From 5a353ffaa509bd858b1723306618eca68f2f0c67 Mon Sep 17 00:00:00 2001 From: Akos Kitta Date: Mon, 6 Jul 2020 11:12:07 +0200 Subject: [PATCH] Made the upload and release depend on the build job. - Split up the pipeline to build, publish, and release. - Set a 30 minutes build timeout, to avoid macOS signing issues. - Removed global envs. `env` cannot be accessed for `if` in jobs. Signed-off-by: Akos Kitta --- .github/workflows/build.yml | 88 +++++++++++++++++++++++++------------ electron/packager/index.js | 6 +++ 2 files changed, 67 insertions(+), 27 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 6437fe41..2d87b152 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -12,11 +12,8 @@ on: schedule: - cron: '0 3 * * *' # run every day at 3AM (https://docs.github.com/en/actions/reference/events-that-trigger-workflows#scheduled-events-schedule) -env: - IS_NIGHTLY: ${{ github.event_name == 'schedule' || github.head_ref == 'gh-actions' }} # TODO: remove OR once PR is merged. - IS_RELEASE: ${{ startsWith(github.ref, 'refs/tags/v') }} - jobs: + build: strategy: matrix: @@ -24,9 +21,8 @@ jobs: - os: windows-2016 - os: ubuntu-latest - os: turin-macmini # self-hosted macOS - runs-on: ${{ matrix.config.os }} - + timeout-minutes: 30 steps: - name: Checkout uses: actions/checkout@v2 @@ -42,48 +38,86 @@ jobs: with: python-version: '2.7' - - name: Build - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - PUPPETEER_SKIP_CHROMIUM_DOWNLOAD: true - run: yarn - - - name: Test - run: yarn test + - name: Update Keychain [macOS] + if: runner.OS == 'macOS' + run: | + echo "${{ secrets.KEYCHAIN }}" | base64 --decode > ~/Library/Keychains/apple-developer.keychain-db + security list-keychains -s ~/Library/Keychains/apple-developer.keychain-db + security unlock-keychain -p "${{ secrets.KEYCHAIN_PASSWORD }}" ~/Library/Keychains/apple-developer.keychain-db - name: Package shell: bash env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} # https://github.com/Microsoft/vscode/issues/28434#issuecomment-346199674 PUPPETEER_SKIP_CHROMIUM_DOWNLOAD: true + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} AC_USERNAME: ${{ secrets.AC_USERNAME }} AC_PASSWORD: ${{ secrets.AC_PASSWORD }} AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + IS_NIGHTLY: ${{ github.event_name == 'schedule' }} + IS_RELEASE: ${{ startsWith(github.ref, 'refs/tags/v') }} run: | - if [ "$RUNNER_OS" == "macOS" ]; then - echo ">>> Detected macOS runner. Updating keychain for the app signing..." - echo "${{ secrets.KEYCHAIN }}" | base64 --decode > ~/Library/Keychains/apple-developer.keychain-db - security list-keychains -s ~/Library/Keychains/apple-developer.keychain-db - security unlock-keychain -p "${{ secrets.KEYCHAIN_PASSWORD }}" ~/Library/Keychains/apple-developer.keychain-db - echo "<<< The keychain has been successfully updated." - fi yarn --cwd ./electron/packager/ yarn --cwd ./electron/packager/ package - name: Upload [GitHub Actions] uses: actions/upload-artifact@v2 with: - name: ${{ runner.os }} + name: build-artifacts path: electron/build/dist/build-artifacts/ - - name: Upload [S3] - if: env.IS_NIGHTLY == 'true' + publish: + needs: build + if: github.event_name == 'schedule' + runs-on: ubuntu-latest + steps: + - name: Download [GitHub Actions] + uses: actions/download-artifact@v2 + with: + name: build-artifacts + path: build-artifacts + + - name: Publish Nightly [S3] uses: kittaakos/upload-s3-action@v0.0.1 with: aws_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws_bucket: ${{ secrets.DOWNLOADS_BUCKET }} - source_dir: electron/build/dist/build-artifacts/ + source_dir: build-artifacts/ destination_dir: arduino-pro-ide/nightly/ + + release: + needs: build + if: startsWith(github.ref, 'refs/tags/v') + runs-on: ubuntu-latest + steps: + - name: Download [GitHub Actions] + uses: actions/download-artifact@v2 + with: + name: build-artifacts + path: build-artifacts + + - name: Create Release [GitHub] + uses: actions/create-release@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + tag_name: ${{ github.ref }} + release_name: ${{ github.ref }} + + - name: Publish Release [GitHub] + uses: svenstaro/upload-release-action@v1-release + with: + repo_token: ${{ secrets.GITHUB_TOKEN }} + file: build-artifacts/* + tag: ${{ github.ref }} + file_glob: true + + - name: Publish Release [S3] + uses: kittaakos/upload-s3-action@v0.0.1 + with: + aws_key_id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws_bucket: ${{ secrets.DOWNLOADS_BUCKET }} + source_dir: build-artifacts/ + destination_dir: arduino-pro-ide/ diff --git a/electron/packager/index.js b/electron/packager/index.js index ae7af5e4..5d2e6c90 100644 --- a/electron/packager/index.js +++ b/electron/packager/index.js @@ -102,6 +102,12 @@ // Rebuild the extension with the copied `yarn.lock`. It is a must to use the same Theia versions. | //-------------------------------------------------------------------------------------------------+ exec(`yarn --network-timeout 1000000 --cwd ${path('..', workingCopy)}`, `Building the ${productName} application`); + + //-------------------------------------------------------------------------------------------------------------------------+ + // Test the application. With this approach, we cannot publish test results to GH Actions but save 6-10 minutes per builds | + //-------------------------------------------------------------------------------------------------------------------------+ + exec(`yarn --network-timeout 1000000 --cwd ${path('..', workingCopy)} test`, `Testing the ${productName} application`); + // Collect all unused dependencies by the backend. We have to remove them from the electron app. // The `bundle.js` already contains everything we need for the frontend. // We have to do it before changing the dependencies to `local-path`.