Merge remote-tracking branch 'origin/main' into auto-updater #62

Workflow file for this run

.github/workflows/monokle-publish-updater.yml at 82f29da

	name: monokle-sign-notarize-publish-updater

	on:
	push:
	branches:
	- auto-updater

	# Allows you to run this workflow manually from the Actions tab
	workflow_dispatch:

	jobs:
	# This workflow contains a single job called "build"
	build-and-publish-mac:
	runs-on: macos-latest

	steps:
	- name: Delete release
	uses: dev-drprasad/[email protected]
	with:
	delete_release: true
	tag_name: latest-version
	env:
	GITHUB_TOKEN: ${{ secrets.github_token }}

	- name: Context
	env:
	GITHUB_CONTEXT: ${{ toJson(github) }}
	run: echo "$GITHUB_CONTEXT"

	# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it.
	- name: Checkout Project
	uses: actions/checkout@v2

	# Check memory and cpu
	- name: Verify Runner Resources
	run: \|
	sysctl -n machdep.cpu.brand_string
	vm_stat \| perl -ne '/page size of (\d+)/ and $size=$1; /Pages\s+([^:]+)[^\d]+(\d+)/ and printf("%-16s % 16.2f Mi\n", "$1:", $2 * $size / 1048576);'

	- name: Install Tools
	run: \|
	brew install jq

	- name: Add MacOS certs
	run: \|
	ls -la
	chmod +x .github/workflows/scripts/add-osx-cert.sh && .github/workflows/scripts/add-osx-cert.sh
	env:
	CERTIFICATE_OSX_APPLICATION: ${{ secrets.MONOKLE_MACOS_CERTS }}
	CERTIFICATE_PASSWORD: ${{ secrets.MONOKLE_MACOS_CERTS_PASSWORD }}

	- name: Electron mac os security identities
	run: security find-identity -v

	- name: Get Node Version
	run: \|
	cat .nvmrc
	echo "::set-output name=nodeversion::$(cat .nvmrc)"
	id: get-node-version

	- name: Use Node.js ${{ steps.get-node-version.outputs.nodeversion }}
	uses: actions/setup-node@v2
	with:
	node-version: ${{ steps.get-node-version.outputs.nodeversion }}
	cache: 'npm'

	- name: Install Dependencies
	run: \|
	env
	echo "npm: $(npm --version)"
	echo "node: $(node --version)"
	npm install

	- name: Install dmg-license
	run: npm install dmg-license

	# - name: Verify Dependencies
	# run: \|
	# ls -la
	# npm list --depth=1

	- name: Build
	run: \|
	contents="$(jq --arg SENTRY_DSN $SENTRY_DSN '.SENTRY_DSN = $SENTRY_DSN' electron/env.json)" && echo "${contents}" > electron/env.json
	contents="$(jq --arg MONOKLE_INSTALLS_URL $MONOKLE_INSTALLS_URL '.MONOKLE_INSTALLS_URL = $MONOKLE_INSTALLS_URL' electron/env.json)" && echo "${contents}" > electron/env.json
	contents="$(jq --arg SEGMENT_API_KEY $SEGMENT_API_KEY '.SEGMENT_API_KEY = $SEGMENT_API_KEY' electron/env.json)" && echo "${contents}" > electron/env.json
	npm run electron:build:ci
	env:
	# Set CI flag to false, or the build fails on all warnings, not just errors as locally.
	CI: false
	SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
	MONOKLE_INSTALLS_URL: ${{ secrets.MONOKLE_INSTALLS_URL }}
	SEGMENT_API_KEY: ${{ secrets.SEGMENT_API_KEY }}
	SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
	REACT_APP_NEWS_FEED_URL: ${{ secrets.REACT_APP_NEWS_FEED_URL }}

	- name: Package
	run: \|
	contents="$(jq '.build.artifactName = "${productName}-${os}-${arch}.${ext}"' package.json)" && echo "${contents}" > package.json
	contents="$(jq '.build.appImage.artifactName = "${productName}-${os}-${arch}.${ext}"' package.json)" && echo "${contents}" > package.json
	npm exec -c "electron-builder --publish \"never\""
	env:
	GITHUB_TOKEN: ${{ secrets.github_token }}
	EP_PRE_RELEASE: true
	NOTARIZE: true
	CSC_LINK: ${{ secrets.MONOKLE_MACOS_CERTS }}
	CSC_KEY_PASSWORD: ${{ secrets.MONOKLE_MACOS_CERTS_PASSWORD }}
	APPLE_ID: ${{ secrets.APPLE_ID }}
	APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }}
	USE_HARD_LINKS: false

	# Check Binary Size
	- name: Build Succeeded
	run: \|
	ls -alh dist \| grep Monokle && du -sh dist/mac \|\| true
	if: ${{ success() }}

	- name: Create release and upload artifacts
	uses: ncipollo/release-action@v1
	with:
	allowUpdates: true
	artifacts: 'dist/latest-mac.yml,dist/.dmg,dist/.blockmap,dist/*.zip'
	draft: false
	prerelease: true
	omitBody: true
	tag: 'latest-version'
	commit: 'auto-updater'
	token: ${{ secrets.github_token }}

	- name: Archive Binary
	uses: actions/upload-artifact@v2
	with:
	name: dist-mac
	path: dist
	if: ${{ success() }}

	- name: Build Failed - Output Build Logs
	run: \|
	cat /Users/runner/.npm/_logs/*-debug.log \|\| true
	if: ${{ failure() \|\| cancelled() }}

	- name: Build Failed - Archive Build Logs
	uses: actions/upload-artifact@v2
	with:
	name: logs
	path: /Users/runner/.npm/_logs
	if: ${{ failure() \|\| cancelled() }}

	# Make sure no secrets or certs are left on the runner
	- name: Cleanup files after run
	run: \|
	rm -rf *
	ls -la
	if: ${{ always() }}

	build-and-publish-windows:
	runs-on: windows-latest

	steps:
	- name: Delete release and tagname
	uses: dev-drprasad/[email protected]
	with:
	delete_release: true
	tag_name: latest-version
	env:
	GITHUB_TOKEN: ${{ secrets.github_token }}

	- name: Context
	env:
	GITHUB_CONTEXT: ${{ toJson(github) }}
	run: echo "$GITHUB_CONTEXT"

	# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it.
	- name: Checkout Project
	uses: actions/checkout@v2

	- name: Install Tools
	run: \|
	choco install jq dotnet-5.0-runtime dotnetcore-sdk -y
	dotnet tool install --version 3.0.0 --global AzureSignTool

	- name: Get Node Version
	run: \|
	Set-PSDebug -Trace 1
	$filePath = "D:\a\monokle\monokle\.nvmrc"
	Get-Content $filePath -Raw
	$content = Get-Content $filePath -Raw
	echo "::set-output name=nodeversion::$content"
	id: get-node-version

	- name: Use Node.js ${{ steps.get-node-version.outputs.nodeversion }}
	uses: actions/setup-node@v2
	with:
	node-version: ${{ steps.get-node-version.outputs.nodeversion }}
	cache: 'npm'

	# Install Dependencies
	- name: Install Dependencies
	run: \|
	Set-PSDebug -Trace 1
	node --version
	npm --version
	npm install

	# - name: Verify Dependencies
	# run: \|
	# cmd /r dir
	# npm list --depth=1

	- name: Build
	shell: PowerShell
	run: \|
	($contents=jq --arg SENTRY_DSN $env:SENTRY_DSN '.SENTRY_DSN = $SENTRY_DSN' electron\env.json) -and ($contents \| set-content electron\env.json -Encoding Ascii)
	($contents=jq --arg MONOKLE_INSTALLS_URL $env:MONOKLE_INSTALLS_URL '.MONOKLE_INSTALLS_URL = $MONOKLE_INSTALLS_URL' electron\env.json) -and ($contents \| set-content electron\env.json -Encoding Ascii)
	($contents=jq --arg SEGMENT_API_KEY $env:SEGMENT_API_KEY '.SEGMENT_API_KEY = $SEGMENT_API_KEY' electron\env.json) -and ($contents \| set-content electron\env.json -Encoding Ascii)
	npm run electron:build:ci
	env:
	# Set CI flag to false, or the build fails on all warnings, not just errors as locally.
	CI: false
	SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
	MONOKLE_INSTALLS_URL: ${{ secrets.MONOKLE_INSTALLS_URL }}
	SEGMENT_API_KEY: ${{ secrets.SEGMENT_API_KEY }}
	SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
	REACT_APP_NEWS_FEED_URL: ${{ secrets.REACT_APP_NEWS_FEED_URL }}

	- name: Package
	run: \|
	($contents=jq --arg artifactName '${productName}-${os}-${arch}.${ext}' '.build.artifactName = $artifactName' package.json) -and ($contents \| set-content package.json -Encoding Ascii)
	($contents=jq --arg artifactName '${productName}-${os}-${arch}.${ext}' '.build.appImage.artifactName = $artifactName' package.json) -and ($contents \| set-content package.json -Encoding Ascii)
	npm exec -c 'electron-builder --publish "never"'
	env:
	GITHUB_TOKEN: ${{ secrets.github_token }}
	AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }}
	EP_PRE_RELEASE: true
	USE_HARD_LINKS: false

	# Check Binary Size
	- name: Build Succeeded
	run: \|
	cmd /r dir .\dist
	if: ${{ success() }}

	- name: Create release and upload artifacts
	uses: ncipollo/release-action@v1
	with:
	allowUpdates: true
	artifacts: 'dist/latest.yml,dist/.exe,dist/.blockmap'
	draft: false
	prerelease: true
	omitBody: true
	tag: 'latest-version'
	commit: 'auto-updater'
	token: ${{ secrets.github_token }}

	- name: Archive Binary
	uses: actions/upload-artifact@v2
	with:
	name: dist-win
	path: dist
	if: ${{ success() }}

	# This workflow contains a single job called "build"
	build-and-publish-linux:
	runs-on: ubuntu-latest

	steps:
	- name: Delete release
	uses: dev-drprasad/[email protected]
	with:
	delete_release: true
	tag_name: latest-version
	env:
	GITHUB_TOKEN: ${{ secrets.github_token }}

	- name: Context
	env:
	GITHUB_CONTEXT: ${{ toJson(github) }}
	run: echo "$GITHUB_CONTEXT"

	# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it.
	- name: Checkout Project
	uses: actions/checkout@v2

	- name: Get Node Version
	run: \|
	cat .nvmrc
	echo "::set-output name=nodeversion::$(cat .nvmrc)"
	id: get-node-version

	- name: Use Node.js ${{ steps.get-node-version.outputs.nodeversion }}
	uses: actions/setup-node@v2
	with:
	node-version: ${{ steps.get-node-version.outputs.nodeversion }}
	cache: 'npm'

	- name: Install Dependencies
	run: \|
	env
	echo "npm: $(npm --version)"
	echo "node: $(node --version)"
	npm install

	# - name: Verify Dependencies
	# run: \|
	# ls -la
	# npm list --depth=1

	- name: Install Tools
	run: \|
	sudo apt-get install jq

	- name: Build
	run: \|
	contents="$(jq --arg SENTRY_DSN $SENTRY_DSN '.SENTRY_DSN = $SENTRY_DSN' electron/env.json)" && echo "${contents}" > electron/env.json
	contents="$(jq --arg MONOKLE_INSTALLS_URL $MONOKLE_INSTALLS_URL '.MONOKLE_INSTALLS_URL = $MONOKLE_INSTALLS_URL' electron/env.json)" && echo "${contents}" > electron/env.json
	contents="$(jq --arg SEGMENT_API_KEY $SEGMENT_API_KEY '.SEGMENT_API_KEY = $SEGMENT_API_KEY' electron/env.json)" && echo "${contents}" > electron/env.json
	npm run electron:build:ci
	env:
	# Set CI flag to false, or the build fails on all warnings, not just errors as locally.
	CI: false
	SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
	MONOKLE_INSTALLS_URL: ${{ secrets.MONOKLE_INSTALLS_URL }}
	SEGMENT_API_KEY: ${{ secrets.SEGMENT_API_KEY }}
	SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
	REACT_APP_NEWS_FEED_URL: ${{ secrets.REACT_APP_NEWS_FEED_URL }}

	- name: Package
	run: \|
	contents="$(jq '.build.artifactName = "${productName}-${os}-${arch}.${ext}"' package.json)" && echo "${contents}" > package.json
	contents="$(jq '.build.appImage.artifactName = "${productName}-${os}-${arch}.${ext}"' package.json)" && echo "${contents}" > package.json
	npm exec -c "electron-builder --publish \"never\""
	env:
	GITHUB_TOKEN: ${{ secrets.github_token }}
	EP_PRE_RELEASE: true
	USE_HARD_LINKS: false

	# Check Binary Size
	- name: Build Succeeded
	run: \|
	ls -alh dist \| grep Monokle && du -sh dist \|\| true
	if: ${{ success() }}

	- name: Create release and upload artifacts
	uses: ncipollo/release-action@v1
	with:
	allowUpdates: true
	artifacts: 'dist/latest-linux.yml,dist/latest-linux-arm64.yml,dist/.deb,dist/.AppImage,dist/*.rpm'
	draft: false
	prerelease: true
	omitBody: true
	tag: 'latest-version'
	commit: 'auto-updater'
	token: ${{ secrets.github_token }}

	- name: Archive Binary
	uses: actions/upload-artifact@v2
	with:
	name: dist-nix
	path: dist
	if: ${{ success() }}

	- name: Build Failed - Output Build Logs
	run: \|
	cat /Users/runner/.npm/_logs/*-debug.log \|\| true
	if: ${{ failure() \|\| cancelled() }}

	- name: Build Failed - Archive Build Logs
	uses: actions/upload-artifact@v2
	with:
	name: logs
	path: /Users/runner/.npm/_logs
	if: ${{ failure() \|\| cancelled() }}

	# Make sure no secrets or certs are left on the runner
	- name: Cleanup files after run
	run: \|
	rm -rf *
	ls -la
	if: ${{ always() }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Merge remote-tracking branch 'origin/main' into auto-updater #62

Workflow file

Merge remote-tracking branch 'origin/main' into auto-updater #62

Jobs

Run details

Workflow file for this run