Signal/Desktop
1
0
Fork 0
mirror of https://github.com/signalapp/Signal-Desktop.git synced 2025-12-25 12:47:39 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
1c247b36ea56c19b1bd49e217491ca3bdcb2cbef
Desktop/.github/workflows/ci.yml
Fedor Indutny e3474f468f Add min OS version check to CI
2025-09-25 12:26:46 -07:00

500 lines
16 KiB
YAML
Raw Blame History

# Copyright 2020 Signal Messenger, LLC
# SPDX-License-Identifier: AGPL-3.0-only
name: CI
on:
push:
branches:
- development
- main
- '[0-9]+.[0-9]+.x'
pull_request:
jobs:
lint:
runs-on: ubuntu-22.04-8-cores
timeout-minutes: 30
steps:
- run: lsb_release -a
- run: uname -a
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- name: Setup pnpm
uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # v4
- name: Setup node.js
uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4
with:
node-version-file: '.nvmrc'
cache: 'pnpm'
cache-dependency-path: 'pnpm-lock.yaml'
- name: Cache .electron-gyp
uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4
with:
path: ~/.electron-gyp
key: electron-gyp-${{ runner.os }}-${{ hashFiles('pnpm-lock.yaml') }}
# - name: Setup sccache
# uses: mozilla-actions/sccache-action@054db53350805f83040bf3e6e9b8cf5a139aa7c9 # v0.0.7
# - name: Restore sccache
# uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4
# with:
# path: ${{ env.SCCACHE_PATH }}
# key: sccache-${{ runner.os }}-${{ hashFiles('pnpm-lock.yaml', 'patches/**') }}
- name: Restore cached .eslintcache and tsconfig.tsbuildinfo
uses: actions/cache/restore@d4323d4df104b026a6aa633fdb11d772146be0bf # v4
id: cache-lint
with:
path: |
.eslintcache
tsconfig.tsbuildinfo
key: lint-${{ runner.os }}-${{ hashFiles('pnpm-lock.yaml', 'patches/**', '.eslintrc.js', '.eslint/**', 'tsconfig.json') }}
- name: Install Desktop node_modules
run: pnpm install
env:
# CC: sccache gcc
# CXX: sccache g++
# SCCACHE_GHA_ENABLED: "true"
NPM_CONFIG_LOGLEVEL: verbose
- run: pnpm run generate
- run: pnpm run lint
- run: pnpm run lint-deps
- run: pnpm run lint-license-comments
- name: Check acknowledgments file is up to date
run: pnpm run build:acknowledgments
env:
REQUIRE_SIGNAL_LIB_FILES: 1
- run: git diff --exit-code
- name: Update cached .eslintcache and tsconfig.tsbuildinfo
uses: actions/cache/save@d4323d4df104b026a6aa633fdb11d772146be0bf # v4
if: github.ref == 'refs/heads/main'
with:
path: |
.eslintcache
tsconfig.tsbuildinfo
key: ${{ steps.cache-lint.outputs.cache-primary-key }}
macos:
needs: lint
runs-on: macos-latest
if: github.ref == 'refs/heads/main'
timeout-minutes: 30
steps:
- run: uname -a
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- name: Setup pnpm
uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # v4
- name: Setup node.js
uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4
with:
node-version-file: '.nvmrc'
cache: 'pnpm'
cache-dependency-path: 'pnpm-lock.yaml'
- name: Cache .electron-gyp
uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4
with:
path: ~/.electron-gyp
key: electron-gyp-${{ runner.os }}-${{ hashFiles('pnpm-lock.yaml') }}
# - name: Setup sccache
# uses: mozilla-actions/sccache-action@054db53350805f83040bf3e6e9b8cf5a139aa7c9 # v0.0.7
# - name: Restore sccache
# uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4
# with:
# path: ${{ env.SCCACHE_PATH }}
# key: sccache-${{ runner.os }}-${{ hashFiles('pnpm-lock.yaml', 'patches/**') }}
- name: Install Desktop node_modules
run: pnpm install
env:
# CC: sccache clang
# CXX: sccache clang++
# SCCACHE_GHA_ENABLED: "true"
NPM_CONFIG_LOGLEVEL: verbose
- run: pnpm run generate
- run: pnpm run prepare-beta-build
- run: pnpm run test-node
- run: pnpm run test-electron
env:
ARTIFACTS_DIR: artifacts/macos
WORKER_COUNT: 4
timeout-minutes: 5
- run: touch noop.sh && chmod +x noop.sh
- run: pnpm run build
env:
# CC: sccache clang
# CXX: sccache clang++
# SCCACHE_GHA_ENABLED: "true"
DISABLE_INSPECT_FUSE: on
SIGN_MACOS_SCRIPT: noop.sh
ARTIFACTS_DIR: artifacts/macos
- name: Upload installer size
if: ${{ github.repository == 'signalapp/Signal-Desktop-Private' && github.ref == 'refs/heads/main' }}
run: |
node ts/scripts/dd-installer-size.js macos-arm64
node ts/scripts/dd-installer-size.js macos-x64
node ts/scripts/dd-installer-size.js macos-universal
env:
DD_API_KEY: ${{ secrets.DATADOG_API_KEY }}
- run: pnpm run test-release
env:
NODE_ENV: production
- name: Upload artifacts on failure
if: failure()
uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4
with:
path: artifacts
linux:
needs: lint
runs-on: ubuntu-22.04-8-cores
timeout-minutes: 30
steps:
- run: lsb_release -a
- run: uname -a
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- name: Setup pnpm
uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # v4
- name: Setup node.js
uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4
with:
node-version-file: '.nvmrc'
cache: 'pnpm'
cache-dependency-path: 'pnpm-lock.yaml'
- name: Cache .electron-gyp
uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4
with:
path: ~/.electron-gyp
key: electron-gyp-${{ runner.os }}-${{ hashFiles('pnpm-lock.yaml') }}
- name: Install xvfb and libpulse0
run: sudo apt-get install xvfb libpulse0 || (sudo apt-get update && sudo apt-get install xvfb libpulse0)
# - name: Setup sccache
# uses: mozilla-actions/sccache-action@054db53350805f83040bf3e6e9b8cf5a139aa7c9 # v0.0.7
# - name: Restore sccache
# uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4
# with:
# path: ${{ env.SCCACHE_PATH }}
# key: sccache-${{ runner.os }}-${{ hashFiles('pnpm-lock.yaml', 'patches/**') }}
- name: Install Desktop node_modules
run: pnpm install
env:
# CC: sccache gcc
# CXX: sccache g++
# SCCACHE_GHA_ENABLED: "true"
NPM_CONFIG_LOGLEVEL: verbose
- run: pnpm run generate
- run: pnpm run prepare-beta-build
- name: Create bundle
run: pnpm run build:esbuild:prod
- name: Create preload cache
run: xvfb-run --auto-servernum pnpm run build:preload-cache
env:
ARTIFACTS_DIR: artifacts/linux
- name: Build with packaging .deb file
run: pnpm run build:release --publish=never
if: github.ref == 'refs/heads/main'
env:
# CC: sccache gcc
# CXX: sccache g++
# SCCACHE_GHA_ENABLED: "true"
DISABLE_INSPECT_FUSE: on
- name: Build without packaging .deb file
run: pnpm run build:release --linux dir
if: github.ref != 'refs/heads/main'
env:
# CC: sccache gcc
# CXX: sccache g++
# SCCACHE_GHA_ENABLED: "true"
DISABLE_INSPECT_FUSE: on
- name: Upload installer size
if: ${{ github.repository == 'signalapp/Signal-Desktop-Private' && github.ref == 'refs/heads/main' }}
run: node ts/scripts/dd-installer-size.js linux
env:
DD_API_KEY: ${{ secrets.DATADOG_API_KEY }}
- run: xvfb-run --auto-servernum pnpm run test-node
- name: Clone backup integration tests
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
repository: 'signalapp/Signal-Message-Backup-Tests'
ref: '279370b21fd089956a581c3b027489594135998a'
path: 'backup-integration-tests'
- run: xvfb-run --auto-servernum pnpm run test-electron
timeout-minutes: 5
env:
ARTIFACTS_DIR: artifacts/linux
LANG: en_US
LANGUAGE: en_US
BACKUP_INTEGRATION_DIR: 'backup-integration-tests/test-cases'
WORKER_COUNT: 8
- run: xvfb-run --auto-servernum pnpm run test-release
env:
NODE_ENV: production
- name: Upload artifacts on failure
if: failure()
uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4
with:
path: artifacts
windows:
needs: lint
runs-on: windows-latest-8-cores
timeout-minutes: 30
steps:
- run: systeminfo
- run: git config --global core.autocrlf false
- run: git config --global core.eol lf
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- name: Setup pnpm
uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # v4
- name: Setup node.js
uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4
with:
node-version-file: '.nvmrc'
cache: 'pnpm'
cache-dependency-path: 'pnpm-lock.yaml'
- name: Install Desktop node_modules
run: pnpm install
env:
NPM_CONFIG_LOGLEVEL: verbose
- run: pnpm run generate
- run: pnpm run test-node
- run: copy package.json temp.json
- run: del package.json
- run: type temp.json | findstr /v certificateSubjectName | findstr /v certificateSha1 > package.json
- run: pnpm run prepare-beta-build
- name: Create bundle
run: pnpm run build:esbuild:prod
- name: Create preload cache
run: pnpm run build:preload-cache
env:
ARTIFACTS_DIR: artifacts/win
- name: Build with NSIS
run: pnpm run build:release
if: github.ref == 'refs/heads/main'
env:
DISABLE_INSPECT_FUSE: on
- name: Build without NSIS
run: pnpm run build:release --win dir
if: github.ref != 'refs/heads/main'
env:
DISABLE_INSPECT_FUSE: on
- name: Upload installer size
if: ${{ github.repository == 'signalapp/Signal-Desktop-Private' && github.ref == 'refs/heads/main' }}
run: node ts/scripts/dd-installer-size.js windows
env:
DD_API_KEY: ${{ secrets.DATADOG_API_KEY }}
- run: pnpm run test-electron
env:
ARTIFACTS_DIR: artifacts/windows
WORKER_COUNT: 4
timeout-minutes: 5
- run: pnpm run test-release
env:
SIGNAL_ENV: production
- name: Upload artifacts on failure
if: failure()
uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4
with:
path: artifacts
sticker-creator:
name: Sticker Creator
runs-on: ubuntu-22.04-8-cores
timeout-minutes: 30
defaults:
run:
working-directory: sticker-creator
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- name: Setup pnpm
uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # v4
- name: Setup node.js
uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4
with:
node-version-file: '.nvmrc'
- name: Install Sticker Creator node_modules
run: pnpm install
- name: Build Sticker Creator
run: pnpm run build
- name: Check Sticker Creator types
run: pnpm run check:types
- name: Check Sticker Creator formatting
run: pnpm run prettier:check
- name: Check Sticker Creator linting
run: pnpm run lint
- name: Run tests
run: pnpm test -- --run
mock-tests:
needs: lint
continue-on-error: true
strategy:
matrix:
workerIndex: [0, 1, 2, 3]
runs-on: ubuntu-latest-8-cores
if: ${{ github.repository == 'signalapp/Signal-Desktop-Private' }}
timeout-minutes: 30
steps:
- name: Get system specs
run: lsb_release -a
- name: Get other system specs
run: uname -a
- name: Clone Desktop repo
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- name: Setup pnpm
uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # v4
- name: Setup node.js
uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4
with:
node-version-file: '.nvmrc'
cache: 'pnpm'
cache-dependency-path: 'pnpm-lock.yaml'
- name: Cache .electron-gyp
uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4
with:
path: ~/.electron-gyp
key: electron-gyp-${{ runner.os }}-${{ hashFiles('pnpm-lock.yaml') }}
- name: Install xvfb and libpulse0
run: sudo apt-get install -y xvfb libpulse0 || (sudo apt-get update && sudo apt-get install -y xvfb libpulse0)
# - name: Setup sccache
# uses: mozilla-actions/sccache-action@054db53350805f83040bf3e6e9b8cf5a139aa7c9 # v0.0.7
# - name: Restore sccache
# uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4
# with:
# path: ${{ env.SCCACHE_PATH }}
# key: sccache-${{ runner.os }}-${{ hashFiles('pnpm-lock.yaml', 'patches/**') }}
- name: Install Desktop node_modules
run: |
pnpm install
sudo chown root node_modules/.pnpm/electron@*/node_modules/electron/dist/chrome-sandbox
sudo chmod 4755 node_modules/.pnpm/electron@*/node_modules/electron/dist/chrome-sandbox
env:
# CC: sccache gcc
# CXX: sccache g++
# SCCACHE_GHA_ENABLED: "true"
NPM_CONFIG_LOGLEVEL: verbose
- name: Build typescript
run: pnpm run generate
- name: Bundle
run: pnpm run build:esbuild:prod
- name: Create preload cache
run: xvfb-run --auto-servernum pnpm run build:preload-cache
env:
ARTIFACTS_DIR: artifacts/linux
- name: Run mock server tests
run: |
set -o pipefail
xvfb-run --auto-servernum pnpm run test-mock
timeout-minutes: 15
env:
NODE_ENV: production
DEBUG: mock:test:*
ARTIFACTS_DIR: artifacts/mock
WORKER_INDEX: ${{ matrix.workerIndex }}
WORKER_COUNT: 4
- name: Run docker mock server tests
if: ${{ matrix.workerIndex == 0 }}
run: |
set -o pipefail
sudo apt-get install -y pipewire pipewire-pulse wireplumber psmisc pulseaudio-utils
systemctl --user start pipewire.service
systemctl --user start pipewire-pulse.service
xvfb-run --auto-servernum pnpm run test-mock-docker
timeout-minutes: 10
env:
NODE_ENV: production
DEBUG: mock:test:*
ARTIFACTS_DIR: artifacts/mock-docker
- name: Upload mock server test logs on failure
if: failure()
uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4
with:
name: logs-${{ matrix.workerIndex }}
path: artifacts
check-min-os-version:
needs: lint
continue-on-error: true
strategy:
matrix:
os: [ubuntu-22.04-8-cores, macos-latest]
runs-on: ${{ matrix.os }}
timeout-minutes: 30
steps:
- run: uname -a
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- name: Setup pnpm
uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # v4
- name: Setup node.js
uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4
with:
node-version-file: '.nvmrc'
cache: 'pnpm'
cache-dependency-path: 'pnpm-lock.yaml'
- name: Cache .electron-gyp
uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4
with:
path: ~/.electron-gyp
key: electron-gyp-${{ runner.os }}-${{ hashFiles('pnpm-lock.yaml') }}
- name: Install Desktop node_modules
run: pnpm install
env:
NPM_CONFIG_LOGLEVEL: verbose
- run: pnpm generate:phase-0
- name: Run OS version check
run: |
node ts/scripts/check-min-os-version.js
Reference in New Issue View Git Blame Copy Permalink