]
python: ["3.11"]
os: [ubuntu-latest, windows-latest, macOS-latest]
steps:
- name: Use Python ${{ matrix.python }}
uses: actions/setup-python@v4
with:
python-version: ${{ matrix.python }}
- name: Check out Git repository
uses: actions/checkout@v4
- name: Install Node.js and yarn
uses: actions/setup-node@v3
with:
node-version: ${{ matrix.node-version }}
cache: yarn
- name: Cache node modules
uses: actions/cache@v3
id: cache
with:
path: node_modules
key: ${{ runner.OS }}-build-${{ secrets.CACHE_CONTROL }}-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
${{ runner.OS }}-build-${{ secrets.CACHE_CONTROL }}-${{ env.cache-name }}-
${{ runner.OS }}-build-${{ secrets.CACHE_CONTROL }}
- name: Install dependencies
run: |
yarn install
- name: Cache CodeSignTool
if: matrix.os == 'windows-latest'
uses: actions/cache@v3
with:
path: |
./CodeSignTool/
key: ${{ runner.os }}-${{ secrets.CACHE_CONTROL }}
- name: Download CodeSignTool
env:
ES_USERNAME: ${{ secrets.ES_USERNAME }}
if: matrix.os == 'windows-latest' && env.ES_USERNAME != null
working-directory: ${{ github.workspace }}
shell: powershell
run: |
if (!(Test-Path ".\CodeSignTool\CodeSignTool.bat" -PathType Leaf)) {
mkdir CodeSignTool
cd .\CodeSignTool
Invoke-WebRequest -Uri https://www.ssl.com/download/codesigntool-for-windows/ -UseBasicParsing -OutFile ".\CodeSignTool.zip"
7z x CodeSignTool.zip
Remove-Item CodeSignTool.zip
}
- name: Load Windows signing secrets
env:
ES_USERNAME: ${{ secrets.ES_USERNAME }}
FROM_FORK: ${{ github.event_name == 'pull_request' }} # pull request events from our repo are skipped in favor of push events
if: matrix.os == 'windows-latest' && (env.ES_USERNAME != null || github.event_name == 'pull_request')
shell: bash
run: |
msg="$(git log -1 --no-merges --pretty=%B | head -n 1)"
if [[ "$FROM_FORK" = "true" ]] || [[ ! "$msg" =~ ^release:.* ]];
then
echo "not a release, skipping code signing"
exit 0;
fi
echo "SLIPPI_ENABLE_SIGNING=yes" >> $GITHUB_ENV
echo "ES_USERNAME=${{ secrets.ES_USERNAME }}" >> $GITHUB_ENV
echo "ES_PASSWORD=${{ secrets.ES_PASSWORD }}" >> $GITHUB_ENV
echo "ES_CREDENTIAL_ID=${{ secrets.ES_CREDENTIAL_ID }}" >> $GITHUB_ENV
echo "ES_TOTP_SECRET=${{ secrets.ES_TOTP_SECRET }}" >> $GITHUB_ENV
echo "CSC_LINK=${{ secrets.CERTIFICATE_WINDOWS_APPLICATION }}" >> $GITHUB_ENV
echo "CSC_KEY_PASSWORD=${{ secrets.CERTIFICATE_WINDOWS_PASSWORD }}" >> $GITHUB_ENV
echo "signing enabled and secrets loaded"
- name: Load macOS signing certificates and secrets
if: matrix.os == 'macOS-latest' && env.CERTIFICATE_MACOS_PASSWORD != null
run: |
chmod +x .erb/scripts/load-macos-certs-ci.sh && ./.erb/scripts/load-macos-certs-ci.sh
mkdir -p ~/private_keys/
echo "SLIPPI_ENABLE_SIGNING=yes" >> $GITHUB_ENV
echo '${{ secrets.APPLE_CONNECT_API_KEY }}' > ~/private_keys/AuthKey_${{ secrets.APPLE_API_KEY_ID }}.p8
echo "CSC_LINK=${{ secrets.CERTIFICATE_MACOS_APPLICATION }}" >> $GITHUB_ENV
echo "CSC_KEY_PASSWORD=${{ secrets.CERTIFICATE_MACOS_PASSWORD }}" >> $GITHUB_ENV
echo "APPLE_API_KEY=${{ secrets.APPLE_API_KEY_ID }}" >> $GITHUB_ENV
echo "APPLE_API_KEY_ID=${{ secrets.APPLE_API_KEY_ID }}" >> $GITHUB_ENV
echo "APPLE_ISSUER_ID=${{ secrets.APPLE_ISSUER_ID }}" >> $GITHUB_ENV
echo "APPLE_TEAM_PROVIDER_ID=${{ secrets.APPLE_TEAM_PROVIDER_ID }}" >> $GITHUB_ENV
env:
CERTIFICATE_MACOS_APPLICATION: ${{ secrets.CERTIFICATE_MACOS_APPLICATION }}
CERTIFICATE_MACOS_PASSWORD: ${{ secrets.CERTIFICATE_MACOS_PASSWORD }}
- name: Build App
shell: bash
working-directory: ${{ github.workspace }}
run: |
echo ${{ secrets.ENVFILE }} > .env
yarn run package
env:
NODE_OPTIONS: "--max-old-space-size=8192"
USE_HARD_LINKS: false # because of https://github.com/electron-userland/electron-builder/issues/3179
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
CODESIGNTOOL_PATH: "${{ github.workspace }}/CodeSignTool"
- name: Run tests
if: matrix.os == 'ubuntu-latest'
run: |
yarn run typecheck
yarn run test
- name: Lint
if: matrix.os == 'ubuntu-latest'
run: |
yarn run lint
- name: Prepare artifacts
shell: bash
run: |
msg="$(git log -1 --no-merges --pretty=%B)"
if [[ ! "$msg" =~ "^release.*" ]];
then
rm release/build/*-mac.zip || true;
fi
mkdir artifacts
mv release/build/{*.exe*,*.deb,*.AppImage,*.dmg*,*.zip,*.yml} artifacts || true
- name: Upload artifacts
uses: actions/upload-artifact@v3
with:
name: ${{matrix.os}}
path: artifacts