From 537a399de1f72125a66d3c69316248efdaf053e8 Mon Sep 17 00:00:00 2001 From: Audric Ackermann Date: Mon, 23 Sep 2024 16:36:32 +1000 Subject: [PATCH] chore: simplify CI workflows --- .github/workflows/build-binaries.yml | 60 +++++++++------------------- .github/workflows/pull-request.yml | 46 --------------------- .github/workflows/release.yml | 48 ---------------------- actions/build_no_publish/action.yml | 47 ++++++++++++++++++++++ actions/build_publish/action.yml | 29 ++++++++++++++ 5 files changed, 94 insertions(+), 136 deletions(-) delete mode 100644 .github/workflows/pull-request.yml delete mode 100644 .github/workflows/release.yml create mode 100644 actions/build_no_publish/action.yml create mode 100644 actions/build_publish/action.yml diff --git a/.github/workflows/build-binaries.yml b/.github/workflows/build-binaries.yml index 8c6d58a82a..e994f79dca 100644 --- a/.github/workflows/build-binaries.yml +++ b/.github/workflows/build-binaries.yml @@ -1,5 +1,4 @@ -# This script will build session production binaries anytime a branch is updated -name: Session Build Binaries +name: Session Desktop on: push: @@ -40,45 +39,22 @@ jobs: - name: Setup & Build uses: ./actions/setup_and_build - - name: Enforce yarn.lock has no duplicates - uses: ./actions/deduplicate_fail - - - name: Build windows production binaries - if: runner.os == 'Windows' - run: node_modules\.bin\electron-builder --config.extraMetadata.environment=%SIGNAL_ENV% --publish=never --config.directories.output=release - - - name: Build mac production binaries - if: runner.os == 'macOS' - run: | - source ./build/setup-mac-certificate.sh - $(yarn bin)/electron-builder --config.extraMetadata.environment=$SIGNAL_ENV --config.mac.bundleVersion=${{ github.ref }} --publish=never --config.directories.output=release - env: - MAC_CERTIFICATE: ${{ secrets.MAC_CERTIFICATE }} - MAC_CERTIFICATE_PASSWORD: ${{ secrets.MAC_CERTIFICATE_PASSWORD }} - SIGNING_APPLE_ID: ${{ secrets.SIGNING_APPLE_ID }} - SIGNING_APP_PASSWORD: ${{ secrets.SIGNING_APP_PASSWORD }} - SIGNING_TEAM_ID: ${{ secrets.SIGNING_TEAM_ID }} - - - name: Build linux production binaries + - name: Lint Files + # no need to lint files on all platforms. Just do it once on the quicker one if: runner.os == 'Linux' - run: | - sudo apt-get install -y rpm - yarn build-release + run: yarn lint-full - - name: Remove unpacked files - run: | - ls -d -- */ | xargs -I{} echo "Removing {}" - ls -d -- */ | xargs -I{} rm -rf {} - shell: bash - working-directory: ./release/ - - - name: Remaining files - run: ls . - shell: bash - working-directory: ./release/ - - - name: Upload Production Artifacts - uses: actions/upload-artifact@v4 - with: - name: ${{ runner.os }}-${{ runner.arch }}-production - path: release + - name: Enforce yarn.lock has no duplicates + uses: ./actions/deduplicate_fail + - name: Unit Test + run: yarn test + + - name: Build but do not publish + # we want this to run always, except on "push" to "master" + if: github.event_name != 'push' || github.ref != 'master' + uses: ./actions/build_no_publish + + - name: Build & publish + # we want this to run only when on "push" to "master" + if: github.event_name == 'push' && github.ref == 'master' + uses: ./actions/build_publish diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml deleted file mode 100644 index ca5779a5c5..0000000000 --- a/.github/workflows/pull-request.yml +++ /dev/null @@ -1,46 +0,0 @@ -# This script will run tests anytime a pull request is added -name: Session Test - -on: - pull_request: - branches: - - clearnet - - unstable - - 'release/**' - - 'ci/**' - -concurrency: - group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} - cancel-in-progress: true - -jobs: - build: - runs-on: ${{ matrix.os }} - strategy: - fail-fast: false - matrix: - # We want a mac arm64 build, and according to this https://github.com/actions/runner-images#available-images macos-14 is always arm64 - # macos-14 is disabled for now as we hit our free tier limit for macos builds - os: [windows-2022, ubuntu-20.04, macos-12] - env: - SIGNAL_ENV: production - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - steps: - - run: git config --global core.autocrlf false - - - name: Checkout git repo - uses: actions/checkout@v3 - - - name: Setup & Build - uses: ./actions/setup_and_build - - - name: Lint Files - # no need to lint files on all platforms. Just do it once on the quicker one - if: runner.os == 'Linux' - run: yarn lint-full - - - name: Enforce yarn.lock has no duplicates - uses: ./actions/deduplicate_fail - - - name: Unit Test - run: yarn test diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml deleted file mode 100644 index 4d5cfe22bd..0000000000 --- a/.github/workflows/release.yml +++ /dev/null @@ -1,48 +0,0 @@ -# This script will build binaries and publish a draft on github release page with the the tag v[package-version] -name: Session Draft Release - -on: - push: - branches: - - master - -jobs: - build: - runs-on: ${{ matrix.os }} - strategy: - fail-fast: false - matrix: - os: [windows-2022, ubuntu-20.04, macos-12] - env: - SIGNAL_ENV: production - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - steps: - - run: git config --global core.autocrlf false - - - name: Checkout git repo - uses: actions/checkout@v3 - - - name: Setup & Build - uses: ./actions/setup_and_build - - - name: Build windows production binaries - if: runner.os == 'Windows' - run: node_modules\.bin\electron-builder --config.extraMetadata.environment=%SIGNAL_ENV% --publish=always - - - name: Build mac production binaries - if: runner.os == 'macOS' - run: | - source ./build/setup-mac-certificate.sh - $(yarn bin)/electron-builder --config.extraMetadata.environment=$SIGNAL_ENV --config.mac.bundleVersion=${{ github.ref }} --publish=always - env: - MAC_CERTIFICATE: ${{ secrets.MAC_CERTIFICATE }} - MAC_CERTIFICATE_PASSWORD: ${{ secrets.MAC_CERTIFICATE_PASSWORD }} - SIGNING_APPLE_ID: ${{ secrets.SIGNING_APPLE_ID }} - SIGNING_APP_PASSWORD: ${{ secrets.SIGNING_APP_PASSWORD }} - SIGNING_TEAM_ID: ${{ secrets.SIGNING_TEAM_ID }} - - - name: Build linux production binaries - if: runner.os == 'Linux' - run: | - sudo apt-get install -y rpm - yarn build-release-publish diff --git a/actions/build_no_publish/action.yml b/actions/build_no_publish/action.yml new file mode 100644 index 0000000000..3830059fa6 --- /dev/null +++ b/actions/build_no_publish/action.yml @@ -0,0 +1,47 @@ +name: 'Build Only (no publish)' +description: 'Build only (no publish)' +runs: + using: 'composite' + steps: + - name: Build windows production binaries + shell: bash + if: runner.os == 'Windows' + run: $(yarn bin)/electron-builder --config.extraMetadata.environment=%SIGNAL_ENV% --publish=never --config.directories.output=release + + - name: Build mac production binaries + shell: bash + if: runner.os == 'macOS' + run: | + source ./build/setup-mac-certificate.sh + $(yarn bin)/electron-builder --config.extraMetadata.environment=$SIGNAL_ENV --config.mac.bundleVersion=${{ github.ref }} --publish=never --config.directories.output=release + env: + MAC_CERTIFICATE: ${{ secrets.MAC_CERTIFICATE }} + MAC_CERTIFICATE_PASSWORD: ${{ secrets.MAC_CERTIFICATE_PASSWORD }} + SIGNING_APPLE_ID: ${{ secrets.SIGNING_APPLE_ID }} + SIGNING_APP_PASSWORD: ${{ secrets.SIGNING_APP_PASSWORD }} + SIGNING_TEAM_ID: ${{ secrets.SIGNING_TEAM_ID }} + + - name: Build linux production binaries + shell: bash + if: runner.os == 'Linux' + run: | + sudo apt-get install -y rpm + yarn build-release + + - name: Remove unpacked files + run: | + ls -d -- */ | xargs -I{} echo "Removing {}" + ls -d -- */ | xargs -I{} rm -rf {} + shell: bash + working-directory: ./release/ + + - name: Remaining files + run: ls . + shell: bash + working-directory: ./release/ + + - name: Upload Production Artifacts + uses: actions/upload-artifact@v4 + with: + name: ${{ runner.os }}-${{ runner.arch }}-production + path: release diff --git a/actions/build_publish/action.yml b/actions/build_publish/action.yml new file mode 100644 index 0000000000..607d1bedc4 --- /dev/null +++ b/actions/build_publish/action.yml @@ -0,0 +1,29 @@ +name: 'Build & Publish' +description: 'Build & Publish' +runs: + using: 'composite' + steps: + - name: Build & publish windows production binaries + shell: bash + if: runner.os == 'Windows' && github.ref == 'master' && github.event_name == 'push' + run: $(yarn bin)/electron-builder --config.extraMetadata.environment=%SIGNAL_ENV% --publish=always + + - name: Build & publish mac production binaries + shell: bash + if: runner.os == 'macOS' && github.ref == 'master' && github.event_name == 'push' + run: | + source ./build/setup-mac-certificate.sh + $(yarn bin)/electron-builder --config.extraMetadata.environment=$SIGNAL_ENV --config.mac.bundleVersion=${{ github.ref }} --publish=always + env: + MAC_CERTIFICATE: ${{ secrets.MAC_CERTIFICATE }} + MAC_CERTIFICATE_PASSWORD: ${{ secrets.MAC_CERTIFICATE_PASSWORD }} + SIGNING_APPLE_ID: ${{ secrets.SIGNING_APPLE_ID }} + SIGNING_APP_PASSWORD: ${{ secrets.SIGNING_APP_PASSWORD }} + SIGNING_TEAM_ID: ${{ secrets.SIGNING_TEAM_ID }} + + - name: Build & publish linux production binaries + shell: bash + if: runner.os == 'Linux' && github.ref == 'master' && github.event_name == 'push' + run: | + sudo apt-get install -y rpm + yarn build-release-publish