Merge pull request #368 from scratchfoundation/renovate/pin-dependencies #112
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI/CD | |
on: | |
push: | |
concurrency: | |
group: '${{ github.workflow }} @ ${{ github.head_ref || github.ref }}' | |
permissions: | |
contents: write # publish a GitHub release | |
pages: write # deploy to GitHub Pages | |
issues: write # comment on released issues | |
pull-requests: write # comment on released pull requests | |
jobs: | |
ci-cd: | |
strategy: | |
matrix: | |
os: | |
- macos-latest | |
- windows-latest | |
runs-on: ${{ matrix.os }} | |
defaults: | |
run: | |
shell: bash | |
environment: | |
name: ${{ matrix.os }} | |
env: | |
SCRATCH_SHOULD_SIGN: ${{ github.ref_name == 'main' }} | |
AC_USERNAME: ${{ github.ref_name == 'main' && secrets.AC_USERNAME }} | |
AC_PASSWORD: ${{ github.ref_name == 'main' && secrets.AC_PASSWORD }} | |
steps: | |
- uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 | |
- uses: actions/setup-node@1a4442cacd436585916779262731d5b162bc6ec7 # v3 | |
with: | |
cache: 'npm' | |
node-version-file: '.nvmrc' | |
- name: Debug info | |
run: | | |
cat <<EOF | |
Node version: $(node --version) | |
NPM version: $(npm --version) | |
GitHub ref: ${{ github.ref }} | |
GitHub head ref: ${{ github.head_ref }} | |
Working directory: $(pwd) | |
EOF | |
- name: Install NPM dependencies | |
run: npm ci | |
- name: Test | |
run: npm run test | |
- name: Install Python 2.7 | |
if: matrix.os == 'macos-latest' | |
run: | | |
brew install pyenv | |
pyenv install 2.7.18 | |
- name: Setup Keys for Fastlane | |
if: matrix.os == 'macos-latest' | |
uses: webfactory/ssh-agent@836c84ec59a0e7bc0eabc79988384eb567561ee2 # v0.7.0 | |
with: | |
ssh-private-key: ${{ secrets.FASTLANE_ACCESS_KEY }} | |
- name: Fastlane | |
env: | |
GIT_URL: ${{ secrets.FL_GIT_URL }} | |
STORAGE_MODE: ${{secrets.FL_STORAGE_MODE}} | |
MATCH_PASSWORD: ${{ secrets.MATCH_PASSWORD }} | |
if: matrix.os == 'macos-latest' && env.SCRATCH_SHOULD_SIGN == 'true' | |
run: fastlane circleci | |
- name: Build | |
timeout-minutes: 30 # macOS notarization can take a while | |
env: | |
# TODO: fix whatever is causing excessive memory usage during build | |
NODE_OPTIONS: --max-old-space-size=4096 | |
# These will be blank on macOS and on unsigned builds | |
# macOS CSC info was set by Fastlane above | |
WIN_CSC_LINK: ${{ secrets.WIN_CSC_LINK }} | |
WIN_CSC_KEY_PASSWORD: ${{ secrets.WIN_CSC_KEY_PASSWORD }} | |
PYTHON_PATH: ${{ matrix.os == 'macos-latest' && '/Users/runner/.pyenv/versions/2.7.18/bin/python'}} | |
run: npm run ${{ env.SCRATCH_SHOULD_SIGN == true && 'dist' || 'distDev' }} | |
- name: Zip MAS-Dev build | |
if: matrix.os == 'macos-latest' && env.SCRATCH_SHOULD_SIGN == 'true' | |
run: | | |
NPM_APP_VERSION="`node -pe "require('./package.json').version"`" | |
cd dist/mas-dev | |
ditto -v -c -k --sequesterRsrc --keepParent --zlibCompressionLevel 9 \ | |
Scratch*.app ../mas-dev-${NPM_APP_VERSION}.zip | |
- name: Upload macOS artifacts | |
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3 | |
if: matrix.os == 'macos-latest' | |
with: | |
name: macOS | |
path: | | |
dist/Scratch*.dmg | |
dist/mas/Scratch*.pkg | |
dist/mas-dev-*.zip | |
- name: Upload Windows artifacts | |
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3 | |
if: matrix.os == 'windows-latest' | |
with: | |
name: Windows | |
path: | | |
dist/Scratch*.appx | |
dist/Scratch*.exe |