Builds #3519
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This workflow will do a clean install of node dependencies, build the source code and run tests across different versions of node | |
# For more information see: https://help.github.com/actions/language-and-framework-guides/using-nodejs-with-github-actions | |
# Note: This workflow requires some secrets setup, and set on this repo with the names: | |
# 'FERDIUM_PUBLISH_TOKEN' (A GitHub Personal Access Token with appropriate permissions - for publishing the built artifacts) | |
# 'APPLEID' (The username of your Apple developer account - for notarizing the mac artifacts) | |
# 'APPLEID_PASSWORD' (An app-specific password - for notarizing the mac artifacts) | |
# 'APPLE_TEAM_ID' (The TeamID in your Apple developer account - for notarizing the mac artifacts) | |
# 'CSC_LINK' (The HTTPS link or local path to certificate - for code signing of mac artifacts) | |
# 'CSC_KEY_PASSWORD' (The password to decrypt the certificate given in CSC_LINK - for code signing of mac artifacts) | |
# 'WIN_CSC_LINK' (The HTTPS link or local path to certificate - for code signing of windows artifacts) | |
# 'WIN_CSC_KEY_PASSWORD' (The password to decrypt the certificate given in CSC_LINK - for code signing of windows artifacts) | |
name: Builds | |
on: | |
# Push to any tracked branches | |
push: | |
branches: [develop, release, nightly] | |
# PRs only on develop branch | |
pull_request: | |
branches: [develop] | |
# Manual trigger from the UI | |
workflow_dispatch: | |
inputs: | |
message: | |
description: 'Message for build' | |
required: true | |
schedule: | |
- cron: '0 0 * * *' # every night at 12 am | |
env: | |
USE_HARD_LINKS: false | |
# DEBUG: electron-builder | |
jobs: | |
check_updates: | |
runs-on: ubuntu-24.04 | |
name: 'Check latest commit: ${{ github.event.inputs.message }}' | |
outputs: | |
should_run: ${{ steps.should_run.outputs.should_run }} | |
steps: | |
- name: Checkout code along with submodules for the 'nightly' branch if the trigger event is 'scheduled' | |
uses: actions/checkout@v4 | |
if: ${{ github.event_name == 'schedule' || (github.event_name == 'workflow_dispatch' && contains(github.event.inputs.message, '[nightly branch]')) }} | |
with: | |
ref: nightly | |
submodules: recursive | |
fetch-depth: 0 # Note: Needed to be able to pull the 'develop' branch as well for merging | |
- name: Use Node.js specified in the '.nvmrc' file | |
uses: actions/setup-node@v4 | |
if: ${{ github.event_name == 'schedule' || (github.event_name == 'workflow_dispatch' && contains(github.event.inputs.message, '[nightly branch]')) }} | |
with: | |
node-version-file: '.nvmrc' | |
- name: Install pnpm | |
uses: pnpm/action-setup@v4 | |
if: ${{ github.event_name == 'schedule' || (github.event_name == 'workflow_dispatch' && contains(github.event.inputs.message, '[nightly branch]')) }} | |
- name: Install node dependencies | |
if: ${{ github.event_name == 'schedule' || (github.event_name == 'workflow_dispatch' && contains(github.event.inputs.message, '[nightly branch]')) }} | |
uses: nick-fields/retry@v3 | |
with: | |
command: pnpm i | |
timeout_minutes: 15 | |
max_attempts: 3 | |
retry_on: error | |
- id: should_run | |
name: Check whether there are any commits since this run was last triggered and push them and/or set the output | |
if: ${{ github.event_name == 'schedule' || (github.event_name == 'workflow_dispatch' && contains(github.event.inputs.message, '[nightly branch]')) }} | |
run: | | |
git config user.name github-actions | |
git config user.email github-actions@github.com | |
# Defensive: update submodules in the develop branch | |
git checkout develop | |
git submodule update --init --recursive --remote --rebase --force | |
git add . | |
git commit -am "Update submodules [skip ci]" --no-verify || true | |
git push origin develop --no-verify | |
git checkout - | |
git rebase develop | |
CHANGES_COUNT=$(git log @{u}.. | wc -l) | |
MANUAL_REBUILD="${{ github.event_name == 'workflow_dispatch' }}" | |
VERSION_BUMP="${{ contains(github.event.inputs.message, '[version bump]') }}" | |
# If there were any changes only in the submodules, then... | |
if [ $CHANGES_COUNT -gt 0 ]; then | |
git checkout develop | |
echo "Update browserslist db" | |
npx browserslist@latest --update-db | |
git add . | |
echo "Run linter, reformatter, rebrander and tests" | |
pnpm prepare-code | |
pnpm test | |
echo "Commit dependency-updates and linter changes" | |
git commit -am "Update browserslist data updates and linter fixes [skip ci]" --no-verify || true | |
echo "Push all changes" | |
git push origin develop --no-verify | |
git checkout nightly | |
fi | |
if [ $CHANGES_COUNT -gt 0 ] || [[ $MANUAL_REBUILD == "true" && $VERSION_BUMP == "true" ]]; then | |
# Do the version bump in the 'develop' branch ONLY if | |
# there were other changes coming from the 'develop' branch (or) | |
# this is a manual trigger with the key-phrase | |
git checkout develop | |
pnpm version -m "%s [skip ci]" prerelease --preid=nightly | |
git commit --all --amend --no-edit --no-verify | |
git push origin develop --no-verify | |
git checkout nightly | |
fi | |
echo "Merge with fast-forward from 'origin/develop'" | |
git merge --ff-only origin/develop --no-verify | |
echo "Number of changes: $CHANGES_COUNT" | |
if [ $CHANGES_COUNT -eq 0 ] && [ $MANUAL_REBUILD != "true" ]; then | |
echo "No changes found - terminating the build" | |
echo "should_run=false" >> $GITHUB_OUTPUT | |
else # changes > 0 (or) MANUAL_REBUILD=true | |
echo "Pushing rebased commits" | |
git push origin $(git rev-parse --abbrev-ref HEAD) --no-verify | |
fi | |
build_mac: | |
name: 'macos ${{ github.event.inputs.message }}' | |
needs: check_updates | |
if: ${{ (needs.check_updates.outputs.should_run != 'false') && (github.event_name != 'workflow_dispatch' || (github.event_name == 'workflow_dispatch' && (contains(github.event.inputs.message, '[macOS]') || (!contains(github.event.inputs.message, '[macOS]') && !contains(github.event.inputs.message, '[Linux]') && !contains(github.event.inputs.message, '[Windows]'))))) }} | |
runs-on: macos-14 | |
steps: | |
- name: Set env vars | |
run: | | |
echo "NPM_CACHE=$HOME/.npm" >> $GITHUB_ENV | |
echo "ELECTRON_CACHE=$HOME/.cache/electron" >> $GITHUB_ENV | |
echo "ELECTRON_BUILDER_CACHE=$HOME/.cache/electron-builder" >> $GITHUB_ENV | |
echo "MANUAL_REBUILD_ON_NIGHTLY=${{ github.event_name == 'workflow_dispatch' && contains(github.event.inputs.message, '[nightly branch]') }}" >> $GITHUB_ENV | |
- name: Checkout code along with submodules for the 'nightly' branch if the trigger event is 'scheduled' or this is a forced rebuild on the nightly branch | |
uses: actions/checkout@v4 | |
if: ${{ github.event_name == 'schedule' || env.MANUAL_REBUILD_ON_NIGHTLY == 'true' }} | |
with: | |
submodules: recursive | |
fetch-depth: 0 # Note: Needed to be able to pull the 'develop' branch as well for merging | |
ref: nightly | |
- name: Checkout code along with submodules for any branch if the trigger event is NOT 'scheduled' and this is NOT a forced rebuild on the nightly branch | |
uses: actions/checkout@v4 | |
if: ${{ github.event_name != 'schedule' && env.MANUAL_REBUILD_ON_NIGHTLY != 'true' }} | |
with: | |
submodules: recursive | |
fetch-depth: 0 # Note: Needed to be able to pull the 'develop' branch as well for merging | |
- name: Extract Git branch name from the currently checked out branch (not from the branch where this run was kicked off) | |
run: echo "GIT_BRANCH_NAME=$(git rev-parse --abbrev-ref HEAD)" >> $GITHUB_ENV | |
shell: bash | |
- name: Cache electron modules | |
uses: actions/cache@v4 | |
env: | |
cache-name: cache-electron-modules | |
with: | |
key: ${{ runner.os }}-${{ env.cache-name }}-${{ secrets.CACHE_VERSION }}-${{ hashFiles('./pnpm-lock.yaml') }} | |
path: ${{ env.ELECTRON_CACHE }} | |
- name: Cache electron-builder modules | |
uses: actions/cache@v4 | |
env: | |
cache-name: cache-electron-builder-modules | |
with: | |
key: ${{ runner.os }}-${{ env.cache-name }}-${{ secrets.CACHE_VERSION }}-${{ hashFiles('./pnpm-lock.yaml') }} | |
path: ${{ env.ELECTRON_BUILDER_CACHE }} | |
- name: Use Node.js specified in the '.nvmrc' file | |
uses: actions/setup-node@v4 | |
with: | |
node-version-file: '.nvmrc' | |
- name: Install pnpm | |
uses: pnpm/action-setup@v4 | |
- name: Install node dependencies | |
uses: nick-fields/retry@v3 | |
with: | |
command: pnpm i | |
timeout_minutes: 15 | |
max_attempts: 3 | |
retry_on: error | |
- name: Package recipes | |
working-directory: ./recipes | |
run: | | |
pnpm i | |
pnpm lint | |
pnpm reformat-files | |
pnpm package | |
- name: Run linter and tests | |
run: | | |
pnpm lint | |
pnpm test | |
- name: Build Ferdium without publish for any branch not 'nightly' and not 'release' | |
if: ${{ env.GIT_BRANCH_NAME != 'nightly' && env.GIT_BRANCH_NAME != 'release' }} | |
env: | |
CSC_IDENTITY_AUTO_DISCOVERY: false | |
run: pnpm build --publish never | |
shell: bash | |
- name: "Build Ferdium with publish for '${{ env.GIT_BRANCH_NAME }}' branch" | |
if: ${{ env.GIT_BRANCH_NAME == 'nightly' || env.GIT_BRANCH_NAME == 'release' }} | |
env: | |
GH_TOKEN: ${{ secrets.FERDIUM_PUBLISH_TOKEN }} | |
CSC_IDENTITY_AUTO_DISCOVERY: true | |
APPLEID: ${{ secrets.APPLEID }} | |
APPLEID_PASSWORD: ${{ secrets.APPLEID_PASSWORD }} | |
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} | |
CSC_LINK: ${{ secrets.CSC_LINK }} | |
CSC_KEY_PASSWORD: ${{ secrets.CSC_KEY_PASSWORD }} | |
run: pnpm build --publish always | |
shell: bash | |
build_linux: | |
name: 'ubuntu ${{ github.event.inputs.message }}' | |
needs: check_updates | |
if: ${{ (needs.check_updates.outputs.should_run != 'false') && (github.event_name != 'workflow_dispatch' || (github.event_name == 'workflow_dispatch' && (contains(github.event.inputs.message, '[Linux]') || (!contains(github.event.inputs.message, '[macOS]') && !contains(github.event.inputs.message, '[Linux]') && !contains(github.event.inputs.message, '[Windows]'))))) }} | |
runs-on: ubuntu-24.04 | |
steps: | |
- name: Set env vars | |
run: | | |
echo "NPM_CACHE=$HOME/.npm" >> $GITHUB_ENV | |
echo "ELECTRON_CACHE=$HOME/.cache/electron" >> $GITHUB_ENV | |
echo "ELECTRON_BUILDER_CACHE=$HOME/.cache/electron-builder" >> $GITHUB_ENV | |
echo "MANUAL_REBUILD_ON_NIGHTLY=${{ github.event_name == 'workflow_dispatch' && contains(github.event.inputs.message, '[nightly branch]') }}" >> $GITHUB_ENV | |
- name: Checkout code along with submodules for the 'nightly' branch if the trigger event is 'scheduled' or this is a forced rebuild on the nightly branch | |
uses: actions/checkout@v4 | |
if: ${{ github.event_name == 'schedule' || env.MANUAL_REBUILD_ON_NIGHTLY == 'true' }} | |
with: | |
submodules: recursive | |
fetch-depth: 0 # Note: Needed to be able to pull the 'develop' branch as well for merging | |
ref: nightly | |
- name: Checkout code along with submodules for any branch if the trigger event is NOT 'scheduled' and this is NOT a forced rebuild on the nightly branch | |
uses: actions/checkout@v4 | |
if: ${{ github.event_name != 'schedule' && env.MANUAL_REBUILD_ON_NIGHTLY != 'true' }} | |
with: | |
submodules: recursive | |
fetch-depth: 0 # Note: Needed to be able to pull the 'develop' branch as well for merging | |
- name: Extract Git branch name from the currently checked out branch (not from the branch where this run was kicked off) | |
run: echo "GIT_BRANCH_NAME=$(git rev-parse --abbrev-ref HEAD)" >> $GITHUB_ENV | |
shell: bash | |
- name: Cache electron modules | |
uses: actions/cache@v4 | |
env: | |
cache-name: cache-electron-modules | |
with: | |
key: ${{ runner.os }}-${{ env.cache-name }}-${{ secrets.CACHE_VERSION }}-${{ hashFiles('./pnpm-lock.yaml') }} | |
path: ${{ env.ELECTRON_CACHE }} | |
- name: Cache electron-builder modules | |
uses: actions/cache@v4 | |
env: | |
cache-name: cache-electron-builder-modules | |
with: | |
key: ${{ runner.os }}-${{ env.cache-name }}-${{ secrets.CACHE_VERSION }}-${{ hashFiles('./pnpm-lock.yaml') }} | |
path: ${{ env.ELECTRON_BUILDER_CACHE }} | |
- name: Use Node.js specified in the '.nvmrc' file | |
uses: actions/setup-node@v4 | |
with: | |
node-version-file: '.nvmrc' | |
- name: Install pnpm | |
uses: pnpm/action-setup@v4 | |
- name: Install node dependencies | |
uses: nick-fields/retry@v3 | |
with: | |
command: pnpm i | |
timeout_minutes: 15 | |
max_attempts: 3 | |
retry_on: error | |
- name: Figure out used package.json version | |
run: | | |
PACKAGE_VERSION="$(node -p 'require("./package.json").version')" | |
echo "PACKAGE_VERSION=$PACKAGE_VERSION" >> $GITHUB_ENV | |
if [[ "$GIT_BRANCH_NAME" == "nightly" ]]; then | |
echo "SNAP_PUBLISH_REPO=nightlies" >> $GITHUB_ENV | |
echo "SNAP_PUBLISH_CHANNEL=edge" >> $GITHUB_ENV | |
elif [[ "$GIT_BRANCH_NAME" == "release" ]]; then | |
echo "SNAP_PUBLISH_REPO=ferdium" >> $GITHUB_ENV | |
if [[ "$PACKAGE_VERSION" =~ "beta" ]]; then | |
echo "SNAP_PUBLISH_CHANNEL=beta" >> $GITHUB_ENV | |
else | |
echo "SNAP_PUBLISH_CHANNEL=stable" >> $GITHUB_ENV | |
fi | |
else | |
echo "SNAP_PUBLISH_REPO=none" >> $GITHUB_ENV | |
echo "SNAP_PUBLISH_CHANNEL=none" >> $GITHUB_ENV | |
fi | |
shell: bash | |
- name: Package recipes | |
run: | | |
pnpm i | |
pnpm lint | |
pnpm reformat-files | |
pnpm package | |
working-directory: ./recipes | |
- name: Run linter and tests | |
run: | | |
pnpm lint | |
pnpm test | |
- name: Build Ferdium without publish for any branch not 'nightly' and not 'release' | |
if: ${{ env.GIT_BRANCH_NAME != 'nightly' && env.GIT_BRANCH_NAME != 'release' }} | |
env: | |
CSC_IDENTITY_AUTO_DISCOVERY: false | |
run: pnpm build --publish never | |
shell: bash | |
- name: "Build Ferdium with publish for '${{ env.GIT_BRANCH_NAME }}' branch" | |
if: ${{ env.GIT_BRANCH_NAME == 'nightly' || env.GIT_BRANCH_NAME == 'release' }} | |
env: | |
GH_TOKEN: ${{ secrets.FERDIUM_PUBLISH_TOKEN }} | |
CSC_IDENTITY_AUTO_DISCOVERY: false | |
SNAPCRAFT_STORE_CREDENTIALS: ${{ secrets.SNAPCRAFT_LOGIN }} # Note: Login no longer required https://forum.snapcraft.io/t/snapcraft-authentication-options/30473/21 | |
run: | | |
sudo snap install snapcraft --channel=7.x/stable --classic | |
pnpm build --publish always -c.snap.publish.repo=$SNAP_PUBLISH_REPO -c.snap.publish.channels=$SNAP_PUBLISH_CHANNEL | |
snapcraft logout | |
shell: bash | |
build_windows: | |
name: 'windows ${{ github.event.inputs.message }}' | |
needs: check_updates | |
if: ${{ (needs.check_updates.outputs.should_run != 'false') && (github.event_name != 'workflow_dispatch' || (github.event_name == 'workflow_dispatch' && (contains(github.event.inputs.message, '[Windows]') || (!contains(github.event.inputs.message, '[macOS]') && !contains(github.event.inputs.message, '[Linux]') && !contains(github.event.inputs.message, '[Windows]'))))) }} | |
runs-on: windows-2022 | |
steps: | |
- name: Set env vars | |
run: | | |
echo "HOME=$USERPROFILE" >> $GITHUB_ENV | |
echo "NPM_CACHE=$USERPROFILE/.npm" >> $GITHUB_ENV | |
echo "ELECTRON_CACHE=$USERPROFILE/.cache/electron" >> $GITHUB_ENV | |
echo "ELECTRON_BUILDER_CACHE=$USERPROFILE/.cache/electron-builder" >> $GITHUB_ENV | |
echo "MANUAL_REBUILD_ON_NIGHTLY=${{ github.event_name == 'workflow_dispatch' && contains(github.event.inputs.message, '[nightly branch]') }}" >> $GITHUB_ENV | |
shell: bash | |
- name: Checkout code along with submodules for the 'nightly' branch if the trigger event is 'scheduled' or this is a forced rebuild on the nightly branch | |
uses: actions/checkout@v4 | |
if: ${{ github.event_name == 'schedule' || env.MANUAL_REBUILD_ON_NIGHTLY == 'true' }} | |
with: | |
submodules: recursive | |
fetch-depth: 0 # Note: Needed to be able to pull the 'develop' branch as well for merging | |
ref: nightly | |
- name: Checkout code along with submodules for any branch if the trigger event is NOT 'scheduled' and this is NOT a forced rebuild on the nightly branch | |
uses: actions/checkout@v4 | |
if: ${{ github.event_name != 'schedule' && env.MANUAL_REBUILD_ON_NIGHTLY != 'true' }} | |
with: | |
submodules: recursive | |
fetch-depth: 0 # Note: Needed to be able to pull the 'develop' branch as well for merging | |
- name: Extract Git branch name from the currently checked out branch (not from the branch where this run was kicked off) | |
run: echo "GIT_BRANCH_NAME=$(git rev-parse --abbrev-ref HEAD)" >> $GITHUB_ENV | |
shell: bash | |
- name: Cache electron modules | |
uses: actions/cache@v4 | |
env: | |
cache-name: cache-electron-modules | |
with: | |
key: ${{ runner.os }}-${{ env.cache-name }}-${{ secrets.CACHE_VERSION }}-${{ hashFiles('./pnpm-lock.yaml') }} | |
path: ${{ env.ELECTRON_CACHE }} | |
- name: Cache electron-builder modules | |
uses: actions/cache@v4 | |
env: | |
cache-name: cache-electron-builder-modules | |
with: | |
key: ${{ runner.os }}-${{ env.cache-name }}-${{ secrets.CACHE_VERSION }}-${{ hashFiles('./pnpm-lock.yaml') }} | |
path: ${{ env.ELECTRON_BUILDER_CACHE }} | |
- name: Use Node.js specified in the '.nvmrc' file | |
uses: actions/setup-node@v4 | |
with: | |
node-version-file: '.nvmrc' | |
- name: Install pnpm | |
uses: pnpm/action-setup@v4 | |
#TODO - Remove this once https://github.com/electron-userland/electron-builder/issues/6933#issuecomment-1213438889 is resolved | |
- name: Tweak pnpm.cjs | |
run: | | |
# Run the command to get the pnpm store path and store it in a variable | |
PNPM_BASEDIR=$(dirname "$(echo "$PNPM_HOME" | sed -e 's/\\/\//g' -e 's/^\([A-Za-z]\):/\/\1/')") | |
sed -i 's/\/usr\/bin\/env node/node/g' "$PNPM_BASEDIR/pnpm/bin/pnpm.cjs" | |
shell: bash | |
- name: Install node dependencies | |
uses: nick-fields/retry@v3 | |
with: | |
command: pnpm i | |
timeout_minutes: 15 | |
max_attempts: 3 | |
retry_on: error | |
- name: Package recipes | |
run: | | |
pnpm i | |
pnpm lint | |
pnpm reformat-files | |
pnpm package | |
working-directory: ./recipes | |
shell: bash | |
- name: Run linter and tests | |
run: | | |
pnpm lint | |
pnpm test | |
shell: bash | |
- name: Build Ferdium without publish for any branch not 'nightly' and not 'release' | |
if: ${{ env.GIT_BRANCH_NAME != 'nightly' && env.GIT_BRANCH_NAME != 'release' }} | |
env: | |
CSC_IDENTITY_AUTO_DISCOVERY: false | |
run: pnpm build --publish never | |
shell: bash | |
- name: "Build Ferdium with publish for '${{ env.GIT_BRANCH_NAME }}' branch" | |
if: ${{ env.GIT_BRANCH_NAME == 'nightly' || env.GIT_BRANCH_NAME == 'release' }} | |
env: | |
GH_TOKEN: ${{ secrets.FERDIUM_PUBLISH_TOKEN }} | |
CSC_IDENTITY_AUTO_DISCOVERY: false | |
run: pnpm build --publish always | |
shell: bash |