Skip to content

CI

CI #79

Workflow file for this run

name: CI
on:
# push:
# branches:
# - development
# pull_request:
workflow_dispatch:
inputs:
upload-artifacts:
default: true
required: false
type: boolean
environment:
default: beta
type: string
required: true
sign:
type: boolean
default: false
required: false
workflow_call:
inputs:
repository:
default: desktop/desktop
required: false
type: string
ref:
required: true
type: string
upload-artifacts:
default: false
required: false
type: boolean
environment:
type: string
required: true
sign:
type: boolean
default: true
required: false
secrets:
AZURE_CODE_SIGNING_TENANT_ID:
AZURE_CODE_SIGNING_CLIENT_ID:
AZURE_CODE_SIGNING_CLIENT_SECRET:
DESKTOP_OAUTH_CLIENT_ID:
DESKTOP_OAUTH_CLIENT_SECRET:
APPLE_ID:
APPLE_ID_PASSWORD:
APPLE_TEAM_ID:
APPLE_APPLICATION_CERT:
APPLE_APPLICATION_CERT_PASSWORD:
env:
NODE_VERSION: 20.11.1
jobs:
lint:
name: Lint
runs-on: ubuntu-latest
env:
RELEASE_CHANNEL: ${{ inputs.environment }}
steps:
- uses: actions/checkout@v4
with:
repository: ${{ inputs.repository || github.repository }}
ref: ${{ inputs.ref }}
submodules: recursive
- uses: actions/setup-node@v4
with:
node-version: ${{ env.NODE_VERSION }}
cache: yarn
- run: yarn
- run: yarn validate-electron-version
- run: yarn lint
- run: yarn validate-changelog
- name: Ensure a clean working directory
run: git diff --name-status --exit-code
build:
name:
${{ matrix.friendlyName }} ${{ matrix.arch }} ${{ inputs.environment }}
runs-on: ${{ matrix.os }}
permissions:
contents: read
strategy:
fail-fast: false
matrix:
os: [macos-13, windows-2019]
arch: [x64, arm64]
include:
- os: macos-13
friendlyName: macOS
- os: windows-2019
friendlyName: Windows
timeout-minutes: 60
env:
RELEASE_CHANNEL: ${{ inputs.environment }}
steps:
- uses: actions/checkout@v4
with:
repository: ${{ inputs.repository || github.repository }}
ref: ${{ inputs.ref }}
submodules: recursive
- uses: actions/setup-python@v5
with:
python-version: '3.11'
- name: Use Node.js ${{ env.NODE_VERSION }}
uses: actions/setup-node@v4
with:
node-version: ${{ env.NODE_VERSION }}
cache: yarn
- name: Install and build dependencies
run: yarn
env:
npm_config_arch: ${{ matrix.arch }}
TARGET_ARCH: ${{ matrix.arch }}
- name: Build production app
run: yarn build:prod
env:
DESKTOP_OAUTH_CLIENT_ID: ${{ secrets.DESKTOP_OAUTH_CLIENT_ID }}
DESKTOP_OAUTH_CLIENT_SECRET:
${{ secrets.DESKTOP_OAUTH_CLIENT_SECRET }}
APPLE_ID: ${{ secrets.APPLE_ID }}
APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }}
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
APPLE_APPLICATION_CERT: ${{ secrets.APPLE_APPLICATION_CERT }}
KEY_PASSWORD: ${{ secrets.APPLE_APPLICATION_CERT_PASSWORD }}
npm_config_arch: ${{ matrix.arch }}
TARGET_ARCH: ${{ matrix.arch }}
# - name: Prepare testing environment
# if: matrix.arch == 'x64'
# run: yarn test:setup
# env:
# npm_config_arch: ${{ matrix.arch }}
# - name: Run unit tests
# if: matrix.arch == 'x64'
# run: yarn test:unit
# - name: Run script tests
# if: matrix.arch == 'x64'
# run: yarn test:script
- name: Install Azure Code Signing Client
if: ${{ runner.os == 'Windows' && inputs.sign }}
run: |
$acsZip = Join-Path $env:RUNNER_TEMP "acs.zip"
$acsDir = Join-Path $env:RUNNER_TEMP "acs"
Invoke-WebRequest -Uri https://www.nuget.org/api/v2/package/Microsoft.Trusted.Signing.Client/1.0.52 -OutFile $acsZip -Verbose
Expand-Archive $acsZip -Destination $acsDir -Force -Verbose
# Replace ancient signtool in electron-winstall with one that supports ACS
Copy-Item -Path "C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x64\*" -Include signtool.exe,signtool.exe.manifest,Microsoft.Windows.Build.Signing.mssign32.dll.manifest,mssign32.dll,Microsoft.Windows.Build.Signing.wintrust.dll.manifest,wintrust.dll,Microsoft.Windows.Build.Appx.AppxSip.dll.manifest,AppxSip.dll,Microsoft.Windows.Build.Appx.AppxPackaging.dll.manifest,AppxPackaging.dll,Microsoft.Windows.Build.Appx.OpcServices.dll.manifest,OpcServices.dll -Destination "node_modules\electron-winstaller\vendor" -Verbose
- name: Package production app
run: yarn package
env:
npm_config_arch: ${{ matrix.arch }}
AZURE_TENANT_ID: ${{ secrets.AZURE_CODE_SIGNING_TENANT_ID }}
AZURE_CLIENT_ID: ${{ secrets.AZURE_CODE_SIGNING_CLIENT_ID }}
AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CODE_SIGNING_CLIENT_SECRET }}
- name: Upload artifacts
uses: actions/upload-artifact@v4
if: ${{ inputs.upload-artifacts }}
with:
name: ${{matrix.friendlyName}}-${{matrix.arch}}
path: |
dist/GitHub Desktop-${{matrix.arch}}.zip
dist/GitHubDesktop-*.nupkg
dist/GitHubDesktopSetup-${{matrix.arch}}.exe
dist/GitHubDesktopSetup-${{matrix.arch}}.msi
dist/bundle-size.json
if-no-files-found: error