name: CI on: push: branches: - development pull_request: workflow_call: inputs: repository: default: desktop/desktop required: false type: string ref: required: true type: string upload-artifacts: default: false required: false type: boolean environment: type: string required: true secrets: DESKTOP_OAUTH_CLIENT_ID: DESKTOP_OAUTH_CLIENT_SECRET: APPLE_ID: APPLE_ID_PASSWORD: APPLE_APPLICATION_CERT: APPLE_APPLICATION_CERT_PASSWORD: WINDOWS_CERT_PFX: WINDOWS_CERT_PASSWORD: jobs: lint: name: Lint runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 with: repository: ${{ inputs.repository || github.repository }} ref: ${{ inputs.ref }} submodules: recursive - uses: actions/setup-node@v3 with: node-version: 16.17.1 cache: yarn - run: yarn - run: yarn validate-electron-version - run: yarn lint - run: yarn validate-changelog - name: Ensure a clean working directory run: git diff --name-status --exit-code build: name: ${{ matrix.friendlyName }} ${{ matrix.arch }} runs-on: ${{ matrix.os }} permissions: contents: read strategy: fail-fast: false matrix: node: [18.16.1] os: [macos-13-xl-arm64, windows-2019] arch: [x64, arm64] include: - os: macos-13-xl-arm64 friendlyName: macOS - os: windows-2019 friendlyName: Windows timeout-minutes: 60 env: RELEASE_CHANNEL: ${{ inputs.environment }} steps: - uses: actions/checkout@v4 with: repository: ${{ inputs.repository || github.repository }} ref: ${{ inputs.ref }} submodules: recursive - name: Use Node.js ${{ matrix.node }} uses: actions/setup-node@v3 with: node-version: ${{ matrix.node }} cache: yarn # This step can be removed as soon as official Windows arm64 builds are published: # https://github.com/nodejs/build/issues/2450#issuecomment-705853342 - name: Get NodeJS node-gyp lib for Windows arm64 if: ${{ matrix.os == 'windows-2019' && matrix.arch == 'arm64' }} run: .\script\download-nodejs-win-arm64.ps1 ${{ matrix.node }} - name: Install and build dependencies run: yarn env: npm_config_arch: ${{ matrix.arch }} TARGET_ARCH: ${{ matrix.arch }} - name: Build production app run: yarn build:prod env: DESKTOP_OAUTH_CLIENT_ID: ${{ secrets.DESKTOP_OAUTH_CLIENT_ID }} DESKTOP_OAUTH_CLIENT_SECRET: ${{ secrets.DESKTOP_OAUTH_CLIENT_SECRET }} APPLE_ID: ${{ secrets.APPLE_ID }} APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} APPLE_APPLICATION_CERT: ${{ secrets.APPLE_APPLICATION_CERT }} KEY_PASSWORD: ${{ secrets.APPLE_APPLICATION_CERT_PASSWORD }} npm_config_arch: ${{ matrix.arch }} TARGET_ARCH: ${{ matrix.arch }} - name: Prepare testing environment if: matrix.arch == 'x64' run: yarn test:setup env: npm_config_arch: ${{ matrix.arch }} - name: Run unit tests if: matrix.arch == 'x64' run: yarn test:unit - name: Run script tests if: matrix.arch == 'x64' run: yarn test:script - name: Install Windows code signing certificate if: ${{ runner.os == 'Windows' }} shell: bash env: CERT_CONTENTS: ${{ secrets.WINDOWS_CERT_PFX }} run: base64 -d <<<"$CERT_CONTENTS" > ./script/windows-certificate.pfx - name: Package production app run: yarn package env: npm_config_arch: ${{ matrix.arch }} WINDOWS_CERT_PASSWORD: ${{ secrets.WINDOWS_CERT_PASSWORD }} - name: Upload artifacts uses: actions/upload-artifact@v3 if: ${{ inputs.upload-artifacts }} with: name: ${{matrix.friendlyName}}-${{matrix.arch}} path: | dist/GitHub Desktop-${{matrix.arch}}.zip dist/GitHubDesktop-*.nupkg dist/GitHubDesktopSetup-${{matrix.arch}}.exe dist/GitHubDesktopSetup-${{matrix.arch}}.msi dist/bundle-size.json if-no-files-found: error