This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and Release Electron App (electron-builder) | |
| on: | |
| push: | |
| branches: | |
| - release | |
| pull_request: | |
| jobs: | |
| build: | |
| name: Build and Package | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| matrix: | |
| include: | |
| - os: ubuntu-latest | |
| arch: x64 | |
| # - os: ubuntu-latest | |
| # arch: arm64 | |
| - os: windows-latest | |
| arch: x64 | |
| - os: macos-latest | |
| arch: x64 | |
| - os: macos-latest | |
| arch: arm64 | |
| steps: | |
| - name: Checkout Repository | |
| uses: actions/checkout@v4 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: 22 | |
| cache: "npm" | |
| - name: Install Dependencies | |
| run: npm ci | |
| - name: Install Apple codesigning certificate | |
| if: ${{ matrix.os == 'macos-latest' }} | |
| env: | |
| BUILD_CERTIFICATE_BASE64: ${{ secrets.BUILD_CERTIFICATE_BASE64 }} | |
| P12_PASSWORD: ${{ secrets.P12_PASSWORD }} | |
| KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }} | |
| run: | | |
| CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12 | |
| KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db | |
| echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode > $CERTIFICATE_PATH | |
| security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH | |
| security set-keychain-settings -lut 21600 $KEYCHAIN_PATH | |
| security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH | |
| security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH | |
| security list-keychain -d user -s $KEYCHAIN_PATH | |
| # Build commands | |
| - name: Create Windows Builds | |
| if: ${{ matrix.os == 'windows-latest' }} | |
| run: npm run build:win | |
| - name: Create macOS Builds | |
| if: ${{ matrix.os == 'macos-latest' }} | |
| env: | |
| APPLE_ID: ${{ secrets.APPLE_ID }} | |
| APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.APPLE_PASSWORD }} | |
| APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} | |
| run: npm run build:mac | |
| - name: Create Linux Builds | |
| if: ${{ matrix.os == 'ubuntu-latest' }} | |
| run: npm run build:linux | |
| - name: Find and Rename Windows Executable | |
| if: ${{ matrix.os == 'windows-latest' }} | |
| shell: pwsh | |
| run: | | |
| $exePath = Get-ChildItem -Path dist -Recurse -Filter "*.exe" | Select-Object -First 1 | |
| if (-not $exePath) { throw "Error: No .exe file was found in dist."; } | |
| Write-Host "The found executable is: $($exePath.FullName)" | |
| $destinationPath = "${{ matrix.os }}-${{ matrix.arch }}.exe" | |
| Copy-Item -Path $exePath.FullName -Destination $destinationPath | |
| Write-Host "Copied executable to: $destinationPath" | |
| - name: Find and Rename macOS Package | |
| if: ${{ matrix.os == 'macos-latest' }} | |
| run: | | |
| if [ -d "dist" ]; then | |
| package_file=$(find dist -maxdepth 1 -name "*.dmg" -o -name "*.zip" -o -name "*.pkg" | head -1) | |
| if [ -n "$package_file" ]; then | |
| extension="${package_file##*.}" | |
| cp "$package_file" "${{ matrix.os }}-${{ matrix.arch }}.$extension" | |
| echo "Copied package to: ${{ matrix.os }}-${{ matrix.arch }}.$extension" | |
| else | |
| echo "No macOS package found in dist" | |
| ls -la dist/ || echo "dist directory not found or empty" | |
| fi | |
| else | |
| echo "dist directory not found" | |
| fi | |
| - name: Find and Rename Linux Packages | |
| if: ${{ matrix.os == 'ubuntu-latest' }} | |
| run: | | |
| if [ -d "dist" ]; then | |
| shopt -s nullglob | |
| for package_file in dist/*.deb dist/*.rpm dist/*.AppImage dist/*.tar.gz; do | |
| [ -e "$package_file" ] || continue | |
| filename=$(basename "$package_file") | |
| extension="${filename##*.}" | |
| if [[ "$filename" == *.tar.gz ]]; then | |
| extension="tar.gz" | |
| fi | |
| dest="${{ matrix.os }}-${{ matrix.arch }}.${extension}" | |
| cp "$package_file" "$dest" | |
| echo "Copied $package_file to $dest" | |
| done | |
| else | |
| echo "dist directory not found" | |
| fi | |
| # (Optional Windows Signing step remains) | |
| - name: Azure Trusted Signing (Windows Only) | |
| if: ${{ matrix.os == 'windows-latest' }} | |
| uses: azure/trusted-signing-action@v0.5.1 | |
| with: | |
| azure-tenant-id: ${{ secrets.AZURE_TENANT_ID }} | |
| azure-client-id: ${{ secrets.AZURE_CLIENT_ID }} | |
| azure-client-secret: ${{ secrets.AZURE_CLIENT_SECRET }} | |
| endpoint: https://eus.codesigning.azure.net/ | |
| trusted-signing-account-name: open-webui | |
| certificate-profile-name: open-webui | |
| files-folder: . | |
| files-folder-filter: exe | |
| - name: List files for debugging | |
| shell: bash | |
| run: | | |
| echo "Files in current directory:" | |
| ls -la | |
| echo "Files in dist directory (if exists):" | |
| ls -la dist/ || echo "dist directory not found" | |
| - name: Upload Artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: ${{ matrix.os }}-${{ matrix.arch }} | |
| path: | | |
| ${{ matrix.os }}-${{ matrix.arch }}.* | |
| if-no-files-found: warn | |
| release: | |
| needs: build | |
| runs-on: ubuntu-latest | |
| if: github.event_name == 'push' && github.ref == 'refs/heads/release' | |
| steps: | |
| - name: Checkout Repository | |
| uses: actions/checkout@v4 | |
| - name: Get Short SHA | |
| id: slug | |
| run: echo "sha8=$(echo ${GITHUB_SHA} | cut -c1-8)" >> $GITHUB_OUTPUT | |
| - name: Download Artifacts | |
| uses: actions/download-artifact@v4 | |
| - name: List downloaded artifacts | |
| run: | | |
| echo "Downloaded artifacts:" | |
| find . -type f -name "*" | grep -E "\.(exe|zip|dmg|pkg|deb|rpm|AppImage|tar\.gz)$" || echo "No package files found" | |
| ls -la | |
| - name: Create Release | |
| id: create_release | |
| uses: softprops/action-gh-release@v1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| tag_name: build-${{ steps.slug.outputs.sha8 }} | |
| name: Build ${{ steps.slug.outputs.sha8 }} | |
| draft: false | |
| prerelease: false | |
| files: | | |
| **/*.zip | |
| **/*.exe | |
| **/*.dmg | |
| **/*.pkg | |
| **/*.deb | |
| **/*.rpm | |
| **/*.AppImage | |
| **/*.tar.gz |