Skip to content

Merge pull request #579 from Nizhal/main #1307

Merge pull request #579 from Nizhal/main

Merge pull request #579 from Nizhal/main #1307

Workflow file for this run

name: CI
on:
push:
branches:
- "main"
- "topic/*"
tags:
- "v1_11_*"
pull_request:
branches:
- "main"
- "topic/*"
jobs:
prep:
runs-on: ubuntu-latest
permissions:
id-token: write
attestations: write
outputs:
WORKRAVE_BUILD_DATETIME: ${{ steps.out.outputs.WORKRAVE_BUILD_DATETIME }}
WORKRAVE_BUILD_DATE: ${{ steps.out.outputs.WORKRAVE_BUILD_DATE }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
submodules: "recursive"
- id: out
run: |
export WORKRAVE_ENV=github-ubuntu
source ./tools/ci/config.sh
echo "WORKRAVE_BUILD_DATETIME=${WORKRAVE_BUILD_DATETIME}" >> $GITHUB_OUTPUT
echo "WORKRAVE_BUILD_DATE=${WORKRAVE_BUILD_DATE}" >> $GITHUB_OUTPUT
- name: Create catalog root
run: |
export WORKRAVE_ENV=github-ubuntu
${{ github.workspace }}/tools/ci/catalog.sh
env:
WORKRAVE_JOB_INDEX: 9999
WORKRAVE_BUILD_DATETIME: ${{ needs.prep.outputs.WORKRAVE_BUILD_DATETIME }}
WORKRAVE_BUILD_DATE: ${{ needs.prep.outputs.WORKRAVE_BUILD_DATE }}
- name: attest
uses: actions/attest-build-provenance@v1
with:
subject-path: "_deploy/*"
- name: Upload artifacts to GitHub
uses: actions/upload-artifact@v4
with:
name: artifacts-root-catalog
path: _deploy
build-windows-vcpkg:
name: windows vcpkg
env:
VCPKG_ROOT: C:/vcpkg
VCPKG_BINARY_SOURCES: "clear;x-gha,readwrite"
runs-on: windows-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
submodules: "recursive"
- name: vcpkg cache setup
uses: actions/github-script@v7
with:
script: |
core.exportVariable('ACTIONS_CACHE_URL', process.env.ACTIONS_CACHE_URL || '');
core.exportVariable('ACTIONS_RUNTIME_TOKEN', process.env.ACTIONS_RUNTIME_TOKEN || '');
- name: configure
run: |
pip install Ninja2
cmake -G "Visual Studio 17 2022" -A x64 -B '${{ github.workspace }}/_build' `
-DCMAKE_TOOLCHAIN_FILE=${{ env.VCPKG_ROOT }}/scripts/buildsystems/vcpkg.cmake `
-DVCPKG_TARGET_TRIPLET=x64-windows `
-DCMAKE_BUILD_TYPE=Release `
-DWITH_UI=Gtk+3 `
-DWITH_CRASHPAD=OFF `
-DWITH_AUTO_UPDATE=ON `
-DWITH_TRACING=ON
- name: build
run: |
cmake --build '${{github.workspace}}/_build' --config Release
cmake --install '${{github.workspace}}/_build' --config Release
build-windows:
runs-on: windows-2019
permissions:
id-token: write
attestations: write
if: ${{ false }}
strategy:
matrix:
configuration: [Debug, Release]
platform: [x86, x64]
steps:
- name: Keep line ending
run: |
git config --global core.autocrlf false
git config --global core.eol lf
- uses: actions/checkout@v4
- name: Add msbuild to PATH
uses: microsoft/[email protected]
- name: Build
run: msbuild ui/applets/windows/src/Applet.sln -t:Rebuild -p:Configuration=${{ matrix.configuration }} -p:Platform=${{ matrix.platform }}
- name: attest
uses: actions/attest-build-provenance@v1
with:
subject-path: |
ui/applets/windows/src/x64/Release/workrave-applet64.dll
ui/applets/windows/src/Release/workrave-applet.dll
ui/applets/windows/src/x64/Debug/workrave-applet64.dll
ui/applets/windows/src/Debug/workrave-applet.dll
- name: Upload artifacts to GitHub
uses: actions/upload-artifact@v4
with:
name: artifacts-applet
path: |
ui/applets/windows/src/x64/Release/workrave-applet64.dll
ui/applets/windows/src/Release/workrave-applet.dll
ui/applets/windows/src/x64/Debug/workrave-applet64.dll
ui/applets/windows/src/Debug/workrave-applet.dll
build-msys2:
runs-on: windows-latest
permissions:
id-token: write
attestations: write
needs: prep
strategy:
matrix:
config:
- configuration: Release
ui: Gtk+3
enable: TESTS, CRASHPAD, AUTO_UPDATE
upload: windows-gtk3-release
- configuration: Debug
enable: TESTS, TRACING, CRASHPAD, AUTO_UPDATE
ui: Gtk+3
upload: windows-gtk3-debug
- configuration: Release
ui: Qt
enable: TESTS, CRASHPAD, AUTO_UPDATE
- configuration: Debug
enable: TESTS, TRACING, CRASHPAD, AUTO_UPDATE
ui: Qt
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
submodules: "recursive"
- uses: msys2/setup-msys2@v2
with:
update: true
msystem: clang64
install: >-
git
mingw-w64-clang-i686-clang
mingw-w64-clang-i686-cmake
mingw-w64-clang-i686-lld
mingw-w64-clang-i686-spdlog
mingw-w64-clang-i686-ninja
mingw-w64-clang-x86_64-adwaita-icon-theme
mingw-w64-clang-x86_64-boost
mingw-w64-clang-x86_64-clang
mingw-w64-clang-x86_64-cmake
mingw-w64-clang-x86_64-gcc-compat
mingw-w64-clang-x86_64-gtkmm3
mingw-w64-clang-x86_64-lld
mingw-w64-clang-x86_64-ninja
mingw-w64-clang-x86_64-openssl
mingw-w64-clang-x86_64-python
mingw-w64-clang-x86_64-python-pip
mingw-w64-clang-x86_64-spdlog
mingw-w64-clang-x86_64-jq
mingw-w64-clang-x86_64-uasm
mingw-w64-clang-x86_64-rust
mingw-w64-clang-x86_64-qt6-base
mingw-w64-clang-x86_64-qt6-svg
mingw-w64-clang-x86_64-qt6-tools
tar
xz
zip
- name: Build 64 bit
shell: msys2 {0}
run: |
python -m pip install --upgrade pip
pip install wheel
pip install Jinja2
./tools/ci/build.sh
env:
WORKRAVE_ENV: github-windows-msys2
WORKRAVE_JOB_INDEX: l${{ strategy.job-index }}
CONF_UI: ${{ matrix.config.ui }}
CONF_CONFIGURATION: ${{ matrix.config.configuration }}
CONF_ENABLE: ${{ matrix.config.enable }}
WORKRAVE_BUILD_DATETIME: ${{ needs.prep.outputs.WORKRAVE_BUILD_DATETIME }}
WORKRAVE_BUILD_DATE: ${{ needs.prep.outputs.WORKRAVE_BUILD_DATE }}
- name: attest
uses: actions/attest-build-provenance@v1
with:
subject-path: _deploy/*
- name: Upload artifacts to GitHub
uses: actions/upload-artifact@v4
if: ${{ matrix.config.upload }}
with:
name: artifacts-${{ matrix.config.upload }}
path: _deploy
build-cmake:
runs-on: ${{ matrix.config.os }}
permissions:
id-token: write
attestations: write
needs: prep
defaults:
run:
shell: bash
strategy:
fail-fast: false
max-parallel: 20
matrix:
config:
- image: ubuntu-focal
os: ubuntu-24.04
compiler: gcc
ui: Gtk+3
enable: INDICATOR,GNOME_CLASSIC_PANEL,GSTREAMER,PULSE,TESTS
disable: COVERAGE,TRACING
- image: ubuntu-jammy
os: ubuntu-24.04
compiler: gcc
ui: Gtk+3
enable: INDICATOR,GNOME_CLASSIC_PANEL,GSTREAMER,PULSE,TESTS
disable: COVERAGE,TRACING
- image: ubuntu-noble
os: ubuntu-24.04
compiler: gcc
ui: Gtk+3
enable: INDICATOR,GNOME45,GNOME_CLASSIC_PANEL,GSTREAMER,PULSE,TESTS
disable: COVERAGE,TRACING
appimage: true
upload: ubuntu-noble
- image: ubuntu-oracular
os: ubuntu-24.04
compiler: gcc
ui: Gtk+3
enable: INDICATOR,GNOME45,GNOME_CLASSIC_PANEL,GSTREAMER,PULSE,TESTS
disable: COVERAGE,TRACING
# - image: mingw-fedora-rawhide
# os: ubuntu-24.04
# compiler: clang
# ui: Gtk+3
# configuration: Release
# enable:
# disable: INDICATOR,GSTREAMER,PULSE,GNOME_CLASSIC_PANEL,TESTS,COVERAGE,TRACING
# upload: false
# - image: mingw-fedora-rawhide
# os: ubuntu-24.04
# compiler: clang
# ui: Gtk+3
# configuration: Debug
# enable: TRACING
# disable: INDICATOR,GSTREAMER,PULSE,GNOME_CLASSIC_PANEL,TESTS,COVERAGE
# upload: false
- os: macos-latest
compiler: clang
ui: Qt
enable: TESTS,COVERAGE,TRACING
disable: INDICATOR,GSTREAMER,PULSE,GNOME_CLASSIC_PANEL
# - image: windows-msys2
# os: windows-latest
# ui: Gtk+3
# disable: INDICATOR,GSTREAMER,PULSE,GNOME_CLASSIC_PANEL
# enable: TESTS,CRASHPAD,AUTO_UPDATE
# configuration: Release
# upload: true
# - image: windows-msys2
# os: windows-latest
# ui: Gtk+3
# disable: INDICATOR,GSTREAMER,PULSE,GNOME_CLASSIC_PANEL
# enable: TESTS,TRACING,CRASHPAD,AUTO_UPDATE
# configuration: Debug
# upload: true
steps:
- name: Prepare
run: |
if [[ $GITHUB_REF == refs/tags/* ]]; then
echo "version=${GITHUB_REF#refs/tags/v}" >> $GITHUB_OUTPUT
elif [[ $GITHUB_REF == refs/heads/next ]]; then
echo "version=latest" >> $GITHUB_OUTPUT
elif [[ $GITHUB_REF == refs/heads/* ]]; then
echo "version=${GITHUB_REF#refs/heads/}" >> $GITHUB_OUTPUT
else
echo "version=dev" >> $GITHUB_OUTPUT
fi
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Prepare docker
id: image_digest
if: runner.os == 'Windows'
run: |
mkdir -p ~/_docker-cache
echo "digest=$(docker manifest inspect ghcr.io/rcaelers/workrave-build:${{ matrix.config.image }} -v | jq -r '.Descriptor.digest' | cut -d: -f2)" >> $GITHUB_OUTPUT
shell: bash
- name: Prepare docker image cache
id: docker-cache
if: runner.os == 'Windows'
uses: actions/cache@v3
with:
path: ~/_docker-cache
key: docker-cache-${{ steps.image_digest.outputs.digest }}
- name: Download image if cache is outdated
if: steps.docker-cache.outputs.cache-hit != 'true' && runner.os == 'Windows'
run: |
docker pull ghcr.io/rcaelers/workrave-build:${{ matrix.config.image }}
docker save -o ~/_docker-cache/${{ matrix.config.image }}.tar ghcr.io/rcaelers/workrave-build:${{ matrix.config.image }}
- name: Use cache if current
if: steps.docker-cache.outputs.cache-hit == 'true' && runner.os == 'Windows'
run: docker load -i ~/_docker-cache/${{ matrix.config.image }}.tar
- name: Setup build env
if: matrix.config.os == 'macos-latest'
run: |
brew install gettext qt python3 boost ninja spdlog pkg-config || true
brew link gettext --force
brew link --overwrite [email protected]
brew outdated cmake || brew upgrade cmake
pip3 install --break-system-packages --user Jinja2 # required for dbus support, system (distro) wide include paths are ignored
- name: Build
run: |
if [[ $DOCKER_IMAGE ]]; then
if [[ $DOCKER_IMAGE =~ "windows-" ]]; then
IFS=$'\n'
export WORKRAVE_ENV=docker-windows-msys2
docker run --rm -v $GITHUB_WORKSPACE:c:\\workspace\\source \
`printenv | grep -E '^(CONF_.*|GITHUB_.*|DOCKER_IMAGE|WORKRAVE_.*)=' | sed -e 's/^/-e/g' ` \
ghcr.io/rcaelers/workrave-build:${DOCKER_IMAGE} \
sh -c "/c/workspace/source/tools/ci/build.sh"
elif [[ $DOCKER_IMAGE =~ "mingw" || $WORKRAVE_ENV =~ "-msys2" ]]; then
IFS=$'\n'
export WORKRAVE_ENV=docker-linux
docker run --security-opt seccomp=unconfined --rm \
${{ matrix.config.appimage && '--cap-add SYS_ADMIN --device /dev/fuse --security-opt apparmor:unconfined' || '' }} \
-v $GITHUB_WORKSPACE:/workspace/source \
`printenv | grep -E '^(CONF_.*|GITHUB_.*|DOCKER_IMAGE|WORKRAVE_.*)=' | sed -e 's/^/-e/g' ` \
ghcr.io/rcaelers/workrave-build:${DOCKER_IMAGE} \
sh -c "/workspace/source/tools/ci/build.sh"
else
IFS=$'\n'
export WORKRAVE_ENV=docker-linux
docker run --security-opt seccomp=unconfined --rm \
${{ matrix.config.appimage && '--cap-add SYS_ADMIN --device /dev/fuse --security-opt apparmor:unconfined' || '' }} \
-v $GITHUB_WORKSPACE:/workspace/source \
`printenv | grep -E '^(CONF_.*|GITHUB_.*|DOCKER_IMAGE|WORKRAVE_.*)=' | sed -e 's/^/-e/g' ` \
ghcr.io/rcaelers/workrave-build:${DOCKER_IMAGE} \
sh -c "/workspace/source/tools/ci/build.sh"
fi;
else
export WORKRAVE_ENV=github-ubuntu
$GITHUB_WORKSPACE/tools/ci/build.sh
fi
env:
WORKRAVE_JOB_INDEX: ${{ strategy.job-index }}
CONF_COMPILER: ${{ matrix.config.compiler }}
CONF_UI: ${{ matrix.config.ui }}
CONF_ENABLE: ${{ matrix.config.enable }}
CONF_DISABLE: ${{ matrix.config.disable }}
CONF_CONFIGURATION: ${{ matrix.config.configuration }}
CONF_APPIMAGE: ${{ matrix.config.appimage }}
DOCKER_IMAGE: ${{ matrix.config.image }}
WORKRAVE_BUILD_DATETIME: ${{ needs.prep.outputs.WORKRAVE_BUILD_DATETIME }}
WORKRAVE_BUILD_DATE: ${{ needs.prep.outputs.WORKRAVE_BUILD_DATE }}
- name: attest
uses: actions/attest-build-provenance@v1
if: ${{ matrix.config.upload }}
with:
subject-path: _deploy/*
- name: Upload artifacts to GitHub
uses: actions/upload-artifact@v4
if: ${{ matrix.config.upload }}
with:
name: artifacts-${{ matrix.config.upload }}
path: _deploy
merge:
runs-on: ubuntu-latest
needs: [prep, build-cmake, build-msys2]
steps:
- name: Merge Artifacts
uses: actions/upload-artifact/merge@v4
with:
name: all-artifacts
pattern: artifacts-*
deploy:
runs-on: ubuntu-24.04
needs: [prep, build-cmake, build-msys2, merge]
if: github.event_name == 'push' && ( github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/') )
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- uses: actions/download-artifact@v4
with:
name: all-artifacts
path: artifacts
- name: Sign
run: |
cd $GITHUB_WORKSPACE
echo '${{ secrets.ED25519_KEY }}' > ${SECRETS_DIR}/ed25519key.pem
$GITHUB_WORKSPACE/tools/ci/sign.sh
rm -f ed25519key.pem
env:
ED25519_KEY: ${{ secrets.ED25519_KEY }}
WORKSPACE: ${{ github.workspace }}
SECRETS_DIR: ${{ github.workspace }}
ARTIFACTS: ${{ github.workspace }}/artifacts/
WORKRAVE_BUILD_DATETIME: ${{ needs.prep.outputs.WORKRAVE_BUILD_DATETIME }}
WORKRAVE_BUILD_DATE: ${{ needs.prep.outputs.WORKRAVE_BUILD_DATE }}
- name: Upload artifacts to MinIO
run: |
aws configure set aws_access_key_id travis
aws configure set aws_secret_access_key $SNAPSHOTS_SECRET_ACCESS_KEY
aws configure set default.region us-east-1
aws configure set default.s3.signature_version s3v4
aws configure set s3.endpoint_url https://snapshots.workrave.org/
aws s3 --endpoint-url https://snapshots.workrave.org/ cp --recursive artifacts s3://snapshots/v1.11
env:
WORKSPACE: ${{ github.workspace }}
SNAPSHOTS_SECRET_ACCESS_KEY: ${{ secrets.SNAPSHOTS_SECRET_ACCESS_KEY }}
- name: Create artifact catalog / appcast
run: |
cd $GITHUB_WORKSPACE/tools/citool
npm i
npm run build
node $GITHUB_WORKSPACE/tools/citool/dist/citool.js catalog
node $GITHUB_WORKSPACE/tools/citool/dist/citool.js appcast
env:
WORKSPACE: ${{ github.workspace }}
SNAPSHOTS_SECRET_ACCESS_KEY: ${{ secrets.SNAPSHOTS_SECRET_ACCESS_KEY }}
WORKRAVE_BUILD_DATETIME: ${{ needs.prep.outputs.WORKRAVE_BUILD_DATETIME }}
WORKRAVE_BUILD_DATE: ${{ needs.prep.outputs.WORKRAVE_BUILD_DATE }}
website:
runs-on: ubuntu-24.04
if: github.event_name == 'push'
needs: [deploy]
steps:
- name: Trigger workrave.org rebuild
run: |
curl \
-X POST \
-H "Authorization: token ${{ secrets.TOKEN }}" \
-H 'Accept: application/vnd.github.everest-preview+json' \
-d '{"event_type":"rebuild"}' \
https://api.github.com/repos/rcaelers/workrave-website/dispatches