admin/lingxi-ai
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
lingxi-ai/.github/workflows/desktop-release.yml
T
yi 7d10320a82
Build / build (push) Has been cancelled
Details
NPM Lockfile Check / npm ci --ignore-scripts (push) Has been cancelled
Details
Playwright / e2e (push) Has been cancelled
Details
feat: 灵犀 Studio Web UI 定制版 
Co-authored-by: Cursor <cursoragent@cursor.com>
2026-06-05 11:29:11 +08:00

207 lines
7.1 KiB
YAML
Raw Permalink Blame History

name: Publish Desktop Artifacts to Release
on:
workflow_dispatch:
inputs:
tag:
description: "Existing release tag to attach artifacts to (e.g. v0.6.5)"
required: true
release:
types: [published]
permissions:
contents: write
concurrency:
group: desktop-release-${{ github.event.release.tag_name || github.event.inputs.tag || github.ref }}
cancel-in-progress: false
jobs:
desktop:
name: Desktop (${{ matrix.label }})
runs-on: ${{ matrix.runner }}
strategy:
fail-fast: false
matrix:
include:
- label: macOS arm64
runner: macos-14
target_os: darwin
target_arch: arm64
electron_target: "--mac dmg zip --arm64"
artifact_files: |
packages/desktop/release/*.dmg
packages/desktop/release/*.dmg.blockmap
packages/desktop/release/*.zip
packages/desktop/release/*.zip.blockmap
- label: macOS x64
runner: macos-15-intel
target_os: darwin
target_arch: x64
electron_target: "--mac dmg zip --x64"
artifact_files: |
packages/desktop/release/*.dmg
packages/desktop/release/*.dmg.blockmap
packages/desktop/release/*.zip
packages/desktop/release/*.zip.blockmap
- label: Windows x64
runner: windows-latest
target_os: win32
target_arch: x64
electron_target: "--win nsis --x64"
artifact_files: |
packages/desktop/release/*.exe
packages/desktop/release/*.exe.blockmap
packages/desktop/release/latest*.yml
- label: Linux x64
runner: ubuntu-22.04
target_os: linux
target_arch: x64
electron_target: "--linux AppImage deb --x64"
artifact_files: |
packages/desktop/release/*.AppImage
packages/desktop/release/*.deb
packages/desktop/release/latest*.yml
- label: Linux arm64
runner: ubuntu-22.04-arm
target_os: linux
target_arch: arm64
electron_target: "--linux AppImage --arm64"
artifact_files: |
packages/desktop/release/*.AppImage
packages/desktop/release/latest*.yml
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
ref: ${{ github.event.release.tag_name || github.event.inputs.tag }}
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: 24
cache: npm
cache-dependency-path: |
package-lock.json
packages/desktop/package-lock.json
- name: Install web UI dependencies
run: |
npm ci --ignore-scripts
npm rebuild node-pty
- name: Build web UI
run: npm run build
- name: Keep production web UI dependencies only
run: npm prune --omit=dev --no-audit --no-fund
- name: Install desktop dependencies
run: npm ci --prefix packages/desktop --no-audit --no-fund
- name: Write runtime release metadata
shell: bash
env:
HERMES_DESKTOP_RUNTIME_RELEASE_TAG: ${{ vars.HERMES_DESKTOP_RUNTIME_RELEASE_TAG }}
run: npm --prefix packages/desktop run write:runtime-release
- name: Configure macOS signing
if: matrix.target_os == 'darwin'
shell: bash
env:
MAC_CSC_LINK: ${{ secrets.MAC_CSC_LINK }}
MAC_CSC_KEY_PASSWORD: ${{ secrets.MAC_CSC_KEY_PASSWORD }}
MAC_APPLE_ID: ${{ secrets.APPLE_ID }}
MAC_APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.APPLE_APP_SPECIFIC_PASSWORD }}
MAC_APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
run: |
write_env() {
local name="$1"
local value="$2"
if [ -n "$value" ]; then
{
echo "$name<<EOF"
echo "$value"
echo "EOF"
} >> "$GITHUB_ENV"
fi
}
if [ -z "${MAC_CSC_LINK:-}" ]; then
echo "CSC_IDENTITY_AUTO_DISCOVERY=false" >> "$GITHUB_ENV"
echo "MAC_BUILD_EXTRA_ARGS=--config.mac.notarize=false" >> "$GITHUB_ENV"
echo "No macOS signing certificate configured; building unsigned and skipping notarization."
exit 0
fi
write_env "CSC_LINK" "$MAC_CSC_LINK"
write_env "CSC_KEY_PASSWORD" "$MAC_CSC_KEY_PASSWORD"
if [ -n "${MAC_APPLE_ID:-}" ] && [ -n "${MAC_APPLE_APP_SPECIFIC_PASSWORD:-}" ] && [ -n "${MAC_APPLE_TEAM_ID:-}" ]; then
write_env "APPLE_ID" "$MAC_APPLE_ID"
write_env "APPLE_APP_SPECIFIC_PASSWORD" "$MAC_APPLE_APP_SPECIFIC_PASSWORD"
write_env "APPLE_TEAM_ID" "$MAC_APPLE_TEAM_ID"
echo "macOS signing and notarization are configured."
else
echo "MAC_BUILD_EXTRA_ARGS=--config.mac.notarize=false" >> "$GITHUB_ENV"
echo "macOS signing certificate configured; Apple notarization credentials incomplete, skipping notarization."
fi
- name: Build desktop artifact
shell: bash
run: |
if [ "${{ matrix.target_os }}" = "darwin" ]; then
ulimit -n 10240 || true
echo "File descriptor limit: $(ulimit -n)"
fi
npm --prefix packages/desktop run dist -- ${{ matrix.electron_target }} ${MAC_BUILD_EXTRA_ARGS:-} --publish never
- name: Upload macOS update manifest artifact
if: matrix.target_os == 'darwin'
uses: actions/upload-artifact@v4
with:
name: latest-mac-${{ matrix.target_arch }}
path: packages/desktop/release/latest-mac.yml
if-no-files-found: error
retention-days: 1
- name: Upload artifacts to release
uses: softprops/action-gh-release@v2
with:
tag_name: ${{ github.event.release.tag_name || github.event.inputs.tag }}
fail_on_unmatched_files: true
files: ${{ matrix.artifact_files }}
mac-update-manifest:
name: Merge macOS updater manifest
needs: desktop
runs-on: ubuntu-22.04
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
ref: ${{ github.event.release.tag_name || github.event.inputs.tag }}
- name: Download macOS update manifests
uses: actions/download-artifact@v4
with:
pattern: latest-mac-*
path: /tmp/hermes-mac-manifests
merge-multiple: false
- name: Merge macOS update manifests
shell: bash
run: |
node packages/desktop/scripts/merge-mac-latest-yml.mjs \
/tmp/hermes-mac-manifests/latest-mac-arm64/latest-mac.yml \
/tmp/hermes-mac-manifests/latest-mac-x64/latest-mac.yml \
> /tmp/latest-mac.yml
- name: Upload merged macOS updater manifest to release
uses: softprops/action-gh-release@v2
with:
tag_name: ${{ github.event.release.tag_name || github.event.inputs.tag }}
fail_on_unmatched_files: true
files: /tmp/latest-mac.yml
Reference in New Issue View Git Blame Copy Permalink