From 86bb51fc950ae48e5893713eb87af805b0811641 Mon Sep 17 00:00:00 2001 From: Service Account Date: Tue, 19 Dec 2023 03:15:43 +0700 Subject: [PATCH 1/9] upgrade electron-updater and electron-builder for fixing windows autoupdater --- electron/package.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/electron/package.json b/electron/package.json index 989144d586..8564dfcdbe 100644 --- a/electron/package.json +++ b/electron/package.json @@ -73,7 +73,7 @@ "@types/request": "^2.48.12", "@uiball/loaders": "^1.3.0", "electron-store": "^8.1.0", - "electron-updater": "^6.1.4", + "electron-updater": "^6.1.7", "fs-extra": "^11.2.0", "pacote": "^17.0.4", "request": "^2.88.2", @@ -88,7 +88,7 @@ "@typescript-eslint/eslint-plugin": "^6.7.3", "@typescript-eslint/parser": "^6.7.3", "electron": "28.0.0", - "electron-builder": "^24.6.4", + "electron-builder": "^24.9.1", "electron-playwright-helpers": "^1.6.0", "eslint-plugin-react": "^7.33.2", "run-script-os": "^1.1.6" From a8013f27c6736c165c91357f6061ec6c19a4bf2c Mon Sep 17 00:00:00 2001 From: Hien To Date: Tue, 19 Dec 2023 05:13:14 +0700 Subject: [PATCH 2/9] windows specific target build --- electron/package.json | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/electron/package.json b/electron/package.json index 8564dfcdbe..a2226c2554 100644 --- a/electron/package.json +++ b/electron/package.json @@ -45,7 +45,10 @@ "icon": "icons/" }, "win": { - "icon": "icons/icon.png" + "icon": "icons/icon.png", + "target": [ + "nsis" + ] }, "artifactName": "jan-${os}-${arch}-${version}.${ext}" }, @@ -59,11 +62,11 @@ "build:test:win32": "tsc -p . && electron-builder -p never -w --dir", "build:test:linux": "tsc -p . && electron-builder -p never -l --dir", "build:darwin": "tsc -p . && electron-builder -p never -m --x64 --arm64", - "build:win32": "tsc -p . && electron-builder -p never -w", + "build:win32": "tsc -p . && electron-builder -p never -w --x64", "build:linux": "tsc -p . && electron-builder -p never -l deb", "build:publish": "run-script-os", "build:publish:darwin": "tsc -p . && electron-builder -p onTagOrDraft -m --x64 --arm64", - "build:publish:win32": "tsc -p . && electron-builder -p onTagOrDraft -w", + "build:publish:win32": "tsc -p . && electron-builder -p onTagOrDraft -w --x64", "build:publish:linux": "tsc -p . && electron-builder -p onTagOrDraft -l deb" }, "dependencies": { From 2e85f6c6cad9389390f8512f3938a4baf2c156a4 Mon Sep 17 00:00:00 2001 From: Hien To Date: Tue, 19 Dec 2023 05:43:58 +0700 Subject: [PATCH 3/9] Add block map for windows nightly build --- .github/workflows/jan-electron-build-nightly.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/jan-electron-build-nightly.yml b/.github/workflows/jan-electron-build-nightly.yml index fe28e6003f..c788c7663d 100644 --- a/.github/workflows/jan-electron-build-nightly.yml +++ b/.github/workflows/jan-electron-build-nightly.yml @@ -224,6 +224,7 @@ jobs: run: | ls -al ./electron/dist echo "q" | aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/jan-win-x64-${{ steps.version_update.outputs.new_version }}.exe" --body "./electron/dist/jan-win-x64-${{ steps.version_update.outputs.new_version }}.exe" --content-type "application/octet-stream" + echo "q" | aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/jan-win-x64-${{ steps.version_update.outputs.new_version }}.exe.blockmap" --body "./electron/dist/jan-win-x64-${{ steps.version_update.outputs.new_version }}.exe.blockmap" --content-type "text/xml" echo "q" | aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "${{ steps.version_update.outputs.new_version }}/jan-win-x64-${{ steps.version_update.outputs.new_version }}.exe" --body "./electron/dist/jan-win-x64-${{ steps.version_update.outputs.new_version }}.exe" --content-type "application/octet-stream" echo "q" | aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/latest.yml" --body "./electron/dist/latest.yml" --content-type "text/yaml" echo "q" | aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "${{ steps.version_update.outputs.new_version }}/latest.yml" --body "./electron/dist/latest.yml" --content-type "text/yaml" From 6029b0b07373adf0c0d53960f22834a6802325ee Mon Sep 17 00:00:00 2001 From: Hien To Date: Tue, 19 Dec 2023 14:05:09 +0700 Subject: [PATCH 4/9] content-type blocksize change to application/gzip --- .github/workflows/jan-electron-build-nightly.yml | 2 +- .github/workflows/jan-electron-build.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/jan-electron-build-nightly.yml b/.github/workflows/jan-electron-build-nightly.yml index c788c7663d..ba5459b3ff 100644 --- a/.github/workflows/jan-electron-build-nightly.yml +++ b/.github/workflows/jan-electron-build-nightly.yml @@ -224,7 +224,7 @@ jobs: run: | ls -al ./electron/dist echo "q" | aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/jan-win-x64-${{ steps.version_update.outputs.new_version }}.exe" --body "./electron/dist/jan-win-x64-${{ steps.version_update.outputs.new_version }}.exe" --content-type "application/octet-stream" - echo "q" | aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/jan-win-x64-${{ steps.version_update.outputs.new_version }}.exe.blockmap" --body "./electron/dist/jan-win-x64-${{ steps.version_update.outputs.new_version }}.exe.blockmap" --content-type "text/xml" + echo "q" | aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/jan-win-x64-${{ steps.version_update.outputs.new_version }}.exe.blockmap" --body "./electron/dist/jan-win-x64-${{ steps.version_update.outputs.new_version }}.exe.blockmap" --content-type "application/gzip" echo "q" | aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "${{ steps.version_update.outputs.new_version }}/jan-win-x64-${{ steps.version_update.outputs.new_version }}.exe" --body "./electron/dist/jan-win-x64-${{ steps.version_update.outputs.new_version }}.exe" --content-type "application/octet-stream" echo "q" | aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/latest.yml" --body "./electron/dist/latest.yml" --content-type "text/yaml" echo "q" | aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "${{ steps.version_update.outputs.new_version }}/latest.yml" --body "./electron/dist/latest.yml" --content-type "text/yaml" diff --git a/.github/workflows/jan-electron-build.yml b/.github/workflows/jan-electron-build.yml index 5acf13b7de..ed397bec4d 100644 --- a/.github/workflows/jan-electron-build.yml +++ b/.github/workflows/jan-electron-build.yml @@ -154,7 +154,7 @@ jobs: upload_url: ${{ needs.create-draft-release.outputs.upload_url }} asset_path: ./electron/dist/jan-win-x64-${{ needs.create-draft-release.outputs.version }}.exe.blockmap asset_name: jan-win-x64-${{ needs.create-draft-release.outputs.version }}.exe.blockmap - asset_content_type: text/xml + asset_content_type: application/gzip - uses: actions/upload-release-asset@v1.0.1 if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/') From ab24ef135d9630b4624114f079b2b8490f7e8f0a Mon Sep 17 00:00:00 2001 From: Hien To Date: Tue, 19 Dec 2023 14:26:33 +0700 Subject: [PATCH 5/9] content-type blocksize change to application/octet-stream --- .../workflows/jan-electron-build-nightly.yml | 34 +++++++++---------- .github/workflows/jan-electron-build.yml | 2 +- 2 files changed, 18 insertions(+), 18 deletions(-) diff --git a/.github/workflows/jan-electron-build-nightly.yml b/.github/workflows/jan-electron-build-nightly.yml index ba5459b3ff..1d705bdc16 100644 --- a/.github/workflows/jan-electron-build-nightly.yml +++ b/.github/workflows/jan-electron-build-nightly.yml @@ -132,14 +132,14 @@ jobs: continue-on-error: true run: | ls -al ./electron/dist - echo "q" | aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/jan-mac-x64-${{ steps.version_update.outputs.new_version }}.dmg" --body "./electron/dist/jan-mac-x64-${{ steps.version_update.outputs.new_version }}.dmg" --content-type "application/octet-stream" - echo "q" | aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/jan-mac-arm64-${{ steps.version_update.outputs.new_version }}.dmg" --body "./electron/dist/jan-mac-arm64-${{ steps.version_update.outputs.new_version }}.dmg" --content-type "application/octet-stream" - echo "q" | aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/jan-mac-x64-${{ steps.version_update.outputs.new_version }}.zip" --body "./electron/dist/jan-mac-x64-${{ steps.version_update.outputs.new_version }}.zip" --content-type "application/zip" - echo "q" | aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/jan-mac-arm64-${{ steps.version_update.outputs.new_version }}.zip" --body "./electron/dist/jan-mac-arm64-${{ steps.version_update.outputs.new_version }}.zip" --content-type "application/zip" - echo "q" | aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "${{ steps.version_update.outputs.new_version }}/jan-mac-x64-${{ steps.version_update.outputs.new_version }}.dmg" --body "./electron/dist/jan-mac-x64-${{ steps.version_update.outputs.new_version }}.dmg" --content-type "application/octet-stream" - echo "q" | aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "${{ steps.version_update.outputs.new_version }}/jan-mac-arm64-${{ steps.version_update.outputs.new_version }}.dmg" --body "./electron/dist/jan-mac-arm64-${{ steps.version_update.outputs.new_version }}.dmg" --content-type "application/octet-stream" - echo "q" | aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "${{ steps.version_update.outputs.new_version }}/latest-mac.yml" --body "./electron/dist/latest-mac.yml" --content-type "text/yaml" - echo "q" | aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/latest-mac.yml" --body "./electron/dist/latest-mac.yml" --content-type "text/yaml" + aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/jan-mac-x64-${{ steps.version_update.outputs.new_version }}.dmg" --body "./electron/dist/jan-mac-x64-${{ steps.version_update.outputs.new_version }}.dmg" --content-type "application/octet-stream" + aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/jan-mac-arm64-${{ steps.version_update.outputs.new_version }}.dmg" --body "./electron/dist/jan-mac-arm64-${{ steps.version_update.outputs.new_version }}.dmg" --content-type "application/octet-stream" + aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/jan-mac-x64-${{ steps.version_update.outputs.new_version }}.zip" --body "./electron/dist/jan-mac-x64-${{ steps.version_update.outputs.new_version }}.zip" --content-type "application/zip" + aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/jan-mac-arm64-${{ steps.version_update.outputs.new_version }}.zip" --body "./electron/dist/jan-mac-arm64-${{ steps.version_update.outputs.new_version }}.zip" --content-type "application/zip" + aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "${{ steps.version_update.outputs.new_version }}/jan-mac-x64-${{ steps.version_update.outputs.new_version }}.dmg" --body "./electron/dist/jan-mac-x64-${{ steps.version_update.outputs.new_version }}.dmg" --content-type "application/octet-stream" + aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "${{ steps.version_update.outputs.new_version }}/jan-mac-arm64-${{ steps.version_update.outputs.new_version }}.dmg" --body "./electron/dist/jan-mac-arm64-${{ steps.version_update.outputs.new_version }}.dmg" --content-type "application/octet-stream" + aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "${{ steps.version_update.outputs.new_version }}/latest-mac.yml" --body "./electron/dist/latest-mac.yml" --content-type "text/yaml" + aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/latest-mac.yml" --body "./electron/dist/latest-mac.yml" --content-type "text/yaml" env: AWS_ACCESS_KEY_ID: ${{ secrets.CLOUDFLARE_R2_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.CLOUDFLARE_R2_SECRET_ACCESS_KEY }} @@ -223,11 +223,11 @@ jobs: shell: bash run: | ls -al ./electron/dist - echo "q" | aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/jan-win-x64-${{ steps.version_update.outputs.new_version }}.exe" --body "./electron/dist/jan-win-x64-${{ steps.version_update.outputs.new_version }}.exe" --content-type "application/octet-stream" - echo "q" | aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/jan-win-x64-${{ steps.version_update.outputs.new_version }}.exe.blockmap" --body "./electron/dist/jan-win-x64-${{ steps.version_update.outputs.new_version }}.exe.blockmap" --content-type "application/gzip" - echo "q" | aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "${{ steps.version_update.outputs.new_version }}/jan-win-x64-${{ steps.version_update.outputs.new_version }}.exe" --body "./electron/dist/jan-win-x64-${{ steps.version_update.outputs.new_version }}.exe" --content-type "application/octet-stream" - echo "q" | aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/latest.yml" --body "./electron/dist/latest.yml" --content-type "text/yaml" - echo "q" | aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "${{ steps.version_update.outputs.new_version }}/latest.yml" --body "./electron/dist/latest.yml" --content-type "text/yaml" + aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/jan-win-x64-${{ steps.version_update.outputs.new_version }}.exe" --body "./electron/dist/jan-win-x64-${{ steps.version_update.outputs.new_version }}.exe" --content-type "application/octet-stream" + aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/jan-win-x64-${{ steps.version_update.outputs.new_version }}.exe.blockmap" --body "./electron/dist/jan-win-x64-${{ steps.version_update.outputs.new_version }}.exe.blockmap" --content-type "application/octet-stream" + aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "${{ steps.version_update.outputs.new_version }}/jan-win-x64-${{ steps.version_update.outputs.new_version }}.exe" --body "./electron/dist/jan-win-x64-${{ steps.version_update.outputs.new_version }}.exe" --content-type "application/octet-stream" + aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/latest.yml" --body "./electron/dist/latest.yml" --content-type "text/yaml" + aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "${{ steps.version_update.outputs.new_version }}/latest.yml" --body "./electron/dist/latest.yml" --content-type "text/yaml" env: AWS_ACCESS_KEY_ID: ${{ secrets.CLOUDFLARE_R2_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.CLOUDFLARE_R2_SECRET_ACCESS_KEY }} @@ -306,10 +306,10 @@ jobs: - name: put-object using awscli s3api run: | ls -al ./electron/dist - echo "q" | aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/jan-linux-amd64-${{ steps.version_update.outputs.new_version }}.deb" --body "./electron/dist/jan-linux-amd64-${{ steps.version_update.outputs.new_version }}.deb" --content-type "application/octet-stream" - echo "q" | aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "${{ steps.version_update.outputs.new_version }}/jan-linux-amd64-${{ steps.version_update.outputs.new_version }}.deb" --body "./electron/dist/jan-linux-amd64-${{ steps.version_update.outputs.new_version }}.deb" --content-type "application/octet-stream" - echo "q" | aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/latest-linux.yml" --body "./electron/dist/latest-linux.yml" --content-type "text/yaml" - echo "q" | aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "${{ steps.version_update.outputs.new_version }}/latest-linux.yml" --body "./electron/dist/latest-linux.yml" --content-type "text/yaml" + aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/jan-linux-amd64-${{ steps.version_update.outputs.new_version }}.deb" --body "./electron/dist/jan-linux-amd64-${{ steps.version_update.outputs.new_version }}.deb" --content-type "application/octet-stream" + aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "${{ steps.version_update.outputs.new_version }}/jan-linux-amd64-${{ steps.version_update.outputs.new_version }}.deb" --body "./electron/dist/jan-linux-amd64-${{ steps.version_update.outputs.new_version }}.deb" --content-type "application/octet-stream" + aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/latest-linux.yml" --body "./electron/dist/latest-linux.yml" --content-type "text/yaml" + aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "${{ steps.version_update.outputs.new_version }}/latest-linux.yml" --body "./electron/dist/latest-linux.yml" --content-type "text/yaml" env: AWS_ACCESS_KEY_ID: ${{ secrets.CLOUDFLARE_R2_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.CLOUDFLARE_R2_SECRET_ACCESS_KEY }} diff --git a/.github/workflows/jan-electron-build.yml b/.github/workflows/jan-electron-build.yml index ed397bec4d..c051d6b16f 100644 --- a/.github/workflows/jan-electron-build.yml +++ b/.github/workflows/jan-electron-build.yml @@ -154,7 +154,7 @@ jobs: upload_url: ${{ needs.create-draft-release.outputs.upload_url }} asset_path: ./electron/dist/jan-win-x64-${{ needs.create-draft-release.outputs.version }}.exe.blockmap asset_name: jan-win-x64-${{ needs.create-draft-release.outputs.version }}.exe.blockmap - asset_content_type: application/gzip + asset_content_type: application/octet-stream - uses: actions/upload-release-asset@v1.0.1 if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/') From 3cf26ae443f5362de12602b21589b7e637ab3171 Mon Sep 17 00:00:00 2001 From: Hien To Date: Tue, 19 Dec 2023 14:42:25 +0700 Subject: [PATCH 6/9] remove content-type for windows --- .github/workflows/jan-electron-build-nightly.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/jan-electron-build-nightly.yml b/.github/workflows/jan-electron-build-nightly.yml index 1d705bdc16..ba24bbb331 100644 --- a/.github/workflows/jan-electron-build-nightly.yml +++ b/.github/workflows/jan-electron-build-nightly.yml @@ -223,11 +223,11 @@ jobs: shell: bash run: | ls -al ./electron/dist - aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/jan-win-x64-${{ steps.version_update.outputs.new_version }}.exe" --body "./electron/dist/jan-win-x64-${{ steps.version_update.outputs.new_version }}.exe" --content-type "application/octet-stream" - aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/jan-win-x64-${{ steps.version_update.outputs.new_version }}.exe.blockmap" --body "./electron/dist/jan-win-x64-${{ steps.version_update.outputs.new_version }}.exe.blockmap" --content-type "application/octet-stream" - aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "${{ steps.version_update.outputs.new_version }}/jan-win-x64-${{ steps.version_update.outputs.new_version }}.exe" --body "./electron/dist/jan-win-x64-${{ steps.version_update.outputs.new_version }}.exe" --content-type "application/octet-stream" - aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/latest.yml" --body "./electron/dist/latest.yml" --content-type "text/yaml" - aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "${{ steps.version_update.outputs.new_version }}/latest.yml" --body "./electron/dist/latest.yml" --content-type "text/yaml" + aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/jan-win-x64-${{ steps.version_update.outputs.new_version }}.exe" --body "./electron/dist/jan-win-x64-${{ steps.version_update.outputs.new_version }}.exe" + aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/jan-win-x64-${{ steps.version_update.outputs.new_version }}.exe.blockmap" --body "./electron/dist/jan-win-x64-${{ steps.version_update.outputs.new_version }}.exe.blockmap" + aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "${{ steps.version_update.outputs.new_version }}/jan-win-x64-${{ steps.version_update.outputs.new_version }}.exe" --body "./electron/dist/jan-win-x64-${{ steps.version_update.outputs.new_version }}.exe" + aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/latest.yml" --body "./electron/dist/latest.yml" + aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "${{ steps.version_update.outputs.new_version }}/latest.yml" --body "./electron/dist/latest.yml" env: AWS_ACCESS_KEY_ID: ${{ secrets.CLOUDFLARE_R2_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.CLOUDFLARE_R2_SECRET_ACCESS_KEY }} From 8b954d4c213a2811be544a93f3f03b0ff082148a Mon Sep 17 00:00:00 2001 From: Hien To Date: Tue, 19 Dec 2023 15:42:01 +0700 Subject: [PATCH 7/9] add custom sign for windows --- .../workflows/jan-electron-build-nightly.yml | 514 +++++++++--------- electron/package.json | 3 +- electron/sign.js | 44 ++ 3 files changed, 308 insertions(+), 253 deletions(-) create mode 100644 electron/sign.js diff --git a/.github/workflows/jan-electron-build-nightly.yml b/.github/workflows/jan-electron-build-nightly.yml index ba24bbb331..2204e285b8 100644 --- a/.github/workflows/jan-electron-build-nightly.yml +++ b/.github/workflows/jan-electron-build-nightly.yml @@ -34,117 +34,117 @@ jobs: AWS_DEFAULT_REGION: auto AWS_EC2_METADATA_DISABLED: "true" - build-macos: - runs-on: macos-latest - needs: delete-cloudflare-r2-folder - environment: production - permissions: - contents: write - steps: - - name: Getting the repo - uses: actions/checkout@v3 - - - name: Installing node - uses: actions/setup-node@v1 - with: - node-version: 20 - - - name: Install jq - uses: dcarbone/install-jq-action@v2.0.1 - - - - name: Update app version based on latest release tag with build number - id: version_update - run: | - # Function to get the latest release tag - get_latest_tag() { - local retries=0 - local max_retries=3 - local tag - while [ $retries -lt $max_retries ]; do - tag=$(curl -s https://api.github.com/repos/janhq/jan/releases/latest | jq -r .tag_name) - if [ -n "$tag" ] && [ "$tag" != "null" ]; then - echo $tag - return - else - let retries++ - echo "Retrying... ($retries/$max_retries)" - sleep 2 - fi - done - echo "Failed to fetch latest tag after $max_retries attempts." - exit 1 - } + # build-macos: + # runs-on: macos-latest + # needs: delete-cloudflare-r2-folder + # environment: production + # permissions: + # contents: write + # steps: + # - name: Getting the repo + # uses: actions/checkout@v3 + + # - name: Installing node + # uses: actions/setup-node@v1 + # with: + # node-version: 20 + + # - name: Install jq + # uses: dcarbone/install-jq-action@v2.0.1 + + + # - name: Update app version based on latest release tag with build number + # id: version_update + # run: | + # # Function to get the latest release tag + # get_latest_tag() { + # local retries=0 + # local max_retries=3 + # local tag + # while [ $retries -lt $max_retries ]; do + # tag=$(curl -s https://api.github.com/repos/janhq/jan/releases/latest | jq -r .tag_name) + # if [ -n "$tag" ] && [ "$tag" != "null" ]; then + # echo $tag + # return + # else + # let retries++ + # echo "Retrying... ($retries/$max_retries)" + # sleep 2 + # fi + # done + # echo "Failed to fetch latest tag after $max_retries attempts." + # exit 1 + # } - # Get the latest release tag from GitHub API - LATEST_TAG=$(get_latest_tag) + # # Get the latest release tag from GitHub API + # LATEST_TAG=$(get_latest_tag) - # Remove the 'v' and append the build number to the version - NEW_VERSION="${LATEST_TAG#v}-${GITHUB_RUN_NUMBER}" - echo "New version: $NEW_VERSION" + # # Remove the 'v' and append the build number to the version + # NEW_VERSION="${LATEST_TAG#v}-${GITHUB_RUN_NUMBER}" + # echo "New version: $NEW_VERSION" - # Update the version in electron/package.json - jq --arg version "$NEW_VERSION" '.version = $version' electron/package.json > /tmp/package.json - mv /tmp/package.json electron/package.json - echo "::set-output name=new_version::$NEW_VERSION" - - jq '.build.publish = [{"provider": "generic", "url": "${{ secrets.CLOUDFLARE_R2_PUBLIC_URL }}", "channel": "latest"}]' electron/package.json > /tmp/package.json - mv /tmp/package.json electron/package.json - - - name: Get Cer for code signing - run: base64 -d <<< "$CODE_SIGN_P12_BASE64" > /tmp/codesign.p12 - shell: bash - env: - CODE_SIGN_P12_BASE64: ${{ secrets.CODE_SIGN_P12_BASE64 }} - - - uses: apple-actions/import-codesign-certs@v2 - continue-on-error: true - with: - p12-file-base64: ${{ secrets.CODE_SIGN_P12_BASE64 }} - p12-password: ${{ secrets.CODE_SIGN_P12_PASSWORD }} - - - name: Build and publish app - run: | - make build - env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - CSC_LINK: "/tmp/codesign.p12" - CSC_KEY_PASSWORD: ${{ secrets.CODE_SIGN_P12_PASSWORD }} - CSC_IDENTITY_AUTO_DISCOVERY: "true" - APPLE_ID: ${{ secrets.APPLE_ID }} - APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.APPLE_APP_SPECIFIC_PASSWORD }} - APP_PATH: "." - DEVELOPER_ID: ${{ secrets.DEVELOPER_ID }} - - - name: Upload Artifact - uses: actions/upload-artifact@v2 - with: - name: jan-mac-x64-${{ steps.version_update.outputs.new_version }} - path: ./electron/dist/jan-mac-x64-${{ steps.version_update.outputs.new_version }}.dmg - - - name: Upload Artifact - uses: actions/upload-artifact@v2 - with: - name: jan-mac-arm64-${{ steps.version_update.outputs.new_version }} - path: ./electron/dist/jan-mac-arm64-${{ steps.version_update.outputs.new_version }}.dmg - - - name: put-object using awscli s3api - continue-on-error: true - run: | - ls -al ./electron/dist - aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/jan-mac-x64-${{ steps.version_update.outputs.new_version }}.dmg" --body "./electron/dist/jan-mac-x64-${{ steps.version_update.outputs.new_version }}.dmg" --content-type "application/octet-stream" - aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/jan-mac-arm64-${{ steps.version_update.outputs.new_version }}.dmg" --body "./electron/dist/jan-mac-arm64-${{ steps.version_update.outputs.new_version }}.dmg" --content-type "application/octet-stream" - aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/jan-mac-x64-${{ steps.version_update.outputs.new_version }}.zip" --body "./electron/dist/jan-mac-x64-${{ steps.version_update.outputs.new_version }}.zip" --content-type "application/zip" - aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/jan-mac-arm64-${{ steps.version_update.outputs.new_version }}.zip" --body "./electron/dist/jan-mac-arm64-${{ steps.version_update.outputs.new_version }}.zip" --content-type "application/zip" - aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "${{ steps.version_update.outputs.new_version }}/jan-mac-x64-${{ steps.version_update.outputs.new_version }}.dmg" --body "./electron/dist/jan-mac-x64-${{ steps.version_update.outputs.new_version }}.dmg" --content-type "application/octet-stream" - aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "${{ steps.version_update.outputs.new_version }}/jan-mac-arm64-${{ steps.version_update.outputs.new_version }}.dmg" --body "./electron/dist/jan-mac-arm64-${{ steps.version_update.outputs.new_version }}.dmg" --content-type "application/octet-stream" - aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "${{ steps.version_update.outputs.new_version }}/latest-mac.yml" --body "./electron/dist/latest-mac.yml" --content-type "text/yaml" - aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/latest-mac.yml" --body "./electron/dist/latest-mac.yml" --content-type "text/yaml" - env: - AWS_ACCESS_KEY_ID: ${{ secrets.CLOUDFLARE_R2_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.CLOUDFLARE_R2_SECRET_ACCESS_KEY }} - AWS_DEFAULT_REGION: auto - AWS_EC2_METADATA_DISABLED: "true" + # # Update the version in electron/package.json + # jq --arg version "$NEW_VERSION" '.version = $version' electron/package.json > /tmp/package.json + # mv /tmp/package.json electron/package.json + # echo "::set-output name=new_version::$NEW_VERSION" + + # jq '.build.publish = [{"provider": "generic", "url": "${{ secrets.CLOUDFLARE_R2_PUBLIC_URL }}", "channel": "latest"}]' electron/package.json > /tmp/package.json + # mv /tmp/package.json electron/package.json + + # - name: Get Cer for code signing + # run: base64 -d <<< "$CODE_SIGN_P12_BASE64" > /tmp/codesign.p12 + # shell: bash + # env: + # CODE_SIGN_P12_BASE64: ${{ secrets.CODE_SIGN_P12_BASE64 }} + + # - uses: apple-actions/import-codesign-certs@v2 + # continue-on-error: true + # with: + # p12-file-base64: ${{ secrets.CODE_SIGN_P12_BASE64 }} + # p12-password: ${{ secrets.CODE_SIGN_P12_PASSWORD }} + + # - name: Build and publish app + # run: | + # make build + # env: + # GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + # CSC_LINK: "/tmp/codesign.p12" + # CSC_KEY_PASSWORD: ${{ secrets.CODE_SIGN_P12_PASSWORD }} + # CSC_IDENTITY_AUTO_DISCOVERY: "true" + # APPLE_ID: ${{ secrets.APPLE_ID }} + # APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.APPLE_APP_SPECIFIC_PASSWORD }} + # APP_PATH: "." + # DEVELOPER_ID: ${{ secrets.DEVELOPER_ID }} + + # - name: Upload Artifact + # uses: actions/upload-artifact@v2 + # with: + # name: jan-mac-x64-${{ steps.version_update.outputs.new_version }} + # path: ./electron/dist/jan-mac-x64-${{ steps.version_update.outputs.new_version }}.dmg + + # - name: Upload Artifact + # uses: actions/upload-artifact@v2 + # with: + # name: jan-mac-arm64-${{ steps.version_update.outputs.new_version }} + # path: ./electron/dist/jan-mac-arm64-${{ steps.version_update.outputs.new_version }}.dmg + + # - name: put-object using awscli s3api + # continue-on-error: true + # run: | + # ls -al ./electron/dist + # aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/jan-mac-x64-${{ steps.version_update.outputs.new_version }}.dmg" --body "./electron/dist/jan-mac-x64-${{ steps.version_update.outputs.new_version }}.dmg" --content-type "application/octet-stream" + # aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/jan-mac-arm64-${{ steps.version_update.outputs.new_version }}.dmg" --body "./electron/dist/jan-mac-arm64-${{ steps.version_update.outputs.new_version }}.dmg" --content-type "application/octet-stream" + # aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/jan-mac-x64-${{ steps.version_update.outputs.new_version }}.zip" --body "./electron/dist/jan-mac-x64-${{ steps.version_update.outputs.new_version }}.zip" --content-type "application/zip" + # aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/jan-mac-arm64-${{ steps.version_update.outputs.new_version }}.zip" --body "./electron/dist/jan-mac-arm64-${{ steps.version_update.outputs.new_version }}.zip" --content-type "application/zip" + # aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "${{ steps.version_update.outputs.new_version }}/jan-mac-x64-${{ steps.version_update.outputs.new_version }}.dmg" --body "./electron/dist/jan-mac-x64-${{ steps.version_update.outputs.new_version }}.dmg" --content-type "application/octet-stream" + # aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "${{ steps.version_update.outputs.new_version }}/jan-mac-arm64-${{ steps.version_update.outputs.new_version }}.dmg" --body "./electron/dist/jan-mac-arm64-${{ steps.version_update.outputs.new_version }}.dmg" --content-type "application/octet-stream" + # aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "${{ steps.version_update.outputs.new_version }}/latest-mac.yml" --body "./electron/dist/latest-mac.yml" --content-type "text/yaml" + # aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/latest-mac.yml" --body "./electron/dist/latest-mac.yml" --content-type "text/yaml" + # env: + # AWS_ACCESS_KEY_ID: ${{ secrets.CLOUDFLARE_R2_ACCESS_KEY_ID }} + # AWS_SECRET_ACCESS_KEY: ${{ secrets.CLOUDFLARE_R2_SECRET_ACCESS_KEY }} + # AWS_DEFAULT_REGION: auto + # AWS_EC2_METADATA_DISABLED: "true" build-windows-x64: runs-on: windows-latest @@ -203,15 +203,25 @@ jobs: jq '.build.publish = [{"provider": "generic", "url": "${{ secrets.CLOUDFLARE_R2_PUBLIC_URL }}", "channel": "latest"}]' electron/package.json > /tmp/package.json mv /tmp/package.json electron/package.json - - name: Build app - run: | - make build - - name: Windows Code Sign with AzureSignTool run: | dotnet tool install --global AzureSignTool - cd ./electron/dist - azuresigntool.exe sign -kvu "${{ secrets.AZURE_KEY_VAULT_URI }}" -kvi "${{ secrets.AZURE_CLIENT_ID }}" -kvt "${{ secrets.AZURE_TENANT_ID }}" -kvs "${{ secrets.AZURE_CLIENT_SECRET }}" -kvc ${{ secrets.AZURE_CERT_NAME }} -tr http://timestamp.globalsign.com/tsa/r6advanced1 -v "jan-win-x64-${{ steps.version_update.outputs.new_version }}.exe" + + - name: Build app + run: | + make build + env: + AZURE_KEY_VAULT_URI: ${{ secrets.AZURE_KEY_VAULT_URI }} + AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} + AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} + AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} + AZURE_CERT_NAME: ${{ secrets.AZURE_CERT_NAME }} + + # - name: Windows Code Sign with AzureSignTool + # run: | + # dotnet tool install --global AzureSignTool + # cd ./electron/dist + # azuresigntool.exe sign -kvu "${{ secrets.AZURE_KEY_VAULT_URI }}" -kvi "${{ secrets.AZURE_CLIENT_ID }}" -kvt "${{ secrets.AZURE_TENANT_ID }}" -kvs "${{ secrets.AZURE_CLIENT_SECRET }}" -kvc ${{ secrets.AZURE_CERT_NAME }} -tr http://timestamp.globalsign.com/tsa/r6advanced1 -v "jan-win-x64-${{ steps.version_update.outputs.new_version }}.exe" - name: Upload Artifact uses: actions/upload-artifact@v2 @@ -234,146 +244,146 @@ jobs: AWS_DEFAULT_REGION: auto AWS_EC2_METADATA_DISABLED: "true" - build-linux-x64: - runs-on: ubuntu-latest - needs: delete-cloudflare-r2-folder - environment: production - env: - SNAPCRAFT_STORE_CREDENTIALS: ${{ secrets.SNAPCRAFT_TOKEN }} - permissions: - contents: write - steps: - - name: Getting the repo - uses: actions/checkout@v3 - - - name: Installing node - uses: actions/setup-node@v1 - with: - node-version: 20 - - - name: Install jq - uses: dcarbone/install-jq-action@v2.0.1 - - - name: Update app version base on tag - id: version_update - run: | - # Function to get the latest release tag - get_latest_tag() { - local retries=0 - local max_retries=3 - local tag - while [ $retries -lt $max_retries ]; do - tag=$(curl -s https://api.github.com/repos/janhq/jan/releases/latest | jq -r .tag_name) - if [ -n "$tag" ] && [ "$tag" != "null" ]; then - echo $tag - return - else - let retries++ - echo "Retrying... ($retries/$max_retries)" - sleep 2 - fi - done - echo "Failed to fetch latest tag after $max_retries attempts." - exit 1 - } + # build-linux-x64: + # runs-on: ubuntu-latest + # needs: delete-cloudflare-r2-folder + # environment: production + # env: + # SNAPCRAFT_STORE_CREDENTIALS: ${{ secrets.SNAPCRAFT_TOKEN }} + # permissions: + # contents: write + # steps: + # - name: Getting the repo + # uses: actions/checkout@v3 + + # - name: Installing node + # uses: actions/setup-node@v1 + # with: + # node-version: 20 + + # - name: Install jq + # uses: dcarbone/install-jq-action@v2.0.1 + + # - name: Update app version base on tag + # id: version_update + # run: | + # # Function to get the latest release tag + # get_latest_tag() { + # local retries=0 + # local max_retries=3 + # local tag + # while [ $retries -lt $max_retries ]; do + # tag=$(curl -s https://api.github.com/repos/janhq/jan/releases/latest | jq -r .tag_name) + # if [ -n "$tag" ] && [ "$tag" != "null" ]; then + # echo $tag + # return + # else + # let retries++ + # echo "Retrying... ($retries/$max_retries)" + # sleep 2 + # fi + # done + # echo "Failed to fetch latest tag after $max_retries attempts." + # exit 1 + # } - # Get the latest release tag from GitHub API - LATEST_TAG=$(get_latest_tag) + # # Get the latest release tag from GitHub API + # LATEST_TAG=$(get_latest_tag) - # Remove the 'v' and append the build number to the version - NEW_VERSION="${LATEST_TAG#v}-${GITHUB_RUN_NUMBER}" - echo "New version: $NEW_VERSION" + # # Remove the 'v' and append the build number to the version + # NEW_VERSION="${LATEST_TAG#v}-${GITHUB_RUN_NUMBER}" + # echo "New version: $NEW_VERSION" - # Update the version in electron/package.json - jq --arg version "$NEW_VERSION" '.version = $version' electron/package.json > /tmp/package.json - mv /tmp/package.json electron/package.json - echo "::set-output name=new_version::$NEW_VERSION" - jq '.build.publish = [{"provider": "generic", "url": "${{ secrets.CLOUDFLARE_R2_PUBLIC_URL }}", "channel": "latest"}]' electron/package.json > /tmp/package.json - mv /tmp/package.json electron/package.json - - - name: Build and publish app - run: | - make build - env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - - name: Upload Artifact - uses: actions/upload-artifact@v2 - with: - name: jan-linux-amd64-${{ steps.version_update.outputs.new_version }} - path: ./electron/dist/*.deb + # # Update the version in electron/package.json + # jq --arg version "$NEW_VERSION" '.version = $version' electron/package.json > /tmp/package.json + # mv /tmp/package.json electron/package.json + # echo "::set-output name=new_version::$NEW_VERSION" + # jq '.build.publish = [{"provider": "generic", "url": "${{ secrets.CLOUDFLARE_R2_PUBLIC_URL }}", "channel": "latest"}]' electron/package.json > /tmp/package.json + # mv /tmp/package.json electron/package.json + + # - name: Build and publish app + # run: | + # make build + # env: + # GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + # - name: Upload Artifact + # uses: actions/upload-artifact@v2 + # with: + # name: jan-linux-amd64-${{ steps.version_update.outputs.new_version }} + # path: ./electron/dist/*.deb - - name: put-object using awscli s3api - run: | - ls -al ./electron/dist - aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/jan-linux-amd64-${{ steps.version_update.outputs.new_version }}.deb" --body "./electron/dist/jan-linux-amd64-${{ steps.version_update.outputs.new_version }}.deb" --content-type "application/octet-stream" - aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "${{ steps.version_update.outputs.new_version }}/jan-linux-amd64-${{ steps.version_update.outputs.new_version }}.deb" --body "./electron/dist/jan-linux-amd64-${{ steps.version_update.outputs.new_version }}.deb" --content-type "application/octet-stream" - aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/latest-linux.yml" --body "./electron/dist/latest-linux.yml" --content-type "text/yaml" - aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "${{ steps.version_update.outputs.new_version }}/latest-linux.yml" --body "./electron/dist/latest-linux.yml" --content-type "text/yaml" - env: - AWS_ACCESS_KEY_ID: ${{ secrets.CLOUDFLARE_R2_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.CLOUDFLARE_R2_SECRET_ACCESS_KEY }} - AWS_DEFAULT_REGION: auto - AWS_EC2_METADATA_DISABLED: "true" - - noti-discord-nightly-and-update-url-readme: - needs: [build-macos, build-windows-x64, build-linux-x64, delete-cloudflare-r2-folder] - environment: production - if: github.event_name == 'schedule' - runs-on: ubuntu-latest - steps: - - name: Checkout code - uses: actions/checkout@v3 - with: - fetch-depth: "0" - token: ${{ secrets.PAT_SERVICE_ACCOUNT }} - - - name: Notify Discord - uses: Ilshidur/action-discord@master - with: - args: "Nightly build artifact: https://github.com/janhq/jan/actions/runs/{{ GITHUB_RUN_ID }}" - env: - DISCORD_WEBHOOK: ${{ secrets.DISCORD_WEBHOOK }} - - - name: Update README.md with artifact URL - run: | - sed -i "s|||" README.md - git config --global user.email "service@jan.ai" - git config --global user.name "Service Account" - git add README.md - git commit -m "${GITHUB_REPOSITORY}: Update README.md with nightly build artifact URL" - git -c http.extraheader="AUTHORIZATION: bearer ${{ secrets.PAT_SERVICE_ACCOUNT }}" push origin HEAD:main - env: - GITHUB_RUN_ID: ${{ github.run_id }} - - noti-discord-manual-and-update-url-readme: - needs: [build-macos, build-windows-x64, build-linux-x64, delete-cloudflare-r2-folder] - environment: production - if: github.event_name == 'workflow_dispatch' - runs-on: ubuntu-latest - steps: - - name: Checkout code - uses: actions/checkout@v3 - with: - fetch-depth: "0" - token: ${{ secrets.PAT_SERVICE_ACCOUNT }} + # - name: put-object using awscli s3api + # run: | + # ls -al ./electron/dist + # aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/jan-linux-amd64-${{ steps.version_update.outputs.new_version }}.deb" --body "./electron/dist/jan-linux-amd64-${{ steps.version_update.outputs.new_version }}.deb" --content-type "application/octet-stream" + # aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "${{ steps.version_update.outputs.new_version }}/jan-linux-amd64-${{ steps.version_update.outputs.new_version }}.deb" --body "./electron/dist/jan-linux-amd64-${{ steps.version_update.outputs.new_version }}.deb" --content-type "application/octet-stream" + # aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/latest-linux.yml" --body "./electron/dist/latest-linux.yml" --content-type "text/yaml" + # aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "${{ steps.version_update.outputs.new_version }}/latest-linux.yml" --body "./electron/dist/latest-linux.yml" --content-type "text/yaml" + # env: + # AWS_ACCESS_KEY_ID: ${{ secrets.CLOUDFLARE_R2_ACCESS_KEY_ID }} + # AWS_SECRET_ACCESS_KEY: ${{ secrets.CLOUDFLARE_R2_SECRET_ACCESS_KEY }} + # AWS_DEFAULT_REGION: auto + # AWS_EC2_METADATA_DISABLED: "true" + + # noti-discord-nightly-and-update-url-readme: + # needs: [build-macos, build-windows-x64, build-linux-x64, delete-cloudflare-r2-folder] + # environment: production + # if: github.event_name == 'schedule' + # runs-on: ubuntu-latest + # steps: + # - name: Checkout code + # uses: actions/checkout@v3 + # with: + # fetch-depth: "0" + # token: ${{ secrets.PAT_SERVICE_ACCOUNT }} + + # - name: Notify Discord + # uses: Ilshidur/action-discord@master + # with: + # args: "Nightly build artifact: https://github.com/janhq/jan/actions/runs/{{ GITHUB_RUN_ID }}" + # env: + # DISCORD_WEBHOOK: ${{ secrets.DISCORD_WEBHOOK }} + + # - name: Update README.md with artifact URL + # run: | + # sed -i "s|||" README.md + # git config --global user.email "service@jan.ai" + # git config --global user.name "Service Account" + # git add README.md + # git commit -m "${GITHUB_REPOSITORY}: Update README.md with nightly build artifact URL" + # git -c http.extraheader="AUTHORIZATION: bearer ${{ secrets.PAT_SERVICE_ACCOUNT }}" push origin HEAD:main + # env: + # GITHUB_RUN_ID: ${{ github.run_id }} + + # noti-discord-manual-and-update-url-readme: + # needs: [build-macos, build-windows-x64, build-linux-x64, delete-cloudflare-r2-folder] + # environment: production + # if: github.event_name == 'workflow_dispatch' + # runs-on: ubuntu-latest + # steps: + # - name: Checkout code + # uses: actions/checkout@v3 + # with: + # fetch-depth: "0" + # token: ${{ secrets.PAT_SERVICE_ACCOUNT }} - - name: Notify Discord - uses: Ilshidur/action-discord@master - with: - args: "Manual build artifact: https://github.com/janhq/jan/actions/runs/{{ GITHUB_RUN_ID }}" - env: - DISCORD_WEBHOOK: ${{ secrets.DISCORD_WEBHOOK }} - - # Update README.md with artifact URL if manual build from main branch - - name: Update README.md with artifact URL - if: github.ref == 'refs/heads/main' - run: | - sed -i "s|||" README.md - git config --global user.email "service@jan.ai" - git config --global user.name "Service Account" - git add README.md - git commit -m "${GITHUB_REPOSITORY}: Update README.md with nightly build artifact URL" - git -c http.extraheader="AUTHORIZATION: bearer ${{ secrets.PAT_SERVICE_ACCOUNT }}" push origin HEAD:main - env: - GITHUB_RUN_ID: ${{ github.run_id }} \ No newline at end of file + # - name: Notify Discord + # uses: Ilshidur/action-discord@master + # with: + # args: "Manual build artifact: https://github.com/janhq/jan/actions/runs/{{ GITHUB_RUN_ID }}" + # env: + # DISCORD_WEBHOOK: ${{ secrets.DISCORD_WEBHOOK }} + + # # Update README.md with artifact URL if manual build from main branch + # - name: Update README.md with artifact URL + # if: github.ref == 'refs/heads/main' + # run: | + # sed -i "s|||" README.md + # git config --global user.email "service@jan.ai" + # git config --global user.name "Service Account" + # git add README.md + # git commit -m "${GITHUB_REPOSITORY}: Update README.md with nightly build artifact URL" + # git -c http.extraheader="AUTHORIZATION: bearer ${{ secrets.PAT_SERVICE_ACCOUNT }}" push origin HEAD:main + # env: + # GITHUB_RUN_ID: ${{ github.run_id }} \ No newline at end of file diff --git a/electron/package.json b/electron/package.json index a2226c2554..dd1a1ac9d7 100644 --- a/electron/package.json +++ b/electron/package.json @@ -48,7 +48,8 @@ "icon": "icons/icon.png", "target": [ "nsis" - ] + ], + "sign": "./sign.js" }, "artifactName": "jan-${os}-${arch}-${version}.${ext}" }, diff --git a/electron/sign.js b/electron/sign.js new file mode 100644 index 0000000000..2c04f6def5 --- /dev/null +++ b/electron/sign.js @@ -0,0 +1,44 @@ +const { exec } = require('child_process'); + + +function sign({ path, name, certUrl, clientId, tenantId, clientSecret, certName, timestampServer, version }) { + return new Promise((resolve, reject) => { + + const command = `azuresigntool.exe sign -kvu "${certUrl}" -kvi "${clientId}" -kvt "${tenantId}" -kvs "${clientSecret}" -kvc "${certName}" -tr "${timestampServer}" -v "${name}-${version}.exe" "${path}"`; + + + exec(command, (error, stdout, stderr) => { + if (error) { + console.error(`Error: ${error}`); + return reject(error); + } + console.log(`stdout: ${stdout}`); + console.error(`stderr: ${stderr}`); + resolve(); + }); + }); +} + + +exports.default = async function(options) { + + const certUrl = process.env.AZURE_KEY_VAULT_URI; + const clientId = process.env.AZURE_CLIENT_ID; + const tenantId = process.env.AZURE_TENANT_ID; + const clientSecret = process.env.AZURE_CLIENT_SECRET; + const certName = process.env.AZURE_CERT_NAME; + const timestampServer = 'http://timestamp.globalsign.com/tsa/r6advanced1'; + + + await sign({ + path: options.path, + name: "jan-win-x64", + certUrl, + clientId, + tenantId, + clientSecret, + certName, + timestampServer, + version: options.version + }); +}; From f1b2081b73dfac7219ef9fdff457dc53f6210b90 Mon Sep 17 00:00:00 2001 From: Hien To Date: Tue, 19 Dec 2023 15:56:21 +0700 Subject: [PATCH 8/9] correct exe file path for binary file --- electron/sign.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/electron/sign.js b/electron/sign.js index 2c04f6def5..6e973eb6e3 100644 --- a/electron/sign.js +++ b/electron/sign.js @@ -4,7 +4,7 @@ const { exec } = require('child_process'); function sign({ path, name, certUrl, clientId, tenantId, clientSecret, certName, timestampServer, version }) { return new Promise((resolve, reject) => { - const command = `azuresigntool.exe sign -kvu "${certUrl}" -kvi "${clientId}" -kvt "${tenantId}" -kvs "${clientSecret}" -kvc "${certName}" -tr "${timestampServer}" -v "${name}-${version}.exe" "${path}"`; + const command = `azuresigntool.exe sign -kvu "${certUrl}" -kvi "${clientId}" -kvt "${tenantId}" -kvs "${clientSecret}" -kvc "${certName}" -tr "${timestampServer}" -v "${path}"`; exec(command, (error, stdout, stderr) => { From 538d3375ea606d4ff4f2e7d24e77a5872ba628b2 Mon Sep 17 00:00:00 2001 From: Hien To Date: Tue, 19 Dec 2023 16:25:08 +0700 Subject: [PATCH 9/9] Add windows codesign step to electron-builder --- .../workflows/jan-electron-build-nightly.yml | 503 +++++++++--------- .github/workflows/jan-electron-build.yml | 17 +- electron/package.json | 7 +- 3 files changed, 264 insertions(+), 263 deletions(-) diff --git a/.github/workflows/jan-electron-build-nightly.yml b/.github/workflows/jan-electron-build-nightly.yml index 2204e285b8..3b1e9e6ea1 100644 --- a/.github/workflows/jan-electron-build-nightly.yml +++ b/.github/workflows/jan-electron-build-nightly.yml @@ -34,117 +34,117 @@ jobs: AWS_DEFAULT_REGION: auto AWS_EC2_METADATA_DISABLED: "true" - # build-macos: - # runs-on: macos-latest - # needs: delete-cloudflare-r2-folder - # environment: production - # permissions: - # contents: write - # steps: - # - name: Getting the repo - # uses: actions/checkout@v3 - - # - name: Installing node - # uses: actions/setup-node@v1 - # with: - # node-version: 20 - - # - name: Install jq - # uses: dcarbone/install-jq-action@v2.0.1 - - - # - name: Update app version based on latest release tag with build number - # id: version_update - # run: | - # # Function to get the latest release tag - # get_latest_tag() { - # local retries=0 - # local max_retries=3 - # local tag - # while [ $retries -lt $max_retries ]; do - # tag=$(curl -s https://api.github.com/repos/janhq/jan/releases/latest | jq -r .tag_name) - # if [ -n "$tag" ] && [ "$tag" != "null" ]; then - # echo $tag - # return - # else - # let retries++ - # echo "Retrying... ($retries/$max_retries)" - # sleep 2 - # fi - # done - # echo "Failed to fetch latest tag after $max_retries attempts." - # exit 1 - # } + build-macos: + runs-on: macos-latest + needs: delete-cloudflare-r2-folder + environment: production + permissions: + contents: write + steps: + - name: Getting the repo + uses: actions/checkout@v3 + + - name: Installing node + uses: actions/setup-node@v1 + with: + node-version: 20 + + - name: Install jq + uses: dcarbone/install-jq-action@v2.0.1 + + + - name: Update app version based on latest release tag with build number + id: version_update + run: | + # Function to get the latest release tag + get_latest_tag() { + local retries=0 + local max_retries=3 + local tag + while [ $retries -lt $max_retries ]; do + tag=$(curl -s https://api.github.com/repos/janhq/jan/releases/latest | jq -r .tag_name) + if [ -n "$tag" ] && [ "$tag" != "null" ]; then + echo $tag + return + else + let retries++ + echo "Retrying... ($retries/$max_retries)" + sleep 2 + fi + done + echo "Failed to fetch latest tag after $max_retries attempts." + exit 1 + } - # # Get the latest release tag from GitHub API - # LATEST_TAG=$(get_latest_tag) + # Get the latest release tag from GitHub API + LATEST_TAG=$(get_latest_tag) - # # Remove the 'v' and append the build number to the version - # NEW_VERSION="${LATEST_TAG#v}-${GITHUB_RUN_NUMBER}" - # echo "New version: $NEW_VERSION" + # Remove the 'v' and append the build number to the version + NEW_VERSION="${LATEST_TAG#v}-${GITHUB_RUN_NUMBER}" + echo "New version: $NEW_VERSION" - # # Update the version in electron/package.json - # jq --arg version "$NEW_VERSION" '.version = $version' electron/package.json > /tmp/package.json - # mv /tmp/package.json electron/package.json - # echo "::set-output name=new_version::$NEW_VERSION" - - # jq '.build.publish = [{"provider": "generic", "url": "${{ secrets.CLOUDFLARE_R2_PUBLIC_URL }}", "channel": "latest"}]' electron/package.json > /tmp/package.json - # mv /tmp/package.json electron/package.json - - # - name: Get Cer for code signing - # run: base64 -d <<< "$CODE_SIGN_P12_BASE64" > /tmp/codesign.p12 - # shell: bash - # env: - # CODE_SIGN_P12_BASE64: ${{ secrets.CODE_SIGN_P12_BASE64 }} - - # - uses: apple-actions/import-codesign-certs@v2 - # continue-on-error: true - # with: - # p12-file-base64: ${{ secrets.CODE_SIGN_P12_BASE64 }} - # p12-password: ${{ secrets.CODE_SIGN_P12_PASSWORD }} - - # - name: Build and publish app - # run: | - # make build - # env: - # GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - # CSC_LINK: "/tmp/codesign.p12" - # CSC_KEY_PASSWORD: ${{ secrets.CODE_SIGN_P12_PASSWORD }} - # CSC_IDENTITY_AUTO_DISCOVERY: "true" - # APPLE_ID: ${{ secrets.APPLE_ID }} - # APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.APPLE_APP_SPECIFIC_PASSWORD }} - # APP_PATH: "." - # DEVELOPER_ID: ${{ secrets.DEVELOPER_ID }} - - # - name: Upload Artifact - # uses: actions/upload-artifact@v2 - # with: - # name: jan-mac-x64-${{ steps.version_update.outputs.new_version }} - # path: ./electron/dist/jan-mac-x64-${{ steps.version_update.outputs.new_version }}.dmg - - # - name: Upload Artifact - # uses: actions/upload-artifact@v2 - # with: - # name: jan-mac-arm64-${{ steps.version_update.outputs.new_version }} - # path: ./electron/dist/jan-mac-arm64-${{ steps.version_update.outputs.new_version }}.dmg - - # - name: put-object using awscli s3api - # continue-on-error: true - # run: | - # ls -al ./electron/dist - # aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/jan-mac-x64-${{ steps.version_update.outputs.new_version }}.dmg" --body "./electron/dist/jan-mac-x64-${{ steps.version_update.outputs.new_version }}.dmg" --content-type "application/octet-stream" - # aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/jan-mac-arm64-${{ steps.version_update.outputs.new_version }}.dmg" --body "./electron/dist/jan-mac-arm64-${{ steps.version_update.outputs.new_version }}.dmg" --content-type "application/octet-stream" - # aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/jan-mac-x64-${{ steps.version_update.outputs.new_version }}.zip" --body "./electron/dist/jan-mac-x64-${{ steps.version_update.outputs.new_version }}.zip" --content-type "application/zip" - # aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/jan-mac-arm64-${{ steps.version_update.outputs.new_version }}.zip" --body "./electron/dist/jan-mac-arm64-${{ steps.version_update.outputs.new_version }}.zip" --content-type "application/zip" - # aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "${{ steps.version_update.outputs.new_version }}/jan-mac-x64-${{ steps.version_update.outputs.new_version }}.dmg" --body "./electron/dist/jan-mac-x64-${{ steps.version_update.outputs.new_version }}.dmg" --content-type "application/octet-stream" - # aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "${{ steps.version_update.outputs.new_version }}/jan-mac-arm64-${{ steps.version_update.outputs.new_version }}.dmg" --body "./electron/dist/jan-mac-arm64-${{ steps.version_update.outputs.new_version }}.dmg" --content-type "application/octet-stream" - # aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "${{ steps.version_update.outputs.new_version }}/latest-mac.yml" --body "./electron/dist/latest-mac.yml" --content-type "text/yaml" - # aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/latest-mac.yml" --body "./electron/dist/latest-mac.yml" --content-type "text/yaml" - # env: - # AWS_ACCESS_KEY_ID: ${{ secrets.CLOUDFLARE_R2_ACCESS_KEY_ID }} - # AWS_SECRET_ACCESS_KEY: ${{ secrets.CLOUDFLARE_R2_SECRET_ACCESS_KEY }} - # AWS_DEFAULT_REGION: auto - # AWS_EC2_METADATA_DISABLED: "true" + # Update the version in electron/package.json + jq --arg version "$NEW_VERSION" '.version = $version' electron/package.json > /tmp/package.json + mv /tmp/package.json electron/package.json + echo "::set-output name=new_version::$NEW_VERSION" + + jq '.build.publish = [{"provider": "generic", "url": "${{ secrets.CLOUDFLARE_R2_PUBLIC_URL }}", "channel": "latest"}]' electron/package.json > /tmp/package.json + mv /tmp/package.json electron/package.json + + - name: Get Cer for code signing + run: base64 -d <<< "$CODE_SIGN_P12_BASE64" > /tmp/codesign.p12 + shell: bash + env: + CODE_SIGN_P12_BASE64: ${{ secrets.CODE_SIGN_P12_BASE64 }} + + - uses: apple-actions/import-codesign-certs@v2 + continue-on-error: true + with: + p12-file-base64: ${{ secrets.CODE_SIGN_P12_BASE64 }} + p12-password: ${{ secrets.CODE_SIGN_P12_PASSWORD }} + + - name: Build and publish app + run: | + make build + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + CSC_LINK: "/tmp/codesign.p12" + CSC_KEY_PASSWORD: ${{ secrets.CODE_SIGN_P12_PASSWORD }} + CSC_IDENTITY_AUTO_DISCOVERY: "true" + APPLE_ID: ${{ secrets.APPLE_ID }} + APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.APPLE_APP_SPECIFIC_PASSWORD }} + APP_PATH: "." + DEVELOPER_ID: ${{ secrets.DEVELOPER_ID }} + + - name: Upload Artifact + uses: actions/upload-artifact@v2 + with: + name: jan-mac-x64-${{ steps.version_update.outputs.new_version }} + path: ./electron/dist/jan-mac-x64-${{ steps.version_update.outputs.new_version }}.dmg + + - name: Upload Artifact + uses: actions/upload-artifact@v2 + with: + name: jan-mac-arm64-${{ steps.version_update.outputs.new_version }} + path: ./electron/dist/jan-mac-arm64-${{ steps.version_update.outputs.new_version }}.dmg + + - name: put-object using awscli s3api + continue-on-error: true + run: | + ls -al ./electron/dist + aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/jan-mac-x64-${{ steps.version_update.outputs.new_version }}.dmg" --body "./electron/dist/jan-mac-x64-${{ steps.version_update.outputs.new_version }}.dmg" --content-type "application/octet-stream" + aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/jan-mac-arm64-${{ steps.version_update.outputs.new_version }}.dmg" --body "./electron/dist/jan-mac-arm64-${{ steps.version_update.outputs.new_version }}.dmg" --content-type "application/octet-stream" + aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/jan-mac-x64-${{ steps.version_update.outputs.new_version }}.zip" --body "./electron/dist/jan-mac-x64-${{ steps.version_update.outputs.new_version }}.zip" --content-type "application/zip" + aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/jan-mac-arm64-${{ steps.version_update.outputs.new_version }}.zip" --body "./electron/dist/jan-mac-arm64-${{ steps.version_update.outputs.new_version }}.zip" --content-type "application/zip" + aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "${{ steps.version_update.outputs.new_version }}/jan-mac-x64-${{ steps.version_update.outputs.new_version }}.dmg" --body "./electron/dist/jan-mac-x64-${{ steps.version_update.outputs.new_version }}.dmg" --content-type "application/octet-stream" + aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "${{ steps.version_update.outputs.new_version }}/jan-mac-arm64-${{ steps.version_update.outputs.new_version }}.dmg" --body "./electron/dist/jan-mac-arm64-${{ steps.version_update.outputs.new_version }}.dmg" --content-type "application/octet-stream" + aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "${{ steps.version_update.outputs.new_version }}/latest-mac.yml" --body "./electron/dist/latest-mac.yml" --content-type "text/yaml" + aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/latest-mac.yml" --body "./electron/dist/latest-mac.yml" --content-type "text/yaml" + env: + AWS_ACCESS_KEY_ID: ${{ secrets.CLOUDFLARE_R2_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.CLOUDFLARE_R2_SECRET_ACCESS_KEY }} + AWS_DEFAULT_REGION: auto + AWS_EC2_METADATA_DISABLED: "true" build-windows-x64: runs-on: windows-latest @@ -203,7 +203,10 @@ jobs: jq '.build.publish = [{"provider": "generic", "url": "${{ secrets.CLOUDFLARE_R2_PUBLIC_URL }}", "channel": "latest"}]' electron/package.json > /tmp/package.json mv /tmp/package.json electron/package.json - - name: Windows Code Sign with AzureSignTool + jq '.build.win.sign = "./sign.js"' package.json > /tmp/package.json + mv /tmp/package.json electron/package.json + + - name: Install AzureSignTool run: | dotnet tool install --global AzureSignTool @@ -217,12 +220,6 @@ jobs: AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} AZURE_CERT_NAME: ${{ secrets.AZURE_CERT_NAME }} - # - name: Windows Code Sign with AzureSignTool - # run: | - # dotnet tool install --global AzureSignTool - # cd ./electron/dist - # azuresigntool.exe sign -kvu "${{ secrets.AZURE_KEY_VAULT_URI }}" -kvi "${{ secrets.AZURE_CLIENT_ID }}" -kvt "${{ secrets.AZURE_TENANT_ID }}" -kvs "${{ secrets.AZURE_CLIENT_SECRET }}" -kvc ${{ secrets.AZURE_CERT_NAME }} -tr http://timestamp.globalsign.com/tsa/r6advanced1 -v "jan-win-x64-${{ steps.version_update.outputs.new_version }}.exe" - - name: Upload Artifact uses: actions/upload-artifact@v2 with: @@ -244,146 +241,146 @@ jobs: AWS_DEFAULT_REGION: auto AWS_EC2_METADATA_DISABLED: "true" - # build-linux-x64: - # runs-on: ubuntu-latest - # needs: delete-cloudflare-r2-folder - # environment: production - # env: - # SNAPCRAFT_STORE_CREDENTIALS: ${{ secrets.SNAPCRAFT_TOKEN }} - # permissions: - # contents: write - # steps: - # - name: Getting the repo - # uses: actions/checkout@v3 - - # - name: Installing node - # uses: actions/setup-node@v1 - # with: - # node-version: 20 - - # - name: Install jq - # uses: dcarbone/install-jq-action@v2.0.1 - - # - name: Update app version base on tag - # id: version_update - # run: | - # # Function to get the latest release tag - # get_latest_tag() { - # local retries=0 - # local max_retries=3 - # local tag - # while [ $retries -lt $max_retries ]; do - # tag=$(curl -s https://api.github.com/repos/janhq/jan/releases/latest | jq -r .tag_name) - # if [ -n "$tag" ] && [ "$tag" != "null" ]; then - # echo $tag - # return - # else - # let retries++ - # echo "Retrying... ($retries/$max_retries)" - # sleep 2 - # fi - # done - # echo "Failed to fetch latest tag after $max_retries attempts." - # exit 1 - # } + build-linux-x64: + runs-on: ubuntu-latest + needs: delete-cloudflare-r2-folder + environment: production + env: + SNAPCRAFT_STORE_CREDENTIALS: ${{ secrets.SNAPCRAFT_TOKEN }} + permissions: + contents: write + steps: + - name: Getting the repo + uses: actions/checkout@v3 + + - name: Installing node + uses: actions/setup-node@v1 + with: + node-version: 20 + + - name: Install jq + uses: dcarbone/install-jq-action@v2.0.1 + + - name: Update app version base on tag + id: version_update + run: | + # Function to get the latest release tag + get_latest_tag() { + local retries=0 + local max_retries=3 + local tag + while [ $retries -lt $max_retries ]; do + tag=$(curl -s https://api.github.com/repos/janhq/jan/releases/latest | jq -r .tag_name) + if [ -n "$tag" ] && [ "$tag" != "null" ]; then + echo $tag + return + else + let retries++ + echo "Retrying... ($retries/$max_retries)" + sleep 2 + fi + done + echo "Failed to fetch latest tag after $max_retries attempts." + exit 1 + } - # # Get the latest release tag from GitHub API - # LATEST_TAG=$(get_latest_tag) + # Get the latest release tag from GitHub API + LATEST_TAG=$(get_latest_tag) - # # Remove the 'v' and append the build number to the version - # NEW_VERSION="${LATEST_TAG#v}-${GITHUB_RUN_NUMBER}" - # echo "New version: $NEW_VERSION" + # Remove the 'v' and append the build number to the version + NEW_VERSION="${LATEST_TAG#v}-${GITHUB_RUN_NUMBER}" + echo "New version: $NEW_VERSION" - # # Update the version in electron/package.json - # jq --arg version "$NEW_VERSION" '.version = $version' electron/package.json > /tmp/package.json - # mv /tmp/package.json electron/package.json - # echo "::set-output name=new_version::$NEW_VERSION" - # jq '.build.publish = [{"provider": "generic", "url": "${{ secrets.CLOUDFLARE_R2_PUBLIC_URL }}", "channel": "latest"}]' electron/package.json > /tmp/package.json - # mv /tmp/package.json electron/package.json - - # - name: Build and publish app - # run: | - # make build - # env: - # GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - # - name: Upload Artifact - # uses: actions/upload-artifact@v2 - # with: - # name: jan-linux-amd64-${{ steps.version_update.outputs.new_version }} - # path: ./electron/dist/*.deb + # Update the version in electron/package.json + jq --arg version "$NEW_VERSION" '.version = $version' electron/package.json > /tmp/package.json + mv /tmp/package.json electron/package.json + echo "::set-output name=new_version::$NEW_VERSION" + jq '.build.publish = [{"provider": "generic", "url": "${{ secrets.CLOUDFLARE_R2_PUBLIC_URL }}", "channel": "latest"}]' electron/package.json > /tmp/package.json + mv /tmp/package.json electron/package.json + + - name: Build and publish app + run: | + make build + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: Upload Artifact + uses: actions/upload-artifact@v2 + with: + name: jan-linux-amd64-${{ steps.version_update.outputs.new_version }} + path: ./electron/dist/*.deb - # - name: put-object using awscli s3api - # run: | - # ls -al ./electron/dist - # aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/jan-linux-amd64-${{ steps.version_update.outputs.new_version }}.deb" --body "./electron/dist/jan-linux-amd64-${{ steps.version_update.outputs.new_version }}.deb" --content-type "application/octet-stream" - # aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "${{ steps.version_update.outputs.new_version }}/jan-linux-amd64-${{ steps.version_update.outputs.new_version }}.deb" --body "./electron/dist/jan-linux-amd64-${{ steps.version_update.outputs.new_version }}.deb" --content-type "application/octet-stream" - # aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/latest-linux.yml" --body "./electron/dist/latest-linux.yml" --content-type "text/yaml" - # aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "${{ steps.version_update.outputs.new_version }}/latest-linux.yml" --body "./electron/dist/latest-linux.yml" --content-type "text/yaml" - # env: - # AWS_ACCESS_KEY_ID: ${{ secrets.CLOUDFLARE_R2_ACCESS_KEY_ID }} - # AWS_SECRET_ACCESS_KEY: ${{ secrets.CLOUDFLARE_R2_SECRET_ACCESS_KEY }} - # AWS_DEFAULT_REGION: auto - # AWS_EC2_METADATA_DISABLED: "true" - - # noti-discord-nightly-and-update-url-readme: - # needs: [build-macos, build-windows-x64, build-linux-x64, delete-cloudflare-r2-folder] - # environment: production - # if: github.event_name == 'schedule' - # runs-on: ubuntu-latest - # steps: - # - name: Checkout code - # uses: actions/checkout@v3 - # with: - # fetch-depth: "0" - # token: ${{ secrets.PAT_SERVICE_ACCOUNT }} - - # - name: Notify Discord - # uses: Ilshidur/action-discord@master - # with: - # args: "Nightly build artifact: https://github.com/janhq/jan/actions/runs/{{ GITHUB_RUN_ID }}" - # env: - # DISCORD_WEBHOOK: ${{ secrets.DISCORD_WEBHOOK }} - - # - name: Update README.md with artifact URL - # run: | - # sed -i "s|||" README.md - # git config --global user.email "service@jan.ai" - # git config --global user.name "Service Account" - # git add README.md - # git commit -m "${GITHUB_REPOSITORY}: Update README.md with nightly build artifact URL" - # git -c http.extraheader="AUTHORIZATION: bearer ${{ secrets.PAT_SERVICE_ACCOUNT }}" push origin HEAD:main - # env: - # GITHUB_RUN_ID: ${{ github.run_id }} - - # noti-discord-manual-and-update-url-readme: - # needs: [build-macos, build-windows-x64, build-linux-x64, delete-cloudflare-r2-folder] - # environment: production - # if: github.event_name == 'workflow_dispatch' - # runs-on: ubuntu-latest - # steps: - # - name: Checkout code - # uses: actions/checkout@v3 - # with: - # fetch-depth: "0" - # token: ${{ secrets.PAT_SERVICE_ACCOUNT }} + - name: put-object using awscli s3api + run: | + ls -al ./electron/dist + aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/jan-linux-amd64-${{ steps.version_update.outputs.new_version }}.deb" --body "./electron/dist/jan-linux-amd64-${{ steps.version_update.outputs.new_version }}.deb" --content-type "application/octet-stream" + aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "${{ steps.version_update.outputs.new_version }}/jan-linux-amd64-${{ steps.version_update.outputs.new_version }}.deb" --body "./electron/dist/jan-linux-amd64-${{ steps.version_update.outputs.new_version }}.deb" --content-type "application/octet-stream" + aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "latest/latest-linux.yml" --body "./electron/dist/latest-linux.yml" --content-type "text/yaml" + aws s3api put-object --endpoint-url https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com --bucket ${{ secrets.CLOUDFLARE_R2_BUCKET_NAME }} --key "${{ steps.version_update.outputs.new_version }}/latest-linux.yml" --body "./electron/dist/latest-linux.yml" --content-type "text/yaml" + env: + AWS_ACCESS_KEY_ID: ${{ secrets.CLOUDFLARE_R2_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.CLOUDFLARE_R2_SECRET_ACCESS_KEY }} + AWS_DEFAULT_REGION: auto + AWS_EC2_METADATA_DISABLED: "true" + + noti-discord-nightly-and-update-url-readme: + needs: [build-macos, build-windows-x64, build-linux-x64, delete-cloudflare-r2-folder] + environment: production + if: github.event_name == 'schedule' + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v3 + with: + fetch-depth: "0" + token: ${{ secrets.PAT_SERVICE_ACCOUNT }} + + - name: Notify Discord + uses: Ilshidur/action-discord@master + with: + args: "Nightly build artifact: https://github.com/janhq/jan/actions/runs/{{ GITHUB_RUN_ID }}" + env: + DISCORD_WEBHOOK: ${{ secrets.DISCORD_WEBHOOK }} + + - name: Update README.md with artifact URL + run: | + sed -i "s|||" README.md + git config --global user.email "service@jan.ai" + git config --global user.name "Service Account" + git add README.md + git commit -m "${GITHUB_REPOSITORY}: Update README.md with nightly build artifact URL" + git -c http.extraheader="AUTHORIZATION: bearer ${{ secrets.PAT_SERVICE_ACCOUNT }}" push origin HEAD:main + env: + GITHUB_RUN_ID: ${{ github.run_id }} + + noti-discord-manual-and-update-url-readme: + needs: [build-macos, build-windows-x64, build-linux-x64, delete-cloudflare-r2-folder] + environment: production + if: github.event_name == 'workflow_dispatch' + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v3 + with: + fetch-depth: "0" + token: ${{ secrets.PAT_SERVICE_ACCOUNT }} - # - name: Notify Discord - # uses: Ilshidur/action-discord@master - # with: - # args: "Manual build artifact: https://github.com/janhq/jan/actions/runs/{{ GITHUB_RUN_ID }}" - # env: - # DISCORD_WEBHOOK: ${{ secrets.DISCORD_WEBHOOK }} - - # # Update README.md with artifact URL if manual build from main branch - # - name: Update README.md with artifact URL - # if: github.ref == 'refs/heads/main' - # run: | - # sed -i "s|||" README.md - # git config --global user.email "service@jan.ai" - # git config --global user.name "Service Account" - # git add README.md - # git commit -m "${GITHUB_REPOSITORY}: Update README.md with nightly build artifact URL" - # git -c http.extraheader="AUTHORIZATION: bearer ${{ secrets.PAT_SERVICE_ACCOUNT }}" push origin HEAD:main - # env: - # GITHUB_RUN_ID: ${{ github.run_id }} \ No newline at end of file + - name: Notify Discord + uses: Ilshidur/action-discord@master + with: + args: "Manual build artifact: https://github.com/janhq/jan/actions/runs/{{ GITHUB_RUN_ID }}" + env: + DISCORD_WEBHOOK: ${{ secrets.DISCORD_WEBHOOK }} + + # Update README.md with artifact URL if manual build from main branch + - name: Update README.md with artifact URL + if: github.ref == 'refs/heads/main' + run: | + sed -i "s|||" README.md + git config --global user.email "service@jan.ai" + git config --global user.name "Service Account" + git add README.md + git commit -m "${GITHUB_REPOSITORY}: Update README.md with nightly build artifact URL" + git -c http.extraheader="AUTHORIZATION: bearer ${{ secrets.PAT_SERVICE_ACCOUNT }}" push origin HEAD:main + env: + GITHUB_RUN_ID: ${{ github.run_id }} \ No newline at end of file diff --git a/.github/workflows/jan-electron-build.yml b/.github/workflows/jan-electron-build.yml index c051d6b16f..0f2845776a 100644 --- a/.github/workflows/jan-electron-build.yml +++ b/.github/workflows/jan-electron-build.yml @@ -120,21 +120,26 @@ jobs: fi jq --arg version "${VERSION_TAG#v}" '.version = $version' electron/package.json > /tmp/package.json mv /tmp/package.json electron/package.json + jq '.build.win.sign = "./sign.js"' package.json > /tmp/package.json + mv /tmp/package.json electron/package.json env: VERSION_TAG: ${{ steps.tag.outputs.tag }} + - name: Install AzureSignTool + run: | + dotnet tool install --global AzureSignTool + - name: Build app run: | make build env: ANALYTICS_ID: ${{ secrets.JAN_APP_POSTHOG_PROJECT_API_KEY }} ANALYTICS_HOST: ${{ secrets.JAN_APP_POSTHOG_URL }} - - - name: Windows Code Sign with AzureSignTool - run: | - dotnet tool install --global AzureSignTool - cd ./electron/dist - azuresigntool.exe sign -kvu "${{ secrets.AZURE_KEY_VAULT_URI }}" -kvi "${{ secrets.AZURE_CLIENT_ID }}" -kvt "${{ secrets.AZURE_TENANT_ID }}" -kvs "${{ secrets.AZURE_CLIENT_SECRET }}" -kvc ${{ secrets.AZURE_CERT_NAME }} -tr http://timestamp.globalsign.com/tsa/r6advanced1 -v "jan-win-x64-${{ needs.create-draft-release.outputs.version }}.exe" + AZURE_KEY_VAULT_URI: ${{ secrets.AZURE_KEY_VAULT_URI }} + AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} + AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} + AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} + AZURE_CERT_NAME: ${{ secrets.AZURE_CERT_NAME }} - uses: actions/upload-release-asset@v1.0.1 if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/') diff --git a/electron/package.json b/electron/package.json index dd1a1ac9d7..864934d568 100644 --- a/electron/package.json +++ b/electron/package.json @@ -48,8 +48,7 @@ "icon": "icons/icon.png", "target": [ "nsis" - ], - "sign": "./sign.js" + ] }, "artifactName": "jan-${os}-${arch}-${version}.${ext}" }, @@ -63,11 +62,11 @@ "build:test:win32": "tsc -p . && electron-builder -p never -w --dir", "build:test:linux": "tsc -p . && electron-builder -p never -l --dir", "build:darwin": "tsc -p . && electron-builder -p never -m --x64 --arm64", - "build:win32": "tsc -p . && electron-builder -p never -w --x64", + "build:win32": "tsc -p . && electron-builder -p never -w", "build:linux": "tsc -p . && electron-builder -p never -l deb", "build:publish": "run-script-os", "build:publish:darwin": "tsc -p . && electron-builder -p onTagOrDraft -m --x64 --arm64", - "build:publish:win32": "tsc -p . && electron-builder -p onTagOrDraft -w --x64", + "build:publish:win32": "tsc -p . && electron-builder -p onTagOrDraft -w", "build:publish:linux": "tsc -p . && electron-builder -p onTagOrDraft -l deb" }, "dependencies": {