Merge pull request #73 from borgvin/audit #505
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This workflow will do a clean install of node dependencies, build the source code and run tests across different versions of node | |
# For more information see: https://help.github.com/actions/language-and-framework-guides/using-nodejs-with-github-actions | |
name: CI Desktop Vault | |
on: | |
push: | |
pull_request: | |
branches: | |
- develop | |
- master | |
jobs: | |
desktop-build: | |
runs-on: ${{ matrix.system.os }} | |
env: | |
REACT_APP_NET_TYPE_ID: ${{matrix.network.id}} | |
ACTION_OS: ${{ matrix.system.os }} | |
strategy: | |
matrix: | |
system: | |
- os: "windows-latest" | |
path: "squirrel.windows/x64/" | |
- os: "macos-latest" | |
path: "" | |
- os: ubuntu-latest | |
path: "deb/x64/" | |
network: | |
- id: 0 | |
name: "mainnet" | |
- id: 1 | |
name: "testnet" | |
- id: 2 | |
name: "stagenet" | |
steps: | |
- uses: actions/setup-python@v5 | |
with: | |
python-version: '3.10' | |
- uses: actions/checkout@v4 | |
- name: Use Node.js | |
uses: actions/setup-node@v4 | |
with: | |
node-version: '18' | |
- name: Install client dependencies | |
working-directory: client | |
run: | | |
git config --global url."https://".insteadOf git:// | |
npm install | |
- name: Audit client dependencies | |
working-directory: client | |
run: | | |
npm audit fix --audit-level moderate | |
- name: Client Build for Desktop | |
working-directory: client | |
env: | |
CI: false | |
run: | | |
npm run build:desktop:ci | |
- name: Copy Build | |
working-directory: client | |
run: | | |
npm run copy-build | |
- name: Install backend dependencies | |
working-directory: haven-desktop-app | |
run: | | |
npm install | |
- name: Install latest wallet core | |
working-directory: haven-desktop-app | |
run: | | |
npm install haven-wallet-core@latest --save | |
- name: Audit backend dependencies | |
working-directory: haven-desktop-app | |
run: | | |
npm audit fix --audit-level moderate | |
- if: matrix.system.os == 'ubuntu-latest' | |
run: | | |
sudo apt-get update | |
sudo apt-get install flatpak flatpak-builder elfutils | |
- name: Build Final | |
run: | | |
sh './sh/make.sh' | |
- name: Package Desktop Build | |
run: | | |
cd haven-desktop-app/out/make/${{ matrix.system.path }} | |
7z a ${{ github.workspace }}/desktop-${{ matrix.system.os }}-${{ matrix.network.name }}.zip * | |
- name: Upload Haven Desktop Build | |
env: | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
AWS_DEFAULT_REGION: "eu-west-1" | |
run: | |
aws s3 cp ${{ github.workspace }}/desktop-${{ matrix.system.os }}-${{ matrix.network.name }}.zip s3://${{ secrets.AWS_BUCKET }}/binaries/${{github.ref_name}}/desktop-${{ matrix.system.os }}-${{ matrix.network.name }}.zip --acl public-read | |
- name: notification | |
env: | |
BINARY_NAME: /desktop-${{ matrix.system.os }}-${{ matrix.network.name }}.zip | |
BINARY_URL: https://docs.havenprotocol.org/binaries/ | |
DISCORD_WEBHOOK: ${{ secrets.DISCORD_WEBHOOK }} | |
shell: bash | |
run: | | |
export checksum=($(sha256sum ${{ github.workspace }}/desktop-${{ matrix.system.os }}-${{ matrix.network.name }}.zip)) | |
export payload='{"username": "Github", "content": "GUI (${{ matrix.system.os }}) for ${{matrix.network.name}} : '${BINARY_URL}${GITHUB_REF_NAME}${BINARY_NAME}' (sha256 checksum : '${checksum}')"}' | |
echo $payload | |
curl -X POST -H "Content-Type: application/json" -d "$payload" $DISCORD_WEBHOOK | |
- name: Upload binaries to release | |
if: startsWith(github.ref, 'refs/tags/v') | |
uses: svenstaro/upload-release-action@v2 | |
with: | |
repo_token: ${{ secrets.GITHUB_TOKEN }} | |
file: ${{ github.workspace }}/desktop-${{ matrix.system.os }}-${{ matrix.network.name }}.zip | |
asset_name: desktop-${{ matrix.system.os }}-${{ matrix.network.name }}.zip | |
tag: ${{ github.ref }} | |
overwrite: true | |
body: "" | |
prerelease: true |