Skip to content

Commit

Permalink
Merge branch 'main' into chore/update-readme-custom-build-test-instru…
Browse files Browse the repository at this point in the history 
…ctions
  • Loading branch information
@pravusjif
pravusjif authored Dec 11, 2024
2 parents e72f7e9 + 60f98ab commit d27c4c0
Show file tree
Hide file tree
Showing 24 changed files with 5,874 additions and 3,734 deletions.
8 changes: 8 additions & 0 deletions .github/workflows/ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,5 +58,13 @@ jobs:
ES_PASSWORD: ${{ secrets.ES_PASSWORD }}
WINDOWS_CREDENTIAL_ID_SIGNER: ${{ secrets.WINDOWS_CREDENTIAL_ID_SIGNER }}
ES_TOTP_SECRET: ${{ secrets.ES_TOTP_SECRET }}
# Segment API Key
SEGMENT_API_KEY: ${{ secrets.SEGMENT_API_KEY }}
# Sentry AUTH Token
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
# AWS Secrets
EXPLORER_TEAM_AWS_ACCESS_KEY_ID: ${{ secrets.EXPLORER_TEAM_AWS_ACCESS_KEY_ID }}
EXPLORER_TEAM_AWS_SECRET_ACCESS_KEY: ${{ secrets.EXPLORER_TEAM_AWS_SECRET_ACCESS_KEY }}
EXPLORER_TEAM_AWS_DEFAULT_REGION: ${{ secrets.EXPLORER_TEAM_AWS_DEFAULT_REGION }}
EXPLORER_TEAM_S3_BUCKET: ${{ secrets.EXPLORER_TEAM_S3_BUCKET }}
56 changes: 33 additions & 23 deletions .github/workflows/manual-release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,25 @@ jobs:
- run: npm run build
env:
MODE: production
# Segment API Key
VITE_SEGMENT_API_KEY: ${{ secrets.SEGMENT_API_KEY }}
# Sentry AUTH Token
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
VITE_SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
# AWS Secrets
VITE_AWS_ACCESS_KEY_ID: ${{ secrets.EXPLORER_TEAM_AWS_ACCESS_KEY_ID }}
VITE_AWS_SECRET_ACCESS_KEY: ${{ secrets.EXPLORER_TEAM_AWS_SECRET_ACCESS_KEY }}
VITE_AWS_DEFAULT_REGION: ${{ secrets.EXPLORER_TEAM_AWS_DEFAULT_REGION }}
VITE_AWS_S3_BUCKET: ${{ secrets.EXPLORER_TEAM_S3_BUCKET }}
VITE_AWS_S3_BUCKET_PUBLIC_URL: ${{ vars.EXPLORER_TEAM_S3_BUCKET_PUBLIC_URL }}

# Download 'SSLcom/esigner-codesign' to a folder called 'esigner-codesign' in the root of the project
- name: Checkout esigner-codesign repository (Windows)
if: ${{github.ref == 'refs/heads/main' && matrix.os == 'windows-latest'}}
uses: actions/checkout@v3
with:
repository: 'SSLcom/esigner-codesign'
path: esigner-codesign

- name: Compile artifacts and upload them to GitHub release
# I use this action because it is capable of retrying multiple times if there are any issues with the distribution server
Expand All @@ -66,9 +85,7 @@ jobs:
retry_wait_seconds: 15
retry_on: error
shell: 'bash'
# Due to this issue https://github.com/electron-userland/electron-builder/issues/6411 the build with npx when rebuilding native dependencies hangs forever
# see https://github.com/cawa-93/vite-electron-builder/pull/953
command: ./node_modules/.bin/electron-builder --config electron-builder.yml -c.extraMetadata.version=${{ github.event.inputs.version }} -c.mac.notarize.teamId=${{ env.APPLE_TEAM_ID }} --publish always
command: npx electron-builder --config electron-builder.cjs -c.extraMetadata.version=${{ github.event.inputs.version }} -c.mac.notarize.teamId=${{ env.APPLE_TEAM_ID }} --publish always
env:
# Code Signing params
# See https://www.electron.build/code-signing
Expand All @@ -81,23 +98,16 @@ jobs:
APPLE_TEAM_ID: ${{ secrets.MACOS_NOTARIZATION_TEAM_ID }}
# Publishing artifacts
GH_TOKEN: ${{ secrets.github_token }} # GitHub token, automatically provided (No need to define this secret in the repo settings)

- name: Sign Windows Build (exe)
uses: sslcom/esigner-codesign@develop
if: ${{ github.ref == 'refs/heads/main' && matrix.os == 'windows-latest' }}
with:
command: sign
username: ${{ secrets.ES_USERNAME }}
password: ${{ secrets.ES_PASSWORD }}
credential_id: ${{ secrets.WINDOWS_CREDENTIAL_ID_SIGNER }}
totp_secret: ${{ secrets.ES_TOTP_SECRET }}
file_path: "${{ env.GITHUB_WORKSPACE }}/dist/Decentraland Launcher-win-x64.exe"
output_path: "${{ env.GITHUB_WORKSPACE }}/dist/signed"
malware_block: false
environment_name: PROD

- name: Replace signed exe
if: ${{ github.ref == 'refs/heads/main' && matrix.os == 'windows-latest' }}
shell: pwsh
run: |
Copy-Item -Path "${env:GITHUB_WORKSPACE}\dist\signed\Decentraland Launcher-win-x64.exe" -Destination "${env:GITHUB_WORKSPACE}\dist\Decentraland Launcher-win-x64.exe" -Force
# The following are the parameters required by the esigner-codesign action to work, we must explicitly pass in even the optional ones since we're not using the action directly, but from the checked out repo
CODE_SIGN_SCRIPT_PATH: "${{ github.workspace }}\\esigner-codesign\\dist\\index.js"
INPUT_COMMAND: "sign"
INPUT_FILE_PATH: "${{ github.workspace }}\\dist\\Decentraland Launcher-win-x64.exe"
INPUT_OVERRIDE: "true"
INPUT_MALWARE_BLOCK: "false"
INPUT_CLEAN_LOGS: "false"
INPUT_JVM_MAX_MEMORY: "1024M"
INPUT_ENVIRONMENT_NAME: "PROD"
INPUT_USERNAME: ${{ secrets.ES_USERNAME }}
INPUT_PASSWORD: ${{ secrets.ES_PASSWORD }}
INPUT_TOTP_SECRET: ${{ secrets.ES_TOTP_SECRET }}
INPUT_CREDENTIAL_ID: ${{ secrets.WINDOWS_CREDENTIAL_ID_SIGNER }}
70 changes: 47 additions & 23 deletions .github/workflows/release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,8 +35,23 @@ on:
ES_TOTP_SECRET:
description: 'Password to decrypt the certificate file'
required: true
SEGMENT_API_KEY:
description: 'Segment API key'
required: true
SENTRY_AUTH_TOKEN:
description: 'Sentry auth token'
required: true
SENTRY_DSN:
description: 'Sentry DSN to perform the requests'
required: true
EXPLORER_TEAM_AWS_ACCESS_KEY_ID:
required: true
EXPLORER_TEAM_AWS_SECRET_ACCESS_KEY:
required: true
EXPLORER_TEAM_AWS_DEFAULT_REGION:
required: true
EXPLORER_TEAM_S3_BUCKET:
required: true

concurrency:
group: release-${{ github.ref }}
Expand Down Expand Up @@ -79,8 +94,17 @@ jobs:
env:
MODE: production
DRY_RUN: ${{ inputs.dry-run }}
# Sentry Auth Token
# Segment API Key
VITE_SEGMENT_API_KEY: ${{ secrets.SEGMENT_API_KEY }}
# Sentry AUTH Token
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
VITE_SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
# AWS Secrets
VITE_AWS_ACCESS_KEY_ID: ${{ secrets.EXPLORER_TEAM_AWS_ACCESS_KEY_ID }}
VITE_AWS_SECRET_ACCESS_KEY: ${{ secrets.EXPLORER_TEAM_AWS_SECRET_ACCESS_KEY }}
VITE_AWS_DEFAULT_REGION: ${{ secrets.EXPLORER_TEAM_AWS_DEFAULT_REGION }}
VITE_AWS_S3_BUCKET: ${{ secrets.EXPLORER_TEAM_S3_BUCKET }}
VITE_AWS_S3_BUCKET_PUBLIC_URL: ${{ vars.EXPLORER_TEAM_S3_BUCKET_PUBLIC_URL }}

- name: Generate Release Version
id: version
Expand All @@ -95,6 +119,14 @@ jobs:
search_commit_body: true
user_format_type: "json"

# Download 'SSLcom/esigner-codesign' to a folder called 'esigner-codesign' in the root of the project
- name: Checkout esigner-codesign repository (Windows)
if: ${{github.ref == 'refs/heads/main' && matrix.os == 'windows-latest' && !inputs.dry-run}}
uses: actions/checkout@v3
with:
repository: 'SSLcom/esigner-codesign'
path: esigner-codesign

- name: Compile artifacts ${{ inputs.dry-run && '' || 'and upload them to github release' }}
# I use this action because it is capable of retrying multiple times if there are any issues with the distribution server
uses: nick-fields/retry@v3
Expand All @@ -104,9 +136,7 @@ jobs:
retry_wait_seconds: 15
retry_on: error
shell: 'bash'
# Due to this issue https://github.com/electron-userland/electron-builder/issues/6411 the build with npx when rebuilding native dependencies hangs forever
# see https://github.com/cawa-93/vite-electron-builder/pull/953
command: ./node_modules/.bin/electron-builder --config electron-builder.yml -c.extraMetadata.version=${{ steps.version.outputs.version }} -c.mac.notarize.teamId=${{ env.APPLE_TEAM_ID }} --publish ${{ inputs.dry-run && 'never' || 'always' }}
command: npx electron-builder --config electron-builder.cjs -c.extraMetadata.version=${{ steps.version.outputs.version }} -c.mac.notarize.teamId=${{ env.APPLE_TEAM_ID }} --publish ${{ inputs.dry-run && 'never' || 'always' }}
env:
# Code Signing params
# See https://www.electron.build/code-signing
Expand All @@ -119,23 +149,17 @@ jobs:
APPLE_TEAM_ID: ${{ secrets.MACOS_NOTARIZATION_TEAM_ID }}
# Publishing artifacts
GH_TOKEN: ${{ secrets.github_token }} # GitHub token, automatically provided (No need to define this secret in the repo settings)
# The following are the parameters required by the esigner-codesign action to work, we must explicitly pass in even the optional ones since we're not using the action directly, but from the checked out repo
CODE_SIGN_SCRIPT_PATH: "${{ github.workspace }}\\esigner-codesign\\dist\\index.js"
INPUT_COMMAND: "sign"
INPUT_FILE_PATH: "${{ github.workspace }}\\dist\\Decentraland Launcher-win-x64.exe"
INPUT_OVERRIDE: "true"
INPUT_MALWARE_BLOCK: "false"
INPUT_CLEAN_LOGS: "false"
INPUT_JVM_MAX_MEMORY: "1024M"
INPUT_ENVIRONMENT_NAME: "PROD"
INPUT_USERNAME: ${{ secrets.ES_USERNAME }}
INPUT_PASSWORD: ${{ secrets.ES_PASSWORD }}
INPUT_TOTP_SECRET: ${{ secrets.ES_TOTP_SECRET }}
INPUT_CREDENTIAL_ID: ${{ secrets.WINDOWS_CREDENTIAL_ID_SIGNER }}

- name: Sign Windows Build (exe)
uses: sslcom/esigner-codesign@develop
if: ${{github.ref == 'refs/heads/main' && matrix.os == 'windows-latest' && !inputs.dry-run}}
with:
command: sign
username: ${{ secrets.ES_USERNAME }}
password: ${{ secrets.ES_PASSWORD }}
credential_id: ${{ secrets.WINDOWS_CREDENTIAL_ID_SIGNER }}
totp_secret: ${{ secrets.ES_TOTP_SECRET }}
file_path: ${GITHUB_WORKSPACE}/dist/Decentraland Launcher-win-x64.exe
output_path: ${GITHUB_WORKSPACE}/dist/signed
malware_block: false
environment_name: PROD

- name: Replace signed exe
if: ${{github.ref == 'refs/heads/main' && matrix.os == 'windows-latest' && !inputs.dry-run}}
shell: pwsh
run: |
Copy-Item -Path "${env:GITHUB_WORKSPACE}\dist\signed\Decentraland Launcher-win-x64.exe" -Destination "${env:GITHUB_WORKSPACE}\dist\Decentraland Launcher-win-x64.exe" -Force
114 changes: 114 additions & 0 deletions .github/workflows/store-release.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,114 @@
name: Store Release

on:
release:
types:
- published

concurrency:
group: release-${{ github.ref }}
cancel-in-progress: true

defaults:
run:
shell: 'bash'

jobs:
store-release:
strategy:
fail-fast: true
matrix:
os: [ macos-latest, windows-latest ]
store: [ itch.io ]

runs-on: ${{ matrix.os }}

steps:
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0
fetch-tags: true

- name: Set up Node.js
uses: actions/setup-node@v4
with:
cache: 'npm'

- name: Install dependencies
run: npm ci
env:
PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: 1

- name: Get Release Tag
id: release_tag
run: |
echo "RELEASE_TAG=${GITHUB_REF##*/}" >> $GITHUB_OUTPUT
- name: Build Release for ${{ matrix.store }}
run: npm run build
env:
MODE: production
VITE_PROVIDER: ${{ matrix.store }}
# Segment API Key
VITE_SEGMENT_API_KEY: ${{ secrets.SEGMENT_API_KEY }}
# Sentry AUTH Token
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
VITE_SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
# AWS Secrets
VITE_AWS_ACCESS_KEY_ID: ${{ secrets.EXPLORER_TEAM_AWS_ACCESS_KEY_ID }}
VITE_AWS_SECRET_ACCESS_KEY: ${{ secrets.EXPLORER_TEAM_AWS_SECRET_ACCESS_KEY }}
VITE_AWS_DEFAULT_REGION: ${{ secrets.EXPLORER_TEAM_AWS_DEFAULT_REGION }}
VITE_AWS_S3_BUCKET: ${{ secrets.EXPLORER_TEAM_S3_BUCKET }}
VITE_AWS_S3_BUCKET_PUBLIC_URL: ${{ vars.EXPLORER_TEAM_S3_BUCKET_PUBLIC_URL }}

# Download 'SSLcom/esigner-codesign' to a folder called 'esigner-codesign' in the root of the project
- name: Checkout esigner-codesign repository (Windows)
if: ${{ matrix.os == 'windows-latest' }}
uses: actions/checkout@v3
with:
repository: 'SSLcom/esigner-codesign'
path: esigner-codesign

- name: Compile artifacts and upload them to S3
uses: nick-fields/retry@v3
with:
timeout_minutes: 15
max_attempts: 6
retry_wait_seconds: 15
retry_on: error
shell: 'bash'
command: npx electron-builder --config electron-store-builder.cjs -c.extraMetadata.version=${{ steps.release_tag.outputs.release_tag }} -c.mac.notarize.teamId=${{ env.APPLE_TEAM_ID }} --publish always
env:
# Code Signing params
# See https://www.electron.build/code-signing
CSC_LINK: ${{ secrets.MACOS_CSC_LINK }}
CSC_KEY_PASSWORD: ${{ secrets.MACOS_CSC_KEY_PASSWORD }}
# Notarization params
# See https://www.electron.build/configuration/mac#NotarizeNotaryOptions
APPLE_ID: ${{ secrets.MACOS_NOTARIZATION_APPLE_ID }}
APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.MACOS_NOTARIZATION_PWD }}
APPLE_TEAM_ID: ${{ secrets.MACOS_NOTARIZATION_TEAM_ID }}
# Publishing artifacts
RELEASE_TAG: ${{ steps.release_tag.outputs.release_tag }}
GH_TOKEN: ${{ secrets.github_token }}
# The following are the parameters required by the esigner-codesign action to work, we must explicitly pass in even the optional ones since we're not using the action directly, but from the checked out repo
CODE_SIGN_SCRIPT_PATH: "${{ github.workspace }}\\esigner-codesign\\dist\\index.js"
INPUT_COMMAND: "sign"
INPUT_FILE_PATH: "${{ github.workspace }}\\dist\\Decentraland Launcher-win-x64.exe"
INPUT_OVERRIDE: "true"
INPUT_MALWARE_BLOCK: "false"
INPUT_CLEAN_LOGS: "false"
INPUT_JVM_MAX_MEMORY: "1024M"
INPUT_ENVIRONMENT_NAME: "PROD"
INPUT_USERNAME: ${{ secrets.ES_USERNAME }}
INPUT_PASSWORD: ${{ secrets.ES_PASSWORD }}
INPUT_TOTP_SECRET: ${{ secrets.ES_TOTP_SECRET }}
INPUT_CREDENTIAL_ID: ${{ secrets.WINDOWS_CREDENTIAL_ID_SIGNER }}
# S3 Params
AWS_ACCESS_KEY_ID: ${{ secrets.EXPLORER_TEAM_AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.EXPLORER_TEAM_AWS_SECRET_ACCESS_KEY }}
AWS_S3_BUCKET: ${{ secrets.EXPLORER_TEAM_S3_BUCKET }}
AWS_DEFAULT_REGION: ${{ secrets.EXPLORER_TEAM_AWS_DEFAULT_REGION }}
# Additional params to build the launcher
PROVIDER: ${{ matrix.store }}
11 changes: 11 additions & 0 deletions buildResources/Info.plist
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>NSMicrophoneUsageDescription</key>
<string>Need microphone access to use voice chat in the application</string>

<key>NSQuitAlwaysKeepsWindows</key>
<false/>
</dict>
</plist>
Loading

0 comments on commit d27c4c0

Please sign in to comment.