ci: Sign Windows binaries using Digicert Keylocker (#2321) #1500
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: macOS | |
| # To debug a job, add the following step: | |
| # - name: Debug with tmate | |
| # uses: mxschmitt/action-tmate@v3 | |
| on: | |
| push: | |
| branches: | |
| - master | |
| pull_request: | |
| paths-ignore: | |
| - '.github/workflows/linux.yaml' | |
| env: | |
| COZY_DESKTOP_DIR: "${{ github.workspace }}/cozy-desktop" | |
| COZY_STACK_STORAGE: "${{ github.workspace }}/storage" | |
| COZY_URL: "http://cozy.localhost:8080" | |
| COZY_PASSPHRASE: "cozy" | |
| GO111MODULE: "on" | |
| NO_BREAKPOINTS: "1" | |
| NODE_ENV: "test" | |
| COZY_DESKTOP_HEARTBEAT: "1000" | |
| DISPLAY: ":99.0" | |
| NODE_VERSION: "18.12.1" | |
| GO_VERSION: "1.19" | |
| COUCHDB_VERSION: "3.2.2" | |
| COUCHDB_USER: "admin" | |
| COUCHDB_PASSWORD: "password" | |
| OS_USERNAME: "${{ secrets.SWIFT_OS_USERNAME }}" | |
| OS_PASSWORD: "${{ secrets.SWIFT_OS_PASSWORD }}" | |
| OS_PROJECT_NAME: "${{ secrets.SWIFT_OS_PROJECT_NAME }}" | |
| OS_REGION_NAME: "GRA" | |
| OS_USER_DOMAIN_NAME: "Default" | |
| OS_PROJECT_DOMAIN_NAME: "Default" | |
| OS_AUTH_URL: "https://auth.cloud.ovh.net/v3" | |
| OS_IDENTITY_API_VERSION: "3" | |
| jobs: | |
| cancel: | |
| name: 'Cancel Previous Runs' | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 3 | |
| steps: | |
| - uses: styfle/cancel-workflow-action@5df4e62aed82ea1f787d2a02ab3dbfcaa49ffdd1 | |
| cleanup: | |
| needs: cancel | |
| name: 'Cleanup Swift' | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 3 | |
| steps: | |
| - run: | | |
| pip install python-swiftclient python-keystoneclient | |
| swift delete -a | |
| unit: | |
| needs: cleanup | |
| runs-on: macos-12 | |
| name: Unit tests | |
| strategy: | |
| matrix: | |
| fs: ['APFS'] | |
| fail-fast: false | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Cache node modules | |
| id: cache-node-modules | |
| uses: actions/cache@v3 | |
| env: | |
| cache-name: cache-node-modules | |
| with: | |
| path: | | |
| ${{ github.workspace }}/node_modules | |
| ~/.cache/electron | |
| ~/.cache/electron-builder | |
| key: ${{ runner.os }}-v${{ env.NODE_VERSION }}-${{ env.cache-name }}-${{ hashFiles('yarn.lock') }} | |
| - name: Setup node | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: ${{ env.NODE_VERSION }} | |
| - name: Setup golang | |
| uses: actions/setup-go@v3 | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| - name: Setup CouchDB | |
| id: setup-couchdb | |
| uses: ./.github/actions/setup-couchdb | |
| with: | |
| couchdb-version: ${{ env.COUCHDB_VERSION }} | |
| couchdb-user: ${{ env.COUCHDB_USER }} | |
| couchdb-password: ${{ env.COUCHDB_PASSWORD }} | |
| - name: Setup cozy-stack | |
| uses: ./.github/actions/setup-cozy-stack | |
| with: | |
| couchdb-url: ${{ steps.setup-couchdb.outputs.couchdb-url }} | |
| - name: Setup local env | |
| env: | |
| COZY_DESKTOP_FS: ${{ matrix.fs }} | |
| run: | | |
| hdiutil create -megabytes 50 -fs "$COZY_DESKTOP_FS" -volname cozy-desktop "$COZY_DESKTOP_DIR" | |
| hdiutil attach "${COZY_DESKTOP_DIR}.dmg" -mountpoint "$COZY_DESKTOP_DIR" | |
| echo "NODE_ENV=test" > "${{ github.workspace }}/.env.test" | |
| - name: Install dependencies | |
| if: ${{ steps.cache-node-modules.outputs.cache-hit != 'true' }} | |
| run: yarn install:all | |
| - name: Start Xvfb | |
| run: sudo Xvfb :99 -ac -screen 0 1024x768x8 & | |
| - name: Unit tests | |
| env: | |
| COZY_DESKTOP_FS: ${{ matrix.fs }} | |
| run: yarn test:unit --forbid-only | |
| integration: | |
| needs: cleanup | |
| runs-on: macos-12 | |
| name: Integration tests | |
| strategy: | |
| matrix: | |
| fs: ['APFS'] | |
| fail-fast: false | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Cache node modules | |
| id: cache-node-modules | |
| uses: actions/cache@v3 | |
| env: | |
| cache-name: cache-node-modules | |
| with: | |
| path: | | |
| ${{ github.workspace }}/node_modules | |
| ~/.cache/electron | |
| ~/.cache/electron-builder | |
| key: ${{ runner.os }}-v${{ env.NODE_VERSION }}-${{ env.cache-name }}-${{ hashFiles('yarn.lock') }} | |
| - name: Setup node | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: ${{ env.NODE_VERSION }} | |
| - name: Setup golang | |
| uses: actions/setup-go@v3 | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| - name: Setup CouchDB | |
| id: setup-couchdb | |
| uses: ./.github/actions/setup-couchdb | |
| with: | |
| couchdb-version: ${{ env.COUCHDB_VERSION }} | |
| couchdb-user: ${{ env.COUCHDB_USER }} | |
| couchdb-password: ${{ env.COUCHDB_PASSWORD }} | |
| - name: Setup cozy-stack | |
| uses: ./.github/actions/setup-cozy-stack | |
| with: | |
| couchdb-url: ${{ steps.setup-couchdb.outputs.couchdb-url }} | |
| - name: Setup local env | |
| env: | |
| COZY_DESKTOP_FS: ${{ matrix.fs }} | |
| run: | | |
| hdiutil create -megabytes 50 -fs "$COZY_DESKTOP_FS" -volname cozy-desktop "$COZY_DESKTOP_DIR" | |
| hdiutil attach "${COZY_DESKTOP_DIR}.dmg" -mountpoint "$COZY_DESKTOP_DIR" | |
| echo "NODE_ENV=test" > "${{ github.workspace }}/.env.test" | |
| - name: Install dependencies | |
| if: ${{ steps.cache-node-modules.outputs.cache-hit != 'true' }} | |
| run: yarn install:all | |
| - name: Start Xvfb | |
| run: sudo Xvfb :99 -ac -screen 0 1024x768x8 & | |
| - name: Integration tests | |
| env: | |
| COZY_DESKTOP_FS: ${{ matrix.fs }} | |
| run: yarn test:integration --forbid-only | |
| scenarios: | |
| needs: cleanup | |
| runs-on: macos-12 | |
| name: Scenarios | |
| strategy: | |
| matrix: | |
| stopped_client: ['', 'STOPPED'] | |
| fs: ['APFS', 'HFS+'] | |
| fail-fast: false | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Cache node modules | |
| id: cache-node-modules | |
| uses: actions/cache@v3 | |
| env: | |
| cache-name: cache-node-modules | |
| with: | |
| path: | | |
| ${{ github.workspace }}/node_modules | |
| ~/.cache/electron | |
| ~/.cache/electron-builder | |
| key: ${{ runner.os }}-v${{ env.NODE_VERSION }}-${{ env.cache-name }}-${{ hashFiles('yarn.lock') }} | |
| - name: Setup node | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: ${{ env.NODE_VERSION }} | |
| - name: Setup golang | |
| uses: actions/setup-go@v3 | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| - name: Setup CouchDB | |
| id: setup-couchdb | |
| uses: ./.github/actions/setup-couchdb | |
| with: | |
| couchdb-version: ${{ env.COUCHDB_VERSION }} | |
| couchdb-user: ${{ env.COUCHDB_USER }} | |
| couchdb-password: ${{ env.COUCHDB_PASSWORD }} | |
| - name: Setup cozy-stack | |
| uses: ./.github/actions/setup-cozy-stack | |
| with: | |
| couchdb-url: ${{ steps.setup-couchdb.outputs.couchdb-url }} | |
| - name: Setup local env | |
| env: | |
| COZY_DESKTOP_FS: ${{ matrix.fs }} | |
| run: | | |
| until hdiutil create -megabytes 100 -fs "$COZY_DESKTOP_FS" -volname cozy-desktop "$COZY_DESKTOP_DIR" | |
| do | |
| sleep 1 | |
| done | |
| until hdiutil attach "${COZY_DESKTOP_DIR}.dmg" -mountpoint "$COZY_DESKTOP_DIR" | |
| do | |
| sleep 1 | |
| done | |
| echo "NODE_ENV=test" > "${{ github.workspace }}/.env.test" | |
| - name: Install dependencies | |
| if: ${{ steps.cache-node-modules.outputs.cache-hit != 'true' }} | |
| run: yarn install:all | |
| - name: Start Xvfb | |
| run: sudo Xvfb :99 -ac -screen 0 1024x768x8 & | |
| - name: Scenarios | |
| env: | |
| STOPPED_CLIENT: ${{ matrix.stopped_client == 'STOPPED' }} | |
| COZY_DESKTOP_FS: ${{ matrix.fs }} | |
| run: yarn test:scenarios --forbid-only | |
| build: | |
| needs: cancel | |
| runs-on: macos-12 | |
| name: Build packages | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Cache node modules | |
| id: cache-node-modules | |
| uses: actions/cache@v3 | |
| env: | |
| cache-name: cache-node-modules | |
| with: | |
| path: | | |
| ${{ github.workspace }}/node_modules | |
| ~/.cache/electron | |
| ~/.cache/electron-builder | |
| key: ${{ runner.os }}-v${{ env.NODE_VERSION }}-${{ env.cache-name }}-${{ hashFiles('yarn.lock') }} | |
| - name: Setup node | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: ${{ env.NODE_VERSION }} | |
| - name: Install dependencies | |
| if: ${{ steps.cache-node-modules.outputs.cache-hit != 'true' }} | |
| run: yarn install:all | |
| - name: Build assets | |
| run: yarn build | |
| - name: Build package | |
| uses: ./.github/actions/build-and-publish | |
| with: | |
| gh-token: "${{ secrets.github_token }}" | |
| mac-cert: "${{ secrets.mac_cert }}" | |
| mac-cert-password: "${{ secrets.mac_cert_password }}" | |
| apple-id: "${{ secrets.apple_id }}" | |
| apple-id-password: "${{ secrets.apple_id_password }}" | |
| - name: Save artifacts | |
| if: ${{ github.event_name == 'pull_request' }} | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: Binaries | |
| path: | | |
| ${{ github.workspace }}/dist/latest-mac.yml | |
| ${{ github.workspace }}/dist/Cozy[- ]Drive[- ]*.dmg | |
| ${{ github.workspace }}/dist/Cozy[- ]Drive[- ]*-mac.zip | |
| retention-days: 5 | |