Automated npm version v0.1.2 (#88) #3
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| push: | |
| tags: | |
| - v* | |
| workflow_dispatch: {} | |
| permissions: | |
| contents: write | |
| id-token: write | |
| jobs: | |
| make-draft-release: | |
| name: make draft release | |
| permissions: write-all | |
| runs-on: ubuntu-20.04 | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Check if package version matches | |
| run: test "${GITHUB_REF_NAME}" = "v$(jq -r .version freelens/package.json)" | |
| - name: Create draft release | |
| run: | | |
| gh release create ${GITHUB_REF_NAME} \ | |
| --draft \ | |
| --title "Release ${GITHUB_REF_NAME}" | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| build-app: | |
| name: build app | |
| needs: | |
| - make-draft-release | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - os: ubuntu-20.04 | |
| arch: arm64 | |
| - os: ubuntu-20.04 | |
| arch: x64 | |
| - os: macos-14 | |
| arch: arm64 | |
| - os: macos-14 | |
| arch: x64 | |
| - os: windows-2022 | |
| arch: x64 | |
| runs-on: ${{ matrix.os }} | |
| environment: signing | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup node | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version-file: .nvmrc | |
| - name: Get NPM cache directory | |
| shell: bash | |
| run: echo "npm_cache_dir=$(npm config get cache)" >> ${GITHUB_ENV} | |
| - name: Use npm cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: ${{ env.npm_cache_dir }} | |
| key: ${{ matrix.os }}-${{ matrix.arch }}-node-${{ hashFiles('**/package-lock.json') }} | |
| restore-keys: | | |
| ${{ matrix.os }}-${{ matrix.arch }}-node- | |
| - name: Install dependencies (Linux) | |
| if: runner.os == 'Linux' | |
| uses: nick-fields/retry@v3 | |
| with: | |
| timeout_minutes: 20 | |
| max_attempts: 3 | |
| retry_on: any | |
| command: | | |
| sudo apt-get install -y --no-install-recommends \ | |
| gcc-aarch64-linux-gnu g++-aarch64-linux-gnu | |
| - name: Install dependencies (macOS) | |
| if: runner.os == 'macOS' | |
| uses: nick-fields/retry@v3 | |
| with: | |
| timeout_minutes: 20 | |
| max_attempts: 3 | |
| retry_on: any | |
| command: brew install bash python-setuptools | |
| - name: Install NPM dependencies | |
| uses: nick-fields/retry@v3 | |
| with: | |
| timeout_minutes: 20 | |
| max_attempts: 3 | |
| retry_on: any | |
| command: npm ci | |
| - name: Rebuild for arch (Linux arm64) | |
| if: runner.os == 'Linux' && matrix.arch == 'arm64' | |
| run: npm run rebuild -- -- -a arm64 | |
| env: | |
| CC: aarch64-linux-gnu-gcc | |
| CXX: aarch64-linux-gnu-g++ | |
| - name: Monkey patch FPM arguments for RPM (Linux arm64) | |
| if: runner.os == 'Linux' && matrix.arch == 'arm64' | |
| run: | | |
| sed -i 's/\? "aarch64" : "arm64"/|| targetName === "rpm" &/' node_modules/builder-util/out/arch.js | |
| - name: Rebuild for arch (macOS x64) | |
| if: runner.os == 'macOS' && matrix.arch == 'x64' | |
| run: npm run rebuild -- -- -a x64 | |
| - name: Build NPM packages (macOS x64, Linux arm64) | |
| if: runner.os == 'macOS' && matrix.arch == 'x64' || runner.os == 'Linux' && matrix.arch == 'arm64' | |
| run: npm run build | |
| env: | |
| DOWNLOAD_ALL_ARCHITECTURES: "true" | |
| - name: Build NPM packages (macOS arm64, Linux x64, Windows) | |
| if: runner.os == 'macOS' && matrix.arch == 'arm64' || runner.os == 'Linux' && matrix.arch == 'x64' || runner.os == 'Windows' | |
| run: npm run build | |
| - name: Build Electron app (macOS) | |
| if: runner.os == 'macOS' | |
| run: | | |
| for var in APPLEID APPLEIDPASS APPLETEAMID CSC_LINK CSC_KEY_PASSWORD CSC_INSTALLER_LINK CSC_INSTALLER_KEY_PASSWORD; do | |
| test -n "${!var}" || unset $var | |
| done | |
| npm run build:app -- -- -- \ | |
| dmg pkg \ | |
| --publish never \ | |
| --${{ matrix.arch }} | |
| env: | |
| APPLEID: ${{ secrets.APPLEID }} | |
| APPLEIDPASS: ${{ secrets.APPLEIDPASS }} | |
| APPLETEAMID: ${{ secrets.APPLETEAMID }} | |
| CSC_LINK: ${{ secrets.CSC_LINK }} | |
| CSC_KEY_PASSWORD: ${{ secrets.CSC_KEY_PASSWORD }} | |
| CSC_INSTALLER_LINK: ${{ secrets.CSC_INSTALLER_LINK }} | |
| CSC_INSTALLER_KEY_PASSWORD: ${{ secrets.CSC_INSTALLER_KEY_PASSWORD }} | |
| - name: Notarize PKG (macOS) | |
| if: runner.os == 'macOS' | |
| run: | | |
| if [[ -n $APPLEID && -n $APPLEIDPASS && -n $APPLETEAMID ]]; then | |
| pkgname=$(ls -1 freelens/dist/Freelens*.pkg | head -n1) | |
| auth="--apple-id $APPLEID --password $APPLEIDPASS --team-id $APPLETEAMID" | |
| xcrun notarytool submit $pkgname $auth --wait 2>&1 | tee freelens/dist/notarytool.log | |
| uuid=$(awk '/id: / { print $2; exit; }' freelens/dist/notarytool.log) | |
| sleep 15 | |
| if [[ -n $uuid ]]; then | |
| xcrun notarytool log $uuid $auth | |
| xcrun stapler staple $pkgname | |
| fi | |
| fi | |
| env: | |
| APPLEID: ${{ secrets.APPLEID }} | |
| APPLEIDPASS: ${{ secrets.APPLEIDPASS }} | |
| APPLETEAMID: ${{ secrets.APPLETEAMID }} | |
| - name: Build Electron app (Linux) | |
| if: runner.os == 'Linux' | |
| run: | | |
| npm run build:app -- -- -- \ | |
| AppImage deb rpm \ | |
| --publish never \ | |
| --${{ matrix.arch }} | |
| - name: Build Electron app (Windows x64) | |
| if: runner.os == 'Windows' && matrix.arch == 'x64' | |
| shell: bash | |
| run: | | |
| for var in CSC_LINK CSC_KEY_PASSWORD; do | |
| test -n "${!var}" || unset $var | |
| done | |
| npm run build:app -- -- -- \ | |
| msi nsis \ | |
| --publish never \ | |
| --${{ matrix.arch }} | |
| env: | |
| CSC_LINK: ${{ secrets.WIN_CSC_LINK }} | |
| CSC_KEY_PASSWORD: ${{ secrets.WIN_CSC_KEY_PASSWORD }} | |
| - name: Tweak binaries | |
| shell: bash | |
| run: | | |
| find . -name '*pty.node' -print0 | xargs -0 file | |
| rm -f freelens/dist/*.blockmap | |
| - name: Normalize filenames before upload | |
| shell: bash | |
| run: | | |
| perl << 'END' | |
| chdir "freelens/dist" or die $!; | |
| my %arch = (x64 => "amd64", arm64 => "arm64"); | |
| my $arch = $arch{$ENV{ARCH}}; | |
| while (<Freelens*>) { | |
| my $src = $_; | |
| s/ Setup /-/; | |
| s/[ _]/-/g; | |
| if (/\.(dmg|exe|msi|pkg)$/ && !/-(amd64|arm64)\./) { | |
| s/\.(dmg|exe|msi|pkg)$/-$arch.$1/; | |
| } | |
| s/[.-](aarch64|arm64)/-arm64/; | |
| s/[.-](amd64|x86-64)/-amd64/; | |
| s/-(amd64|arm64).(dmg|pkg)$/-macos-$1.$2/; | |
| s/-(amd64|arm64).(AppImage|deb|flatpak|rpm|snap)$/-linux-$1.$2/; | |
| s/-(amd64|arm64).(exe|msi|)$/-windows-$1.$2/; | |
| my $dst = $_; | |
| if ($src ne $dst) { | |
| print "rename $src to $dst\n"; | |
| rename $src, $dst or die $!; | |
| } | |
| } | |
| END | |
| env: | |
| ARCH: ${{ matrix.arch }} | |
| - name: Make checksums for binaries (Linux, Windows) | |
| if: runner.os == 'Linux' || runner.os == 'Windows' | |
| shell: bash | |
| run: | | |
| for f in freelens/dist/Freelens*.*; do | |
| sha256sum "$f" | tee "$f.sha256" | |
| done | |
| - name: Make checksums for binaries (macOS) | |
| if: runner.os == 'macOS' | |
| shell: bash | |
| run: | | |
| for f in freelens/dist/Freelens*.*; do | |
| shasum -a 256 "$f" | tee "$f.sha256" | |
| done | |
| - name: List files before upload | |
| shell: bash | |
| run: | | |
| for f in freelens/dist/Freelens*.*; do | |
| echo "$(ls -l "$f")" "|" "$(file -b "$f")" | |
| done | |
| - name: Upload files | |
| shell: bash | |
| run: | | |
| gh release upload ${GITHUB_REF_NAME} freelens/dist/Freelens*.* | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| publish-github-release: | |
| name: publish GitHub release | |
| needs: | |
| - make-draft-release | |
| - build-app | |
| runs-on: ubuntu-20.04 | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Publish GitHub release | |
| run: gh release edit ${GITHUB_REF_NAME} --draft=false | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| publish-npm-release: | |
| name: publish NPM release | |
| needs: | |
| - make-draft-release | |
| - build-app | |
| - publish-github-release | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - os: ubuntu-20.04 | |
| arch: x64 | |
| runs-on: ${{ matrix.os }} | |
| environment: publish | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup node | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version-file: .nvmrc | |
| registry-url: https://registry.npmjs.org | |
| - name: Get NPM cache directory | |
| shell: bash | |
| run: echo "npm_cache_dir=$(npm config get cache)" >> ${GITHUB_ENV} | |
| - name: Use NPM cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: ${{ env.npm_cache_dir }} | |
| key: ${{ matrix.os }}-${{ matrix.arch }}-node-${{ hashFiles('**/package-lock.json') }} | |
| restore-keys: | | |
| ${{ matrix.os }}-${{ matrix.arch }}-node- | |
| - name: Install NPM dependencies | |
| uses: nick-fields/retry@v3 | |
| with: | |
| timeout_minutes: 20 | |
| max_attempts: 3 | |
| retry_on: any | |
| command: npm ci | |
| - name: Build | |
| run: npm run build | |
| - name: Reset Git working directory | |
| run: git reset --hard | |
| - name: Publish NPM packages | |
| uses: nick-fields/retry@v3 | |
| with: | |
| timeout_minutes: 20 | |
| max_attempts: 3 | |
| retry_on: any | |
| command: | | |
| case "${GITHUB_REF_NAME}" in | |
| *-*) dist_tag=next;; | |
| *) dist_tag=latest;; | |
| esac | |
| npx lerna \ | |
| publish from-package \ | |
| --no-push \ | |
| --no-git-tag-version \ | |
| --yes \ | |
| --dist-tag ${dist_tag} | |
| env: | |
| NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} |