Build

feat: workflow UX improvements — browser support, embedded config, si… #158

Workflow file for this run

	name: Build

	on:
	push:
	tags:
	- 'v*'
	branches:
	- 'main'
	pull_request:
	branches: [main]
	workflow_dispatch:

	jobs:
	build:
	strategy:
	matrix:
	include:
	- os: ubuntu-latest
	platform: linux
	- os: windows-latest
	platform: win
	- os: macos-latest
	platform: mac

	runs-on: ${{ matrix.os }}

	steps:
	- name: Checkout
	uses: actions/checkout@v4

	- name: Setup Node.js
	uses: actions/setup-node@v4
	with:
	node-version: '20'
	cache: 'npm'

	- name: Install dependencies
	run: npm ci

	- name: Build application
	run: npm run build

	# macOS: Import certificates for signing
	- name: Import macOS certificates
	if: matrix.platform == 'mac' && startsWith(github.ref, 'refs/tags/v')
	env:
	MAC_CERTS: ${{ secrets.MAC_CERTS }}
	MAC_CERTS_PASSWORD: ${{ secrets.MAC_CERTS_PASSWORD }}
	run: \|
	if [ -n "$MAC_CERTS" ]; then
	echo "$MAC_CERTS" \| base64 --decode > certificate.p12
	security create-keychain -p actions build.keychain
	security default-keychain -s build.keychain
	security unlock-keychain -p actions build.keychain
	security import certificate.p12 -k build.keychain -P "$MAC_CERTS_PASSWORD" -T /usr/bin/codesign
	security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k actions build.keychain
	rm certificate.p12
	fi

	# macOS non-release: skip signing entirely (clean env, no CSC_LINK leaking)
	- name: Build for mac (no signing)
	if: matrix.platform == 'mac' && !startsWith(github.ref, 'refs/tags/v')
	run: npm run build:mac:fast
	env:
	GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	CSC_IDENTITY_AUTO_DISCOVERY: false

	# All other builds (Linux, Windows, macOS release with signing)
	- name: Build for ${{ matrix.platform }}
	if: matrix.platform != 'mac' \|\| startsWith(github.ref, 'refs/tags/v')
	run: npm run build:${{ matrix.platform }}
	env:
	GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	CSC_LINK: ${{ matrix.platform == 'mac' && secrets.MAC_CERTS \|\| '' }}
	CSC_KEY_PASSWORD: ${{ matrix.platform == 'mac' && secrets.MAC_CERTS_PASSWORD \|\| '' }}
	APPLE_ID: ${{ secrets.APPLE_ID }}
	APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.APPLE_APP_SPECIFIC_PASSWORD }}
	APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}

	- name: Upload artifacts
	uses: actions/upload-artifact@v4
	with:
	name: wavespeed-desktop-${{ matrix.platform }}
	path: \|
	dist/*.exe
	dist/*.dmg
	dist/*.zip
	dist/*.AppImage
	dist/*.deb
	dist/latest*.yml
	dist/*.blockmap
	if-no-files-found: ignore

	release:
	needs: build
	# Only create release on tags and if all builds succeeded
	if: startsWith(github.ref, 'refs/tags/v') && needs.build.result == 'success'
	runs-on: ubuntu-latest
	permissions:
	contents: write

	steps:
	- name: Download all artifacts
	uses: actions/download-artifact@v4
	with:
	path: artifacts

	- name: Create Release
	uses: softprops/action-gh-release@v1
	with:
	files: artifacts/*/
	draft: false
	prerelease: ${{ contains(github.ref, '-') }}
	generate_release_notes: true
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

	deploy-to-server:
	needs: release
	if: startsWith(github.ref, 'refs/tags/v') && needs.release.result == 'success'
	runs-on: namespace-profile-default
	steps:
	- name: Checkout code
	uses: actions/checkout@v3

	- name: Add SSH Private Key
	uses: webfactory/ssh-agent@v0.7.0
	with:
	ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY_PROD }}

	- name: Deploy to Server
	run: \|
	ssh -o StrictHostKeyChecking=no ubuntu@43.153.9.233 '
	export NVM_DIR="$HOME/.nvm"
	[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh" &&
	cd /home/ubuntu/service/wavespeed-desktop &&
	git checkout main &&
	git fetch origin &&
	git reset --hard origin/main &&
	npm install &&
	npm run build
	'

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat: workflow UX improvements — browser support, embedded config, si… #158

Workflow file

feat: workflow UX improvements — browser support, embedded config, si… #158

Uh oh!

Workflow file for this run