element-desktop/.github/workflows/build_linux.yaml

# This workflow relies on actions/cache to store the hak dependency artifacts as they take a long time to build
# Due to this extra care must be taken to only ever run all build_* scripts against the same branch to ensure
# the correct cache scoping, and additional care must be taken to not run untrusted actions on the develop branch.
on:
    workflow_call:
        inputs:
            config:
                type: string
                required: true
                description: "The config directory to use"
            version:
                type: string
                required: false
                description: "Version string to override the one in package.json, used for non-release builds"
            sqlcipher:
                type: string
                required: true
                description: "How to link sqlcipher, one of 'system' | 'static'"
jobs:
    build:
        runs-on: ubuntu-latest
        steps:
            - uses: actions/checkout@v3

            - uses: actions/download-artifact@v3
              with:
                  name: webapp

            - name: Cache .hak
              id: cache
              uses: actions/cache@v3
              with:
                  key: ${{ runner.os }}-${{ hashFiles('hakDependencies.json', 'electronVersion') }}
                  path: |
                      ./.hak

            - name: Install Rust
              if: steps.cache.outputs.cache-hit != 'true'
              uses: actions-rs/toolchain@v1
              with:
                  default: true
                  toolchain: stable

            - name: Install libsqlcipher-dev
              if: steps.cache.outputs.cache-hit != 'true' && inputs.sqlcipher == 'system'
              run: sudo apt-get install -y libsqlcipher-dev

            - uses: actions/setup-node@v3
              with:
                  cache: "yarn"

            # Does not need branch matching as only analyses this layer
            - name: Install Deps
              run: "yarn install --pure-lockfile"

            - name: Build Natives
              if: steps.cache.outputs.cache-hit != 'true'
              run: "yarn build:native"
              env:
                  SQLCIPHER_STATIC: ${{ inputs.sqlcipher == 'static' && '1' || '' }}

            - name: "[Nightly] Resolve version"
              id: nightly
              if: inputs.version != ''
              run: |
                  echo "config-args=--nightly '${{ inputs.version }}'" >> $GITHUB_OUTPUT

            - name: Generate debian files and arguments
              id: debian
              run: |
                  if [ -f changelog.Debian ]; then
                      echo "config-args=--deb-changelog changelog.Debian" >> $GITHUB_OUTPUT
                  fi
                  
                  cp "$DIR/control.template" debcontrol
                  VERSION=${INPUT_VERSION:-$(cat package.json | jq -r .version)}
                  echo "Version: $VERSION" >> debcontrol
              env:
                  DIR: ${{ inputs.config }}
                  INPUT_VERSION: ${{ inputs.version }}

            - name: Build App
              run: |
                  scripts/generate-builder-config.ts \
                      ${{ steps.nightly.outputs.config-args }} \
                      ${{ steps.debian.outputs.config-args }} \
                      --deb-custom-control=debcontrol
                  yarn build --publish never -l --config electron-builder.json

            - name: Upload Artifacts
              uses: actions/upload-artifact@v3
              with:
                  name: linux-sqlcipher-${{ inputs.sqlcipher }}
                  path: dist
                  retention-days: 1
Improve build time in CI through caching native modules (#482) * Improve caching of hak native modules * Avoid double-hashing * Skip native installs where cache is hit * Include Electron version in the hash, it affects the ABI * Add missing step IDs * Add comments 2022-12-13 14:12:40 +00:00			`# This workflow relies on actions/cache to store the hak dependency artifacts as they take a long time to build`
			`# Due to this extra care must be taken to only ever run all build_* scripts against the same branch to ensure`
			`# the correct cache scoping, and additional care must be taken to not run untrusted actions on the develop branch.`
Improve CI stability and tidy it up (#451) 2022-11-11 15:15:21 +00:00			`on:`
Format all files with prettier 2022-12-15 11:00:58 +00:00			`workflow_call:`
			`inputs:`
Include changelogs in deb package (#563) * Initial attempt at custom Debian changelogs * Iterate * Quotes... * Iterate * facepalm * Iterate * Remove reundant line * Ifs * Test * Iterate * Iterate * Brackets * inconsistent? * Update build_and_test.yaml * Update build_and_test.yaml 2023-03-07 15:53:53 +00:00			`config:`
			`type: string`
			`required: true`
			`description: "The config directory to use"`
Build & Package signed Linux builds (#527) 2023-02-20 12:09:45 +00:00			`version:`
			`type: string`
			`required: false`
			`description: "Version string to override the one in package.json, used for non-release builds"`
Format all files with prettier 2022-12-15 11:00:58 +00:00			`sqlcipher:`
			`type: string`
			`required: true`
			`description: "How to link sqlcipher, one of 'system' \| 'static'"`
Improve CI stability and tidy it up (#451) 2022-11-11 15:15:21 +00:00			`jobs:`
Format all files with prettier 2022-12-15 11:00:58 +00:00			`build:`
			`runs-on: ubuntu-latest`
			`steps:`
			`- uses: actions/checkout@v3`
Improve CI stability and tidy it up (#451) 2022-11-11 15:15:21 +00:00
Format all files with prettier 2022-12-15 11:00:58 +00:00			`- uses: actions/download-artifact@v3`
			`with:`
			`name: webapp`
Improve CI stability and tidy it up (#451) 2022-11-11 15:15:21 +00:00
Format all files with prettier 2022-12-15 11:00:58 +00:00			`- name: Cache .hak`
			`id: cache`
			`uses: actions/cache@v3`
			`with:`
			`key: ${{ runner.os }}-${{ hashFiles('hakDependencies.json', 'electronVersion') }}`
			`path: \|`
			`./.hak`
Improve CI stability and tidy it up (#451) 2022-11-11 15:15:21 +00:00
Format all files with prettier 2022-12-15 11:00:58 +00:00			`- name: Install Rust`
			`if: steps.cache.outputs.cache-hit != 'true'`
			`uses: actions-rs/toolchain@v1`
			`with:`
Iterate ARM support in CI (#587) 2023-03-23 13:22:29 +00:00			`default: true`
Format all files with prettier 2022-12-15 11:00:58 +00:00			`toolchain: stable`
Improve CI stability and tidy it up (#451) 2022-11-11 15:15:21 +00:00
Format all files with prettier 2022-12-15 11:00:58 +00:00			`- name: Install libsqlcipher-dev`
			`if: steps.cache.outputs.cache-hit != 'true' && inputs.sqlcipher == 'system'`
			`run: sudo apt-get install -y libsqlcipher-dev`
Improve CI stability and tidy it up (#451) 2022-11-11 15:15:21 +00:00
Format all files with prettier 2022-12-15 11:00:58 +00:00			`- uses: actions/setup-node@v3`
			`with:`
			`cache: "yarn"`
Improve CI stability and tidy it up (#451) 2022-11-11 15:15:21 +00:00
Format all files with prettier 2022-12-15 11:00:58 +00:00			`# Does not need branch matching as only analyses this layer`
			`- name: Install Deps`
			`run: "yarn install --pure-lockfile"`
Improve CI stability and tidy it up (#451) 2022-11-11 15:15:21 +00:00
Format all files with prettier 2022-12-15 11:00:58 +00:00			`- name: Build Natives`
			`if: steps.cache.outputs.cache-hit != 'true'`
			`run: "yarn build:native"`
			`env:`
			`SQLCIPHER_STATIC: ${{ inputs.sqlcipher == 'static' && '1' \|\| '' }}`
Improve CI stability and tidy it up (#451) 2022-11-11 15:15:21 +00:00
Build & EV Sign Windows builds (#517 * Add way to provide apple ID and app password to notarise script * Add utility to generate electron-builder.json for release & nightly builds * Run Build & Test on staging too * First attempt at build & deploy for macOS with signing and notarisation * Fix quote mismatch * use correct quotes * add runs-on * Fix inputs.mode usage * remove quotes * chmod +x * Fix artifact paths * Fix deploy condition * Fix deploy condition * Fix artifact path * Iterate * Fix workflow * Fix env * Iterate * Fix missing env * Fix version calculation * Iterate * Fix config not taking effect * Update build_and_deploy.yaml * Fix alignments * delint * Fix alignment * Update build_macos.yaml * Add ability to EV sign using eSigner CKA * Initial work to build & sign Windows nightlies in CI * Format * Format * Fix gha * fix winSign * Fix install command * Add signtool to path * Update build_and_deploy.yaml * Fix quotes * Test * Fix comments * Fix cmd * Try again * arg slashes * Fix exe path * Fix matrix strategy * Use ampersand-call * fwd slash ftw? * ls * * 🌲 * tree dist * prepend path * Specify /fd and /td to modern signtool * /tr not /t for CKA * Test signing * missing comma * 🤦‍♂️ * Fix wrong mv * Lets sign * Fix config gen * Debug * Fix typo * Multiple drives why * Try NVL sandbox creds * Update * Attempt to disable logger * Try again * Iterate * Update build_macos.yaml * Update build_and_deploy.yaml * Update build_macos.yaml * Update build_and_deploy.yaml * Update build_and_deploy.yaml * Try custom build of eSigner CKA * Fix typos * Update build_windows.yaml * Update build_and_deploy.yaml * Update build_windows.yaml * Update build_and_deploy.yaml * Fix symlinking * Fix working-directory incantation * exe * remove debug * Prettier * Vendor check in SSL.com executable * Download CKA from packages.element.io instead * Use demo creds * StrictMode * Switch back to 0207 (unsigned) * Fix call syntax * Revert env inc * Partial rollback * Trace * Trace less * Fix CN being passed wrong * DEBUG * Debug 2 * Fix ConvertFrom-StringData * 0214 * Test * Test * Untested * Revert to 0207 * stash * Try with 20230221 * Restore scripts/electron_winSign.js * Prepare for merge * Update build_windows.yaml * Update build_and_deploy.yaml * Restore .github/workflows/build_and_deploy.yaml * Restore .github/workflows/build_and_deploy.yaml * Fix bad restore 2023-02-22 13:51:19 +00:00			`- name: "[Nightly] Resolve version"`
Build & Package signed Linux builds (#527) 2023-02-20 12:09:45 +00:00			`id: nightly`
			`if: inputs.version != ''`
			`run: \|`
			`echo "config-args=--nightly '${{ inputs.version }}'" >> $GITHUB_OUTPUT`

Include changelogs in deb package (#563) * Initial attempt at custom Debian changelogs * Iterate * Quotes... * Iterate * facepalm * Iterate * Remove reundant line * Ifs * Test * Iterate * Iterate * Brackets * inconsistent? * Update build_and_test.yaml * Update build_and_test.yaml 2023-03-07 15:53:53 +00:00			`- name: Generate debian files and arguments`
			`id: debian`
Build & Package signed Linux builds (#527) 2023-02-20 12:09:45 +00:00			`run: \|`
Include changelogs in deb package (#563) * Initial attempt at custom Debian changelogs * Iterate * Quotes... * Iterate * facepalm * Iterate * Remove reundant line * Ifs * Test * Iterate * Iterate * Brackets * inconsistent? * Update build_and_test.yaml * Update build_and_test.yaml 2023-03-07 15:53:53 +00:00			`if [ -f changelog.Debian ]; then`
			`echo "config-args=--deb-changelog changelog.Debian" >> $GITHUB_OUTPUT`
			`fi`

			`cp "$DIR/control.template" debcontrol`
Build & Package signed Linux builds (#527) 2023-02-20 12:09:45 +00:00			`VERSION=${INPUT_VERSION:-$(cat package.json \| jq -r .version)}`
			`echo "Version: $VERSION" >> debcontrol`
Include changelogs in deb package (#563) * Initial attempt at custom Debian changelogs * Iterate * Quotes... * Iterate * facepalm * Iterate * Remove reundant line * Ifs * Test * Iterate * Iterate * Brackets * inconsistent? * Update build_and_test.yaml * Update build_and_test.yaml 2023-03-07 15:53:53 +00:00			`env:`
			`DIR: ${{ inputs.config }}`
			`INPUT_VERSION: ${{ inputs.version }}`
Build & Package signed Linux builds (#527) 2023-02-20 12:09:45 +00:00
Format all files with prettier 2022-12-15 11:00:58 +00:00			`- name: Build App`
Build & Package signed Linux builds (#527) 2023-02-20 12:09:45 +00:00			`run: \|`
Include changelogs in deb package (#563) * Initial attempt at custom Debian changelogs * Iterate * Quotes... * Iterate * facepalm * Iterate * Remove reundant line * Ifs * Test * Iterate * Iterate * Brackets * inconsistent? * Update build_and_test.yaml * Update build_and_test.yaml 2023-03-07 15:53:53 +00:00			`scripts/generate-builder-config.ts \`
			`${{ steps.nightly.outputs.config-args }} \`
			`${{ steps.debian.outputs.config-args }} \`
			`--deb-custom-control=debcontrol`
Build & Package signed Linux builds (#527) 2023-02-20 12:09:45 +00:00			`yarn build --publish never -l --config electron-builder.json`
Improve CI stability and tidy it up (#451) 2022-11-11 15:15:21 +00:00
Format all files with prettier 2022-12-15 11:00:58 +00:00			`- name: Upload Artifacts`
			`uses: actions/upload-artifact@v3`
			`with:`
Guard reprepro db via concurrency limits (#555) 2023-03-02 16:54:57 +00:00			`name: linux-sqlcipher-${{ inputs.sqlcipher }}`
			`path: dist`
Format all files with prettier 2022-12-15 11:00:58 +00:00			`retention-days: 1`