document title permissions #1563
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Desktop Builds | |
on: | |
workflow_dispatch: | |
push: | |
jobs: | |
build-electron-web-build: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-node@v3 # needed until 18 becomes the default | |
with: | |
node-version: 18 | |
cache: yarn | |
- name: Install node-gyp # needed for apollo server | |
run: yarn global add node-gyp | |
- name: Install dependencies | |
run: yarn install --frozen-lockfile | |
- name: Build Electron Web bundle (dev) | |
working-directory: apps/desktop-app | |
# only build on PRs | |
if: endsWith(github.ref, 'main') == false | |
run: yarn build | |
- name: Build Electron Web bundle (staging) | |
working-directory: apps/desktop-app | |
# only build on the main branch if the event was a push | |
if: endsWith(github.ref, 'main') == true && github.event_name == 'push' | |
run: yarn build:staging | |
- name: Build Electron Web bundle (production) | |
working-directory: apps/desktop-app | |
# only build on the main branch if it was manually triggered | |
if: endsWith(github.ref, 'main') == true && github.event_name == 'workflow_dispatch' | |
run: yarn build:production | |
- name: Upload build | |
uses: actions/upload-artifact@v3 | |
with: | |
name: electron-web-build | |
path: apps/desktop-app/src/web-build | |
- name: ls | |
run: ls -al apps/desktop-app/src/web-build | |
build: | |
needs: build-electron-web-build | |
name: Build (${{ matrix.os }} - ${{ matrix.arch }}) | |
runs-on: ${{ matrix.os }} | |
strategy: | |
matrix: | |
# build for supported platforms | |
# https://github.com/electron/electron-packager/blob/ebcbd439ff3e0f6f92fa880ff28a8670a9bcf2ab/src/targets.js#L9 | |
# os: [macOS-latest, ubuntu-latest, windows-latest] | |
os: [macOS-latest, windows-latest] | |
arch: [x64, arm64] | |
# include: | |
# - os: ubuntu-latest | |
# arch: armv7l | |
# publishing artifacts for multiple Windows architectures has | |
# a bug which can cause the wrong architecture to be downloaded | |
# for an update, so until that is fixed, only build Windows x64 | |
exclude: | |
- os: windows-latest | |
arch: arm64 | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Download the electron-web-build | |
uses: actions/download-artifact@v3 | |
with: | |
name: electron-web-build | |
path: apps/desktop-app/src/web-build | |
- uses: actions/setup-node@v3 # needed until 18 becomes the default | |
with: | |
node-version: 18 | |
cache: yarn | |
architecture: ${{ matrix.architecture }} | |
- name: Install node-gyp # needed for apollo server | |
run: yarn global add node-gyp | |
- name: Set yarn timeout # otherwise fails on windows | |
run: yarn config set network-timeout 600000 | |
- name: Install dependencies | |
run: yarn install --frozen-lockfile | |
- name: Set MacOS signing certs | |
if: matrix.os == 'macOS-latest' | |
env: | |
MACOS_CERTIFICATE: ${{ secrets.MACOS_CERTIFICATE }} | |
MACOS_CERTIFICATE_PASSWORD: ${{ secrets.MACOS_CERTIFICATE_PASSWORD }} | |
MACOS_KEYCHAIN_PASSWORD: ${{ secrets.MACOS_KEYCHAIN_PASSWORD }} | |
run: | | |
echo $MACOS_CERTIFICATE | base64 --decode > certificate.p12 | |
security create-keychain -p $MACOS_KEYCHAIN_PASSWORD build.keychain | |
security default-keychain -s build.keychain | |
security unlock-keychain -p $MACOS_KEYCHAIN_PASSWORD build.keychain | |
security import certificate.p12 -k build.keychain -P $MACOS_CERTIFICATE_PASSWORD -T /usr/bin/codesign | |
security set-key-partition-list -S apple-tool:,apple: -s -k $MACOS_KEYCHAIN_PASSWORD build.keychain | |
rm -fr *.p12 | |
security set-keychain-settings -lut 1200 # prevent the keychain to get locked before codesign is done | |
- name: Build, package & make | |
env: | |
APPLE_ID: ${{ secrets.APPLE_ID }} | |
APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} | |
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} | |
working-directory: apps/desktop-app | |
timeout-minutes: 14 | |
run: yarn make --arch=${{ matrix.arch }} | |
- name: Upload artifacts | |
uses: actions/upload-artifact@v3 | |
with: | |
name: ${{ matrix.os }} | |
# apps/desktop-app/out/ contains also the packaged app in case you need to debug it before make | |
# By default we only upload the bundled one to reduce the upload time | |
path: apps/desktop-app/out/make/**/* |