phlux/mattermostest
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

feat(ci): CircleCI migration to Github Actions (#2516)

Browse Source 
* Deprecated trigger-desktop-nightly repo from gitlab
* Migrated Nightly builds URLs from CircleCI to S3
* Full CI/CD is handled by Github Actions

---------

Co-authored-by: Tasos Boulis <tboulis@hotmail.com>
Co-authored-by: Mattermost Build <build@mattermost.com>
This commit is contained in:
Antonis Stamatiou
2023-03-06 11:51:25 +02:00
committed by GitHub
parent 8efa3480e4
commit b62b25fdda
16 changed files with 2271 additions and 3300 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
.github/actions/patch-nightly-version/action.yaml vendored Normal file
View File

@@ -0,0 +1,11 @@
# Copyright 2022 Mattermost, Inc.
name: "patch-version"
description: This action is used to patch package.json version with the nightly build
runs:
using: "composite"
steps:
- name: ci/generate-version
id: generate-version
shell: bash
run: go run ${{ github.action_path }}/patch-version.go .

42
.github/actions/patch-nightly-version/patch-version.go vendored Normal file
View File

@@ -0,0 +1,42 @@
package main
import (
"encoding/json"
"fmt"
"io/ioutil"
"log"
"os"
"strings"
"time"
)
func main() {
args := os.Args[1:]
packageFileName := fmt.Sprintf("%s/package.json", args[0])
packageJson, err := os.Open(packageFileName)
if err != nil {
log.Fatal(err)
}
packageBytes, err := ioutil.ReadAll(packageJson)
if err != nil {
log.Fatal(err)
}
var packageInfo map[string]interface{}
json.Unmarshal(packageBytes, &packageInfo)
originalVersion := fmt.Sprintf("%s", packageInfo["version"])
nightlyVersion := fmt.Sprintf("%s-nightly.%s", strings.Split(originalVersion, "-")[0], time.Now().Format("20060102"))
packageInfo["version"] = nightlyVersion
newPackageJson := strings.Replace(string(packageBytes), originalVersion, nightlyVersion, 1)
err = ioutil.WriteFile(packageFileName, []byte(newPackageJson), 0644)
if err != nil {
log.Fatal(err)
}
packageJson.Close()
fmt.Println("Update package.json with version:", nightlyVersion)
}

27
.github/actions/test/action.yaml vendored Normal file
View File

@@ -0,0 +1,27 @@
# Copyright 2022 Mattermost, Inc.
name: "test-ci"
description: This action used to run universal tests for all OS
inputs:
shell:
description: The shell to run the test
required: true
default: bash
runs:
using: "composite"
steps:
- name: ci/run-check-types
run: npm run check-types
shell: ${{ inputs.shell }}
- name: ci/run-i18n-check
shell: ${{ inputs.shell }}
run: |
npm run mmjstool -- i18n extract-desktop --desktop-dir .
git --no-pager diff --exit-code i18n/en.json
- name: ci/run-unit-ci
shell: ${{ inputs.shell }}
env:
ELECTRON_DISABLE_SANDBOX: "1"
run: |
npm run test:unit-ci

169
.github/workflows/build-for-pr.yml vendored Normal file
View File

@@ -0,0 +1,169 @@
name: build-for-pr
on:
push:
# only for build-pr branches
# build-pr-*
branches:
- build-pr-*
defaults:
run:
shell: bash
env:
TERM: xterm
jobs:
build-linux-for-pr:
runs-on: ubuntu-latest-4-cores
steps:
- name: ci/checkout-repo
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: ci/setup-node
uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0
with:
node-version-file: "package.json"
cache: "npm"
cache-dependency-path: package-lock.json
- name: ci/install-dependencies
env:
PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: 1
run: |
wget -qO - https://download.opensuse.org/repositories/Emulators:/Wine:/Debian/xUbuntu_18.04/Release.key | sudo apt-key add -
wget -qO /usr/local/bin/yq https://github.com/mikefarah/yq/releases/download/v4.20.1/yq_linux_amd64 && chmod a+x /usr/local/bin/yq
sudo apt-get update || true && sudo apt-get install -y ca-certificates libxtst-dev libpng++-dev gcc-aarch64-linux-gnu g++-aarch64-linux-gnu jq icnsutils graphicsmagick tzdata
npm ci
- name: ci/build
run: |
mkdir -p ./build/linux
npm run package:linux
bash -x ./scripts/patch_updater_yml.sh
bash -x ./scripts/cp_artifacts.sh release ./build/linux
- name: ci/upload-build
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
with:
name: build-linux
path: ./build/linux
retention-days: 10 ## No need to keep CI builds more than 10 days
windows-install-deps:
runs-on: windows-2022
steps:
- name: ci/checkout-repo
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: ci/setup-node
uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0
with:
node-version-file: "package.json"
cache: "npm"
cache-dependency-path: package-lock.json
- name: ci/cache-node-modules
id: cache-node-modules
uses: actions/cache@627f0f41f6904a5b1efbaed9f96d9eb58e92e920 # v3.2.4
with:
path: node_modules
key: ${{ runner.os }}-build-node-modules-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-build-node-modules
${{ runner.os }}-build-
${{ runner.os }}-
- name: ci/install-dependencies
if: steps.cache-node-modules.outputs.cache-hit != 'true'
env:
PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: 1
run: |
choco install yq --version 4.15.1 -y
npm i -g node-gyp
node-gyp install
node-gyp install --devdir="C:\Users\runneradmin\.electron-gyp" --target=$(jq -r .devDependencies.electron package.json) --dist-url="https://electronjs.org/headers"
npm ci --openssl_fips=''
build-win-for-pr:
runs-on: windows-2022
needs:
- windows-install-deps
steps:
- name: ci/checkout-repo
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: ci/setup-node
uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0
with:
node-version-file: "package.json"
cache: "npm"
cache-dependency-path: package-lock.json
- name: ci/cache-node-modules
id: cache-node-modules
uses: actions/cache@627f0f41f6904a5b1efbaed9f96d9eb58e92e920 # v3.2.4
with:
path: node_modules
key: ${{ runner.os }}-build-node-modules-${{ hashFiles('package-lock.json') }}
restore-keys: |
${{ runner.os }}-build-node-modules
${{ runner.os }}-build-
${{ runner.os }}-
- name: ci/install-node-gyp
env:
PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: 1
run: |
choco install yq --version 4.15.1 -y
npm i -g node-gyp
node-gyp install
node-gyp install --devdir="C:\Users\runneradmin\.electron-gyp" --target=$(jq -r .devDependencies.electron package.json) --dist-url="https://electronjs.org/headers"
- name: ci/install-dependencies
if: steps.cache-node-modules.outputs.cache-hit != 'true'
env:
PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: 1
run: |
npm ci --openssl_fips=''
- name: ci/build
env:
MM_WIN_INSTALLERS: 1
run: |
mkdir -p ./build/win
npm run package:windows
bash -x ./scripts/patch_updater_yml.sh
bash -x ./scripts/cp_artifacts.sh release ./build/win
- name: ci/upload-build
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
with:
name: build-windows
path: ./build/win
retention-days: 10 ## No need to keep CI builds more than 10 days
build-mac-for-pr:
runs-on: macos-12
steps:
- name: ci/checkout-repo
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: ci/setup-node
uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0
with:
node-version-file: "package.json"
cache: "npm"
cache-dependency-path: package-lock.json
- name: ci/install-dependencies
env:
PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: 1
run: |
brew install yq
jq '.mac.target=["zip"]' electron-builder.json | jq '.mac.gatekeeperAssess=false' > /tmp/electron-builder.json && cp /tmp/electron-builder.json .
npm ci
- name: ci/build
env:
APPLEID: ${{ secrets.MM_DESKTOP_MAC_INSTALLER_APPLE_ID }}
APPLEIDPASS: ${{ secrets.MM_DESKTOP_MAC_INSTALLER_APPLE_ID_PASS }}
CSC_FOR_PULL_REQUEST: true
CSC_KEY_PASSWORD: ${{ secrets.MM_DESKTOP_MAC_INSTALLER_CSC_KEY_PASSWORD }}
CSC_LINK: ${{ secrets.MM_DESKTOP_MAC_INSTALLER_CSC_LINK }}
run: |
mkdir -p ./build/macos
npm run package:mac
bash -x ./scripts/patch_updater_yml.sh
bash -x ./scripts/cp_artifacts.sh release ./build/macos/
- name: ci/upload-build
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
with:
name: build-macos
path: ./build/macos/
retention-days: 10 ## No need to keep CI builds more than 10 days

213
.github/workflows/ci.yaml vendored Normal file
View File

@@ -0,0 +1,213 @@
name: ci
on:
pull_request:
defaults:
run:
shell: bash
env:
TERM: xterm
jobs:
build-linux:
runs-on: ubuntu-latest-4-cores
steps:
- name: ci/checkout-repo
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: ci/setup-node
uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0
with:
node-version-file: "package.json"
cache: "npm"
cache-dependency-path: package-lock.json
- name: ci/install-dependencies
env:
PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: 1
run: |
wget -qO - https://download.opensuse.org/repositories/Emulators:/Wine:/Debian/xUbuntu_18.04/Release.key | sudo apt-key add -
wget -qO /usr/local/bin/yq https://github.com/mikefarah/yq/releases/download/v4.20.1/yq_linux_amd64 && chmod a+x /usr/local/bin/yq
sudo apt-get update || true && sudo apt-get install -y ca-certificates libxtst-dev libpng++-dev gcc-aarch64-linux-gnu g++-aarch64-linux-gnu jq icnsutils graphicsmagick tzdata
npm ci
- name: ci/test
uses: ./.github/actions/test
- name: ci/build
run: |
mkdir -p ./build/linux
npm run package:linux
bash -x ./scripts/patch_updater_yml.sh
bash -x ./scripts/cp_artifacts.sh release ./build/linux
- name: ci/upload-test-results
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
with:
name: linux-test-results
path: test-results.xml
retention-days: 5
- name: ci/upload-build
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
with:
name: build-linux
path: ./build/linux
retention-days: 10 ## No need to keep CI builds more than 10 days
windows-install-deps:
runs-on: windows-2022
steps:
- name: ci/checkout-repo
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: ci/setup-node
uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0
with:
node-version-file: "package.json"
cache: "npm"
cache-dependency-path: package-lock.json
- name: ci/cache-node-modules
id: cache-node-modules
uses: actions/cache@627f0f41f6904a5b1efbaed9f96d9eb58e92e920 # v3.2.4
with:
path: node_modules
key: ${{ runner.os }}-build-node-modules-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-build-node-modules
${{ runner.os }}-build-
${{ runner.os }}-
- name: ci/install-dependencies
if: steps.cache-node-modules.outputs.cache-hit != 'true'
env:
PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: 1
run: |
choco install yq --version 4.15.1 -y
npm i -g node-gyp
node-gyp install
node-gyp install --devdir="C:\Users\runneradmin\.electron-gyp" --target=$(jq -r .devDependencies.electron package.json) --dist-url="https://electronjs.org/headers"
npm ci --openssl_fips=''
build-win-no-installer:
runs-on: windows-2022
needs:
- windows-install-deps
steps:
- name: ci/checkout-repo
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: ci/setup-node
uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0
with:
node-version-file: "package.json"
cache: "npm"
cache-dependency-path: package-lock.json
- name: ci/cache-node-modules
id: cache-node-modules
uses: actions/cache@627f0f41f6904a5b1efbaed9f96d9eb58e92e920 # v3.2.4
with:
path: node_modules
key: ${{ runner.os }}-build-node-modules-${{ hashFiles('package-lock.json') }}
restore-keys: |
${{ runner.os }}-build-node-modules
${{ runner.os }}-build-
${{ runner.os }}-
- name: ci/install-node-gyp
env:
PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: 1
run: |
choco install yq --version 4.15.1 -y
npm i -g node-gyp
node-gyp install
node-gyp install --devdir="C:\Users\runneradmin\.electron-gyp" --target=$(jq -r .devDependencies.electron package.json) --dist-url="https://electronjs.org/headers"
- name: ci/install-dependencies
if: steps.cache-node-modules.outputs.cache-hit != 'true'
env:
PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: 1
run: |
npm ci --openssl_fips=''
- name: ci/test
uses: ./.github/actions/test
- name: ci/build
run: |
mkdir -p ./build/win
npm run package:windows
bash -x ./scripts/patch_updater_yml.sh
bash -x ./scripts/cp_artifacts.sh release ./build/win
- name: ci/upload-test-results
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
with:
name: windows-test-results
path: test-results.xml
retention-days: 5
- name: ci/upload-build
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
with:
name: build-windows
path: ./build/win
retention-days: 10 ## No need to keep CI builds more than 10 days
build-mac-no-dmg:
runs-on: macos-12
steps:
- name: ci/checkout-repo
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: ci/setup-node
uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0
with:
node-version-file: "package.json"
cache: "npm"
cache-dependency-path: package-lock.json
- name: ci/install-dependencies
env:
PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: 1
run: |
brew install yq
jq '.mac.target=["zip"]' electron-builder.json | jq '.mac.gatekeeperAssess=false' > /tmp/electron-builder.json && cp /tmp/electron-builder.json .
npm ci
- name: ci/test
uses: ./.github/actions/test
- name: ci/build
run: |
mkdir -p ./build/macos
npm run package:mac
bash -x ./scripts/patch_updater_yml.sh
bash -x ./scripts/cp_artifacts.sh release ./build/macos/
- name: ci/upload-test-results
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
with:
name: macos-test-results
path: test-results.xml
retention-days: 5
- name: ci/upload-build
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
with:
name: build-macos
path: ./build/macos/
retention-days: 10 ## No need to keep CI builds more than 10 days
report-test-results:
if: always()
needs:
- build-mac-no-dmg
- build-win-no-installer
- build-linux
runs-on: ubuntu-22.04
permissions:
checks: write
pull-requests: write
steps:
- name: ci/download-macos-test-results
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
with:
name: macos-test-results
path: macos-test-results
- name: ci/download-windows-test-results
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
with:
name: windows-test-results
path: windows-test-results
- name: ci/download-linux-test-results
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
with:
name: linux-test-results
path: linux-test-results
- name: ci/publish-results
uses: EnricoMi/publish-unit-test-result-action@a3caf02865c0604ad3dc1ecfcc5cdec9c41b7936 # v2.3.0
with:
comment_mode: failures
compare_to_earlier_commit: false
junit_files: "**/*.xml"

232
.github/workflows/nightly-browser-view.yml vendored Normal file
View File

@@ -0,0 +1,232 @@
name: nightly-browser-view
on:
schedule:
- cron: 0 4 * * 0-5
defaults:
run:
shell: bash
env:
TERM: xterm
jobs:
build-linux:
runs-on: ubuntu-22.04
steps:
- name: ci/checkout-repo
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: ci/setup-node
uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0
with:
node-version-file: "package.json"
cache: "npm"
cache-dependency-path: package-lock.json
- name: ci/install-dependencies
env:
PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: 1
run: |
wget -qO - https://download.opensuse.org/repositories/Emulators:/Wine:/Debian/xUbuntu_18.04/Release.key | sudo apt-key add -
wget -qO /usr/local/bin/yq https://github.com/mikefarah/yq/releases/download/v4.20.1/yq_linux_amd64 && chmod a+x /usr/local/bin/yq
sudo apt-get update || true && sudo apt-get install -y ca-certificates libxtst-dev libpng++-dev gcc-aarch64-linux-gnu g++-aarch64-linux-gnu jq icnsutils graphicsmagick tzdata
npm ci
- name: nightly/patch-version
uses: ./.github/actions/patch-nightly-version
- name: ci/build
run: |
mkdir -p ./build/linux
npm run package:linux
bash -x ./scripts/patch_updater_yml.sh
bash -x ./scripts/cp_artifacts.sh release ./build/linux
- name: ci/upload-build
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
with:
name: build
path: ./build
retention-days: 5 ## No need to keep them since they are uploaded on S3
build-msi-installer:
runs-on: windows-2022
steps:
- name: nightly/checkout-repo
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: nightly/setup-node
uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0
with:
node-version-file: "package.json"
cache: "npm"
cache-dependency-path: package-lock.json
- name: nightly/create-build-folder
run: mkdir -p ./build
- name: nightly/optimize
shell: powershell
run: |
./scripts/Makefile.ps1 optimize
- name: nightly/install-deps
shell: powershell
run: |
./scripts/Makefile.ps1 install-deps
- name: nightly/test
uses: ./.github/actions/test
- name: nightly/patch-version
uses: ./.github/actions/patch-nightly-version
- name: nightly/build
shell: powershell
env:
MM_WIN_INSTALLERS: 1
PFX_KEY: ${{ secrets.MM_DESKTOP_MSI_INSTALLER_PFX_KEY }}
CSC_KEY_PASSWORD: ${{ secrets.MM_DESKTOP_MSI_INSTALLER_CSC_KEY_PASSWORD }}
PFX: ${{ secrets.MM_DESKTOP_MSI_INSTALLER_PFX }}
CSC_LINK: ${{ secrets.MM_DESKTOP_MSI_INSTALLER_CSC_LINK }}
run: |
./scripts/Makefile.ps1 build
- name: nightly/package
run: |
bash -x ./scripts/patch_updater_yml.sh
mkdir -p ./build/win-release
bash -x ./scripts/cp_artifacts.sh release ./build/win-release
- name: nightly/upload-build
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
with:
name: build
path: ./build
retention-days: 5 ## No need to keep them since they are uploaded on S3
mac-app-store-preflight:
runs-on: macos-12
env:
MAS_PROFILE: ${{ secrets.MM_DESKTOP_MAC_APP_STORE_MAS_PROFILE }}
MACOS_API_KEY_ID: ${{ secrets.MM_DESKTOP_MAC_APP_STORE_MACOS_API_KEY_ID }}
MACOS_API_KEY: ${{ secrets.MM_DESKTOP_MAC_APP_STORE_MACOS_API_KEY }}
MACOS_API_ISSUER_ID: ${{ secrets.MM_DESKTOP_MAC_APP_STORE_MACOS_API_ISSUER_ID }}
CSC_FOR_PULL_REQUEST: true
CSC_KEY_PASSWORD: ${{ secrets.MM_DESKTOP_MAC_APP_STORE_CSC_KEY_PASSWORD}}
CSC_LINK: ${{ secrets.MM_DESKTOP_MAC_APP_STORE_CSC_LINK }}
needs:
- begin-notification
steps:
- name: nightly/checkout-repo
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: nightly/setup-node
uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0
with:
node-version-file: "package.json"
cache: "npm"
cache-dependency-path: package-lock.json
- name: nightly/create-build-folder
run: mkdir -p ./build
- name: nightly/install-dependencies
run: |
brew install yq
npm ci
- name: nightly/copy-provisioning-profile
run: echo $MAS_PROFILE | base64 -D > ./mas.provisionprofile
- name: nightly/patch-version-number-for-MAS
run: ./scripts/patch_mas_version.sh
- name: nightly/test
uses: ./.github/actions/test
- name: nightly/package
run: npm run package:mas
- name: nightly/publish
run: fastlane publish_test path:"$(find . -name \*.pkg -print -quit)"
build-mac-installer:
runs-on: macos-12
needs:
- mac-app-store-preflight
steps:
- name: nightly/checkout-repo
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: nightly/setup-node
uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0
with:
node-version-file: "package.json"
cache: "npm"
cache-dependency-path: package-lock.json
- name: nightly/create-build-folder
run: mkdir -p ./build
- name: nightly/install-dependencies
run: |
brew install yq rename
npm ci
- name: nightly/test
uses: ./.github/actions/test
- name: nightly/patch-version
uses: ./.github/actions/patch-nightly-version
- name: nightly/build
env:
APPLEID: ${{ secrets.MM_DESKTOP_MAC_INSTALLER_APPLE_ID }}
APPLEIDPASS: ${{ secrets.MM_DESKTOP_MAC_INSTALLER_APPLE_ID_PASS }}
CSC_FOR_PULL_REQUEST: true
CSC_KEY_PASSWORD: ${{ secrets.MM_DESKTOP_MAC_INSTALLER_CSC_KEY_PASSWORD }}
CSC_LINK: ${{ secrets.MM_DESKTOP_MAC_INSTALLER_CSC_LINK }}
run: |
mkdir -p ./build/macos-release
npm run package:mac-with-universal
bash -x ./scripts/patch_updater_yml.sh
bash -x ./scripts/cp_artifacts.sh release ./build/macos-release
- name: nightly/rename-arm64-to-m1
run: rename 's/arm64/m1/' ./build/macos-release/$(jq -r .version package.json)/*
- name: nightly/upload-build
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
with:
name: build
path: ./build
retention-days: 5 ## No need to keep them since they are uploaded on S3
upload-to-s3:
runs-on: ubuntu-22.04
outputs:
links: ${{ steps.generate-linklist.outputs.linklist }}
needs:
- build-mac-installer
- build-msi-installer
- build-linux
steps:
- name: nightly/checkout-repo
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: nightly/patch-version
uses: ./.github/actions/patch-nightly-version
- name: nightly/setup-aws-credentials
uses: aws-actions/configure-aws-credentials@67fbcbb121271f7775d2e7715933280b06314838 # v1.7.0
with:
aws-region: us-east-1
aws-access-key-id: ${{ secrets.MM_DESKTOP_RELEASE_AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.MM_DESKTOP_RELEASE_AWS_SECRET_ACCESS_KEY }}
- name: nightly/download-builds
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
- name: nightly/setup-files-for-aws
run: |
mkdir -p ./aws-s3-dist
cp -r --backup=numbered ./build/{macos-release,win-release,linux}/* ./aws-s3-dist
- name: nightly/upload-to-s3
run: aws s3 cp ./aws-s3-dist/ s3://releases.mattermost.com/desktop/ --acl public-read --cache-control "no-cache" --recursive
- name: nightly/generate-linklist
id: generate-linklist
run: |
mkdir -p ./links
echo "### Nightly builds:" > ./links/linklist.txt
echo "Links for $(date +"%b-%d-%Y")" >> ./links/linklist.txt
echo "##### :tux: Linux" > ./links/linklist.txt
for i in `ls ./build/linux/$(jq -r .version package.json)/` ; do echo "- [$i](https://s3.amazonaws.com/releases.mattermost.com/desktop/$(jq -r .version package.json)/$i)" ; done >> ./links/linklist.txt
echo "##### :apple_logo: macOS" >> ./links/linklist.txt
for i in `ls ./build/macos-release/$(jq -r .version package.json)/` ; do echo "- [$i](https://s3.amazonaws.com/releases.mattermost.com/desktop/$(jq -r .version package.json)/$i)" ; done >> ./links/linklist.txt
echo "##### :windows: Windows" >> ./links/linklist.txt
for i in `ls ./build/win-release/$(jq -r .version package.json)/` ; do echo "- [$i](https://s3.amazonaws.com/releases.mattermost.com/desktop/$(jq -r .version package.json)/$i)" ; done >> ./links/linklist.txt
cat ./links/linklist.txt
echo "linklist=$(<./links/linklist.txt)" >> "$GITHUB_OUTPUT"
share-links-to-channel:
runs-on: ubuntu-22.04
needs:
- upload-to-s3
steps:
- name: nightly/share-links-to-channel
run: |
jq --null-input \
--arg icon_url "https://upload.wikimedia.org/wikipedia/commons/1/17/Luna_symbol.png" \
--arg username "NightBuilder" \
--arg text "${{ needs.upload-to-s3.outputs.links }}" \
'{"username":$username,"icon_url": $icon_url, "text": $text }' > /tmp/webhook-data.json
curl -i -X POST -H "Content-Type: application/json" -d @/tmp/webhook-data.json ${{ secrets.MM_DESKTOP_NIGHTLY_WEBHOOK_URL }} || echo "NOFICATION FAILED! check logs as this will succeed intentionally"

122
.github/workflows/nightly-rainforest.yml vendored Normal file
View File

@@ -0,0 +1,122 @@
name: nightly-rainforest
on:
schedule:
- cron: 0 4 * * 0-5
defaults:
run:
shell: bash
env:
TERM: xterm
MM_DESKTOP_BUILD_DISABLEGPU: true
MM_DESKTOP_BUILD_SKIPONBOARDINGSCREENS: true
jobs:
build-msi-installer:
runs-on: windows-2022
steps:
- name: nightly/checkout-repo
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: nightly/setup-node
uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0
with:
node-version-file: "package.json"
cache: "npm"
cache-dependency-path: package-lock.json
- name: nightly/optimize
shell: powershell
run: ./scripts/Makefile.ps1 optimize
- name: nightly/install-deps
shell: powershell
run: ./scripts/Makefile.ps1 install-deps
- name: nightly/test
uses: ./.github/actions/test
- name: nightly/patch-version
uses: ./.github/actions/patch-nightly-version
- name: nightly/build
shell: powershell
env:
MM_WIN_INSTALLERS: 1
PFX_KEY: ${{ secrets.MM_DESKTOP_MSI_INSTALLER_PFX_KEY }}
CSC_KEY_PASSWORD: ${{ secrets.MM_DESKTOP_MSI_INSTALLER_CSC_KEY_PASSWORD }}
PFX: ${{ secrets.MM_DESKTOP_MSI_INSTALLER_PFX }}
CSC_LINK: ${{ secrets.MM_DESKTOP_MSI_INSTALLER_CSC_LINK }}
run: ./scripts/Makefile.ps1 build
- name: nightly/package
run: |
mkdir -p ./build/win
bash -x ./scripts/patch_updater_yml.sh
bash -x ./scripts/cp_artifacts.sh release ./build/win
- name: nightly/upload-build
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
with:
name: build
path: ./build
retention-days: 5 ## No need to keep them since they are uploaded on S3
build-mac-installer:
runs-on: macos-12
steps:
- name: nightly/checkout-repo
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: nightly/setup-node
uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0
with:
node-version-file: "package.json"
cache: "npm"
cache-dependency-path: package-lock.json
- name: nightly/install-dependencies
run: |
brew install yq rename
npm ci
- name: nightly/test
uses: ./.github/actions/test
- name: nightly/patch-version
uses: ./.github/actions/patch-nightly-version
- name: nightly/build
env:
APPLEID: ${{ secrets.MM_DESKTOP_MAC_INSTALLER_APPLE_ID }}
APPLEIDPASS: ${{ secrets.MM_DESKTOP_MAC_INSTALLER_APPLE_ID_PASS }}
CSC_FOR_PULL_REQUEST: true
CSC_KEY_PASSWORD: ${{ secrets.MM_DESKTOP_MAC_INSTALLER_CSC_KEY_PASSWORD }}
CSC_LINK: ${{ secrets.MM_DESKTOP_MAC_INSTALLER_CSC_LINK }}
run: |
mkdir -p ./build/macos
npm run package:mac-with-universal
bash -x ./scripts/patch_updater_yml.sh
bash -x ./scripts/cp_artifacts.sh release ./build/macos
- name: nightly/rename-arm64-to-m1
run: rename 's/arm64/m1/' ./build/macos-nightly/$(jq -r .version package.json)/*
- name: nightly/upload-build
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
with:
name: build
path: ./build
retention-days: 5 ## No need to keep them since they are uploaded on S3
upload-to-s3-daily:
runs-on: ubuntu-22.04
needs:
- build-mac-installer
- build-msi-installer
steps:
- name: nightly/setup-aws-credentials
uses: aws-actions/configure-aws-credentials@67fbcbb121271f7775d2e7715933280b06314838 # v1.7.0
with:
aws-region: us-east-1
aws-access-key-id: ${{ secrets.MM_DESKTOP_DAILY_AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.MM_DESKTOP_DAILY_AWS_SECRET_ACCESS_KEY }}
- name: nightly/download-builds
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
- name: nightly/install-missing-deps
run: |
sudo apt-get update
sudo apt-get install rename jq -y
- name: nightly/setup-files-for-aws
run: |
rename 's/\d+\.\d+\.\d+\-nightly\.\d+\/mattermost(.+)\d+\.\d+\.\d+\-nightly\.\d+/mattermost$1daily-develop/' ./build/macos/$(jq -r .version package.json)/*
rename 's/\d+\.\d+\.\d+\-nightly\.\d+\/mattermost(.+)\d+\.\d+\.\d+\-nightly\.\d+/mattermost$1daily-develop/' ./build/win/$(jq -r .version package.json)/*
- name: nightly/upload-to-s3
run: aws s3 cp ./build/ s3://mattermost-desktop-daily-builds/ --acl public-read --cache-control "no-cache" --recursive

252
.github/workflows/release.yaml vendored Normal file
View File

@@ -0,0 +1,252 @@
name: release
on:
push:
# only for release and release candidates
# release-XX.YY.ZZ
# release-XX.YY.ZZ-rc-something
branches:
- release-[0-9]+.[0-9]+
- release-[0-9]+.[0-9]+.[0-9]+
- release-[0-9]+.[0-9]+-rc-[0-9]+
- release-[0-9]+.[0-9]+.[0-9]+-rc-[0-9]+
defaults:
run:
shell: bash
env:
TERM: xterm
jobs:
begin-notification:
runs-on: ubuntu-22.04
steps:
- name: release/notify-channel
run: |
jq --null-input \
--arg icon_url "https://mattermost.com/wp-content/uploads/2022/02/icon.png" \
--arg username "MattermostRelease" \
--arg text "[$(jq -r .version package.json)] Release process for the desktop app has started, it should take about 30 minutes to complete." \
'{"username":$username,"icon_url": $icon_url, "text": $text }' > /tmp/webhook-data.json
curl -i -H "Content-Type: application/json" -X POST -d @/tmp/webhook-data.json ${{ secrets.MM_DESKTOP_RELEASE_WEBHOOK_URL }} || echo "NOFICATION FAILED! check logs as this will succeed intentionally"
build-linux:
runs-on: ubuntu-latest-4-cores
needs:
- begin-notification
steps:
- name: release/checkout-repo
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: release/setup-node
uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0
with:
node-version-file: "package.json"
cache: "npm"
cache-dependency-path: package-lock.json
- name: release/install-dependencies
env:
PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: 1
run: |
wget -qO - https://download.opensuse.org/repositories/Emulators:/Wine:/Debian/xUbuntu_18.04/Release.key | sudo apt-key add -
wget -qO /usr/local/bin/yq https://github.com/mikefarah/yq/releases/download/v4.20.1/yq_linux_amd64 && chmod a+x /usr/local/bin/yq
sudo apt-get update || true && sudo apt-get install -y ca-certificates libxtst-dev libpng++-dev gcc-aarch64-linux-gnu g++-aarch64-linux-gnu jq icnsutils graphicsmagick tzdata
npm ci
- name: release/test
uses: ./.github/actions/test
- name: release/build
run: |
mkdir -p ./build/linux
npm run package:linux
bash -x ./scripts/patch_updater_yml.sh
bash -x ./scripts/cp_artifacts.sh release ./build/linux
- name: release/upload-build
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
with:
name: build
path: ./build
retention-days: 14 ## No need to keep CI builds more than 14 days
build-msi-installer:
runs-on: windows-2022
needs:
- begin-notification
steps:
- name: release/checkout-repo
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: release/setup-node
uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0
with:
node-version-file: "package.json"
cache: "npm"
cache-dependency-path: package-lock.json
- name: release/optimize
shell: powershell
run: ./scripts/Makefile.ps1 optimize
- name: release/install-deps
shell: powershell
run: ./scripts/Makefile.ps1 install-deps
- name: release/test
uses: ./.github/actions/test
- name: release/build
shell: powershell
env:
MM_WIN_INSTALLERS: 1
PFX_KEY: ${{ secrets.MM_DESKTOP_MSI_INSTALLER_PFX_KEY }}
CSC_KEY_PASSWORD: ${{ secrets.MM_DESKTOP_MSI_INSTALLER_CSC_KEY_PASSWORD }}
PFX: ${{ secrets.MM_DESKTOP_MSI_INSTALLER_PFX }}
CSC_LINK: ${{ secrets.MM_DESKTOP_MSI_INSTALLER_CSC_LINK }}
run: |
./scripts/Makefile.ps1 build
- name: release/package
run: |
mkdir -p ./build/win-release
bash -x ./scripts/patch_updater_yml.sh
bash -x ./scripts/cp_artifacts.sh release ./build/win-release
- name: release/upload-build
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
with:
name: build
path: ./build
retention-days: 14
build-mac-installer:
runs-on: macos-12
needs:
- mac-app-store-preflight
steps:
- name: release/checkout-repo
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: release/setup-node
uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0
with:
node-version-file: "package.json"
cache: "npm"
cache-dependency-path: package-lock.json
- name: release/create-build-folder
run: mkdir -p ./build
- name: release/install-dependencies
run: |
brew install yq rename
npm ci
- name: release/test
uses: ./.github/actions/test
- name: release/build
env:
APPLEID: ${{ secrets.MM_DESKTOP_MAC_INSTALLER_APPLE_ID }}
APPLEIDPASS: ${{ secrets.MM_DESKTOP_MAC_INSTALLER_APPLE_ID_PASS }}
CSC_FOR_PULL_REQUEST: true
CSC_KEY_PASSWORD: ${{ secrets.MM_DESKTOP_MAC_INSTALLER_CSC_KEY_PASSWORD }}
CSC_LINK: ${{ secrets.MM_DESKTOP_MAC_INSTALLER_CSC_LINK }}
run: |
mkdir -p ./build/macos-release
npm run package:mac-with-universal
bash -x ./scripts/patch_updater_yml.sh
bash -x ./scripts/cp_artifacts.sh release ./build/macos-release
- name: release/rename-arm64-to-m1
run: rename 's/arm64/m1/' ./build/macos-release/$(jq -r .version package.json)/*
- name: release/upload-build
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
with:
name: build
path: ./build
retention-days: 14
mac-app-store-preflight:
runs-on: macos-12
env:
MAS_PROFILE: ${{ secrets.MM_DESKTOP_MAC_APP_STORE_MAS_PROFILE }}
MACOS_API_KEY_ID: ${{ secrets.MM_DESKTOP_MAC_APP_STORE_MACOS_API_KEY_ID }}
MACOS_API_KEY: ${{ secrets.MM_DESKTOP_MAC_APP_STORE_MACOS_API_KEY }}
MACOS_API_ISSUER_ID: ${{ secrets.MM_DESKTOP_MAC_APP_STORE_MACOS_API_ISSUER_ID }}
CSC_FOR_PULL_REQUEST: true
CSC_KEY_PASSWORD: ${{ secrets.MM_DESKTOP_MAC_APP_STORE_CSC_KEY_PASSWORD}}
CSC_LINK: ${{ secrets.MM_DESKTOP_MAC_APP_STORE_CSC_LINK }}
needs:
- begin-notification
steps:
- name: release/checkout-repo
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: release/setup-node
uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0
with:
node-version-file: "package.json"
cache: "npm"
cache-dependency-path: package-lock.json
- name: release/install-dependencies
run: |
brew install yq
npm ci
- name: release/copy-provisioning-profile
run: echo $MAS_PROFILE | base64 -D > ./mas.provisionprofile
- name: release/patch-version-number-for-MAS
run: ./scripts/patch_mas_version.sh
- name: release/test
uses: ./.github/actions/test
- name: release/package
run: npm run package:mas
- name: release/publish
run: fastlane publish_test path:"$(find . -name \*.pkg -print -quit)"
upload-to-s3:
runs-on: ubuntu-22.04
needs:
- build-mac-installer
- build-msi-installer
- build-linux
steps:
- name: release/setup-aws-credentials
uses: aws-actions/configure-aws-credentials@67fbcbb121271f7775d2e7715933280b06314838 # v1.7.0
with:
aws-region: us-east-1
aws-access-key-id: ${{ secrets.MM_DESKTOP_RELEASE_AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.MM_DESKTOP_RELEASE_AWS_SECRET_ACCESS_KEY }}
- name: release/download-builds
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
- name: release/setup-files-for-aws
run: |
mkdir -p ./aws-s3-dist
cp -r --backup=numbered ./build/{macos-release,win-release,linux}/* ./aws-s3-dist
- name: release/upload-to-s3
run: aws s3 cp ./aws-s3-dist/ s3://releases.mattermost.com/desktop/ --acl public-read --cache-control "no-cache" --recursive
github-release:
runs-on: ubuntu-22.04
needs:
- upload-to-s3
steps:
- name: release/download-builds
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
- name: release/setup-files-for-github-release
run: |
mkdir -p ./ghr-dist
find ./build/{macos-release,win-release,linux} -type f -exec cp --backup=numbered -t ./ghr-dist {} +
- name: release/publish-release
run: |
go install github.com/tcnksm/ghr@latest
VERSION=$(jq -r .version package.json)
RELEASE_TITLE="v${VERSION} ($(date -u "+%Y-%m-%d"))"
ghr \
-t ${GITHUB_TOKEN} \
-u ${GITHUB_ACTOR} \
-draft \
--body="$(./scripts/generate_release_markdown.sh $VERSION)" \
--name="${RELEASE_TITLE}" $( [[ $VERSION =~ "-rc" ]] && printf %s "-prerelease") \
-r ${GITHUB_REPOSITORY} \
-c ${GITHUB_SHA} \
-delete \
v${VERSION} ./ghr-dist
end-notification:
runs-on: ubuntu-22.04
needs:
- github-release
steps:
- name: release/notify-channel
run: |
jq --null-input \
--arg icon_url "https://mattermost.com/wp-content/uploads/2022/02/icon.png" \
--arg username "MattermostRelease" \
--arg text "[$(jq -r .version package.json)] Release process for the desktop app ended, the new release can be found on [GitHub](https://github.com/mattermost/desktop/releases)." \
'{"username":$username,"icon_url": $icon_url, "text": $text }' > /tmp/webhook-data.json
curl -i -H "Content-Type: application/json" -X POST -d @/tmp/webhook-data.json ${{ secrets.MM_DESKTOP_RELEASE_WEBHOOK_URL }} || echo "NOFICATION FAILED! check logs as this will succeed intentionally"