Skip to content

monokle-build-nightly #850

monokle-build-nightly

monokle-build-nightly #850

name: monokle-build-nightly
on:
schedule:
- cron: '0 2 * * *'
workflow_dispatch:
inputs:
ref:
description: 'The SHA to release - avoid tags and branches.'
jobs:
build-nightly-mac:
runs-on: macos-latest
steps:
# Make sure build is clean and no files from a previous run are re-used.
- name: Cleanup files before run
run: |
rm -rf *
rm /Users/runner/.npm/_logs/*.log || true
if: ${{ always() }}
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it.
- name: Checkout Project
uses: actions/checkout@v2
with:
ref: '${{ github.event.inputs.ref }}'
# Check memory and cpu
- name: Verify Runner Resources
run: |
sysctl -n machdep.cpu.brand_string
vm_stat | perl -ne '/page size of (\d+)/ and $size=$1; /Pages\s+([^:]+)[^\d]+(\d+)/ and printf("%-16s % 16.2f Mi\n", "$1:", $2 * $size / 1048576);'
- name: Install Tools
run: |
brew install jq
- name: Add MacOS certs
run: |
ls -la
chmod +x .github/workflows/scripts/add-osx-cert.sh && .github/workflows/scripts/add-osx-cert.sh
env:
CERTIFICATE_OSX_APPLICATION: ${{ secrets.MONOKLE_MACOS_CERTS }}
CERTIFICATE_PASSWORD: ${{ secrets.MONOKLE_MACOS_CERTS_PASSWORD }}
- name: Electron mac os security identities
run: security find-identity -v
- name: Get Node Version
run: |
cat .nvmrc
echo "::set-output name=nodeversion::$(cat .nvmrc)"
id: get-node-version
- name: Use Node.js ${{ steps.get-node-version.outputs.nodeversion }}
uses: actions/setup-node@v2
with:
node-version: ${{ steps.get-node-version.outputs.nodeversion }}
cache: 'npm'
- name: Install Dependencies
run: |
env
echo "npm: $(npm --version)"
echo "node: $(node --version)"
npm install
# - name: Verify Dependencies
# run: |
# ls -la
# npm list --depth=1
- if: github.event.inputs.ref == ''
name: Generate and apply tag
run: |
npm run release:patch -- --prerelease nightly-$(date +%Y-%m-%d) --skip.changelog true --skip.commit true --skip.tag true
git push --tags
env:
GITHUB_TOKEN: ${{ secrets.github_token }}
- if: github.event.inputs.ref != ''
name: Generate and apply tag
run: |
npm run release:patch -- --prerelease prerelease-${{github.event.inputs.ref}} --skip.changelog true --skip.commit true --skip.tag true
git push --tags
env:
GITHUB_TOKEN: ${{ secrets.github_token }}
- name: Build
run: |
contents="$(jq --arg SENTRY_DSN $SENTRY_DSN '.SENTRY_DSN = $SENTRY_DSN' electron/env.json)" && echo "${contents}" > electron/env.json
contents="$(jq --arg MONOKLE_INSTALLS_URL $MONOKLE_INSTALLS_URL '.MONOKLE_INSTALLS_URL = $MONOKLE_INSTALLS_URL' electron/env.json)" && echo "${contents}" > electron/env.json
contents="$(jq --arg SEGMENT_API_KEY $SEGMENT_API_KEY '.SEGMENT_API_KEY = $SEGMENT_API_KEY' electron/env.json)" && echo "${contents}" > electron/env.json
npm run electron:build:ci
env:
# Set CI flag to false, or the build fails on all warnings, not just errors as locally.
CI: false
SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
MONOKLE_INSTALLS_URL: ${{ secrets.MONOKLE_INSTALLS_URL }}
SEGMENT_API_KEY: ${{ secrets.SEGMENT_API_KEY }}
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
REACT_APP_NEWS_FEED_URL: ${{ secrets.REACT_APP_NEWS_FEED_URL }}
- name: Package
id: package
run: |
echo "::set-output name=TAG::v$(cat package.json | jq -r '.version')"
npm exec -c "electron-builder --publish \"never\""
env:
GITHUB_TOKEN: ${{ secrets.github_token }}
EP_PRE_RELEASE: true
NOTARIZE: true
CSC_LINK: ${{ secrets.MONOKLE_MACOS_CERTS }}
CSC_KEY_PASSWORD: ${{ secrets.MONOKLE_MACOS_CERTS_PASSWORD }}
APPLE_ID: ${{ secrets.APPLE_ID }}
APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }}
APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.APPLE_APP_SPECIFIC_PASSWORD }}
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
USE_HARD_LINKS: false
- name: Create release and upload artifacts
uses: ncipollo/release-action@v1
with:
allowUpdates: true
artifacts: 'dist/latest-mac.yml,dist/*.dmg,dist/*.blockmap,dist/*.zip'
draft: false
prerelease: true
omitBody: true
tag: ${{ steps.package.outputs.TAG }}
token: ${{ secrets.github_token }}
# Check Binary Sizes
- name: Build Succeeded
run: |
ls -alh dist | grep Monokle && du -sh dist/mac || true
if: ${{ success() }}
# - name: E2E Test for Electron 🧪
# run: npm run ui-test
# - name: Upload Test Results 🗃
# if: always()
# uses: actions/upload-artifact@v2
# with:
# name: playwright-output
# path: test-output/**
- name: Archive Binary
uses: actions/upload-artifact@v2
with:
name: dist
path: dist
if: ${{ success() }}
- name: Build Failed - Output Build Logs
run: |
cat /Users/runner/.npm/_logs/*-debug.log || true
if: ${{ failure() || cancelled() }}
- name: Build Failed - Archive Build Logs
uses: actions/upload-artifact@v2
with:
name: logs
path: /Users/runner/.npm/_logs
if: ${{ failure() || cancelled() }}
build-nightly-windows:
runs-on: windows-latest
steps:
# Make sure build is clean and no files from a previous run are re-used.
- name: Cleanup files before run
run: |
cmd /r dir
if: ${{ always() }}
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it.
- name: Checkout Project
uses: actions/checkout@v2
with:
ref: '${{ github.event.inputs.ref }}'
- name: Install Tools
run: |
choco install jq dotnet-5.0-runtime dotnetcore-sdk -y
dotnet tool install --version 3.0.0 --global AzureSignTool
- name: Get Node Version
run: |
Set-PSDebug -Trace 1
$filePath = "D:\a\monokle\monokle\.nvmrc"
Get-Content $filePath -Raw
$content = Get-Content $filePath -Raw
echo "::set-output name=nodeversion::$content"
id: get-node-version
- name: Use Node.js ${{ steps.get-node-version.outputs.nodeversion }}
uses: actions/setup-node@v2
with:
node-version: ${{ steps.get-node-version.outputs.nodeversion }}
cache: 'npm'
# Install Dependencies
- name: Install Dependencies
run: |
Set-PSDebug -Trace 1
node --version
npm --version
npm install
# - name: Verify Dependencies
# run: |
# cmd /r dir
# npm list --depth=1
- if: github.event.inputs.ref == ''
name: Generate and apply tag
run: |
Set-PSDebug -Trace 1
$datetoday = Get-Date -Format "yyyy-MM-dd"
npm run release:patch -- --prerelease nightly-$datetoday --skip.changelog true --skip.commit true --skip.tag true
git push --tags
env:
GITHUB_TOKEN: ${{ secrets.github_token }}
- if: github.event.inputs.ref != ''
name: Generate and apply tag
run: |
npm run release:patch -- --prerelease prerelease-${{github.event.inputs.ref}} --skip.changelog true --skip.commit true --skip.tag true
git push --tags
env:
GITHUB_TOKEN: ${{ secrets.github_token }}
- name: Build
shell: PowerShell
run: |
($contents=jq --arg SENTRY_DSN $env:SENTRY_DSN '.SENTRY_DSN = $SENTRY_DSN' electron\env.json) -and ($contents | set-content electron\env.json -Encoding Ascii)
($contents=jq --arg MONOKLE_INSTALLS_URL $env:MONOKLE_INSTALLS_URL '.MONOKLE_INSTALLS_URL = $MONOKLE_INSTALLS_URL' electron\env.json) -and ($contents | set-content electron\env.json -Encoding Ascii)
($contents=jq --arg SEGMENT_API_KEY $env:SEGMENT_API_KEY '.SEGMENT_API_KEY = $SEGMENT_API_KEY' electron\env.json) -and ($contents | set-content electron\env.json -Encoding Ascii)
npm run electron:build:ci
env:
# Set CI flag to false, or the build fails on all warnings, not just errors as locally.
CI: false
SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
MONOKLE_INSTALLS_URL: ${{ secrets.MONOKLE_INSTALLS_URL }}
SEGMENT_API_KEY: ${{ secrets.SEGMENT_API_KEY }}
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
REACT_APP_NEWS_FEED_URL: ${{ secrets.REACT_APP_NEWS_FEED_URL }}
- name: Package
id: package
run: |
$p = get-content package.json | ConvertFrom-Json
echo "::set-output name=TAG::v$($p.version)"
npm exec -c 'electron-builder --publish "never"'
env:
GITHUB_TOKEN: ${{ secrets.github_token }}
AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }}
EP_PRE_RELEASE: true
USE_HARD_LINKS: false
- name: Create release and upload artifacts
uses: ncipollo/release-action@v1
with:
allowUpdates: true
artifacts: 'dist/latest.yml,dist/*.exe,dist/*.blockmap'
draft: false
prerelease: true
omitBody: true
tag: ${{ steps.package.outputs.TAG }}
token: ${{ secrets.github_token }}
# Check Binary Sizes
- name: Build Succeeded
run: |
cmd /r dir .\dist
if: ${{ success() }}
# - name: E2E Test for Electron 🧪
# run: npm run ui-test
# - name: Upload Test Results 🗃
# if: always()
# uses: actions/upload-artifact@v2
# with:
# name: playwright-output
# path: test-output/**
- name: Build Failed - Archive Build Logs
uses: actions/upload-artifact@v2
with:
name: logs
path: .\msilog.txt
if: ${{ failure() || cancelled() }}
# This workflow contains a single job called "build"
build-nightly-linux:
runs-on: ubuntu-latest
steps:
# Make sure build is clean and no files from a previous run are re-used.
- name: Cleanup files before run
run: |
rm -rf *
rm /Users/runner/.npm/_logs/*.log || true
if: ${{ always() }}
- name: Context
env:
GITHUB_CONTEXT: ${{ toJson(github) }}
run: echo "$GITHUB_CONTEXT"
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it.
- name: Checkout Project
uses: actions/checkout@v2
with:
ref: '${{ github.event.inputs.ref }}'
- name: Get Node Version
run: |
cat .nvmrc
echo "::set-output name=nodeversion::$(cat .nvmrc)"
id: get-node-version
- name: Use Node.js ${{ steps.get-node-version.outputs.nodeversion }}
uses: actions/setup-node@v2
with:
node-version: ${{ steps.get-node-version.outputs.nodeversion }}
cache: 'npm'
- name: Install Dependencies
run: |
env
echo "npm: $(npm --version)"
echo "node: $(node --version)"
npm install
# - name: Verify Dependencies
# run: |
# ls -la
# npm list --depth=1
- name: Install Tools
run: |
sudo apt-get install jq
- if: github.event.inputs.ref == ''
name: Generate and apply tag
run: |
npm run release:patch -- --prerelease nightly-$(date +%Y-%m-%d) --skip.changelog true --skip.commit true --skip.tag true
git push --tags
env:
GITHUB_TOKEN: ${{ secrets.github_token }}
- if: github.event.inputs.ref != ''
name: Generate and apply tag
run: |
npm run release:patch -- --prerelease prerelease-${{github.event.inputs.ref}} --skip.changelog true --skip.commit true --skip.tag true
git push --tags
env:
GITHUB_TOKEN: ${{ secrets.github_token }}
- name: Build
run: |
contents="$(jq --arg SENTRY_DSN $SENTRY_DSN '.SENTRY_DSN = $SENTRY_DSN' electron/env.json)" && echo "${contents}" > electron/env.json
contents="$(jq --arg MONOKLE_INSTALLS_URL $MONOKLE_INSTALLS_URL '.MONOKLE_INSTALLS_URL = $MONOKLE_INSTALLS_URL' electron/env.json)" && echo "${contents}" > electron/env.json
contents="$(jq --arg SEGMENT_API_KEY $SEGMENT_API_KEY '.SEGMENT_API_KEY = $SEGMENT_API_KEY' electron/env.json)" && echo "${contents}" > electron/env.json
npm run electron:build:ci
env:
# Set CI flag to false, or the build fails on all warnings, not just errors as locally.
CI: false
SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
MONOKLE_INSTALLS_URL: ${{ secrets.MONOKLE_INSTALLS_URL }}
SEGMENT_API_KEY: ${{ secrets.SEGMENT_API_KEY }}
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
REACT_APP_NEWS_FEED_URL: ${{ secrets.REACT_APP_NEWS_FEED_URL }}
- name: Package
id: package
run: |
echo "::set-output name=TAG::v$(cat package.json | jq -r '.version')"
npm exec -c "electron-builder --publish \"never\""
env:
GITHUB_TOKEN: ${{ secrets.github_token }}
EP_PRE_RELEASE: true
USE_HARD_LINKS: false
- name: Create release and upload artifacts
uses: ncipollo/release-action@v1
with:
allowUpdates: true
artifacts: 'dist/latest-linux.yml,dist/latest-linux-arm64.yml,dist/*.deb,dist/*.AppImage,dist/*.rpm'
draft: false
prerelease: true
omitBody: true
tag: ${{ steps.package.outputs.TAG }}
token: ${{ secrets.github_token }}
# Check Binary Size
- name: Build Succeeded
run: |
ls -alh dist | grep Monokle && du -sh dist || true
if: ${{ success() }}
# todo fix linux tests first and then run them
# - name: E2E Test for Electron 🧪
# run: npm run ui-test
#
# - name: Upload Test Results 🗃
# if: always()
# uses: actions/upload-artifact@v2
# with:
# name: playwright-output
# path: test-output/**
- name: Archive Binary
uses: actions/upload-artifact@v2
with:
name: dist-nix
path: dist
if: ${{ success() }}
- name: Build Failed - Output Build Logs
run: |
cat /Users/runner/.npm/_logs/*-debug.log || true
if: ${{ failure() || cancelled() }}
- name: Build Failed - Archive Build Logs
uses: actions/upload-artifact@v2
with:
name: logs
path: /Users/runner/.npm/_logs
if: ${{ failure() || cancelled() }}
# Make sure no secrets or certs are left on the runner
- name: Cleanup files after run
run: |
rm -rf *
ls -la
if: ${{ always() }}