186 lines
7.6 KiB
YAML
186 lines
7.6 KiB
YAML
# Appimage builds produced by action are broken for now
|
|
name: Build and Release
|
|
|
|
on:
|
|
push:
|
|
tags:
|
|
- "*"
|
|
workflow_dispatch:
|
|
inputs:
|
|
version:
|
|
description: "Release version (e.g., v1.0.0)"
|
|
required: false
|
|
type: string
|
|
build_docker:
|
|
description: "Build Docker"
|
|
required: false
|
|
default: "true"
|
|
type: boolean
|
|
|
|
permissions:
|
|
contents: write
|
|
packages: write
|
|
|
|
jobs:
|
|
build:
|
|
name: Build and Release
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Clone Repo
|
|
uses: https://git.quad4.io/actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
|
with:
|
|
fetch-depth: 0
|
|
|
|
- name: Determine version
|
|
id: version
|
|
run: |
|
|
if [ "${{ github.event_name }}" = "workflow_dispatch" ] && [ -n "${{ github.event.inputs.version }}" ]; then
|
|
echo "version=${{ github.event.inputs.version }}" >> $GITHUB_OUTPUT
|
|
elif [[ "${{ github.ref }}" == refs/tags/* ]]; then
|
|
VERSION="${GITHUB_REF#refs/tags/}"
|
|
if [ -z "${VERSION}" ]; then
|
|
VERSION="${{ github.ref_name }}"
|
|
fi
|
|
if [ "${VERSION}" = "master" ]; then
|
|
echo "Error: Invalid tag name '${VERSION}'. Tag name cannot be a branch name." >&2
|
|
exit 1
|
|
fi
|
|
echo "version=${VERSION}" >> $GITHUB_OUTPUT
|
|
else
|
|
SHORT_SHA=$(git rev-parse --short HEAD)
|
|
echo "version=${SHORT_SHA}" >> $GITHUB_OUTPUT
|
|
fi
|
|
|
|
- name: Install NodeJS
|
|
uses: https://git.quad4.io/actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0
|
|
with:
|
|
node-version: 22
|
|
|
|
- name: Install Python
|
|
uses: https://git.quad4.io/actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0
|
|
with:
|
|
python-version: "3.13"
|
|
|
|
- name: Install Poetry
|
|
run: python -m pip install --upgrade pip poetry>=2.0.0
|
|
|
|
- name: Install pnpm
|
|
uses: https://git.quad4.io/actions/setup-pnpm@41ff72655975bd51cab0327fa583b6e92b6d3061 # v4
|
|
with:
|
|
version: 10.0.0
|
|
|
|
- name: Install system dependencies
|
|
run: |
|
|
sudo apt-get update
|
|
sudo apt-get install -y patchelf libopusfile0 ffmpeg espeak-ng wine nsis zip rpm flatpak flatpak-builder elfutils
|
|
flatpak remote-add --if-not-exists --user flathub https://dl.flathub.org/repo/flathub.flatpakrepo
|
|
|
|
- name: Setup Task
|
|
uses: https://git.quad4.io/actions/setup-task@0ab1b2a65bc55236a3bc64cde78f80e20e8885c2 # v1
|
|
with:
|
|
version: "3.46.3"
|
|
|
|
- name: Install dependencies
|
|
run: task install
|
|
|
|
- name: Build Frontend
|
|
run: task build-frontend
|
|
|
|
- name: Build Python wheel
|
|
run: task wheel
|
|
|
|
- name: Build Electron App (Appimage)
|
|
run: pnpm run dist:linux
|
|
|
|
- name: Build Electron App (RPM)
|
|
continue-on-error: true
|
|
run: task build-rpm
|
|
|
|
- name: Build Electron App (Flatpak)
|
|
continue-on-error: true
|
|
run: task build-flatpak
|
|
|
|
- name: Build Electron App (Windows EXE and NSIS)
|
|
run: pnpm run dist:windows
|
|
|
|
- name: Build Electron App (ZIP)
|
|
run: task build-zip
|
|
|
|
- name: Prepare release assets
|
|
run: |
|
|
mkdir -p release-assets
|
|
# Collect artifacts from dist/
|
|
# Linux artifacts
|
|
find dist -maxdepth 1 -type f \( -name "*-linux*.AppImage" -o -name "*-linux*.deb" -o -name "*-linux*.rpm" -o -name "*-linux*.flatpak" \) -exec cp {} release-assets/ \;
|
|
# Windows artifacts
|
|
find dist -maxdepth 1 -type f \( -name "*-win*.exe" \) -exec cp {} release-assets/ \;
|
|
# ZIP artifacts from Electron Forge
|
|
find out/make -type f -name "*.zip" -exec cp {} release-assets/ \;
|
|
# Python artifacts
|
|
find python-dist -maxdepth 1 -type f -name "*.whl" -exec cp {} release-assets/ \;
|
|
|
|
# Create frontend zip
|
|
(cd meshchatx/public && zip -r ../../release-assets/meshchatx-frontend.zip .)
|
|
|
|
# Generate SBOM (CycloneDX)
|
|
curl -L -o /tmp/trivy.deb https://git.quad4.io/Quad4-Extra/assets/raw/commit/90fdcea1bb71d91df2de6ff2e3897f278413f300/bin/trivy_0.68.2_Linux-64bit.deb
|
|
sudo dpkg -i /tmp/trivy.deb || sudo apt-get install -f -y
|
|
trivy fs --format cyclonedx --include-dev-deps --output release-assets/sbom.cyclonedx.json .
|
|
|
|
# Generate checksums
|
|
cd release-assets
|
|
for file in *; do
|
|
if [ -f "$file" ] && [[ "$file" != *.sha256 ]]; then
|
|
sha256sum "$file" | tee "${file}.sha256"
|
|
fi
|
|
done
|
|
|
|
# Generate release notes (outside release-assets directory)
|
|
cd ..
|
|
echo "## SHA256 Checksums" > release-body.md
|
|
echo "" >> release-body.md
|
|
for file in release-assets/*; do
|
|
if [ -f "$file" ] && [[ "$file" != *.sha256 ]] && [[ "$file" != *release-body.md* ]]; then
|
|
filename=$(basename "$file")
|
|
if [ -f "release-assets/${filename}.sha256" ]; then
|
|
# Extract just the filename and its sha256 (format: <sha256> <filename>)
|
|
echo "\`$(cat "release-assets/${filename}.sha256")\`" >> release-body.md
|
|
fi
|
|
fi
|
|
done
|
|
|
|
- name: Validate version
|
|
run: |
|
|
VERSION="${{ steps.version.outputs.version }}"
|
|
if [ -z "${VERSION}" ]; then
|
|
echo "Error: Version is empty" >&2
|
|
exit 1
|
|
fi
|
|
if [ "${VERSION}" = "master" ]; then
|
|
echo "Error: Invalid version '${VERSION}'. Version cannot be a branch name." >&2
|
|
exit 1
|
|
fi
|
|
echo "Using version: ${VERSION}"
|
|
|
|
- name: Create Release
|
|
if: github.event_name == 'push' || github.event_name == 'workflow_dispatch'
|
|
uses: https://git.quad4.io/actions/gitea-release-action@4875285c0950474efb7ca2df55233c51333eeb74 # v1
|
|
with:
|
|
api_url: ${{ secrets.GITEA_API_URL }}
|
|
gitea_token: ${{ secrets.GITEA_TOKEN }}
|
|
title: ${{ steps.version.outputs.version }}
|
|
tag: ${{ steps.version.outputs.version }}
|
|
files: |
|
|
release-assets/*.AppImage
|
|
release-assets/*.deb
|
|
release-assets/*.rpm
|
|
release-assets/*.flatpak
|
|
release-assets/*.exe
|
|
release-assets/*.whl
|
|
release-assets/*.sha256
|
|
release-assets/*.zip
|
|
release-assets/sbom.cyclonedx.json
|
|
body_path: "release-body.md"
|
|
draft: false
|
|
prerelease: false
|