From 9e177c73ca2e4e99be95601c3f1f939dedb25393 Mon Sep 17 00:00:00 2001 From: Andrew Pareles Date: Tue, 25 Mar 2025 20:08:02 -0700 Subject: [PATCH] + --- .github/workflows/build.yml | 405 ------------------------------- .github/workflows/void-build.yml | 9 +- 2 files changed, 1 insertion(+), 413 deletions(-) delete mode 100644 .github/workflows/build.yml diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml deleted file mode 100644 index 379ba257..00000000 --- a/.github/workflows/build.yml +++ /dev/null @@ -1,405 +0,0 @@ -name: Build Void - -on: - push: - branches: [ main, release/*, github-workflow ] - pull_request: - branches: [ main ] - workflow_dispatch: - -jobs: - build-linux: - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: Setup Node.js - uses: actions/setup-node@v3 - with: - node-version-file: '.nvmrc' - cache: 'npm' - - - name: Install dependencies - run: | - sudo apt-get update - sudo apt-get install -y pkg-config libx11-dev libxkbfile-dev libsecret-1-dev libkrb5-dev - # Set npm config to use GitHub token for authentication to avoid rate limits - npm config set //github.com/:_authToken=${{ github.token }} - npm config set //api.github.com/:_authToken=${{ github.token }} - npm config set //npm.pkg.github.com/:_authToken=${{ github.token }} - # Configure npm to use the GitHub token for all requests to github.com domains - npm config set @microsoft:registry https://npm.pkg.github.com - npm config set @vscode:registry https://npm.pkg.github.com - # Increase network timeout to handle slow connections - npm config set fetch-timeout 300000 - npm config set fetch-retry-mintimeout 20000 - npm config set fetch-retry-maxtimeout 120000 - npm install - npm install -g node-gyp - npm install -g gulp-cli - - - name: Build - run: | - npm run buildreact - npm run gulp vscode-linux-x64-min - - - name: Package - run: | - mkdir -p .build/linux/client - ARCHIVE_PATH=".build/linux/client/void-linux-x64.tar.gz" - tar -czf $ARCHIVE_PATH -C .. VSCode-linux-x64 - - - name: Generate checksum - run: | - cd .build/linux/client - sha256sum void-linux-x64.tar.gz > void-linux-x64.tar.gz.sha256 - - - name: Upload artifacts - uses: actions/upload-artifact@v4 - with: - name: void-linux-x64 - path: | - .build/linux/client/void-linux-x64.tar.gz - .build/linux/client/void-linux-x64.tar.gz.sha256 - - build-linux-arm64: - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: Setup Node.js - uses: actions/setup-node@v3 - with: - node-version-file: '.nvmrc' - cache: 'npm' - - - name: Install dependencies - run: | - sudo apt-get update - sudo apt-get install -y pkg-config libx11-dev libxkbfile-dev libsecret-1-dev libkrb5-dev - # Set npm config to use GitHub token for authentication to avoid rate limits - npm config set //github.com/:_authToken=${{ github.token }} - npm config set //api.github.com/:_authToken=${{ github.token }} - npm config set //npm.pkg.github.com/:_authToken=${{ github.token }} - # Configure npm to use the GitHub token for all requests to github.com domains - npm config set @microsoft:registry https://npm.pkg.github.com - npm config set @vscode:registry https://npm.pkg.github.com - # Increase network timeout to handle slow connections - npm config set fetch-timeout 300000 - npm config set fetch-retry-mintimeout 20000 - npm config set fetch-retry-maxtimeout 120000 - npm install - npm install -g node-gyp - npm install -g gulp-cli - - - name: Build - run: | - npm run buildreact - npm run gulp vscode-linux-arm64-min - - - name: Package - run: | - mkdir -p .build/linux/client - ARCHIVE_PATH=".build/linux/client/void-linux-arm64.tar.gz" - tar -czf $ARCHIVE_PATH -C .. VSCode-linux-arm64 - - - name: Generate checksum - run: | - cd .build/linux/client - sha256sum void-linux-arm64.tar.gz > void-linux-arm64.tar.gz.sha256 - - - name: Upload artifacts - uses: actions/upload-artifact@v4 - with: - name: void-linux-arm64 - path: | - .build/linux/client/void-linux-arm64.tar.gz - .build/linux/client/void-linux-arm64.tar.gz.sha256 - - build-windows: - runs-on: windows-latest - steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: Setup Node.js - uses: actions/setup-node@v3 - with: - node-version-file: '.nvmrc' - cache: 'npm' - - - name: Install dependencies - run: | - # Set npm config to use GitHub token for authentication to avoid rate limits - npm config set //github.com/:_authToken=${{ github.token }} - npm config set //api.github.com/:_authToken=${{ github.token }} - npm config set //npm.pkg.github.com/:_authToken=${{ github.token }} - # Configure npm to use the GitHub token for all requests to github.com domains - npm config set @microsoft:registry https://npm.pkg.github.com - npm config set @vscode:registry https://npm.pkg.github.com - # Increase network timeout to handle slow connections - npm config set fetch-timeout 300000 - npm config set fetch-retry-mintimeout 20000 - npm config set fetch-retry-maxtimeout 120000 - npm install - npm install -g node-gyp - npm install -g gulp-cli - - - name: Build - run: | - npm run buildreact - npm run gulp vscode-win32-x64-min - - - name: Package - run: | - mkdir -p .build/win32-x64 - Compress-Archive -Path ..\VSCode-win32-x64\* -DestinationPath .build\win32-x64\void-win32-x64.zip - shell: pwsh - - - name: Generate checksum - run: | - cd .build/win32-x64 - $hash = Get-FileHash -Algorithm SHA256 void-win32-x64.zip - $hash.Hash | Out-File -Encoding ascii void-win32-x64.zip.sha256 - shell: pwsh - - - name: Upload artifacts - uses: actions/upload-artifact@v4 - with: - name: void-win32-x64 - path: | - .build/win32-x64/void-win32-x64.zip - .build/win32-x64/void-win32-x64.zip.sha256 - - build-windows-arm64: - runs-on: windows-latest - steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: Setup Node.js - uses: actions/setup-node@v3 - with: - node-version-file: '.nvmrc' - cache: 'npm' - - - name: Install dependencies - run: | - # Set npm config to use GitHub token for authentication to avoid rate limits - npm config set //github.com/:_authToken=${{ github.token }} - npm config set //api.github.com/:_authToken=${{ github.token }} - npm config set //npm.pkg.github.com/:_authToken=${{ github.token }} - # Configure npm to use the GitHub token for all requests to github.com domains - npm config set @microsoft:registry https://npm.pkg.github.com - npm config set @vscode:registry https://npm.pkg.github.com - # Increase network timeout to handle slow connections - npm config set fetch-timeout 300000 - npm config set fetch-retry-mintimeout 20000 - npm config set fetch-retry-maxtimeout 120000 - npm install - npm install -g node-gyp - npm install -g gulp-cli - - - name: Build - run: | - npm run buildreact - npm run gulp vscode-win32-arm64-min - - - name: Package - run: | - mkdir -p .build/win32-arm64 - Compress-Archive -Path ..\VSCode-win32-arm64\* -DestinationPath .build\win32-arm64\void-win32-arm64.zip - shell: pwsh - - - name: Generate checksum - run: | - cd .build/win32-arm64 - $hash = Get-FileHash -Algorithm SHA256 void-win32-arm64.zip - $hash.Hash | Out-File -Encoding ascii void-win32-arm64.zip.sha256 - shell: pwsh - - - name: Upload artifacts - uses: actions/upload-artifact@v4 - with: - name: void-win32-arm64 - path: | - .build/win32-arm64/void-win32-arm64.zip - .build/win32-arm64/void-win32-arm64.zip.sha256 - - build-macos: - runs-on: macos-latest-large - strategy: - matrix: - arch: [arm64, x64] - steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: Setup Node.js - uses: actions/setup-node@v3 - with: - node-version-file: '.nvmrc' - cache: 'npm' - - - name: Install dependencies - run: | - # Set npm config to use GitHub token for authentication to avoid rate limits - npm config set //github.com/:_authToken=${{ github.token }} - npm config set //api.github.com/:_authToken=${{ github.token }} - npm config set //npm.pkg.github.com/:_authToken=${{ github.token }} - # Configure npm to use the GitHub token for all requests to github.com domains - npm config set @microsoft:registry https://npm.pkg.github.com - npm config set @vscode:registry https://npm.pkg.github.com - # Increase network timeout to handle slow connections - npm config set fetch-timeout 300000 - npm config set fetch-retry-mintimeout 20000 - npm config set fetch-retry-maxtimeout 120000 - npm install - npm install -g node-gyp - npm install -g gulp-cli - npm install -g create-dmg - - - name: Build - run: | - npm run buildreact - npm run gulp vscode-darwin-${{ matrix.arch }}-min - - - name: Create temporary working directory - run: | - WORKING_DIR="${{ runner.temp }}/VoidSign-${{ matrix.arch }}" - KEYCHAIN_DIR="${WORKING_DIR}/1_Keychain" - SIGN_DIR="${WORKING_DIR}/2_Signed" - mkdir -p "${WORKING_DIR}" "${KEYCHAIN_DIR}" "${SIGN_DIR}" - cp -Rp "$(pwd)/../VSCode-darwin-${{ matrix.arch }}" "${SIGN_DIR}" - echo "WORKING_DIR=${WORKING_DIR}" >> $GITHUB_ENV - echo "KEYCHAIN_DIR=${KEYCHAIN_DIR}" >> $GITHUB_ENV - echo "SIGN_DIR=${SIGN_DIR}" >> $GITHUB_ENV - echo "SIGNED_DOTAPP_DIR=${SIGN_DIR}/VSCode-darwin-${{ matrix.arch }}" >> $GITHUB_ENV - echo "SIGNED_DOTAPP=${SIGN_DIR}/VSCode-darwin-${{ matrix.arch }}/Void.app" >> $GITHUB_ENV - - - name: Import certificate - if: ${{ github.event_name != 'pull_request' && github.repository == 'voideditor/void' }} - env: - P12_BASE64: ${{ secrets.MACOS_CERTIFICATE }} - P12_PASSWORD: ${{ secrets.MACOS_CERTIFICATE_PWD }} - KEYCHAIN_PASSWORD: "temporary-password" - run: | - KEYCHAIN="${KEYCHAIN_DIR}/buildagent.keychain" - echo "KEYCHAIN=${KEYCHAIN}" >> $GITHUB_ENV - - # Create a new keychain - security create-keychain -p "${KEYCHAIN_PASSWORD}" "${KEYCHAIN}" - security set-keychain-settings -lut 21600 "${KEYCHAIN}" - security unlock-keychain -p "${KEYCHAIN_PASSWORD}" "${KEYCHAIN}" - - # Import certificate - echo "${P12_BASE64}" | base64 --decode > "${KEYCHAIN_DIR}/certificate.p12" - security import "${KEYCHAIN_DIR}/certificate.p12" -k "${KEYCHAIN}" -P "${P12_PASSWORD}" -T /usr/bin/codesign - security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k "${KEYCHAIN_PASSWORD}" "${KEYCHAIN}" > /dev/null - - # Add to keychain list - security list-keychains -d user -s "${KEYCHAIN}" $(security list-keychains -d user | sed s/\"//g) - - - name: Sign Application - if: ${{ github.event_name != 'pull_request' && github.repository == 'voideditor/void' }} - env: - CODESIGN_IDENTITY: ${{ secrets.MACOS_SIGNING_IDENTITY }} - VSCODE_ARCH: ${{ matrix.arch }} - run: | - export AGENT_TEMPDIRECTORY="${KEYCHAIN_DIR}" - cd $(pwd)/build/darwin - node sign.js "${SIGN_DIR}" - codesign --verify --verbose=4 "${SIGNED_DOTAPP}" - - - name: Create Unsigned App (for PR builds) - if: ${{ github.event_name == 'pull_request' || github.repository != 'voideditor/void' }} - run: | - cp -Rp "$(pwd)/../VSCode-darwin-${{ matrix.arch }}" "${SIGN_DIR}" - echo "SIGNED_DOTAPP_DIR=$(pwd)/../VSCode-darwin-${{ matrix.arch }}" >> $GITHUB_ENV - echo "SIGNED_DOTAPP=$(pwd)/../VSCode-darwin-${{ matrix.arch }}/Void.app" >> $GITHUB_ENV - - - name: Create DMG - run: | - cd "${SIGNED_DOTAPP_DIR}" - npx create-dmg --volname "Void Installer" "${SIGNED_DOTAPP}" . || true - GENERATED_DMG=$(ls *.dmg) - mv "${GENERATED_DMG}" "Void-Installer-darwin-${{ matrix.arch }}.dmg" - - if [[ "${{ github.event_name }}" != "pull_request" && "${{ github.repository }}" == "voideditor/void" ]]; then - codesign --verify --verbose=4 "Void-Installer-darwin-${{ matrix.arch }}.dmg" - fi - - echo "SIGNED_DMG=${SIGNED_DOTAPP_DIR}/Void-Installer-darwin-${{ matrix.arch }}.dmg" >> $GITHUB_ENV - - - name: Notarize - if: ${{ github.event_name != 'pull_request' && github.repository == 'voideditor/void' }} - env: - APPLE_ID: ${{ secrets.APPLE_ID }} - TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} - APP_PASSWORD: ${{ secrets.APPLE_APP_PWD }} - KEYCHAIN_PASSWORD: "temporary-password" - run: | - # Store credentials for notarization - xcrun notarytool store-credentials "Void" \ - --apple-id "${APPLE_ID}" \ - --team-id "${TEAM_ID}" \ - --password "${APP_PASSWORD}" \ - --keychain "${KEYCHAIN}" - - # Submit for notarization with a timeout - xcrun notarytool submit "${SIGNED_DMG}" \ - --keychain-profile "Void" \ - --keychain "${KEYCHAIN}" \ - --wait --timeout 2h - - # Staple the notarization ticket - xcrun stapler staple "${SIGNED_DMG}" - - - name: Create Raw App Archive - run: | - cd "${SIGNED_DOTAPP_DIR}" - VOIDAPP=$(basename "${SIGNED_DOTAPP}") - ditto -c -k --sequesterRsrc --keepParent "${VOIDAPP}" "Void-RawApp-darwin-${{ matrix.arch }}.zip" - - - name: Generate Hash File - run: | - cd "${SIGNED_DOTAPP_DIR}" - SHA1=$(shasum -a 1 "Void-RawApp-darwin-${{ matrix.arch }}.zip" | cut -d' ' -f1) - SHA256=$(shasum -a 256 "Void-RawApp-darwin-${{ matrix.arch }}.zip" | cut -d' ' -f1) - TIMESTAMP=$(date +%s) - - cat > "Void-UpdJSON-darwin-${{ matrix.arch }}.json" << EOF - { - "sha256hash": "${SHA256}", - "hash": "${SHA1}", - "timestamp": ${TIMESTAMP} - } - EOF - - - name: Generate checksum for DMG - run: | - cd "${SIGNED_DOTAPP_DIR}" - shasum -a 256 "Void-Installer-darwin-${{ matrix.arch }}.dmg" > "Void-Installer-darwin-${{ matrix.arch }}.dmg.sha256" - - - name: Upload DMG - uses: actions/upload-artifact@v4 - with: - name: void-darwin-${{ matrix.arch }}-dmg - path: | - ${{ env.SIGNED_DMG }} - ${{ env.SIGNED_DOTAPP_DIR }}/Void-Installer-darwin-${{ matrix.arch }}.dmg.sha256 - - - name: Upload Raw App - uses: actions/upload-artifact@v4 - with: - name: void-darwin-${{ matrix.arch }}-rawapp - path: ${{ env.SIGNED_DOTAPP_DIR }}/Void-RawApp-darwin-${{ matrix.arch }}.zip - - - name: Upload Hash File - uses: actions/upload-artifact@v4 - with: - name: void-darwin-${{ matrix.arch }}-hash - path: ${{ env.SIGNED_DOTAPP_DIR }}/Void-UpdJSON-darwin-${{ matrix.arch }}.json - diff --git a/.github/workflows/void-build.yml b/.github/workflows/void-build.yml index bdc32735..379ba257 100644 --- a/.github/workflows/void-build.yml +++ b/.github/workflows/void-build.yml @@ -8,15 +8,8 @@ on: workflow_dispatch: jobs: - check-for-artifacts: + build-linux: runs-on: ubuntu-latest - outputs: - linux-x64-exists: ${{ steps.check-artifacts.outputs.linux-x64-exists }} - linux-arm64-exists: ${{ steps.check-artifacts.outputs.linux-arm64-exists }} - win32-x64-exists: ${{ steps.check-artifacts.outputs.win32-x64-exists }} - win32-arm64-exists: ${{ steps.check-artifacts.outputs.win32-arm64-exists }} - darwin-x64-exists: ${{ steps.check-artifacts.outputs.darwin-x64-exists }} - darwin-arm64-exists: ${{ steps.check-artifacts.outputs.darwin-arm64-exists }} steps: - name: Checkout uses: actions/checkout@v3