deps(dev): bump postcss from 8.4.49 to 8.5.0 #5710
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: ci | |
on: | |
pull_request: | |
push: | |
branches: | |
- main | |
tags: | |
- '*' | |
env: | |
ELECTRON_CACHE: ${{ github.workspace }}/.cache/electron | |
ELECTRON_BUILDER_CACHE: ${{ github.workspace }}/.cache/electron-builder | |
jobs: | |
build: | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false | |
matrix: | |
os: [macos-latest, ubuntu-latest, windows-latest] | |
steps: | |
- name: Fix CRLF handling on Windows | |
if: matrix.os == 'windows-latest' | |
run: git config --global core.autocrlf false | |
- name: Check out Git repository | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Install Node.js | |
uses: actions/setup-node@v4 | |
with: | |
node-version: 'lts/*' | |
- name: Set up ubuntu | |
if: matrix.os == 'ubuntu-latest' | |
run: | | |
sudo apt-get install -y libsecret-1-dev | |
- name: Cache bigger downloads | |
uses: actions/cache@v4 | |
id: cache | |
with: | |
path: ${{ github.workspace }}/.cache | |
key: ${{ runner.os }}-${{ hashFiles('package.json', 'package-lock.json', 'electron-builder.yml') }} | |
restore-keys: | | |
${{ runner.os }}-${{ hashFiles('package.json', 'package-lock.json', 'electron-builder.yml') }} | |
${{ runner.os }}- | |
- name: Install dependencies | |
run: npm ci --prefer-offline --no-audit --progress=false | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Fix ubuntu | |
if: matrix.os == 'ubuntu-latest' | |
run: | | |
sudo chown root node_modules/electron/dist/chrome-sandbox | |
sudo chmod 4755 node_modules/electron/dist/chrome-sandbox | |
- name: Build | |
run: npm run build | |
- name: Install Sentry CLI | |
if: matrix.os == 'ubuntu-latest' | |
run: | | |
curl -sL https://sentry.io/get-cli/ | bash | |
sentry-cli --version | |
- name: Configure SENTRY env vars | |
run: | |
node ./build/configure-sentry.js >> $GITHUB_ENV | |
env: | |
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} | |
- name: Create Sentry release | |
# Secrets are not passed to the runner when a workflow is triggered from a forked repository. | |
# See https://docs.github.com/en/actions/security-guides/encrypted-secrets#using-encrypted-secrets-in-a-workflow | |
# We skip this step in such case. | |
# | |
# We must use `env` instead of `secrets`, see https://stackoverflow.com/a/70249520/69868 | |
if: matrix.os == 'ubuntu-latest' && env.SENTRY_AUTH_TOKEN | |
env: | |
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }} | |
SENTRY_ORG: space-meridian | |
SENTRY_PROJECT: filecoin-station | |
run: | | |
sentry-cli releases new "${{ env.SENTRY_VERSION }}" | |
sentry-cli releases set-commits "${{ env.SENTRY_VERSION }}" --local --ignore-missing | |
sentry-cli releases files "${{ env.SENTRY_VERSION }}" upload-sourcemaps ./renderer/dist/assets | |
sentry-cli releases deploys "${{ env.SENTRY_VERSION }}" new -e "${{ env.SENTRY_ENV }}" | |
- name: Test backend | |
run: npm run test:backend | |
env: | |
TEST_SEED_PHRASE: ${{ secrets.TEST_SEED_PHRASE }} | |
- name: Test frontend | |
run: npm run test:ui | |
- name: Test end-to-end (Linux) | |
if: ${{ matrix.os == 'ubuntu-latest' }} | |
uses: Wandalen/wretry.action@v3.8.0 | |
with: | |
command: xvfb-run -a npm run test:e2e | |
attempt_limit: 10 | |
- name: Test end-to-end (Windows / macOS) | |
if: ${{ matrix.os != 'ubuntu-latest' }} | |
uses: Wandalen/wretry.action@v3.8.0 | |
with: | |
command: npm run test:e2e | |
attempt_limit: 10 | |
- name: Lint | |
run: npm run lint | |
package: | |
runs-on: ${{ matrix.os }} | |
needs: build # build packages only if regular build and tests passed | |
strategy: | |
fail-fast: false | |
matrix: | |
os: [macos-latest, ubuntu-latest, windows-latest] | |
steps: | |
- name: Check out Git repository | |
uses: actions/checkout@v4 | |
- name: Install Node.js | |
uses: actions/setup-node@v4 | |
with: | |
node-version: 'lts/*' | |
- name: Cache bigger downloads | |
uses: actions/cache@v4 | |
id: cache | |
with: | |
path: ${{ github.workspace }}/.cache | |
key: ${{ runner.os }}-${{ hashFiles('package.json', 'package-lock.json', 'electron-builder.yml') }} | |
restore-keys: | | |
${{ runner.os }}-${{ hashFiles('package.json', 'package-lock.json', 'electron-builder.yml') }} | |
${{ runner.os }}- | |
- name: Install dependencies | |
run: npm ci --prefer-offline --no-audit --progress=false | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Get tag | |
id: tag | |
if: startsWith(github.ref, 'refs/tags/v') | |
uses: dawidd6/action-get-tag@727a6f0a561be04e09013531e73a3983a65e3479 # v1 | |
continue-on-error: true # empty steps.tag.outputs.tag will inform the next step | |
- name: Build binaries with electron-builder (Linux) | |
if: ${{ matrix.os == 'ubuntu-latest' }} | |
run: | | |
sudo snap install snapcraft --classic | |
npm run build | |
npm exec -- electron-builder --publish=onTag | |
env: | |
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
CI_BUILD_TAG: ${{ steps.tag.outputs.tag }} # used by --publish=onTag | |
DEBUG: electron-builder | |
- name: Build binaries with electron-builder (Windows) | |
# Windows builds are always failing in PRs. We should fix them, but for | |
# now let's just skip them to remove noise. | |
if: ${{ matrix.os == 'windows-latest' && github.event_name != 'pull_request' }} | |
run: | | |
npm run build | |
npm exec -- electron-builder --publish=onTag | |
env: | |
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
CI_BUILD_TAG: ${{steps.tag.outputs.tag}} # used by --publish=onTag | |
DEBUG: electron-builder | |
WIN_CSC_LINK: ${{ secrets.windows_certs }} | |
WIN_CSC_KEY_PASSWORD: ${{ secrets.windows_certs_password }} | |
- name: Build binaries with electron-builder (macOS) | |
if: ${{ matrix.os == 'macos-latest' }} | |
run: | | |
npm run build | |
npm exec -- electron-builder --publish=onTag | |
env: | |
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
CI_BUILD_TAG: ${{steps.tag.outputs.tag}} # used by --publish=onTag | |
DEBUG: electron-builder | |
CSC_LINK: ${{ secrets.mac_certs }} | |
CSC_KEY_PASSWORD: ${{ secrets.mac_certs_password }} | |
APPLEID: ${{ secrets.apple_id }} | |
APPLEIDPASS: ${{ secrets.apple_id_pass }} | |
APPLETEAMID: ${{ secrets.apple_team_id }} | |
USE_HARD_LINKS: false | |
- name: Show dist/ | |
if: ${{ !(matrix.os == 'windows-latest' && github.event_name == 'pull_request') }} | |
run: du -sh dist/ && ls -l dist/ | |
# Persist produced binaries and effective config used for building them | |
# - this is not for releases, but for quick testing during the dev | |
# - action artifacts can be downloaded for 90 days, then are removed by github | |
# - binaries in PRs from forks won't be signed | |
- name: Attach produced packages to Github Action | |
if: ${{ !(matrix.os == 'windows-latest' && github.event_name == 'pull_request') }} | |
uses: actions/upload-artifact@v4 | |
with: | |
name: dist-${{ matrix.os }} | |
path: dist/*tation*.* | |
if-no-files-found: error | |
- name: Show Cache | |
if: ${{ !(matrix.os == 'windows-latest' && github.event_name == 'pull_request') }} | |
run: du -sh ${{ github.workspace }}/.cache/ && ls -l ${{ github.workspace }}/.cache/ |