3.0.0 #115

Workflow file for this run

.github/workflows/build-and-release-desktop.yml at 2056b03

	name: Build and Release Desktop

	env:
	NETWORK: Canary
	NETWORK_CODE: canary

	on:
	push:
	tags:
	- desktop-canary-*
	workflow_dispatch:
	inputs:
	debugElectronBuilder:
	description: 'Verbose electron-builder output'
	required: true
	type: choice
	options:
	- 'false'
	- 'true'
	stage:
	description: 'Stage'
	required: true
	type: choice
	options:
	- alpha
	- beta
	- prod

	jobs:
	setup:
	runs-on: ubuntu-latest
	if: startsWith(github.ref, 'refs/tags/desktop')
	outputs:
	version: ${{ steps.set_outputs.outputs.version }}
	release_name: ${{ steps.set_outputs.outputs.release_name }}
	stage: ${{ steps.set_outputs.outputs.stage }}

	steps:
	- id: set_outputs
	name: Set outputs for version, release name, and stage
	run: \|
	VERSION=${GITHUB_REF#refs/*/desktop-canary-}
	RELEASE_NAME=$(echo $VERSION \| perl -0777 -pe 's/^([0-9]\d\.[0-9]\d\.[0-9]\d)(?:-([a-z])-(\d*))?$/$1 \u$2 $3/')
	STAGE=$(echo $VERSION \| perl -0777 -pe 's/^([0-9]\d\.[0-9]\d\.[0-9]\d)(?:-([a-z])-([0-9]\d(\.[0-9]\d)*))?$/$2/')

	if [ -z "$STAGE" ]; then
	STAGE="prod"
	fi

	echo "version=$VERSION" >> $GITHUB_OUTPUT
	echo "release_name=$RELEASE_NAME" >> $GITHUB_OUTPUT
	echo "stage=$STAGE" >> $GITHUB_OUTPUT

	build:
	runs-on: ${{ matrix.os }}
	if: ${{ always() }}
	needs: [setup]
	strategy:
	matrix:
	os: [ubuntu-20.04, macos-11, windows-2019]
	fail-fast: true
	env:
	VERSION: ${{ needs.setup.outputs.version }}
	STAGE: ${{ needs.setup.outputs.stage \|\| github.event.inputs.stage }}

	steps:
	- uses: actions/checkout@v2

	- name: Set up Node.js
	uses: actions/setup-node@v4
	with:
	node-version: 18.15.0

	# Used to read the `binding.gyp` file from `@iota/wallet`
	- name: Set up Python 3.10
	uses: actions/setup-python@v4
	with:
	python-version: '3.10'

	- name: Install Rust toolchain
	uses: actions-rs/toolchain@v1
	with:
	toolchain: stable
	profile: minimal

	- name: Install LLVM and Clang (Windows) # required for bindgen to work, see https://github.com/rust-lang/rust-bindgen/issues/1797
	uses: KyleMayes/install-llvm-action@32c4866ebb71e0949e8833eb49beeebed48532bd
	if: matrix.os == 'windows-2019'
	with:
	version: '11.0'
	directory: ${{ runner.temp }}/llvm

	- name: Set LIBCLANG_PATH (Windows)
	run: echo "LIBCLANG_PATH=$((gcm clang).source -replace "clang.exe")" >> $env:GITHUB_ENV
	if: matrix.os == 'windows-2019'

	- name: Set deployment target (macOS)
	run: echo "MACOSX_DEPLOYMENT_TARGET=10.14" >> $GITHUB_ENV # TODO: set this to 10.12 once rocksDB issue is fixed
	if: matrix.os == 'macos-11'

	- name: Install required packages (Linux)
	run: \|
	sudo apt update
	sudo apt install -y gcc-multilib g++-multilib build-essential libssl-dev rpm libsecret-1-dev \
	software-properties-common apt-transport-https libudev-dev libusb-1.0-0-dev \
	llvm-dev libclang-dev clang
	if: matrix.os == 'ubuntu-20.04'

	- name: Enable verbose output for electron-builder (macOS/Linux)
	run: echo "DEBUG=electron-builder" >> $GITHUB_ENV
	if: matrix.os != 'windows-2019' && github.event.inputs.debugElectronBuilder && github.event.inputs.debugElectronBuilder == 'true'

	- name: Enable verbose output for electron-builder (Windows)
	run: echo "DEBUG=electron-builder" \| Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append
	if: matrix.os == 'windows-2019' && github.event.inputs.debugElectronBuilder && github.event.inputs.debugElectronBuilder == 'true'

	- name: Install dependencies
	# Increase network timeout threshold to reduce build failures on Windows
	run: yarn --network-timeout 1000000

	- name: Install Sentry CLI
	# Yarn has issues putting binaries in the PATH on Windows
	run: npm i -g @sentry/cli
	if: ${{ startsWith(github.ref, 'refs/tags/desktop') && matrix.os == 'windows-2019' }}

	- name: Set productName
	run: node scripts/fix-productName.js
	working-directory: packages/desktop

	- name: Bundle desktop JS
	run: yarn build:${STAGE}
	working-directory: packages/desktop
	shell: bash
	env:
	HARDCODE_NODE_ENV: true
	SENTRY: ${{ startsWith(github.ref, 'refs/tags/desktop') }}
	SENTRY_DSN: ${{ secrets.SENTRY_DSN_PROD_DESKTOP }}
	SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
	AMPLITUDE_API_KEY: ${{ secrets.AMPLITUDE_API_KEY }}

	- name: Build Electron app (macOS)
	run: yarn compile:${STAGE}:mac
	env:
	CSC_LINK: ${{ secrets.MAC_CERT_BASE64 }}
	CSC_KEY_PASSWORD: ${{ secrets.MAC_CERT_PASSWORD }}
	APPLE_ID: ${{ secrets.APPLE_ID }}
	APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }}
	working-directory: packages/desktop
	if: matrix.os == 'macos-11'

	- name: Build Electron app (Windows)
	run: yarn compile:${env:STAGE}:win
	env:
	CSC_LINK: ${{ secrets.WIN_CERT_BASE64 }}
	CSC_KEY_PASSWORD: ${{ secrets.WIN_CERT_PASSWORD }}
	working-directory: packages/desktop
	if: matrix.os == 'windows-2019'

	- name: Build Electron app (Linux)
	run: yarn compile:${STAGE}:linux
	working-directory: packages/desktop
	if: matrix.os == 'ubuntu-20.04'

	- name: Import GPG key (Linux)
	run: \|
	echo "$GPG_PRIVATE_KEY" \| base64 -d > /tmp/private.key && \
	echo "$GPG_PASSPHRASE" \| gpg --batch --yes --passphrase-fd 0 --import /tmp/private.key
	env:
	GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
	GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
	if: matrix.os == 'ubuntu-20.04'

	- name: Sign AppImage (Linux)
	run: echo $GPG_PASSPHRASE \| gpg --pinentry-mode loopback --batch --passphrase-fd 0 --armor --detach-sign --default-key [email protected] firefly-*.AppImage
	working-directory: packages/desktop/out
	env:
	GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
	if: matrix.os == 'ubuntu-20.04'

	- name: Compute checksums (Linux)
	run: for i in `ls \| grep 'firefly-*'` ; do sha256sum $i \| awk {'print $1'} > $i.sha256 ; done
	working-directory: packages/desktop/out
	if: matrix.os == 'ubuntu-20.04'

	- name: Compute checksums (macOS)
	run: for i in `ls \| grep 'firefly-*'` ; do shasum -a 256 $i \| awk {'print $1'} > $i.sha256 ; done
	working-directory: packages/desktop/out
	if: matrix.os == 'macos-11'

	- name: Compute checksums (Windows)
	run: Get-ChildItem "." -Filter firefly-* \| Foreach-Object { $(Get-FileHash -Path $_.FullName -Algorithm SHA256).Hash \| Set-Content ($_.FullName + '.sha256') }
	working-directory: packages/desktop/out
	if: matrix.os == 'windows-2019'

	- name: Upload artifacts
	uses: actions/upload-artifact@v2
	with:
	name: firefly-desktop-${{ matrix.os }}
	path: \|
	packages/desktop/out/firefly-*
	packages/desktop/out/canary*

	release:
	runs-on: ubuntu-latest
	needs: [setup, build]
	if: startsWith(github.ref, 'refs/tags/desktop')
	env:
	VERSION: ${{ needs.setup.outputs.version }}
	RELEASE_NAME: ${{ needs.setup.outputs.release_name }}
	STAGE: ${{ needs.setup.outputs.stage }}

	steps:
	- run: echo ${{ github.ref }}

	- name: Checkout code
	uses: actions/checkout@v2

	- name: Downloading artifacts
	uses: actions/download-artifact@v2
	with:
	name: firefly-desktop-windows-2019
	path: assets

	- name: Downloading artifacts
	uses: actions/download-artifact@v2
	with:
	name: firefly-desktop-macos-11
	path: assets

	- name: Downloading artifacts
	uses: actions/download-artifact@v2
	with:
	name: firefly-desktop-ubuntu-20.04
	path: assets

	- name: Preparing release body
	run: \|
	sed -i 's/\r$//' ../../assets/.sha256 && sed -i '/^$/d' ../../assets/.sha256 && sed -i -e 's/$.$/\L\1/' ../../assets/.sha256
	WIN_SHA256=$(cat ../../assets/firefly-${{ env.NETWORK_CODE }}-desktop-${{ env.VERSION }}.exe.sha256)
	LIN_SHA256=$(cat ../../assets/firefly-${{ env.NETWORK_CODE }}-desktop-${{ env.VERSION }}.AppImage.sha256)
	MAC_SHA256=$(cat ../../assets/firefly-${{ env.NETWORK_CODE }}-desktop-${{ env.VERSION }}.dmg.sha256)
	echo $WIN_SHA256 $LIN_SHA256 $MAC_SHA256
	touch CHANGELOG.md
	echo '### Changelog' >> CHANGELOG.md
	echo '------' >> CHANGELOG.md
	echo '### File Hashes' >> CHANGELOG.md
	echo '[How to verify the authenticity of your Firefly ${{ env.NETWORK }} Desktop download](https://wiki.iota.org/shimmer/introduction/how_tos/verify_download/#verify-your-firefly-desktop-download)' >> CHANGELOG.md
	echo '\| File \| Platform \| SHA256 Hash \|' >> CHANGELOG.md
	echo '\| --- \| --- \| --- \|' >> CHANGELOG.md
	echo '\| firefly-${{ env.NETWORK_CODE }}-desktop-${{ env.VERSION }}.exe \| Windows \|' $WIN_SHA256 '\|' >> CHANGELOG.md
	echo '\| firefly-${{ env.NETWORK_CODE }}-desktop-${{ env.VERSION }}.AppImage \| Linux \|' $LIN_SHA256 '\|' >> CHANGELOG.md
	echo '\| firefly-${{ env.NETWORK_CODE }}-desktop-${{ env.VERSION }}.dmg \| MacOS \| ' $MAC_SHA256 '\|' >> CHANGELOG.md
	cat CHANGELOG.md
	working-directory: packages/desktop

	- name: Create Release
	id: create_release
	uses: actions/[email protected]
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	with:
	tag_name: ${{ github.ref }}
	release_name: Firefly ${{ env.NETWORK }} Desktop ${{ env.RELEASE_NAME }}
	body_path: packages/desktop/CHANGELOG.md
	draft: true
	prerelease: true

	- name: Upload macOS binary asset
	uses: actions/upload-release-asset@v1
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	with:
	upload_url: ${{ steps.create_release.outputs.upload_url }}
	asset_path: assets/firefly-${{ env.NETWORK_CODE }}-desktop-${{ env.VERSION }}.dmg
	asset_name: firefly-${{ env.NETWORK_CODE }}-desktop-${{ env.VERSION }}.dmg
	asset_content_type: application/octet-stream

	- name: Upload Windows binary asset
	uses: actions/upload-release-asset@v1
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	with:
	upload_url: ${{ steps.create_release.outputs.upload_url }}
	asset_path: assets/firefly-${{ env.NETWORK_CODE }}-desktop-${{ env.VERSION }}.exe
	asset_name: firefly-${{ env.NETWORK_CODE }}-desktop-${{ env.VERSION }}.exe
	asset_content_type: application/octet-stream

	- name: Upload Linux binary asset
	uses: actions/upload-release-asset@v1
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	with:
	upload_url: ${{ steps.create_release.outputs.upload_url }}
	asset_path: assets/firefly-${{ env.NETWORK_CODE }}-desktop-${{ env.VERSION }}.AppImage
	asset_name: firefly-${{ env.NETWORK_CODE }}-desktop-${{ env.VERSION }}.AppImage
	asset_content_type: application/octet-stream

	- name: Upload Linux code signature asset
	uses: actions/upload-release-asset@v1
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	with:
	upload_url: ${{ steps.create_release.outputs.upload_url }}
	asset_path: assets/firefly-${{ env.NETWORK_CODE }}-desktop-${{ env.VERSION }}.AppImage.asc
	asset_name: firefly-${{ env.NETWORK_CODE }}-desktop-${{ env.VERSION }}.AppImage.asc
	asset_content_type: application/pgp-signature

	- name: Upload to S3
	run: \|
	aws s3 cp assets/ s3://iotaledger-files/4a1ddea1-10c1-4f1d-83f0-e14903931a46/releases/ --recursive --include "" --exclude ".sha256" --exclude ".blockmap" --exclude ".asc" --acl public-read
	aws s3 cp assets/ s3://iotaledger-files/firefly/releases/ --recursive --include "" --exclude ".sha256" --exclude ".blockmap" --exclude ".asc" --acl public-read
	env:
	AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	AWS_DEFAULT_REGION: eu-central-1

	- name: Invalidate CloudFront cache for auto-update files
	run: aws cloudfront create-invalidation --distribution-id E32G4HRED4PO65 --paths "/canary*"
	env:
	AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	AWS_DEFAULT_REGION: eu-central-1

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

3.0.0 #115

Workflow file

3.0.0 #115

Jobs

Run details

Workflow file for this run