diff --git a/.github/workflows/android_ci.yml b/.github/workflows/android_ci.yml index 542bda3b7..a4d000e90 100644 --- a/.github/workflows/android_ci.yml +++ b/.github/workflows/android_ci.yml @@ -1,64 +1,61 @@ name: Android Build CI on: push: branches: [master] paths-ignore: - 'landing/**' - 'web/**' - 'docs/**' - 'keyserver/**' - 'desktop/**' jobs: build: runs-on: ubuntu-22.04 steps: - uses: actions/checkout@v3 - name: set up JDK 11 uses: actions/setup-java@v2 with: java-version: '11' distribution: 'adopt' - name: rustup target add aarch64-linux-android arm-linux-androideabi i686-linux-android x86_64-linux-android run: rustup target add aarch64-linux-android arm-linux-androideabi i686-linux-android x86_64-linux-android - name: Delete some stuff to free up disk space run: | sudo rm -rf /usr/share/dotnet sudo rm -rf /opt/ghc sudo rm -rf /usr/local/share/boost - name: Install Protobuf compiler working-directory: ./scripts run: sudo ./install_protobuf.sh - - name: Install Yarn - run: npm install -g yarn - - name: yarn ci-cleaninstall run: yarn ci-cleaninstall - name: Save ANDROID_KEY_STORE_B64 to file env: ANDROID_KEY_STORE_B64: ${{secrets.ANDROID_KEY_STORE_B64}} run: echo "$ANDROID_KEY_STORE_B64" > ANDROID_KEY_STORE_B64.b64 - name: Save ANDROID_KEY_STORE to file run: base64 -d ANDROID_KEY_STORE_B64.b64 > android_key_store.keystore - name: Configure gradle.properties run: | mkdir ~/.gradle touch ~/.gradle/gradle.properties echo "COMM_UPLOAD_STORE_FILE=$(pwd)/android_key_store.keystore" >> ~/.gradle/gradle.properties echo "COMM_UPLOAD_KEY_ALIAS=AndroidSigningKey" >> ~/.gradle/gradle.properties - name: Build with Gradle working-directory: ./native/android env: ANDROID_SIGNING_PASSWORD: ${{secrets.ANDROID_SIGNING_PASSWORD}} run: ./gradlew bundleRelease diff --git a/.github/workflows/android_release.yml b/.github/workflows/android_release.yml index 62b77b688..efc4c42de 100644 --- a/.github/workflows/android_release.yml +++ b/.github/workflows/android_release.yml @@ -1,74 +1,71 @@ name: Android Build/Upload to Play Store Console on: push: tags: - mobile-** jobs: build: runs-on: ubuntu-22.04 steps: - uses: actions/checkout@v3 - name: set up JDK 11 uses: actions/setup-java@v2 with: java-version: '11' distribution: 'adopt' - name: rustup target add aarch64-linux-android arm-linux-androideabi i686-linux-android x86_64-linux-android run: rustup target add aarch64-linux-android arm-linux-androideabi i686-linux-android x86_64-linux-android - name: Delete some stuff to free up disk space run: | sudo rm -rf /usr/share/dotnet sudo rm -rf /opt/ghc sudo rm -rf /usr/local/share/boost - name: Install Protobuf compiler working-directory: ./scripts run: sudo ./install_protobuf.sh - - name: Install Yarn - run: npm install -g yarn - - name: yarn ci-cleaninstall run: yarn ci-cleaninstall - name: Save ALCHEMY_API_KEY to file working-directory: ./native env: ALCHEMY_API_KEY: ${{secrets.ALCHEMY_API_KEY}} run: mkdir -p facts && echo '{"key":"'"$ALCHEMY_API_KEY"'"}' > facts/alchemy.json - name: Save ANDROID_KEY_STORE_B64 to file env: ANDROID_KEY_STORE_B64: ${{secrets.ANDROID_KEY_STORE_B64}} run: echo "$ANDROID_KEY_STORE_B64" > ANDROID_KEY_STORE_B64.b64 - name: Save ANDROID_KEY_STORE to file run: base64 -d ANDROID_KEY_STORE_B64.b64 > android_key_store.keystore - name: Configure gradle.properties run: | mkdir ~/.gradle touch ~/.gradle/gradle.properties echo "COMM_UPLOAD_STORE_FILE=$(pwd)/android_key_store.keystore" >> ~/.gradle/gradle.properties echo "COMM_UPLOAD_KEY_ALIAS=AndroidSigningKey" >> ~/.gradle/gradle.properties - name: Build with Gradle working-directory: ./native/android env: ANDROID_SIGNING_PASSWORD: ${{secrets.ANDROID_SIGNING_PASSWORD}} run: ./gradlew bundleRelease - name: Save PLAY_STORE_PUBLISHING_KEY to file working-directory: ./native/android env: PLAY_STORE_PUBLISHING_KEY: ${{secrets.PLAY_STORE_PUBLISHING_KEY}} run: echo "$PLAY_STORE_PUBLISHING_KEY" > PLAY_STORE_PUBLISHING_KEY.json - name: Upload to Google Play working-directory: ./native/android run: node upload-aab.js diff --git a/.github/workflows/eslint_flow_jest.yml b/.github/workflows/eslint_flow_jest.yml index 5c98139e2..0e628b47e 100644 --- a/.github/workflows/eslint_flow_jest.yml +++ b/.github/workflows/eslint_flow_jest.yml @@ -1,72 +1,69 @@ name: ESLint & Flow & Jest on: push: branches: [master] pull_request: types: [opened, reopened] jobs: build: runs-on: ubuntu-22.04 steps: - uses: actions/checkout@v3 - name: sudo ./install_protobuf.sh working-directory: ./scripts run: sudo ./install_protobuf.sh - - name: npm install -g yarn - run: npm install -g yarn - - name: yarn ci-cleaninstall run: yarn ci-cleaninstall - name: yarn eslint --max-warnings=0 run: yarn eslint --max-warnings=0 - name: '[lib] flow' working-directory: ./lib run: ./node_modules/.bin/flow - name: '[keyserver] flow' working-directory: ./keyserver run: ./node_modules/.bin/flow - name: '[web] flow' working-directory: ./web run: ./node_modules/.bin/flow - name: '[landing] flow' working-directory: ./landing run: ./node_modules/.bin/flow - name: '[native] flow' working-directory: ./native run: ./node_modules/.bin/flow - name: '[desktop] flow' working-directory: ./desktop run: ./node_modules/.bin/flow - name: '[electron-update-server] flow' working-directory: ./services/electron-update-server run: ./node_modules/.bin/flow - name: '[lib] test' working-directory: ./lib env: ALCHEMY_API_KEY: ${{secrets.ALCHEMY_API_KEY}} run: yarn test - name: '[keyserver] test' working-directory: ./keyserver run: yarn test - name: '[web] test' working-directory: ./web run: yarn test - name: '[native] test' working-directory: ./native run: yarn test diff --git a/.github/workflows/ios_ci.yml b/.github/workflows/ios_ci.yml index 3a24155f5..1b02a38aa 100644 --- a/.github/workflows/ios_ci.yml +++ b/.github/workflows/ios_ci.yml @@ -1,68 +1,65 @@ name: iOS Build CI on: push: branches: [master] paths-ignore: - 'landing/**' - 'web/**' - 'docs/**' - 'keyserver/**' - 'desktop/**' jobs: build: name: Build and archive iOS app runs-on: macos-12 steps: - name: Checkout uses: actions/checkout@v3 - name: Install Developer certificate env: BUILD_CERTIFICATE_BASE64: ${{ secrets.BUILD_CERTIFICATE_BASE64 }} P12_PASSWORD: ${{ secrets.P12_PASSWORD }} KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }} run: | # create variables CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12 KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db # import certificate from secrets echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode --output $CERTIFICATE_PATH # create temporary keychain security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH security set-keychain-settings -lut 21600 $KEYCHAIN_PATH security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH # import certificate to keychain security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH security list-keychain -d user -s $KEYCHAIN_PATH - name: brew install protobuf run: brew install protobuf - - name: npm install -g yarn - run: npm install -g yarn - - name: yarn ci-cleaninstall run: yarn ci-cleaninstall - name: Save auth_key to file working-directory: ./native/ios env: AUTH_KEY: ${{secrets.AUTH_KEY}} run: echo "$AUTH_KEY" > AUTH_KEY.p8 - name: Archive working-directory: ./native/ios env: AUTH_KEY_ID: ${{secrets.AUTH_KEY_ID}} AUTH_KEY_ISSUER_ID: ${{secrets.AUTH_KEY_ISSUER_ID}} run: xcodebuild archive -workspace Comm.xcworkspace -scheme Comm -configuration Release -archivePath archives/Comm.xcarchive -destination generic/platform=iOS -allowProvisioningUpdates -authenticationKeyIssuerID "$AUTH_KEY_ISSUER_ID" -authenticationKeyID "$AUTH_KEY_ID" -authenticationKeyPath $PWD/AUTH_KEY.p8 - name: Clean up keychain if: ${{ always() }} run: security delete-keychain $RUNNER_TEMP/app-signing.keychain-db diff --git a/.github/workflows/ios_release.yml b/.github/workflows/ios_release.yml index 6bd8b8ce1..dd62a8f3a 100644 --- a/.github/workflows/ios_release.yml +++ b/.github/workflows/ios_release.yml @@ -1,83 +1,80 @@ name: iOS Build/Archive/Upload to AppStore Connect on: push: tags: - mobile-** jobs: build: name: Build, archive, and upload iOS app runs-on: macos-12 steps: - name: Checkout uses: actions/checkout@v3 - name: Install Developer certificate env: BUILD_CERTIFICATE_BASE64: ${{ secrets.BUILD_CERTIFICATE_BASE64 }} P12_PASSWORD: ${{ secrets.P12_PASSWORD }} KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }} run: | # create variables CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12 KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db # import certificate from secrets echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode --output $CERTIFICATE_PATH # create temporary keychain security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH security set-keychain-settings -lut 21600 $KEYCHAIN_PATH security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH # import certificate to keychain security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH security list-keychain -d user -s $KEYCHAIN_PATH - name: brew install protobuf run: brew install protobuf - - name: npm install -g yarn - run: npm install -g yarn - - name: yarn ci-cleaninstall run: yarn ci-cleaninstall - name: Save ALCHEMY_API_KEY to file working-directory: ./native env: ALCHEMY_API_KEY: ${{secrets.ALCHEMY_API_KEY}} run: mkdir -p facts && echo '{"key":"'"$ALCHEMY_API_KEY"'"}' > facts/alchemy.json - name: Save auth_key to file working-directory: ./native/ios env: AUTH_KEY: ${{secrets.AUTH_KEY}} run: echo "$AUTH_KEY" > AUTH_KEY.p8 - name: Archive working-directory: ./native/ios env: AUTH_KEY_ID: ${{secrets.AUTH_KEY_ID}} AUTH_KEY_ISSUER_ID: ${{secrets.AUTH_KEY_ISSUER_ID}} run: xcodebuild archive -workspace Comm.xcworkspace -scheme Comm -configuration Release -archivePath archives/Comm.xcarchive -destination generic/platform=iOS -allowProvisioningUpdates -authenticationKeyIssuerID "$AUTH_KEY_ISSUER_ID" -authenticationKeyID "$AUTH_KEY_ID" -authenticationKeyPath $PWD/AUTH_KEY.p8 - name: Export IPA working-directory: ./native/ios env: AUTH_KEY_ID: ${{secrets.AUTH_KEY_ID}} AUTH_KEY_ISSUER_ID: ${{secrets.AUTH_KEY_ISSUER_ID}} run: xcodebuild -exportArchive -archivePath archives/Comm.xcarchive -exportOptionsPlist exportOptions.plist -exportPath output -allowProvisioningUpdates -authenticationKeyIssuerID "$AUTH_KEY_ISSUER_ID" -authenticationKeyID "$AUTH_KEY_ID" -authenticationKeyPath $PWD/AUTH_KEY.p8 - name: Upload IPA to TestFlight working-directory: ./native/ios env: APPLE_USER_NAME: ${{secrets.APPLE_USER_NAME}} APPLE_APP_SPECIFIC_PASSWORD: ${{secrets.APPLE_APP_SPECIFIC_PASSWORD}} run: xcrun altool --upload-app --type ios --file output/Comm.ipa --username "$APPLE_USER_NAME" --password "$APPLE_APP_SPECIFIC_PASSWORD" - name: Clean up keychain if: ${{ always() }} run: security delete-keychain $RUNNER_TEMP/app-signing.keychain-db diff --git a/.github/workflows/jsi_codegen.yml b/.github/workflows/jsi_codegen.yml index 9e65cf8fa..94f170415 100644 --- a/.github/workflows/jsi_codegen.yml +++ b/.github/workflows/jsi_codegen.yml @@ -1,27 +1,24 @@ name: JSI Codegen on: push: branches: [master] pull_request: types: [opened, reopened] jobs: build: runs-on: ubuntu-22.04 steps: - uses: actions/checkout@v3 - name: sudo ./install_protobuf.sh working-directory: ./scripts run: sudo ./install_protobuf.sh - - name: npm install -g yarn - run: npm install -g yarn - - name: yarn ci-cleaninstall run: yarn ci-cleaninstall - name: '[native] JSI Codegen' working-directory: ./native run: yarn codegen-jsi && git diff --exit-code diff --git a/.github/workflows/macos_ci.yml b/.github/workflows/macos_ci.yml index dee73ff64..b19e6673a 100644 --- a/.github/workflows/macos_ci.yml +++ b/.github/workflows/macos_ci.yml @@ -1,77 +1,74 @@ name: macOS Build CI on: workflow_call: push: branches: [master] paths-ignore: - 'landing/**' - 'docs/**' - 'keyserver/**' - 'native/**' - 'shared/**' jobs: build: name: Build macOS app runs-on: macos-12 steps: - name: Checkout uses: actions/checkout@v3 - name: Install Developer certificate env: MACOS_BUILD_CERTIFICATE_BASE64: ${{ secrets.MACOS_BUILD_CERTIFICATE_BASE64 }} MACOS_BUILD_P12_PASSWORD: ${{ secrets.MACOS_BUILD_P12_PASSWORD }} MACOS_PROVISIONPROFILE_BASE64: ${{ secrets.MACOS_PROVISIONPROFILE_BASE64 }} KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }} run: | # create variables CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12 KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db PROVISIONPROFILE_PATH=$GITHUB_WORKSPACE/desktop/macOS_App_Provisioning_Profile.provisionprofile # import certificate from secrets echo -n "$MACOS_BUILD_CERTIFICATE_BASE64" | base64 --decode --output $CERTIFICATE_PATH # create temporary keychain security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH security set-keychain-settings -lut 21600 $KEYCHAIN_PATH security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH # import certificate to keychain security import $CERTIFICATE_PATH -P "$MACOS_BUILD_P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH security list-keychain -d user -s $KEYCHAIN_PATH # import provisioning profile from secrets echo -n "$MACOS_PROVISIONPROFILE_BASE64" | base64 --decode --output $PROVISIONPROFILE_PATH - name: sudo ./install_protobuf.sh working-directory: ./scripts run: sudo ./install_protobuf.sh - - name: npm install -g yarn - run: npm install -g yarn - - name: yarn ci-cleaninstall run: yarn ci-cleaninstall - name: Build App env: APPLE_USER_NAME: ${{secrets.APPLE_USER_NAME}} APPLE_APP_SPECIFIC_PASSWORD: ${{secrets.APPLE_APP_SPECIFIC_PASSWORD}} TEAM_ID: ${{secrets.TEAM_ID}} working-directory: './desktop' run: yarn make --arch universal - name: Clean up keychain if: ${{ always() }} run: security delete-keychain $RUNNER_TEMP/app-signing.keychain-db - name: Upload Artifact uses: actions/upload-artifact@v3 with: name: macos-artifacts path: ./desktop/out/make/**/* if-no-files-found: error retention-days: 1 diff --git a/.github/workflows/remove_harbormaster_tags.yml b/.github/workflows/remove_harbormaster_tags.yml index 4a646bcaf..28c50014c 100644 --- a/.github/workflows/remove_harbormaster_tags.yml +++ b/.github/workflows/remove_harbormaster_tags.yml @@ -1,32 +1,29 @@ name: Remove extraneous Harbormaster git tags on: push: branches: [master] jobs: build: runs-on: ubuntu-22.04 steps: - uses: actions/checkout@v3 - name: sudo ./install_protobuf.sh working-directory: ./scripts run: sudo ./install_protobuf.sh - - name: npm install -g yarn - run: npm install -g yarn - - name: yarn ci-cleaninstall run: yarn ci-cleaninstall - name: Generate tag removal script working-directory: ./scripts env: PHABRICATOR_API_TOKEN: ${{secrets.PHABRICATOR_API_TOKEN}} run: node generate-phab-tag-removal-script.js - name: Run tag removal script working-directory: ./scripts run: chmod +x tag_removal_script.sh && ./tag_removal_script.sh diff --git a/.github/workflows/windows_ci.yml b/.github/workflows/windows_ci.yml index 80b25e917..c9b910869 100644 --- a/.github/workflows/windows_ci.yml +++ b/.github/workflows/windows_ci.yml @@ -1,49 +1,46 @@ name: Windows build CI on: workflow_call: push: branches: [master] paths-ignore: - 'landing/**' - 'docs/**' - 'keyserver/**' - 'native/**' - 'shared/**' jobs: build: name: Build Windows app runs-on: windows-2022 steps: - uses: actions/checkout@v3 - - name: Install Yarn - run: npm install -g yarn - - name: yarn ci-cleaninstall run: yarn ci-cleaninstall - name: Save WINDOWS_CERTIFICATE_B64 to file env: WINDOWS_CERTIFICATE_B64: ${{secrets.WINDOWS_CERTIFICATE_B64}} run: echo "$env:WINDOWS_CERTIFICATE_B64" > WINDOWS_CERTIFICATE_B64.b64 - name: Decode Windows certificate run: certutil -decode WINDOWS_CERTIFICATE_B64.b64 windows_certificate.pfx - name: Build App env: WINDOWS_CERTIFICATE: ${{github.workspace}}\windows_certificate.pfx WINDOWS_PASSWORD: ${{secrets.WINDOWS_PASSWORD}} working-directory: './desktop' run: yarn make - name: Upload Artifact uses: actions/upload-artifact@v3 with: name: windows-artifacts path: ./desktop/out/make/**/* if-no-files-found: error retention-days: 1