jyapayne/Sunshine
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

ci: harden workflows (#4412)

Browse source
This commit is contained in:
David Lane 2025-11-12 10:48:21 -05:00 committed by GitHub
commit a2e6fc9f2a
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
7 changed files with 65 additions and 60 deletions
Download patch file Download diff file Expand all files Collapse all files

39
.github/workflows/ci-flatpak.yml vendored
View file

@ -18,6 +18,7 @@ jobs:
name: ${{ matrix.arch }} name: ${{ matrix.arch }}
env: env:
APP_ID: dev.lizardbyte.app.Sunshine APP_ID: dev.lizardbyte.app.Sunshine
MATRIX_ARCH: ${{ matrix.arch }}
NODE_VERSION: "20" NODE_VERSION: "20"
PLATFORM_VERSION: "24.08" PLATFORM_VERSION: "24.08"
runs-on: ${{ matrix.runner }} runs-on: ${{ matrix.runner }}
@ -75,9 +76,9 @@ jobs:
sudo su "$(whoami)" -c "flatpak --user install -y flathub \ sudo su "$(whoami)" -c "flatpak --user install -y flathub \
org.flatpak.Builder \ org.flatpak.Builder \
org.freedesktop.Platform/${{ matrix.arch }}/${PLATFORM_VERSION} \ org.freedesktop.Platform/${MATRIX_ARCH}/${PLATFORM_VERSION} \
org.freedesktop.Sdk/${{ matrix.arch }}/${PLATFORM_VERSION} \ org.freedesktop.Sdk/${MATRIX_ARCH}/${PLATFORM_VERSION} \
org.freedesktop.Sdk.Extension.node${NODE_VERSION}/${{ matrix.arch }}/${PLATFORM_VERSION} \ org.freedesktop.Sdk.Extension.node${NODE_VERSION}/${MATRIX_ARCH}/${PLATFORM_VERSION} \
" "
flatpak run org.flatpak.Builder --version flatpak run org.flatpak.Builder --version
@ -99,17 +100,19 @@ jobs:
- name: Configure Flatpak Manifest - name: Configure Flatpak Manifest
env: env:
BRANCH: ${{ github.ref }} INPUT_RELEASE_VERSION: ${{ inputs.release_version }}
INPUT_RELEASE_COMMIT: ${{ inputs.release_commit }}
REPOSITORY_CLONE_URL: ${{ github.event.repository.clone_url }}
run: | run: |
# variables for manifest # variables for manifest
branch="${BRANCH}" branch="${GITHUB_REF}"
build_version="${{ inputs.release_version }}" build_version="${INPUT_RELEASE_VERSION}"
commit="${{ inputs.release_commit }}" commit="${INPUT_RELEASE_COMMIT}"
clone_url="${{ github.event.repository.clone_url }}" clone_url="${REPOSITORY_CLONE_URL}"
if [ "${{ github.event_name }}" == "push" ]; then if [ "${GITHUB_EVENT_NAME}" == "push" ]; then
echo "This is a PUSH event" echo "This is a PUSH event"
branch="${{ github.ref_name }}" branch="${GITHUB_REF_NAME}"
fi fi
echo "Branch: ${branch}" echo "Branch: ${branch}"
@ -124,7 +127,7 @@ jobs:
mkdir -p build mkdir -p build
mkdir -p artifacts mkdir -p artifacts
cmake -DGITHUB_CLONE_URL=${clone_url} \ cmake -DGITHUB_CLONE_URL="${clone_url}" \
-B build \ -B build \
-S . \ -S . \
-DSUNSHINE_CONFIGURE_FLATPAK_MAN=ON \ -DSUNSHINE_CONFIGURE_FLATPAK_MAN=ON \
@ -139,14 +142,14 @@ jobs:
run: | run: |
echo "::add-matcher::.github/matchers/gcc-strip3.json" echo "::add-matcher::.github/matchers/gcc-strip3.json"
sudo su "$(whoami)" -c "flatpak run org.flatpak.Builder \ sudo su "$(whoami)" -c "flatpak run org.flatpak.Builder \
--arch=${{ matrix.arch }} \ --arch=${MATRIX_ARCH} \
--force-clean \ --force-clean \
--repo=repo \ --repo=repo \
--sandbox \ --sandbox \
--stop-at=cuda build-sunshine ${APP_ID}.yml" --stop-at=cuda build-sunshine ${APP_ID}.yml"
cp -r .flatpak-builder copy-of-flatpak-builder cp -r .flatpak-builder copy-of-flatpak-builder
sudo su "$(whoami)" -c "flatpak run org.flatpak.Builder \ sudo su "$(whoami)" -c "flatpak run org.flatpak.Builder \
--arch=${{ matrix.arch }} \ --arch=${MATRIX_ARCH} \
--force-clean \ --force-clean \
--repo=repo \ --repo=repo \
--sandbox \ --sandbox \
@ -154,20 +157,20 @@ jobs:
rm -rf .flatpak-builder rm -rf .flatpak-builder
mv copy-of-flatpak-builder .flatpak-builder mv copy-of-flatpak-builder .flatpak-builder
sudo su "$(whoami)" -c "flatpak build-bundle \ sudo su "$(whoami)" -c "flatpak build-bundle \
--arch=${{ matrix.arch }} \ --arch=${MATRIX_ARCH} \
./repo \ ./repo \
../artifacts/sunshine_${{ matrix.arch }}.flatpak ${APP_ID}" ../artifacts/sunshine_${MATRIX_ARCH}.flatpak ${APP_ID}"
sudo su "$(whoami)" -c "flatpak build-bundle \ sudo su "$(whoami)" -c "flatpak build-bundle \
--runtime \ --runtime \
--arch=${{ matrix.arch }} \ --arch=${MATRIX_ARCH} \
./repo \ ./repo \
../artifacts/sunshine_debug_${{ matrix.arch }}.flatpak ${APP_ID}.Debug" ../artifacts/sunshine_debug_${MATRIX_ARCH}.flatpak ${APP_ID}.Debug"
echo "::remove-matcher owner=gcc-strip3::" echo "::remove-matcher owner=gcc-strip3::"
- name: Lint Flatpak - name: Lint Flatpak
working-directory: build working-directory: build
run: | run: |
exceptions_file="${{ github.workspace }}/packaging/linux/flatpak/exceptions.json" exceptions_file="${GITHUB_WORKSPACE}/packaging/linux/flatpak/exceptions.json"
echo "Linting flatpak manifest" echo "Linting flatpak manifest"
flatpak run --command=flatpak-builder-lint org.flatpak.Builder \ flatpak run --command=flatpak-builder-lint org.flatpak.Builder \

8
.github/workflows/ci-freebsd.yml vendored
View file

@ -169,9 +169,9 @@ jobs:
-DSUNSHINE_ENABLE_DRM=OFF \ -DSUNSHINE_ENABLE_DRM=OFF \
-DSUNSHINE_ENABLE_WAYLAND=ON \ -DSUNSHINE_ENABLE_WAYLAND=ON \
-DSUNSHINE_ENABLE_X11=ON \ -DSUNSHINE_ENABLE_X11=ON \
-DSUNSHINE_PUBLISHER_NAME='${{ github.repository_owner }}' \ -DSUNSHINE_PUBLISHER_NAME="${GITHUB_REPOSITORY_OWNER}" \
-DSUNSHINE_PUBLISHER_WEBSITE='https://app.lizardbyte.dev' \ -DSUNSHINE_PUBLISHER_WEBSITE="https://app.lizardbyte.dev" \
-DSUNSHINE_PUBLISHER_ISSUE_URL='https://app.lizardbyte.dev/support' -DSUNSHINE_PUBLISHER_ISSUE_URL="https://app.lizardbyte.dev/support"
- name: Build - name: Build
shell: freebsd {0} shell: freebsd {0}
@ -265,7 +265,7 @@ jobs:
if-no-files-found: error if-no-files-found: error
- name: Upload Artifacts - name: Upload Artifacts
uses: actions/upload-artifact@v4 uses: actions/upload-artifact@v5
with: with:
name: build-FreeBSD-${{ matrix.bsd_release }}-${{ matrix.cmake_processor }} name: build-FreeBSD-${{ matrix.bsd_release }}-${{ matrix.cmake_processor }}
path: artifacts/ path: artifacts/

30
.github/workflows/ci-homebrew.yml vendored
View file

@ -74,27 +74,33 @@ jobs:
- name: Configure formula - name: Configure formula
env: env:
HEAD_REF: ${{ github.head_ref }} INPUT_RELEASE_VERSION: ${{ inputs.release_version }}
INPUT_RELEASE_COMMIT: ${{ inputs.release_commit }}
INPUT_RELEASE_TAG: ${{ inputs.release_tag }}
MATRIX_RELEASE: ${{ matrix.release }}
PR_CLONE_URL: ${{ github.event.pull_request.head.repo.clone_url }}
PR_HEAD_REF: ${{ github.event.pull_request.head.ref }} PR_HEAD_REF: ${{ github.event.pull_request.head.ref }}
PR_DEFAULT_BRANCH: ${{ github.event.pull_request.head.repo.default_branch }} PR_DEFAULT_BRANCH: ${{ github.event.pull_request.head.repo.default_branch }}
REPOSITORY_CLONE_URL: ${{ github.event.repository.clone_url }}
REPOSITORY_DEFAULT_BRANCH: ${{ github.event.repository.default_branch }}
run: | run: |
# variables for formula # variables for formula
branch="${HEAD_REF}" branch="${GITHUB_HEAD_REF}"
build_version="${{ inputs.release_version }}" build_version="${INPUT_RELEASE_VERSION}"
clone_url="${{ github.event.repository.clone_url }}" clone_url="${REPOSITORY_CLONE_URL}"
commit="${{ inputs.release_commit }}" commit="${INPUT_RELEASE_COMMIT}"
default_branch="${{ github.event.repository.default_branch }}" default_branch="${REPOSITORY_DEFAULT_BRANCH}"
tag="${{ github.ref_name }}" tag="${GITHUB_REF_NAME}"
if [ "${{ github.event_name }}" == "push" ]; then if [ "${GITHUB_EVENT_NAME}" == "push" ]; then
echo "This is a PUSH event" echo "This is a PUSH event"
if [ "${{ matrix.release }}" == "true" ]; then if [ "${MATRIX_RELEASE}" == "true" ]; then
# we will publish the formula with the release tag # we will publish the formula with the release tag
tag="${{ inputs.release_tag }}" tag="${INPUT_RELEASE_TAG}"
fi fi
elif [ "${{ github.event_name }}" == "pull_request" ]; then elif [ "${GITHUB_EVENT_NAME}" == "pull_request" ]; then
echo "This is a PR event" echo "This is a PR event"
clone_url=${{ github.event.pull_request.head.repo.clone_url }} clone_url=${PR_CLONE_URL}
branch="${PR_HEAD_REF}" branch="${PR_HEAD_REF}"
default_branch="${PR_DEFAULT_BRANCH}" default_branch="${PR_DEFAULT_BRANCH}"
tag="${PR_HEAD_REF}" tag="${PR_HEAD_REF}"

13
.github/workflows/ci-linux.yml vendored
View file

@ -18,6 +18,7 @@ jobs:
name: ${{ matrix.name }} name: ${{ matrix.name }}
env: env:
APP_ID: dev.lizardbyte.app.Sunshine APP_ID: dev.lizardbyte.app.Sunshine
VERSION: ${{ inputs.release_version }}
runs-on: ubuntu-${{ matrix.dist }} runs-on: ubuntu-${{ matrix.dist }}
strategy: strategy:
fail-fast: false fail-fast: false
@ -89,20 +90,14 @@ jobs:
chmod +x ./scripts/linux_build.sh chmod +x ./scripts/linux_build.sh
echo "::add-matcher::.github/matchers/gcc.json" echo "::add-matcher::.github/matchers/gcc.json"
./scripts/linux_build.sh \ ./scripts/linux_build.sh \
--publisher-name='${{ github.repository_owner }}' \ --publisher-name="${GITHUB_REPOSITORY_OWNER}" \
--publisher-website='https://app.lizardbyte.dev' \ --publisher-website="https://app.lizardbyte.dev" \
--publisher-issue-url='https://app.lizardbyte.dev/support' \ --publisher-issue-url="https://app.lizardbyte.dev/support" \
--skip-cleanup \ --skip-cleanup \
--skip-package \ --skip-package \
--ubuntu-test-repo ${{ matrix.EXTRA_ARGS }} --ubuntu-test-repo ${{ matrix.EXTRA_ARGS }}
echo "::remove-matcher owner=gcc::" echo "::remove-matcher owner=gcc::"
- name: Set AppImage Version
if: matrix.name == 'AppImage'
run: |
version=${{ inputs.release_version }}
echo "VERSION=${version}" >> "${GITHUB_ENV}"
- name: Package Linux - AppImage - name: Package Linux - AppImage
if: matrix.name == 'AppImage' if: matrix.name == 'AppImage'
working-directory: build working-directory: build

6
.github/workflows/ci-windows.yml vendored
View file

@ -266,9 +266,9 @@ jobs:
-DBUILD_WERROR=ON \ -DBUILD_WERROR=ON \
-DCMAKE_BUILD_TYPE=RelWithDebInfo \ -DCMAKE_BUILD_TYPE=RelWithDebInfo \
-DSUNSHINE_ASSETS_DIR=assets \ -DSUNSHINE_ASSETS_DIR=assets \
-DSUNSHINE_PUBLISHER_NAME='${{ github.repository_owner }}' \ -DSUNSHINE_PUBLISHER_NAME="${GITHUB_REPOSITORY_OWNER}" \
-DSUNSHINE_PUBLISHER_WEBSITE='https://app.lizardbyte.dev' \ -DSUNSHINE_PUBLISHER_WEBSITE="https://app.lizardbyte.dev" \
-DSUNSHINE_PUBLISHER_ISSUE_URL='https://app.lizardbyte.dev/support' -DSUNSHINE_PUBLISHER_ISSUE_URL="https://app.lizardbyte.dev/support"
echo "::add-matcher::.github/matchers/gcc.json" echo "::add-matcher::.github/matchers/gcc.json"
ninja -C build ninja -C build
echo "::remove-matcher owner=gcc::" echo "::remove-matcher owner=gcc::"

8
.github/workflows/ci.yml vendored
View file

@ -179,11 +179,11 @@ jobs:
- name: Should run - name: Should run
id: should_run id: should_run
run: | run: |
if [ ${{ github.event_name }} != 'pull_request' ] || [ ${{ matrix.pr }} == 'true' ]; then should_run="false"
echo "SHOULD_RUN=true" >> "${GITHUB_OUTPUT}" if [ "${GITHUB_EVENT_NAME}" != "pull_request" ] || [ ${{ matrix.pr }} == "true" ]; then
else should_run="true"
echo "SHOULD_RUN=false" >> "${GITHUB_OUTPUT}"
fi fi
echo "SHOULD_RUN=${should_run}" >> "${GITHUB_OUTPUT}"
- name: Checkout - name: Checkout
if: steps.should_run.outputs.SHOULD_RUN == 'true' if: steps.should_run.outputs.SHOULD_RUN == 'true'

21
.github/workflows/localize.yml vendored
View file

@ -14,7 +14,7 @@ on:
workflow_dispatch: workflow_dispatch:
env: env:
file: ./locale/sunshine.po FILE: ./locale/sunshine.po
jobs: jobs:
localize: localize:
@ -44,20 +44,21 @@ jobs:
- name: Update Strings - name: Update Strings
run: | run: |
new_file=true
# first, try to remove existing file as xgettext does not remove unused translations # first, try to remove existing file as xgettext does not remove unused translations
if [ -f "${{ env.file }}" ]; if [ -f "${FILE}" ];
then then
rm ${{ env.file }} rm "${FILE}"
echo "new_file=false" >> "${GITHUB_ENV}" new_file=false
else
echo "new_file=true" >> "${GITHUB_ENV}"
fi fi
echo "NEW_FILE=${new_file}" >> "${GITHUB_ENV}"
# extract the new strings # extract the new strings
python ./scripts/_locale.py --extract python ./scripts/_locale.py --extract
- name: git diff - name: git diff
if: env.new_file == 'false' if: env.NEW_FILE == 'false'
run: | run: |
# disable the pager # disable the pager
git config --global pager.diff false git config --global pager.diff false
@ -67,13 +68,13 @@ jobs:
# set the variable with minimal output, replacing `\t` with ` ` # set the variable with minimal output, replacing `\t` with ` `
OUTPUT=$(git diff --numstat locale/sunshine.po | sed -e "s#\t# #g") OUTPUT=$(git diff --numstat locale/sunshine.po | sed -e "s#\t# #g")
echo "git_diff=${OUTPUT}" >> "${GITHUB_ENV}" echo "GIT_DIFF=${OUTPUT}" >> "${GITHUB_ENV}"
- name: git reset - name: git reset
# only run if a single line changed (date/time) and file already existed # only run if a single line changed (date/time) and file already existed
if: >- if: >-
env.git_diff == '1 1 locale/sunshine.po' && env.GIT_DIFF == '1 1 locale/sunshine.po' &&
env.new_file == 'false' env.NEW_FILE == 'false'
run: | run: |
git reset --hard git reset --hard