Dockery/Trilium
1
0
Fork 0
mirror of https://github.com/zadam/trilium.git synced 2025-12-16 05:09:54 +01:00
Code Issues Packages Projects Releases Activity

chore(monorepo): move everything into subdirectory for easy diffing

Browse Source
This commit is contained in:
Elian Doran
2025-04-18 01:28:32 +03:00
parent 3b69eadbf6
commit 318808f9ec
2646 changed files with 654 additions and 654 deletions
Download Patch File Download Diff File Expand all files Collapse all files

169
.github/actions/build-electron/action.yml vendored
View File

@@ -1,169 +0,0 @@
name: "Build Electron App"
description: "Builds and packages the Electron app for different platforms"
inputs:
os:
description: "One of the supported platforms: macos, linux, windows"
required: true
arch:
description: "The architecture to build for: x64, arm64"
required: true
shell:
description: "Which shell to use"
required: true
forge_platform:
description: "The --platform to pass to Electron Forge"
required: true
runs:
using: composite
steps:
# Certificate setup
- name: Import Apple certificates
if: inputs.os == 'macos'
uses: apple-actions/import-codesign-certs@v3
with:
p12-file-base64: ${{ env.APPLE_APP_CERTIFICATE_BASE64 }}
p12-password: ${{ env.APPLE_APP_CERTIFICATE_PASSWORD }}
keychain: build-app-${{ github.run_id }}
keychain-password: ${{ github.run_id }}
- name: Install Installer certificate
if: inputs.os == 'macos'
uses: apple-actions/import-codesign-certs@v3
with:
p12-file-base64: ${{ env.APPLE_INSTALLER_CERTIFICATE_BASE64 }}
p12-password: ${{ env.APPLE_INSTALLER_CERTIFICATE_PASSWORD }}
keychain: build-installer-${{ github.run_id }}
keychain-password: ${{ github.run_id }}
- name: Verify certificates
if: inputs.os == 'macos'
shell: ${{ inputs.shell }}
run: |
echo "Available signing identities in app keychain:"
security find-identity -v -p codesigning build-app-${{ github.run_id }}.keychain
echo "Available signing identities in installer keychain:"
security find-identity -v -p codesigning build-installer-${{ github.run_id }}.keychain
# Make the keychains searchable
security list-keychains -d user -s build-app-${{ github.run_id }}.keychain build-installer-${{ github.run_id }}.keychain $(security list-keychains -d user | tr -d '"')
security default-keychain -s build-app-${{ github.run_id }}.keychain
security unlock-keychain -p ${{ github.run_id }} build-app-${{ github.run_id }}.keychain
security unlock-keychain -p ${{ github.run_id }} build-installer-${{ github.run_id }}.keychain
security set-keychain-settings -t 3600 -l build-app-${{ github.run_id }}.keychain
security set-keychain-settings -t 3600 -l build-installer-${{ github.run_id }}.keychain
- name: Set up Python and other macOS dependencies
if: ${{ inputs.os == 'macos' }}
shell: ${{ inputs.shell }}
run: |
brew install python-setuptools
brew install create-dmg
- name: Install dependencies for RPM and Flatpak package building
if: ${{ inputs.os == 'linux' }}
shell: ${{ inputs.shell }}
run: |
sudo apt-get update && sudo apt-get install rpm flatpak-builder elfutils
flatpak remote-add --user --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
FLATPAK_ARCH=$(if [[ ${{ inputs.arch }} = 'arm64' ]]; then echo 'aarch64'; else echo 'x86_64'; fi)
FLATPAK_VERSION='24.08'
flatpak install --user --no-deps --arch $FLATPAK_ARCH --assumeyes runtime/org.freedesktop.Platform/$FLATPAK_ARCH/$FLATPAK_VERSION runtime/org.freedesktop.Sdk/$FLATPAK_ARCH/$FLATPAK_VERSION org.electronjs.Electron2.BaseApp/$FLATPAK_ARCH/$FLATPAK_VERSION
# Build setup
- name: Install dependencies
shell: ${{ inputs.shell }}
run: npm ci
- name: Update build info
shell: ${{ inputs.shell }}
run: npm run chore:update-build-info
# Critical debugging configuration
- name: Run electron-forge build with enhanced logging
shell: ${{ inputs.shell }}
env:
# Pass through required environment variables for signing and notarization
APPLE_TEAM_ID: ${{ env.APPLE_TEAM_ID }}
APPLE_ID: ${{ env.APPLE_ID }}
APPLE_ID_PASSWORD: ${{ env.APPLE_ID_PASSWORD }}
WINDOWS_SIGN_EXECUTABLE: ${{ env.WINDOWS_SIGN_EXECUTABLE }}
TRILIUM_ARTIFACT_NAME_HINT: TriliumNextNotes-${{ github.ref_name }}-${{ inputs.os }}-${{ inputs.arch }}
run: npm run electron-forge:make -- --arch=${{ inputs.arch }} --platform=${{ inputs.forge_platform }}
# Add DMG signing step
- name: Sign DMG
if: inputs.os == 'macos'
shell: ${{ inputs.shell }}
run: |
echo "Signing DMG file..."
dmg_file=$(find ./dist -name "*.dmg" -print -quit)
if [ -n "$dmg_file" ]; then
echo "Found DMG: $dmg_file"
# Get the first valid signing identity from the keychain
SIGNING_IDENTITY=$(security find-identity -v -p codesigning build-app-${{ github.run_id }}.keychain | grep "Developer ID Application" | head -1 | sed -E 's/.*"([^"]+)".*/\1/')
if [ -z "$SIGNING_IDENTITY" ]; then
echo "Error: No valid Developer ID Application certificate found in keychain"
exit 1
fi
echo "Using signing identity: $SIGNING_IDENTITY"
# Sign the DMG
codesign --force --sign "$SIGNING_IDENTITY" --options runtime --timestamp "$dmg_file"
# Notarize the DMG
xcrun notarytool submit "$dmg_file" --apple-id "$APPLE_ID" --password "$APPLE_ID_PASSWORD" --team-id "$APPLE_TEAM_ID" --wait
# Staple the notarization ticket
xcrun stapler staple "$dmg_file"
else
echo "No DMG found to sign"
fi
- name: Verify code signing
if: inputs.os == 'macos'
shell: ${{ inputs.shell }}
run: |
echo "Verifying code signing for all artifacts..."
# First check the .app bundle
echo "Looking for .app bundle..."
app_bundle=$(find ./dist -name "*.app" -print -quit)
if [ -n "$app_bundle" ]; then
echo "Found app bundle: $app_bundle"
echo "Verifying app bundle signing..."
codesign --verify --deep --strict --verbose=2 "$app_bundle"
echo "Displaying app bundle signing info..."
codesign --display --verbose=2 "$app_bundle"
echo "Checking entitlements..."
codesign --display --entitlements :- "$app_bundle"
echo "Checking notarization status..."
xcrun stapler validate "$app_bundle" || echo "Warning: App bundle not notarized yet"
else
echo "No .app bundle found to verify"
fi
# Then check DMG if it exists
echo "Looking for DMG..."
dmg_file=$(find ./dist -name "*.dmg" -print -quit)
if [ -n "$dmg_file" ]; then
echo "Found DMG: $dmg_file"
echo "Verifying DMG signing..."
codesign --verify --deep --strict --verbose=2 "$dmg_file"
echo "Displaying DMG signing info..."
codesign --display --verbose=2 "$dmg_file"
echo "Checking DMG notarization..."
xcrun stapler validate "$dmg_file" || echo "Warning: DMG not notarized yet"
else
echo "No DMG found to verify"
fi
# Finally check ZIP if it exists
echo "Looking for ZIP..."
zip_file=$(find ./dist -name "*.zip" -print -quit)
if [ -n "$zip_file" ]; then
echo "Found ZIP: $zip_file"
echo "Note: ZIP files are not code signed, but their contents should be"
fi

32
.github/actions/build-server/action.yml vendored
View File

@@ -1,32 +0,0 @@
inputs:
os:
description: "One of the supported platforms: windows"
required: true
arch:
description: "The architecture to build for: x64, arm64"
required: true
runs:
using: composite
steps:
- name: Set up node & dependencies
uses: actions/setup-node@v4
with:
node-version: 22
cache: "npm"
- name: Install dependencies
shell: bash
run: npm ci
- name: Run Linux server build
env:
MATRIX_ARCH: ${{ inputs.arch }}
shell: bash
run: |
npm run chore:update-build-info
./bin/build-server.sh
- name: Prepare artifacts
shell: bash
run: |
mkdir -p upload
file=$(find dist -name '*.tar.xz' -print -quit)
name=${{ github.ref_name }}
cp "$file" "upload/TriliumNextNotes-Server-${name//\//-}-${{ inputs.os }}-${{ inputs.arch }}.tar.xz"

79
.github/actions/report-size/action.yml vendored
View File

@@ -1,79 +0,0 @@
name: 'Bundle size reporter'
description: 'Post bundle size difference compared to another branch'
inputs:
branch:
description: 'Branch to compare to'
required: true
default: 'main'
paths:
description:
'Paths to json file bundle size report or folder containing bundles'
required: true
default: '/'
onlyDiff:
description: 'Report only different sizes'
required: false
default: 'false'
filter:
description: 'Regex filter based on file path'
required: false
unit:
description: 'Size unit'
required: false
default: 'KB'
# Comment inputs
comment:
description: 'Post comment'
required: false
default: 'true'
header:
description: 'Comment header'
required: false
default: 'Bundle size report'
append:
description: 'Append comment'
required: false
default: 'false'
ghToken:
description: 'Github token'
required: false
runs:
using: 'composite'
steps:
# Checkout branch to compare to [required]
- name: Checkout base branch
uses: actions/checkout@v4
with:
ref: ${{ inputs.branch }}
path: br-base
token: ${{ inputs.ghToken }}
# Generate the bundle size difference report [required]
- name: Generate report
id: bundleSize
uses: nejcm/bundle-size-reporter-action@v1.4.1
with:
paths: ${{ inputs.paths }}
onlyDiff: ${{ inputs.onlyDiff }}
filter: ${{ inputs.filter }}
unit: ${{ inputs.unit }}
# Post github action summary
- name: Post summary
if: ${{ steps.bundleSize.outputs.hasDifferences == 'true' }} # post only in case of changes
run: |
echo '${{ steps.bundleSize.outputs.summary }}' >> $GITHUB_STEP_SUMMARY
shell: bash
# Post github action comment
- name: Post comment
uses: marocchino/sticky-pull-request-comment@v2
if: ${{ steps.bundleSize.outputs.hasDifferences == 'true' }} # post only in case of changes
with:
number: ${{ github.event.pull_request.number }}
header: ${{ inputs.header }}
append: ${{ inputs.append }}
message: '${{ steps.bundleSize.outputs.summary }}'
GITHUB_TOKEN: ${{ inputs.ghToken }}