TidGi-Desktop/.github/workflows/release.yml

name: Release App

on:
  push:
    tags:
      - 'v*.*.*'
    paths-ignore:
      - 'README.md'
      - 'docs/**'
      - '.vscode'
  pull_request:
    branches:
      - master
    paths-ignore:
      - 'docs/**'
      - 'README.md'
      - '.vscode'

concurrency:
  group: release-ci-group
  cancel-in-progress: true

jobs:
  test:
    uses: ./.github/workflows/test.yml

  build:
    needs: test
    strategy:
      matrix:
        include:
          - os: ubuntu-latest
            platform: linux
            arch: x64
          - os: ubuntu-latest
            platform: linux
            arch: arm64
          - os: macos-latest
            platform: mac
            arch: x64
          - os: macos-latest
            platform: mac
            arch: arm64
          - os: windows-latest
            platform: win
            arch: x64
          - os: windows-latest
            platform: win
            arch: arm64
    
    runs-on: ${{ matrix.os }}
    
    steps:
      - name: Checkout repository
        uses: actions/checkout@v4

      - name: Install Node.js
        uses: actions/setup-node@v4
        with:
          node-version: lts/*

      - name: Setup pnpm
        uses: pnpm/action-setup@v4
        with:
          version: 'latest'
          run_install: false

      - name: Cache dependencies
        uses: actions/cache@v3
        with:
          path: |
            **/node_modules
            ~/.pnpm-store
            ~/.npm
          key: ${{ runner.os }}-${{ matrix.arch }}-node-${{ hashFiles('**/package-lock.json') }}
          restore-keys: |
            ${{ runner.os }}-${{ matrix.arch }}-node-${{ hashFiles('**/package-lock.json') }}
            ${{ runner.os }}-${{ matrix.arch }}-node-

      # Linux specific: Initialize CodeQL (only for x64)
      - name: Initialize CodeQL
        if: matrix.platform == 'linux' && matrix.arch == 'x64'
        uses: github/codeql-action/init@v2
        with:
          languages: javascript

      # Windows specific: Set up CV dependency for pngquant-bin
      - name: Set up CV dependency for pngquant-bin
        if: matrix.platform == 'win'
        uses: ilammy/msvc-dev-cmd@v1

      # Install dependencies for x64 architectures
      - name: Install dependencies (x64)
        if: matrix.arch == 'x64'
        run: |
          ${{ matrix.platform == 'linux' && 'pnpm install && pnpm remove registry-js' || 'pnpm install' }}
        env:
          npm_config_arch: x64

      # Install dependencies for arm64 architectures
      - name: Install dependencies (arm64)
        if: matrix.arch == 'arm64'
        run: pnpm install dugite --force
        env:
          npm_config_arch: ${{ matrix.platform == 'win' && 'ia32' || 'arm64' }}

      # Build step using direct electron-forge commands
      - name: Build plugins
        run: pnpm run build:plugin

      - name: Make ${{ matrix.platform }} (${{ matrix.arch }})
        run: |
          pnpm exec electron-forge make --platform=${{ matrix.platform == 'mac' && 'darwin' || matrix.platform == 'win' && 'win32' || 'linux' }} --arch=${{ matrix.arch }}
        env:
          NODE_ENV: production
          # macOS specific environment variables
          APPLE_ID: ${{ matrix.platform == 'mac' && secrets.APPLE_ID || '' }}
          APPLE_ID_PASSWORD: ${{ matrix.platform == 'mac' && secrets.APPLE_ID_PASSWORD || '' }}
          # Windows specific environment variables
          CSC_LINK: ${{ matrix.platform == 'win' && secrets.WIN_CERT || '' }}
          CSC_KEY_PASSWORD: ${{ matrix.platform == 'win' && secrets.WIN_CERT_PASS || '' }}
          # Common environment variables
          CI: true
          CI_PULL_REQUEST: ${{ github.event_name == 'pull_request' }}
          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}

      # Linux specific: Perform CodeQL Analysis (only for x64)
      - name: Perform CodeQL Analysis
        if: matrix.platform == 'linux' && matrix.arch == 'x64'
        uses: github/codeql-action/analyze@v2

      # Create Release (upload artifacts from all builds)
      - name: Create Release
        uses: softprops/action-gh-release@v1
        if: startsWith(github.ref, 'refs/tags/')
        with:
          draft: true
          generate_release_notes: true
          files: |
            ${{ matrix.platform == 'win' && 'out/make/**/*.exe' || 'out/make/**/*' }}
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

      # Bundle Stats (avoid duplicates by running only once per platform)
      - name: Get Renderer Bundle Stats
        if: matrix.arch == 'x64'
        uses: vio/bundle-stats-action@v1
        with:
          id: renderer-${{ matrix.platform }}
          webpack-stats-path: 'out/webpack-stats-renderer.json'
          repo-token: ${{ secrets.GITHUB_TOKEN }}

      - name: Get Main Bundle Stats
        if: matrix.arch == 'x64'
        uses: vio/bundle-stats-action@v1
        with:
          id: main-${{ matrix.platform }}
          webpack-stats-path: 'out/webpack-stats-main.json'
          repo-token: ${{ secrets.GITHUB_TOKEN }}