-
Notifications
You must be signed in to change notification settings - Fork 4
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
1 changed file
with
276 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,276 @@ | ||
name: Build Windows | ||
|
||
on: | ||
push: | ||
branches: atavism/ci-updates | ||
workflow_call: | ||
inputs: | ||
version: | ||
type: string | ||
required: true | ||
prefix: | ||
type: string | ||
required: true | ||
build-suffix: # "64" or "" | ||
type: string | ||
required: false | ||
dist-suffix: # "64-bit" or "32-bit" | ||
type: string | ||
required: true | ||
update-suffix: # "x64" or "386" | ||
type: string | ||
required: true | ||
arch: | ||
type: string | ||
required: true | ||
installer-suffix: # "-x64" or "" | ||
type: string | ||
required: false | ||
xcode_version: | ||
type: string | ||
required: true | ||
|
||
env: | ||
GOPRIVATE: github.com/getlantern | ||
S3_BUCKET: lantern | ||
jobs: | ||
build: | ||
permissions: | ||
contents: "read" | ||
id-token: "write" | ||
env: | ||
version: ${{ inputs.version }} | ||
prefix: ${{ inputs.prefix }} | ||
strategy: | ||
matrix: | ||
include: | ||
- os: macos-latest | ||
platform: macos | ||
- os: windows-latest | ||
platform: windows | ||
- os: ubuntu-latest | ||
platform: android | ||
- os: ubuntu-latest | ||
platform: linux | ||
#- os: macos-latest | ||
# platform: macos | ||
runs-on: ${{ matrix.os }} | ||
steps: | ||
- uses: actions/checkout@v4 | ||
with: | ||
lfs: true | ||
|
||
- name: Setup Go | ||
uses: actions/setup-go@v5 | ||
with: | ||
go-version-file: "go.mod" | ||
|
||
- name: Install WebView2 Runtime | ||
if: ${{ matrix.platform }} == 'windows' | ||
shell: pwsh | ||
run: | | ||
Invoke-WebRequest -Uri "https://go.microsoft.com/fwlink/p/?LinkId=2124703" -OutFile "MicrosoftEdgeWebView2Setup.exe" | ||
Start-Process -FilePath ".\MicrosoftEdgeWebView2Setup.exe" -ArgumentList "/silent", "/install" -Wait | ||
- name: Set up MinGW | ||
if: ${{ matrix.platform }} == 'windows' | ||
run: choco install mingw -y | ||
|
||
- name: Install dependencies | ||
if: ${{ matrix.platform }} == 'linux' | ||
run: | | ||
sudo apt-get update | ||
sudo apt-get install -y file build-essential pkg-config | ||
sudo apt-get install -y libwebkit2gtk-4.1-dev | ||
sudo apt-get install -y libunwind-dev libstdc++-12-dev libgstreamer1.0-dev libgstreamer-plugins-base1.0-d cmake | ||
sudo apt-get install -y libgtk-3-0 libblkid1 liblzma5 | ||
sudo apt-get install -y libpcap-dev libgtk-3-dev libayatana-appindicator3-dev ruby ruby-dev && sudo gem install bundler -v 2.2.26 | ||
- name: Setup Xcode | ||
uses: maxim-lobanov/setup-xcode@v1 | ||
with: | ||
xcode-version: ${{ inputs.xcode_version }} | ||
|
||
- name: Install Flutter | ||
uses: subosito/flutter-action@v2 | ||
with: | ||
channel: "stable" | ||
|
||
- run: flutter --version | ||
|
||
- name: Setup JDK | ||
if: ${{ matrix.platform }} == 'android' | ||
uses: actions/setup-java@v4 | ||
with: | ||
distribution: temurin | ||
java-version: 17 | ||
cache: 'gradle' | ||
|
||
- name: Set gradle properties | ||
if: ${{ matrix.platform }} == 'android' | ||
env: | ||
GRADLE_PROPERTIES: ${{ secrets.GRADLE_PROPERTIES }} | ||
run: | | ||
mkdir -p ~/.gradle/ | ||
echo "GRADLE_USER_HOME=${HOME}/.gradle" >> $GITHUB_ENV | ||
echo "${GRADLE_PROPERTIES}" > ~/.gradle/gradle.properties | ||
- name: Decode Keystore | ||
id: write_file | ||
if: ${{ matrix.platform }} == 'android' | ||
uses: timheuer/[email protected] | ||
with: | ||
fileName: 'keystore.release.jks' | ||
fileDir: './android/app' | ||
encodedString: ${{ secrets.KEYSTORE }} | ||
|
||
- name: Generate app.env | ||
env: | ||
ANDROID_INTERSTITIAL_AD_ID: ${{ secrets.INTERSTITIAL_AD_UNIT_ID }} | ||
IOS_INTERSTITIAL_AD_ID: ${{ secrets.INTERSTITIAL_AD_UNIT_ID_IOS }} | ||
TAPSELL_VIDEO_INTERSTITIAL_ZONE_ID: ${{ secrets.TAPSELL_VIDEO_INTERSTITIAL_ZONE_ID }} | ||
TAPSELL_INTERSTITIAL_ZONE_ID: ${{ secrets.TAPSELL_INTERSTITIAL_ZONE_ID }} | ||
run: | | ||
touch app.env | ||
echo "Android_interstitialAd=$ANDROID_INTERSTITIAL_AD_ID" > app.env | ||
echo "IOS_interstitialAd=$IOS_INTERSTITIAL_AD_ID" >> app.env | ||
echo "VideoInterstitialZoneId=$TAPSELL_VIDEO_INTERSTITIAL_ZONE_ID" >> app.env | ||
echo "InterstitialZoneId=$TAPSELL_INTERSTITIAL_ZONE_ID" >> app.env | ||
- name: Setup protoc | ||
uses: arduino/setup-protoc@v2 | ||
with: | ||
repo-token: ${{ secrets.GITHUB_TOKEN }} | ||
|
||
- name: Build Lantern Library | ||
shell: bash | ||
run: | | ||
touch app.env | ||
mkdir -p "build/windows/${{inputs.arch}}/runner/Release" | ||
make ${{matrix.platform}} | ||
- name: Activate plugins | ||
run: | | ||
dart pub global activate protoc_plugin | ||
dart pub global activate flutter_distributor | ||
- name: Sign liblantern.dll with Azure Code Signing | ||
if: ${{ matrix.platform }} == 'windows' | ||
uses: getlantern/trusted-signing-action@main | ||
with: | ||
azure-tenant-id: ${{ secrets.AZURE_TENANT_ID }} | ||
azure-client-id: ${{ secrets.AZURE_CLIENT_ID }} | ||
azure-client-secret: ${{ secrets.AZURE_CLIENT_SECRET }} | ||
endpoint: https://wus2.codesigning.azure.net/ | ||
code-signing-account-name: code-signing | ||
certificate-profile-name: Lantern | ||
files-folder: ${{ github.workspace }}\ | ||
files-folder-filter: dll | ||
file-digest: SHA256 | ||
timestamp-rfc3161: http://timestamp.acs.microsoft.com | ||
timestamp-digest: SHA256 | ||
|
||
- name: Move liblantern.dll to release directory | ||
if: ${{ matrix.platform }} == 'windows' | ||
shell: bash | ||
run: | | ||
mv liblantern.dll "build/windows/${{inputs.arch}}/runner/Release" | ||
- name: Extract app version from pubspec.yaml | ||
id: extract_version | ||
shell: bash | ||
run: | | ||
APP_VERSION=$(grep '^version:' pubspec.yaml | sed 's/version: //') | ||
echo "APP_VERSION=$APP_VERSION" >> $GITHUB_ENV | ||
- name: Build Flutter app | ||
run: | | ||
New-Item -Path "./dist/${{ env.APP_VERSION }}" -ItemType Directory -Force | ||
flutter_distributor package --platform windows --targets exe --skip-clean | ||
env: | ||
INTERSTITIAL_AD_UNIT: "${{ secrets.INTERSTITIAL_AD_UNIT_ID }}" | ||
SENTRY_AUTH_TOKEN: "${{ secrets.SENTRY_AUTH_TOKEN }}" | ||
VERSION: "${{ env.version }}" | ||
|
||
- name: Install darwin installer dependencies | ||
if: ${{ matrix.platform }} == 'macos' | ||
run: | | ||
npm install -g appdmg | ||
brew tap joshdk/tap | ||
brew install joshdk/tap/retry | ||
brew install imagemagick || true | ||
- name: Build darwin installer | ||
if: ${{ matrix.platform }} == 'macos' | ||
run: | | ||
echo $MACOS_CERTIFICATE | base64 --decode > certificate.p12 | ||
security create-keychain -p temporaty-password build.keychain | ||
security default-keychain -s build.keychain | ||
security unlock-keychain -p temporaty-password build.keychain | ||
security import certificate.p12 -k build.keychain -P $MACOS_CERTIFICATE_PWD -T /usr/bin/codesign | ||
security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k temporaty-password build.keychain | ||
make package-darwin | ||
env: | ||
VERSION: "${{ env.version }}" | ||
MACOS_CERTIFICATE: ${{ secrets.MACOS_BNS_CERT }} | ||
MACOS_CERTIFICATE_PWD: ${{ secrets.MACOS_BNS_CERT_PASS }} | ||
- name: Build installer | ||
if: ${{ matrix.platform }} == 'linux' | ||
run: | | ||
cp liblantern.so "build/linux/${{inputs.dist-suffix}}/release/bundle" | ||
make package-linux | ||
mv dist/${{ env.APP_VERSION }}/lantern-${{ env.APP_VERSION }}-linux.deb lantern_${{inputs.version}}_x64.deb | ||
mv dist/${{ env.APP_VERSION }}/lantern-${{ env.APP_VERSION }}-linux.rpm lantern_${{inputs.version}}_x64.rpm | ||
- name: Rename installer | ||
if: ${{ matrix.platform }} == 'windows' | ||
shell: bash | ||
run: | | ||
mv "dist/${{ env.APP_VERSION }}/lantern-${{ env.APP_VERSION }}-windows-setup.exe" lantern-installer${{inputs.installer-suffix}}.exe | ||
- name: Sign EXE with Azure Code Signing | ||
if: ${{ matrix.platform }} == 'windows' | ||
uses: getlantern/trusted-signing-action@main | ||
with: | ||
azure-tenant-id: ${{ secrets.AZURE_TENANT_ID }} | ||
azure-client-id: ${{ secrets.AZURE_CLIENT_ID }} | ||
azure-client-secret: ${{ secrets.AZURE_CLIENT_SECRET }} | ||
endpoint: https://wus2.codesigning.azure.net/ | ||
code-signing-account-name: code-signing | ||
certificate-profile-name: Lantern | ||
files-folder: ${{ github.workspace }}/ | ||
files-folder-filter: exe,dll,msix | ||
file-digest: SHA256 | ||
timestamp-rfc3161: http://timestamp.acs.microsoft.com | ||
timestamp-digest: SHA256 | ||
|
||
- uses: actions/upload-artifact@v4 | ||
if: ${{ matrix.platform }} == 'android' | ||
with: | ||
name: android-apk-build | ||
retention-days: 2 | ||
path: | | ||
lantern-installer.apk | ||
- name: Upload EXE artifact | ||
uses: actions/upload-artifact@v4 | ||
if: ${{ matrix.platform }} == 'windows' | ||
with: | ||
name: windows${{inputs.build-suffix}}-installer-signed | ||
path: | | ||
lantern-installer${{inputs.installer-suffix}}.exe | ||
- uses: actions/upload-artifact@v4 | ||
if: ${{ matrix.platform }} == 'linux' | ||
with: | ||
name: linux-deb-build | ||
path: | | ||
lantern_${{inputs.version}}_x64.deb | ||
- uses: actions/upload-artifact@v4 | ||
if: ${{ matrix.platform }} == 'linux' | ||
with: | ||
name: linux-rpm-build | ||
path: | | ||
lantern_${{inputs.version}}_x64.rpm |