aaron/mattermost-desktop
1
0
Fork 0
Code Issues Pull requests Actions 2 Packages Projects Releases Wiki Activity
mattermost-desktop/.circleci/config.yml

761 lines
25 KiB
YAML
Raw Blame History

version: 2.1
parameters:
run_nightly:
default: false
type: boolean
orbs:
win: circleci/windows@5.0.0
aws-s3: circleci/aws-s3@2.0.0
owasp: entur/owasp@0.0.10
executors:
check-image:
working_directory: ~/mattermost-desktop
docker:
- image: electronuserland/builder:16-wine-chrome
environment:
TAR_OPTIONS: --no-same-owner
wine-chrome:
working_directory: ~/mattermost-desktop
docker:
- image: electronuserland/builder:16-wine-chrome
environment:
TAR_OPTIONS: --no-same-owner
wine-mono:
working_directory: ~/mattermost-desktop
docker:
- image: electronuserland/builder:16-wine-mono
mac:
working_directory: ~/mattermost-desktop
macos:
xcode: "13.0.0"
aws:
working_directory: ~/mattermost-desktop
docker:
- image: 'circleci/python:2.7'
github:
working_directory: ~/mattermost-desktop
docker:
- image: cimg/go:1.19.2
commands:
notify:
description: "notify on release channel"
parameters:
message:
type: string
default: "This is the default notification message, someone forgot to add info on what to notify!"
username:
type: string
default: "MattermostRelease"
icon:
type: string
default: "https://mattermost.com/wp-content/uploads/2022/02/icon.png"
steps:
- run:
command: |
export VERSION=$(jq -r .version package.json)
echo '{}' | jq "{
\"username\": \"<< parameters.username >>\",
\"icon_url\": \"<< parameters.icon >>\",
\"text\": \"[${VERSION}] << parameters.message >>\"
}" >> /tmp/webhook-data.json
- run:
command: |
curl -i -H "Content-Type: application/json" -X POST -d @/tmp/webhook-data.json $MATTERMOST_RELEASE_WEBHOOK_URL_DESKTOP || echo "NOFICATION FAILED! check logs as this will succeed intentionally"
update_base_image:
description: "Update base image"
parameters:
apt_opts:
type: string
default: ""
steps:
- run: wget -qO - https://download.opensuse.org/repositories/Emulators:/Wine:/Debian/xUbuntu_18.04/Release.key | apt-key add -
- run: apt-get update || true && apt-get install -y ca-certificates libxtst-dev libpng++-dev gcc-aarch64-linux-gnu g++-aarch64-linux-gnu && apt-get update && apt-get -y install << parameters.apt_opts >>
- run: wget -qO /usr/local/bin/yq https://github.com/mikefarah/yq/releases/download/v4.20.1/yq_linux_amd64 && chmod a+x /usr/local/bin/yq
update_image:
description: "Update image"
parameters:
apt_opts:
type: string
default: ""
steps:
- update_base_image:
apt_opts: << parameters.apt_opts >>
- run: PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD=1 npm ci
win_make:
description: "Run mattermost's makefile.ps1 on ./scripts/"
parameters:
operation:
type: string
default: ""
steps:
- run:
command: ./scripts/Makefile.ps1 << parameters.operation >>
name: << parameters.operation >>
shell: powershell
build:
description: "Building << parameters.os >> app"
parameters:
os:
type: string
default: "linux"
path:
type: string
default: "./build/linux"
subpath:
type: string
default: "./linux/"
steps:
- run:
name: npn run
command: npm run package:<< parameters.os >>
no_output_timeout: 60m
- run: bash -x ./scripts/patch_updater_yml.sh
- run: mkdir -p << parameters.path >>
- run: bash -x ./scripts/cp_artifacts.sh release << parameters.path >>
- persist_to_workspace:
root: ./build
paths:
- "./<< parameters.subpath >>/"
save:
description: "Save binaries artifacts"
parameters:
filename:
type: string
steps:
- run:
name: Copying artifacts
command: |
mkdir /tmp/artifacts;
cp release/<<parameters.filename>> /tmp/artifacts;
- store_artifacts:
path: /tmp/artifacts
jobs:
check:
executor: check-image
steps:
- checkout
- update_image:
apt_opts: "--no-install-recommends"
- run: npm run check-types
- run:
name: i18n check
command: |
cp i18n/en.json /tmp/en.json
npm run mmjstool -- i18n extract-desktop --desktop-dir .
diff /tmp/en.json i18n/en.json
rm -rf tmp
- run: ELECTRON_DISABLE_SANDBOX=1 npm run test:unit-ci
- run: mkdir -p /tmp/test-results
- run: cp test-results.xml /tmp/test-results/
- store_test_results:
path: /tmp/test-results
- save_cache:
key: lint-{{ arch }}-{{ .Branch }}-{{ checksum "package-lock.json" }}
paths:
- "node_modules"
build-linux:
executor: wine-mono
steps:
- checkout
- run: mkdir -p ./build
- attach_workspace:
at: ./build
- update_image:
apt_opts: "--no-install-recommends jq icnsutils graphicsmagick tzdata"
- build
- persist_to_workspace:
root: ./build/
paths:
- "./linux/"
- save_cache:
key: npm-{{ arch }}-{{ .Branch }}-{{ checksum "package-lock.json" }}
paths:
- "node_modules"
- "~/.cache/electron"
- "~/.cache/electron-builder"
build-win-no-installer:
executor: win/server-2019
steps:
- checkout
- run: mkdir -p ./build
- attach_workspace:
at: ./build
- run: |
$InstallPath = "C:\Program Files (x86)\Microsoft Visual Studio\2019\Community"
$WorkLoads = '--add Microsoft.VisualStudio.Component.VC.ATL.ARM64'
$Arguments = ('/c', "vs_installer.exe", 'modify', '--installPath', "`"$InstallPath`"", $WorkLoads, '--quiet', '--norestart', '--nocache')
$process = Start-Process -FilePath cmd.exe -ArgumentList $Arguments -Wait -PassThru -WindowStyle Hidden -WorkingDirectory "C:\Program Files (x86)\Microsoft Visual Studio\Installer\"
- run:
name: Install yq
command: choco install yq --version 4.15.1 -y
- run:
name: Install nodejs-lts
command: nvm off; choco install nodejs-lts -y
- run: npm i -g node-gyp; node-gyp install; node-gyp install --devdir="$env:USERPROFILE\.electron-gyp" --target=$(jq -r .devDependencies.electron package.json) --dist-url="https://electronjs.org/headers"
- run: $env:PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD = 1; npm ci
- build:
os: windows
path: ./build/win
subpath: ./win/
- save_cache:
key: npm-{{ arch }}-{{ .Branch }}-{{ checksum "package-lock.json" }}
paths:
- "node_modules"
- "~/.cache/electron"
- "~/.cache/electron-builder"
build-mac-no-dmg:
executor: mac
steps:
- checkout
- run: mkdir -p ./build
- attach_workspace:
at: ./build
- run: brew install yq
- run:
name: Update node to v16
command: nvm install --lts && nvm use --lts
- run: jq '.mac.target=["zip"]' electron-builder.json | jq '.mac.gatekeeperAssess=false' > /tmp/electron-builder.json && cp /tmp/electron-builder.json .
- run: PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD=1 npm ci
- build:
os: mac
path: ./build/macos
subpath: ./macos/
- save_cache:
key: npm-{{ arch }}-{{ .Branch }}-{{ checksum "package-lock.json" }}
paths:
- "node_modules"
- "~/.cache/electron"
- "~/.cache/electron-builder"
msi_installer:
executor: win/server-2019
steps:
- checkout
- run: mkdir -p ./build/
- attach_workspace:
at: ./build
- run: |
$InstallPath = "C:\Program Files (x86)\Microsoft Visual Studio\2019\Community"
$WorkLoads = '--add Microsoft.VisualStudio.Component.VC.ATL.ARM64'
$Arguments = ('/c', "vs_installer.exe", 'modify', '--installPath', "`"$InstallPath`"", $WorkLoads, '--quiet', '--norestart', '--nocache')
$process = Start-Process -FilePath cmd.exe -ArgumentList $Arguments -Wait -PassThru -WindowStyle Hidden -WorkingDirectory "C:\Program Files (x86)\Microsoft Visual Studio\Installer\"
- run:
name: Install yq
command: choco install yq --version 4.15.1 -y
- run:
name: Install nodejs-lts
command: nvm off; choco install nodejs-lts -y
- win_make:
operation: optimize
- win_make:
operation: "install-deps"
- win_make:
operation: "build"
- run: bash -x ./scripts/patch_updater_yml.sh
- run: mkdir -p ./build/win-release
- run: bash -x ./scripts/cp_artifacts.sh release ./build/win-release
- persist_to_workspace:
root: ./build/
paths:
- "./win-release/"
build-windows-pr:
executor: win/server-2019
steps:
- checkout
- run: mkdir -p ./build
- attach_workspace:
at: ./build
- run: |
$InstallPath = "C:\Program Files (x86)\Microsoft Visual Studio\2019\Community"
$WorkLoads = '--add Microsoft.VisualStudio.Component.VC.ATL.ARM64'
$Arguments = ('/c', "vs_installer.exe", 'modify', '--installPath', "`"$InstallPath`"", $WorkLoads, '--quiet', '--norestart', '--nocache')
$process = Start-Process -FilePath cmd.exe -ArgumentList $Arguments -Wait -PassThru -WindowStyle Hidden -WorkingDirectory "C:\Program Files (x86)\Microsoft Visual Studio\Installer\"
- run:
name: Install yq
command: choco install yq --version 4.15.1 -y
- run:
name: Install nodejs-lts
command: nvm off; choco install nodejs-lts -y
- run: npm i -g node-gyp; node-gyp install; node-gyp install --devdir="$env:USERPROFILE\.electron-gyp" --target=$(jq -r .devDependencies.electron package.json) --dist-url="https://electronjs.org/headers"
- run: $env:PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD = 1; npm ci
- build:
os: windows
path: ./build/win
subpath: ./win/
- save_cache:
key: npm-{{ arch }}-{{ .Branch }}-{{ checksum "package-lock.json" }}
paths:
- "node_modules"
- "~/.cache/electron"
- "~/.cache/electron-builder"
- save:
filename: "$(jq -r .version package.json)/*.zip"
build-mac-pr:
executor: mac
steps:
- checkout
- run: mkdir -p ./build
- attach_workspace:
at: ./build
- run: brew install yq
- run:
name: Update node to v16
command: nvm install --lts && nvm use --lts
- run:
name: Installing npm dependencies
command: npm ci
- build:
os: mac
path: ./build/macos-release
subpath: ./macos-release/
- run:
name: Get rename without brew as it might fail
command: curl -L https://github.com/ap/rename/archive/v1.601.tar.gz --output rename.tgz
- run:
name: extract rename
command: tar -xzf rename.tgz
- run:
name: rename arm64 to m1
command: ./rename-1.601/rename 's/arm64/m1/' ./release/$(jq -r .version package.json)/*
- save:
filename: "$(jq -r .version package.json)/*.dmg"
build-linux-pr:
executor: wine-mono
steps:
- checkout
- run: mkdir -p ./build
- attach_workspace:
at: ./build
- update_image:
apt_opts: "--no-install-recommends jq icnsutils graphicsmagick tzdata"
- build
- save_cache:
key: npm-{{ arch }}-{{ .Branch }}-{{ checksum "package-lock.json" }}
paths:
- "node_modules"
- "~/.cache/electron"
- "~/.cache/electron-builder"
- save:
filename: "$(jq -r .version package.json)/*.tar.gz"
mac_installer:
executor: mac
steps:
- checkout
- run: mkdir -p ./build
- attach_workspace:
at: ./build
- run:
name: Update node to v16
command: nvm install --lts && nvm use --lts
- run:
name: Install yq
command: brew install yq
- run:
name: Installing npm dependencies
command: npm ci
- build:
os: mac-with-universal
path: ./build/macos-release
subpath: ./macos-release/
- run:
name: Get rename without brew as it might fail
command: curl -L https://github.com/ap/rename/archive/v1.601.tar.gz --output rename.tgz
- run:
name: extract rename
command: tar -xzf rename.tgz
- run:
name: rename arm64 to m1
command: ./rename-1.601/rename 's/arm64/m1/' ./build/macos-release/$(jq -r .version package.json)/*
- persist_to_workspace:
root: ./build
paths:
- "./macos-release/"
mac_app_store_testflight:
executor: mac
steps:
- checkout
- run: mkdir -p ./build
- attach_workspace:
at: ./build
- run:
name: Update node to v16
command: nvm install --lts && nvm use --lts
- run:
name: Install yq
command: brew install yq
- run:
name: Installing npm dependencies
command: npm ci
- run:
name: Copy provisioning profile
command: echo $MAS_PROFILE | base64 -D > ./mas.provisionprofile
- run:
name: Patch version number for MAS
command: ./scripts/patch_mas_version.sh
- run: npm run package:mas
- run:
name: Don't submit unless it's on a tag or it's the nightly build
command: |
if [ -z `git name-rev --name-only --tags --no-undefined HEAD 2>/dev/null` ]; then
if [ `git rev-parse --abbrev-ref HEAD` != "nightly" ]; then
circleci-agent step halt
fi
fi
- run:
name: 'Upload to App Store Connect'
command: fastlane publish_test path:"$(find . -name \*.pkg -print -quit)"
store_artifacts:
executor: wine-chrome
steps:
- attach_workspace:
at: ./build
- store_artifacts:
path: ./build
destination: packages
- update_base_image:
apt_opts: "jq"
- run:
name: "store url links"
command: |
echo $(pwd)
ls .
curl -H "Circle-Token: $CIRCLE_TOKEN" -H "Accept: application/json" -X GET "https://circleci.com/api/v2/project/github/mattermost/desktop/$CIRCLE_BUILD_NUM/artifacts" | jq -r '.items[].url' >> ./build/artifactlist.txt
grep -v ".yml" ./build/artifactlist.txt | grep -v "\._" > ./templist.txt
echo "##### :tux: Linux" > ./build/linklist.txt
grep "linux" ./templist.txt | awk -F/ '{print "- ["$NF"]("$0")"}' >> ./build/linklist.txt
echo "##### :apple_logo: macOS" >> ./build/linklist.txt
grep "macos" ./templist.txt | awk -F/ '{print "- ["$NF"]("$0")"}' >> ./build/linklist.txt
echo "##### :windows: Windows" >> ./build/linklist.txt
grep "win" ./templist.txt | awk -F/ '{print "- ["$NF"]("$0")"}' >> ./build/linklist.txt
- persist_to_workspace:
root: ./build
paths:
- ./linklist.txt
- ./artifactlist.txt
share_to_channel:
executor: wine-chrome
steps:
- attach_workspace:
at: ./build
- update_base_image:
apt_opts: "jq"
- run: mkdir -p ./links
- run: echo "### Nightly builds:\n" > ./links/linklist.txt
- run:
name: "Get urls for sharing"
command: |
echo "Links for $(date +"%b-%d-%Y")" >> ./links/linklist.txt
cat ./build/linklist.txt >> ./links/linklist.txt
- run:
command: |
linklist=$(<./links/linklist.txt);
echo '{}' | jq "{
\"username\": \"NightBuilder\",
\"icon_url\": \"https://upload.wikimedia.org/wikipedia/commons/1/17/Luna_symbol.png\",
\"text\": \"${linklist}\"
}" >> /tmp/webhook-data.json
- run:
command: |
curl -i -X POST -H "Content-Type: application/json" -d @/tmp/webhook-data.json $MM_TOKEN || echo "NOFICATION FAILED! check logs as this will succeed intentionally"
upload_to_s3:
executor: aws
steps:
- checkout
- attach_workspace:
at: ./build
- run:
name: "Don't upload if it's not on a tag"
command: |
if [ -z `git name-rev --name-only --tags --no-undefined HEAD 2>/dev/null` ]; then
circleci-agent step halt
fi
- run:
name: "Setup files for aws-s3"
command: |
mkdir -p ./aws-s3-dist
cp -r --backup=numbered ./build/{macos-release,win-release,linux}/* ./aws-s3-dist
- aws-s3/copy:
from: ./aws-s3-dist/
to: s3://releases.mattermost.com/desktop/
arguments: --acl public-read --cache-control "no-cache" --recursive
upload_to_s3_daily:
executor: aws
steps:
- checkout
- attach_workspace:
at: ./build
- run:
name: "install renaming utility"
command: |
sudo apt-get install rename
- run:
name: "Normalize folder names"
command: |
mv ./build/macos-release ./build/macos && mv ./build/win-release ./build/win
- run:
name: "Rename to daily for consistency"
command: |
rename 's/\d+\.\d+\.\d+\-nightly\.\d+\/mattermost(.+)\d+\.\d+\.\d+\-nightly\.\d+/mattermost$1daily-develop/' ./build/macos/$(jq -r .version package.json)/*
rename 's/\d+\.\d+\.\d+\-nightly\.\d+\/mattermost(.+)\d+\.\d+\.\d+\-nightly\.\d+/mattermost$1daily-develop/' ./build/linux/$(jq -r .version package.json)/*
rename 's/\d+\.\d+\.\d+\-nightly\.\d+\/mattermost(.+)\d+\.\d+\.\d+\-nightly\.\d+/mattermost$1daily-develop/' ./build/win/$(jq -r .version package.json)/*
- aws-s3/copy:
from: ./build/
to: s3://mattermost-desktop-daily-builds/
arguments: --acl public-read --cache-control "no-cache" --recursive
upload_to_github:
executor: github
steps:
- checkout
- attach_workspace:
at: ./build
- run:
name: "Don't upload if it's not on a tag"
command: |
if [ -z `git name-rev --name-only --tags --no-undefined HEAD 2>/dev/null` ]; then
circleci-agent step halt
fi
- run:
name: "Setup files for ghr"
command: |
mkdir -p ./ghr-dist
find ./build/{macos-release,win-release,linux} -type f -exec cp --backup=numbered -t ./ghr-dist {} +
- run:
name: "Publish Release on GitHub"
command: |
go install github.com/tcnksm/ghr@latest
VERSION=$(jq -r .version package.json)
RELEASE_TITLE="v${VERSION} ($(date -u "+%Y-%m-%d"))"
ghr \
-t ${GITHUB_TOKEN} \
-u ${CIRCLE_PROJECT_USERNAME} \
-draft \
--body="$(./scripts/generate_release_markdown.sh $VERSION)" \
--name="${RELEASE_TITLE}" $( [[ $VERSION =~ "-rc" ]] && printf %s "-prerelease") \
-r ${CIRCLE_PROJECT_REPONAME} \
-c ${CIRCLE_SHA1} \
-delete \
v${VERSION} ./ghr-dist
begin-notification:
executor: wine-chrome
steps:
- checkout
- update_image:
apt_opts: "--no-install-recommends jq"
- notify:
message: "Release process for the desktop app has started, it should take about 30 minutes to complete."
end-notification:
executor: wine-chrome
steps:
- checkout
- update_image:
apt_opts: "--no-install-recommends jq"
- notify:
message: "Release process for the desktop app ended, the new release can be found on [GitHub](https://github.com/mattermost/desktop/releases)."
workflows:
version: 2
build_and_test:
jobs:
- check:
filters:
branches:
ignore:
- /^build-pr-.*/
- nightly
- begin-notification:
context: desktop-notify
filters:
branches:
only:
# only for release and release candidates
# release-XX.YY.ZZ
# release-XX.YY.ZZ-rc-something
- /^release-\d+(\.\d+){1,2}(-rc.*)?/
- build-linux:
requires:
- check
filters:
branches:
ignore:
- /^build-pr-.*/
- nightly
- build-win-no-installer:
requires:
- check
filters:
branches:
ignore:
- /^release-\d+(\.\d+){1,2}(-rc.*)?/
- /^build-pr-.*/
- nightly
- build-mac-no-dmg:
requires:
- check
filters:
branches:
ignore:
- /^release-\d+(\.\d+){1,2}(-rc.*)?/
- /^build-pr-.*/
- nightly
- msi_installer:
requires:
- check
context: windows-codesign
filters:
branches:
only:
# only for release and release candidates
# release-XX.YY.ZZ
# release-XX.YY.ZZ-rc-something
- /^release-\d+(\.\d+){1,2}(-rc.*)?/
- mac_installer:
requires:
- check
context: codesign-certificates
filters:
branches:
only:
- /^release-\d+(\.\d+){1,2}(-rc.*)?/
- mac_app_store_testflight:
requires:
- check
context: desktop-mac-app-store
filters:
branches:
only:
- /^release-\d+(\.\d+){1,2}(-rc.*)?/
- store_artifacts:
# for master/PR builds
requires:
- build-linux
- build-win-no-installer
- build-mac-no-dmg
- mac_installer
filters:
branches:
ignore:
- /^release-\d+(\.\d+){1,2}(-rc.*)?/
- /^build-pr-.*/
- nightly
- upload_to_s3:
# for release builds
requires:
- msi_installer
- mac_installer
- build-linux
context: mattermost-release-s3
filters:
branches:
only:
- /^release-\d+(\.\d+){1,2}(-rc.*)?/
- upload_to_github:
requires:
- upload_to_s3
context: matterbuild-github-token
filters:
branches:
only:
- /^release-\d+(\.\d+){1,2}(-rc.*)?/
- end-notification:
requires:
- upload_to_github
context: desktop-notify
filters:
branches:
only:
# only for release and release candidates
# release-XX.YY.ZZ
# release-XX.YY.ZZ-rc-something
- /^release-\d+(\.\d+){1,2}(-rc.*)?/
build-for-pr:
jobs:
- build-windows-pr:
context: electron-installer
filters:
branches:
only: /^build-pr-.*/
- build-mac-pr:
context: codesign-certificates
filters:
branches:
only: /^build-pr-.*/
- build-linux-pr:
filters:
branches:
only: /^build-pr-.*/
nightly_browser_view:
when: << pipeline.parameters.run_nightly >>
jobs:
- build-linux
- msi_installer:
context: windows-codesign
- mac_installer:
context: codesign-certificates
- mac_app_store_testflight:
context: desktop-mac-app-store
- store_artifacts:
context: desktop_browserview
# for master/PR builds
requires:
- build-linux
- msi_installer
- mac_installer
- upload_to_s3:
context: mattermost-release-s3
requires:
- build-linux
- msi_installer
- mac_installer
- share_to_channel:
context: desktop_browserview
requires:
- store_artifacts
nightly_rainforest:
when: << pipeline.parameters.run_nightly >>
jobs:
- msi_installer:
context:
- windows-codesign
- desktop-rainforest-build
- mac_installer:
context:
- codesign-certificates
- desktop-rainforest-build
- upload_to_s3_daily:
context: mattermost-desktop-daily-s3
requires:
- msi_installer
- mac_installer
Reference in a new issue View git blame Copy permalink