Skip to content

Two FA

Two FA #967

Workflow file for this run

name: PR
on:
workflow_dispatch:
pull_request:
env:
node-version: 20.11.1
permissions:
pull-requests: write
jobs:
desktop-build:
name: desktop-build
strategy:
matrix:
include:
- os: ubuntu-latest
command: make:intel
tag: x64
dist: /apps/desktop/out/make
- os: ubuntu-latest
command: make:arm
tag: arm64
dist: /apps/desktop/out/make
- os: windows-latest
command: make:intel
tag: x64
dist: /apps/desktop/out/make/squirrel.windows/x64/*Setup.exe
- os: macos-13
command: make:intel
tag: x64
dist: /apps/desktop/out/make
- os: macos-13
command: make:arm
tag: arm
dist: /apps/desktop/out/make
- os: macos-13
command: make:universal
tag: universal
dist: /apps/desktop/out/make
runs-on: ${{ matrix.os }}
timeout-minutes: 30
env:
APPLE_API_KEY: ${{ github.workspace }}/AuthKey.p8
APPLE_API_KEY_ID: ${{ secrets.APPLE_API_KEY_ID }}
APPLE_API_ISSUER: ${{ secrets.APPLE_API_ISSUER }}
REACT_APP_AMPLITUDE: ${{ secrets.REACT_APP_AMPLITUDE }}
REACT_APP_TG_BOT_ID: ${{ secrets.REACT_APP_TG_BOT_ID }}
REACT_APP_TONCONSOLE_API: https://pro.tonconsole.com
REACT_APP_TG_BOT_ORIGIN: https://tonkeeper.com
REACT_APP_APTABASE: ${{ secrets.VITE_APP_APTABASE }}
REACT_APP_APTABASE_HOST: https://anonymous-analytics.tonkeeper.com
REACT_APP_STONFI_REFERRAL_ADDRESS: ${{ secrets.REACT_APP_STONFI_REFERRAL_ADDRESS }}
DEBUG: electron*
steps:
- name: Checkout to git repository
uses: actions/checkout@v4
- name: Set up Node
uses: actions/setup-node@v4
with:
node-version: ${{ env.node-version }}
- name: Enable Corepack
run: |
corepack enable
- name: Decode service account into a file
if: runner.os == 'macOS'
env:
CREDENTIALS: ${{ secrets.APPLE_API_KEY }}
run: |
echo $CREDENTIALS | base64 -d > ${{ github.workspace }}/AuthKey.p8
- name: Configure keychain
if: runner.os == 'macOS'
uses: apple-actions/import-codesign-certs@v3
with:
p12-file-base64: ${{ secrets.IDENTITY_P12_B64 }}
p12-password: ${{ secrets.IDENTITY_PASSPHRASE }}
- name: Yarn cache
uses: actions/cache@v4
with:
path: ./.yarn
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
${{ runner.os }}-yarn-
- name: Run install
uses: borales/actions-yarn@v5
with:
cmd: install
- name: Run build packages
uses: borales/actions-yarn@v5
with:
cmd: build:pkg
- name: Run build intel distributive
uses: borales/actions-yarn@v5
with:
cmd: ${{ matrix.command }}
dir: 'apps/desktop'
- name: Upload zip distributives to artifacts
uses: actions/upload-artifact@v4
if: runner.os == 'Windows'
with:
name: Tonkeeper Desktop ${{ runner.os }} x64 archive
retention-days: 10
path: |
${{ github.workspace }}/apps/desktop/out/make/zip/**/*.zip
- name: Upload distributives to artifacts
uses: actions/upload-artifact@v4
with:
name: Tonkeeper Desktop ${{ runner.os }} ${{ matrix.tag }}
retention-days: 10
path: |
${{ github.workspace }}${{ matrix.dist }}
- name: Clean-up credentials
if: always() && runner.os == 'macOS'
run: |
rm ${{ github.workspace }}/AuthKey.p8
web-build:
uses: ./.github/workflows/web-build.yaml
with:
environment: ${{ github.head_ref }}
secrets: inherit
twa-build:
name: twa-build
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- name: Checkout to git repository
uses: actions/checkout@v4
- name: Set up Node
uses: actions/setup-node@v4
with:
node-version: ${{ env.node-version }}
- name: Enable Corepack
run: |
corepack enable
- name: Yarn cache
uses: actions/cache@v4
with:
path: ./.yarn
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
${{ runner.os }}-yarn-
- name: Run install
uses: borales/actions-yarn@v5
with:
cmd: install
- name: Run build
uses: borales/actions-yarn@v5
env:
VITE_APP_MEASUREMENT_ID: ${{ secrets.REACT_APP_MEASUREMENT_ID }}
VITE_APP_APTABASE: ${{ secrets.VITE_APP_APTABASE }}
VITE_APP_APTABASE_HOST: https://anonymous-analytics.tonkeeper.com
VITE_APP_LOCALES: en,zh_TW,zh_CN,id,ru,it,es,uk,tr,bg,uz,bn
VITE_APP_STONFI_REFERRAL_ADDRESS: ${{ secrets.REACT_APP_STONFI_REFERRAL_ADDRESS }}
with:
cmd: build:twa
- name: Publish TWA to Cloudflare Pages
id: deploy
uses: cloudflare/wrangler-action@v3
with:
apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}
accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
command:
pages deploy apps/twa/dist --project-name=tonkeeper-telegram
--branch=feature/twa
- name: Summary
run: |
echo '### Successful TWA deployment! 🚀🚀🚀' >> $GITHUB_STEP_SUMMARY
echo 'Well done!' >> $GITHUB_STEP_SUMMARY
echo 'Link to test environment:' >> $GITHUB_STEP_SUMMARY
echo 'https://t.me/tonkeeperdevbot' >> $GITHUB_STEP_SUMMARY
- name: Comment PR
uses: thollander/actions-comment-pull-request@v3
with:
message: |
### Successful TWA deployment 🚀🚀🚀
Well done!
Link to test environment:
https://t.me/tonkeeperdevbot
comment-tag: twa_deploy
extension-build:
name: extension-build
runs-on: macos-14
timeout-minutes: 10
steps:
- name: Checkout to git repository
uses: actions/checkout@v4
- name: Set up Node
uses: actions/setup-node@v4
with:
node-version: ${{ env.node-version }}
- name: Enable Corepack
run: |
corepack enable
- name: Yarn cache
uses: actions/cache@v4
with:
path: ./.yarn
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
restore-keys: |
${{ runner.os }}-yarn-
- name: Run install
uses: borales/actions-yarn@v5
with:
cmd: install
- name: Run build
uses: borales/actions-yarn@v5
env:
REACT_APP_AMPLITUDE: ${{ secrets.REACT_APP_AMPLITUDE_EXTENSION }}
REACT_APP_APTABASE: ${{ secrets.VITE_APP_APTABASE }}
REACT_APP_APTABASE_HOST: https://anonymous-analytics.tonkeeper.com
with:
cmd: build:extension
- name: Upload Extension Chrome to artifacts
uses: actions/upload-artifact@v4
with:
name: Extension Chrome
retention-days: 10
path: |
${{ github.workspace }}/apps/extension/dist/chrome
- name: Upload Extension Firefox to artifacts
uses: actions/upload-artifact@v4
with:
name: Extension Firefox
retention-days: 10
path: |
${{ github.workspace }}/apps/extension/dist/firefox
ipad-build:
uses: ./.github/workflows/ipad-build.yaml
secrets: inherit
swap-widget-build:
uses: ./.github/workflows/swap-widget-build.yaml
with:
environment: ${{ github.head_ref }}
secrets: inherit
web-tests:
needs: web-build
uses: ./.github/workflows/web-tests.yaml
with:
base-url: ${{ needs.web-build.outputs.deployment-url }}
secrets: inherit