forked from filecoin-station/desktop
-
Notifications
You must be signed in to change notification settings - Fork 0
216 lines (185 loc) · 7.77 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
name: ci
on:
pull_request:
push:
branches:
- main
tags:
- '*'
env:
ELECTRON_CACHE: ${{ github.workspace }}/.cache/electron
ELECTRON_BUILDER_CACHE: ${{ github.workspace }}/.cache/electron-builder
jobs:
build:
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
os: [macos-latest, ubuntu-latest, windows-latest]
steps:
- name: Fix CRLF handling on Windows
if: matrix.os == 'windows-latest'
run: git config --global core.autocrlf false
- name: Check out Git repository
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Install Node.js
uses: actions/setup-node@v4
with:
node-version: 'lts/*'
# See https://github.com/nodejs/node-gyp/issues/2869
# Remove this workaround after upgrading electron-builder
# https://github.com/filecoin-station/desktop/pull/944
- name: Fix node-gyp and Python
run: python3 -m pip install packaging setuptools
- name: Cache bigger downloads
uses: actions/cache@v4
id: cache
with:
path: ${{ github.workspace }}/.cache
key: ${{ runner.os }}-${{ hashFiles('package.json', 'package-lock.json', 'electron-builder.yml') }}
restore-keys: |
${{ runner.os }}-${{ hashFiles('package.json', 'package-lock.json', 'electron-builder.yml') }}
${{ runner.os }}-
- name: Install dependencies
run: npm ci --prefer-offline --no-audit --progress=false
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Build
run: npm run build
- name: Install Sentry CLI
if: matrix.os == 'ubuntu-latest'
run: |
curl -sL https://sentry.io/get-cli/ | bash
sentry-cli --version
- name: Configure SENTRY env vars
run:
node ./build/configure-sentry.js >> $GITHUB_ENV
env:
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
- name: Create Sentry release
# Secrets are not passed to the runner when a workflow is triggered from a forked repository.
# See https://docs.github.com/en/actions/security-guides/encrypted-secrets#using-encrypted-secrets-in-a-workflow
# We skip this step in such case.
#
# We must use `env` instead of `secrets`, see https://stackoverflow.com/a/70249520/69868
if: matrix.os == 'ubuntu-latest' && env.SENTRY_AUTH_TOKEN
env:
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
SENTRY_ORG: space-meridian
SENTRY_PROJECT: filecoin-station
run: |
sentry-cli releases new "${{ env.SENTRY_VERSION }}"
sentry-cli releases set-commits "${{ env.SENTRY_VERSION }}" --local --ignore-missing
sentry-cli releases files "${{ env.SENTRY_VERSION }}" upload-sourcemaps ./renderer/dist/assets
sentry-cli releases deploys "${{ env.SENTRY_VERSION }}" new -e "${{ env.SENTRY_ENV }}"
- name: Test backend
run: npm run test:backend
env:
TEST_SEED_PHRASE: ${{ secrets.TEST_SEED_PHRASE }}
- name: Test frontend
run: npm run test:ui
- name: Test end-to-end (Linux)
run: xvfb-run -a npm run test:e2e
if: ${{ matrix.os == 'ubuntu-latest' }}
- name: Test end-to-end (Windows / macOS)
run: npm run test:e2e
if: ${{ matrix.os != 'ubuntu-latest' }}
- name: Lint
run: npm run lint
package:
runs-on: ${{ matrix.os }}
needs: build # build packages only if regular build and tests passed
strategy:
fail-fast: false
matrix:
os: [macos-latest, ubuntu-latest, windows-latest]
steps:
- name: Check out Git repository
uses: actions/checkout@v4
- name: Install Node.js
uses: actions/setup-node@v4
with:
node-version: 'lts/*'
# See https://github.com/nodejs/node-gyp/issues/2869
# Remove this workaround after upgrading electron-builder
# https://github.com/filecoin-station/desktop/pull/944
- name: Fix node-gyp and Python
run: python3 -m pip install packaging setuptools
- name: Cache bigger downloads
uses: actions/cache@v4
id: cache
with:
path: ${{ github.workspace }}/.cache
key: ${{ runner.os }}-${{ hashFiles('package.json', 'package-lock.json', 'electron-builder.yml') }}
restore-keys: |
${{ runner.os }}-${{ hashFiles('package.json', 'package-lock.json', 'electron-builder.yml') }}
${{ runner.os }}-
- name: Install dependencies
run: npm ci --prefer-offline --no-audit --progress=false
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Get tag
id: tag
if: startsWith(github.ref, 'refs/tags/v')
uses: dawidd6/action-get-tag@727a6f0a561be04e09013531e73a3983a65e3479 # v1
continue-on-error: true # empty steps.tag.outputs.tag will inform the next step
- name: Build binaries with electron-builder (Linux)
if: ${{ matrix.os == 'ubuntu-latest' }}
run: |
sudo snap install snapcraft --classic
npm run build
npm exec -- electron-builder --publish onTag
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
CI_BUILD_TAG: ${{ steps.tag.outputs.tag }} # used by --publish onTag
DEBUG: electron-builder
- name: Build binaries with electron-builder (Windows)
# Windows builds are always failing in PRs. We should fix them, but for
# now let's just skip them to remove noise.
if: ${{ matrix.os == 'windows-latest' && github.event_name != 'pull_request' }}
run: |
npm run build
npm exec -- electron-builder --publish onTag
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
CI_BUILD_TAG: ${{steps.tag.outputs.tag}} # used by --publish onTag
DEBUG: electron-builder
WIN_CSC_LINK: ${{ secrets.windows_certs }}
WIN_CSC_KEY_PASSWORD: ${{ secrets.windows_certs_password }}
- name: Build binaries with electron-builder (macOS)
if: ${{ matrix.os == 'macos-latest' }}
run: |
npm run build
npm exec -- electron-builder --publish onTag
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
CI_BUILD_TAG: ${{steps.tag.outputs.tag}} # used by --publish onTag
DEBUG: electron-builder
CSC_LINK: ${{ secrets.mac_certs }}
CSC_KEY_PASSWORD: ${{ secrets.mac_certs_password }}
APPLEID: ${{ secrets.apple_id }}
APPLEIDPASS: ${{ secrets.apple_id_pass }}
APPLETEAMID: ${{ secrets.apple_team_id }}
USE_HARD_LINKS: false
- name: Show dist/
if: ${{ !(matrix.os == 'windows-latest' && github.event_name == 'pull_request') }}
run: du -sh dist/ && ls -l dist/
# Persist produced binaries and effective config used for building them
# - this is not for releases, but for quick testing during the dev
# - action artifacts can be downloaded for 90 days, then are removed by github
# - binaries in PRs from forks won't be signed
- name: Attach produced packages to Github Action
if: ${{ !(matrix.os == 'windows-latest' && github.event_name == 'pull_request') }}
uses: actions/upload-artifact@v4
with:
name: dist-${{ matrix.os }}
path: dist/*tation*.*
if-no-files-found: error
- name: Show Cache
if: ${{ !(matrix.os == 'windows-latest' && github.event_name == 'pull_request') }}
run: du -sh ${{ github.workspace }}/.cache/ && ls -l ${{ github.workspace }}/.cache/