GitHub/hiddify-app
1
0
Fork 0
mirror of https://github.com/hiddify/hiddify-app.git synced 2026-05-04 11:22:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
e12a15b095031ed12a5f7124c5a4ad7a950e8a2e
hiddify-app/.github/workflows/build.yml
T
veto9292 3e9b7a7c98 feat: add raw AppImage support for linux
2026-02-24 02:28:49 +03:30

529 lines
19 KiB
YAML
Raw Blame History

name: Build
on:
workflow_call:
inputs:
upload-artifact:
type: boolean
default: true
tag-name:
type: string
default: "draft"
channel:
type: string
default: "dev"
env:
IS_GITHUB_ACTIONS: 1
CHANNEL: "${{ inputs.channel }}"
FLUTTER_VERSION: '3.38.5'
NDK_VERSION: r28c
UPLOAD_ARTIFACT: "${{ inputs.upload-artifact }}"
TAG_NAME: "${{ inputs.tag-name }}"
TARGET_NAME_gz: "Hiddify-Linux-x64-AppImage.tar"
TARGET_NAME_AppImage: "Hiddify-Linux-x64-AppImage"
TARGET_NAME_deb: "Hiddify-Debian-x64"
# TARGET_NAME_rpm: "Hiddify-rpm-x64"
TARGET_NAME_apk: "Hiddify-Android"
TARGET_NAME_aab: "Hiddify-Android"
TARGET_NAME_exe: "Hiddify-Windows-Setup-x64"
TARGET_NAME_msix: "Hiddify-Windows-x64"
TARGET_NAME_zip: "Hiddify-Windows-Portable-x64"
TARGET_NAME_dmg: "Hiddify-MacOS"
TARGET_NAME_pkg: "Hiddify-MacOS-Installer"
TARGET_NAME_ipa: "Hiddify-iOS"
jobs:
test:
outputs:
draftBuildCode: ${{ steps.draftBuildCode.outputs.datetime }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: subosito/flutter-action@v2.21.0 #issue with 2.13
with:
flutter-version: ${{ env.FLUTTER_VERSION }}
channel: 'stable'
cache: true
- name: Prepare
run: make linux-amd64-prepare
- name: Test
run: flutter test
- name: make draftBuildCode
id: draftBuildCode
run: echo "::set-output name=datetime::$(date +'%d.%H.%M')"
build:
needs: test
permissions: write-all
continue-on-error: true
strategy:
fail-fast: false
matrix:
include:
- platform: android-apk
os: ubuntu-latest
targets: apk
- platform: android-aab
os: ubuntu-latest
targets: aab
- platform: windows
os: windows-latest
aarch: amd64
targets: exe,msix,zip
- platform: linux
os: ubuntu-22.04
aarch: amd64
targets: deb,gz,AppImage
# - platform: linux-amd64
# os: ubuntu-22.04
# aarch: amd64
# targets: deb,gz
# - platform: linux-arm64
# os: ubuntu-24.04-arm
# aarch: arm64
# targets: deb,gz
# - platform: linux-amd64-musl
# os: ubuntu-22.04
# aarch: amd64
# targets: deb,gz
# - platform: linux-arm64-musl
# os: ubuntu-24.04-arm
# aarch: arm64
# targets: deb,gz
- platform: macos
os: macos-15
aarch: universal
targets: dmg,pkg
# - platform: ios
# os: macos-15
# aarch: universal
# filename: hiddify-ios
# targets: ipa
runs-on: ${{ matrix.os }}
steps:
- name: checkout
uses: actions/checkout@v6
- name: Import Apple Codesign Certificates
if: ${{ inputs.upload-artifact && startsWith(matrix.os,'macos') }}
uses: apple-actions/import-codesign-certs@v6
with:
p12-file-base64: "${{ secrets.APPLE_CERTIFICATE_P12 }}"
p12-password: "${{ secrets.APPLE_CERTIFICATE_P12_PASSWORD }}"
- name: Import Apple Mobile Provisioning Profile
if: ${{ inputs.upload-artifact && startsWith(matrix.os,'macos') }}
run: |
mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles
echo "${{secrets.APPLE_MOBILE_PROVISIONING_PROFILES_TARGZ_BASE64}}"|base64 --decode | tar xz -C ~/Library/MobileDevice/Provisioning\ Profiles
ls ~/Library/MobileDevice/Provisioning\ Profiles
security unlock-keychain -p "" signing_temp.keychain
security find-identity -v -p codesigning
# ls ~/Library/MobileDevice/Provisioning\ Profiles
# echo "${{secrets.NEW_APPLE_MOBILE_PROVISIONING_PROFILES_TARXZ_BASE64}}"|base64 --decode | tar xJ -C ~/Library/MobileDevice/Provisioning\ Profiles
# # echo "${{secrets.NEW_APPLE_MOBILE_PROVISIONING_PROFILES_TARGZ_BASE64_2}}"|base64 --decode | tar xz -C ~/Library/MobileDevice/Provisioning\ Profiles
# - name: Setup Flutter for arm64
# if: ${{ startsWith(matrix.platform,'linux-arm64') }}
# uses: hurelhuyag/flutter-arm64-action@HEAD
# with:
# channel: 'stable'
# flutter-version: ${{ env.FLUTTER_VERSION }}
- name: Setup Flutter
uses: subosito/flutter-action@v2.21.0 #issue with 2.13
with:
flutter-version: ${{ env.FLUTTER_VERSION }}
# flutter-version-file: pubspec.yaml
channel: 'stable'
cache: true
- name: Clean up disk space
if: startsWith(matrix.platform,'android')
run: |
df -h
sudo rm -rf /usr/share/dotnet
df -h
sudo rm -rf /opt/ghc
df -h
sudo rm -rf /opt/hostedtoolcache/CodeQL
df -h
rm -rf ~/.gradle/caches
df -h
sudo apt-get autoremove -y
df -h
sudo apt-get clean
df -h
tree
- name: Setup Java
if: startsWith(matrix.platform,'android')
uses: actions/setup-java@v5
with:
distribution: 'zulu'
java-version: 17
# - name: Setup NDK
# if: startsWith(matrix.platform,'android')
# uses: nttld/setup-ndk@v1
# id: setup-ndk
# with:
# ndk-version: ${{ env.NDK_VERSION }}
# add-to-path: true
# link-to-sdk: true
- name: Setup Android SDK
uses: android-actions/setup-android@v3
if: startsWith(matrix.platform,'android')
# - name: Cache Android SDK
# uses: actions/cache@v5
# if: startsWith(matrix.platform,'android')
# with:
# path: |
# /usr/local/lib/android/sdk
# key: android-sdk-${{ runner.os }}-${{ env.NDK_VERSION }}
# restore-keys: |
# android-sdk-${{ runner.os }}-
- name: Cache Gradle
uses: actions/cache@v5
if: startsWith(matrix.platform,'android')
with:
path: |
~/.gradle/caches
~/.gradle/wrapper
key: gradle-${{ runner.os }}-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
restore-keys: |
gradle-${{ runner.os }}-
- name: Setup dependencies
run: |
make ${{ matrix.platform }}-install-deps
echo "$HOME/.pub-cache/bin" >> $GITHUB_PATH
- name: Setup Android Signing Properties
if: ${{ inputs.upload-artifact && startsWith(matrix.platform,'android') }}
run: |
echo "${{ secrets.ANDROID_SIGNING_KEY }}" | base64 --decode > android/key.jks
echo "storeFile=$(pwd)/android/key.jks" > android/key.properties
echo "storePassword=${{ secrets.ANDROID_SIGNING_STORE_PASSWORD }}" >> android/key.properties
echo "keyPassword=${{ secrets.ANDROID_SIGNING_KEY_PASSWORD }}" >> android/key.properties
echo "keyAlias=${{ secrets.ANDROID_SIGNING_KEY_ALIAS }}" >> android/key.properties
- name: Setup Windows Signing Properties
if: ${{ inputs.upload-artifact && startsWith(matrix.platform,'windows') }}
run: |
[IO.File]::WriteAllBytes("windows\sign.pfx", [Convert]::FromBase64String("${{ secrets.WINDOWS_SIGNING_KEY }}"))
(Get-Content "windows\packaging\msix\make_config.yaml") -replace '^certificate_password:.*$', 'certificate_password: ${{ secrets.WINDOWS_SIGNING_PASSWORD }}' | Set-Content "windows\packaging\msix\make_config.yaml"
# - name: Temporary disable Permission Handler for windows due to its issue in permission
# if: ${{ startsWith(matrix.platform,'windows') }}
# run: |
# (Get-Content -Path "pubspec.yaml") -notmatch "permission_handler" | Set-Content -Path "pubspec.yaml"
# (Get-Content -Path "lib\features\profile\add\add_profile_modal.dart") -notmatch "qr_code_scanner_screen" | Set-Content -Path "lib\features\profile\add\add_profile_modal.dart"
# (Get-Content -Path lib\features\profile\add\add_profile_modal.dart) -replace 'await QRCodeScannerScreen\(\).open\(context\);', 'null;' | Set-Content -Path lib\features\profile\add\add_profile_modal.dart
# Remove-Item -Path "lib\features\common\qr_code_scanner_screen.dart"
- name: Prepare for ${{ matrix.platform }}
run: |
make ${{ matrix.platform }}-prepare
- name: Build ${{ matrix.platform }}
env:
SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
run: |
make ${{ matrix.platform }}-release
- name: Code Sign
if: ${{ inputs.upload-artifact && startsWith(matrix.platform,'windows') }}
uses: hiddify/signtool-code-sign-sha256@main
with:
certificate: '${{ secrets.WINDOWS_SIGNING_KEY }}'
cert-password: '${{ secrets.WINDOWS_SIGNING_PASSWORD }}'
cert-sha1: '${{ secrets.WINDOWS_SIGNING_SHA1 }}'
folder: 'dist'
timestamp-server: 'http://timestamp.digicert.com'
recursive: true
description: 'Hiddify'
- name: Copy to out Windows
if: matrix.platform == 'windows'
shell: pwsh
run: |
Get-ChildItem -Path dist -Recurse | Select-Object FullName
New-Item -ItemType Directory -Path "out" -Force | Out-Null
$targets = "${{ matrix.targets }}".Split(',')
foreach ($ext in $targets) {
$ext = $ext.Trim()
$key = "TARGET_NAME_$ext"
$targetName = (Get-Item "env:$key").Value
$files = Get-ChildItem -Path dist -Recurse -Filter "*.$ext"
foreach ($file in $files) {
$destination = Join-Path -Path "out" -ChildPath "$targetName.$ext"
Move-Item -Path $file.FullName -Destination $destination -Force
}
}
Get-ChildItem -Path out
- name: Upload Debug Symbols
if: ${{ inputs.upload-artifact && inputs.tag-name != 'draft' }}
env:
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
SENTRY_ORG: ${{ secrets.SENTRY_ORG }}
SENTRY_PROJECT: ${{ secrets.SENTRY_PROJECT }}
SENTRY_DIST: ${{ matrix.platform == 'android-aab' && 'google-play' || 'general' }}
run: |
dart pub global activate sentry_dart_plugin
dart run sentry_dart_plugin
- name: Copy to out Android APK
if: matrix.platform == 'android-apk'
run: |
mkdir out
ls -R ./build/app/outputs
cp ./build/app/outputs/flutter-apk/*arm64-v8a*.apk out/${TARGET_NAME_apk}-arm64.apk || echo "no arm64 apk"
cp ./build/app/outputs/flutter-apk/*armeabi-v7a*.apk out/${TARGET_NAME_apk}-arm7.apk || echo "no arm7 apk"
cp ./build/app/outputs/flutter-apk/*x86_64*.apk out/${TARGET_NAME_apk}-x86_64.apk || echo "no x64 apk"
cp ./build/app/outputs/flutter-apk/app-release.apk out/${TARGET_NAME_apk}-universal.apk || echo "no universal apk"
- name: Copy to out Android AAB
if: matrix.platform == 'android-aab'
run: |
mkdir out
ls -R ./build/app/outputs
cp ./build/app/outputs/bundle/release/app-release.aab out/hiddify-android-market.aab || echo "no aab"
- name: Copy to out unix
if: startsWith(matrix.platform,'linux') || matrix.platform == 'macos' || matrix.platform == 'ios'
run: |
ls -R dist/
mkdir out
mkdir tmp_out
for EXT in $(echo ${{ matrix.targets }} | tr ',' '\n'); do
KEY=TARGET_NAME_${EXT}
FILENAME=${!KEY}
echo "For $EXT ($KEY) filename is ${FILENAME}"
mv dist/*/*.$EXT tmp_out/${FILENAME}.$EXT
ls tmp_out
[[ "$EXT" != "gz" ]] && chmod +x tmp_out/${FILENAME}.$EXT || echo "Skipping chmod for gz"
if [ "${{matrix.platform}}" == "linux" ];then
cp ./.github/help/linux/* tmp_out/
else
cp ./.github/help/mac-windows/* tmp_out/
fi
if [[ "${{matrix.platform}}" == 'ios' ]];then
echo mv tmp_out/${FILENAME}.$EXT out/
mv tmp_out/${FILENAME}.$EXT out/
else
cd tmp_out
# 7z a ${FILENAME}.zip ./
# mv ${FILENAME}.zip ../out/
# [[ $EXT == 'AppImage' ]]&& mv ${FILENAME}.$EXT ../out/ # added for appimage link
mv ${FILENAME}.$EXT ../out/
cd ..
fi
done
- name: Upload Artifact
if: env.UPLOAD_ARTIFACT == 'true'
uses: actions/upload-artifact@v6
with:
name: ${{matrix.platform}}
path: ./out
retention-days: 1
- name: Clean up keychain and provisioning profile
if: ${{ always() && startsWith(matrix.os,'macos')}}
run: |
security delete-keychain $RUNNER_TEMP/app-signing.keychain-db ||echo ok
rm ~/Library/MobileDevice/Provisioning\ Profiles/*.mobileprovision ||echo ok
update-draft:
permissions: write-all
if: ${{ inputs.upload-artifact }}
needs: [build]
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v6
with:
# by default, it uses a depth of 1
# this fetches all history so that we can read each commit
fetch-depth: 0
- name: Download Artifact
uses: actions/download-artifact@v7
with:
merge-multiple: true
pattern: "*"
path: ./out/
- name: Display Files Structure
run: ls -R
working-directory: ./out
- name: Delete Current Release Assets
uses: 8Mi-Tech/delete-release-assets-action@main
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
tag: 'draft'
deleteOnlyFromDrafts: false
- name: prepare_release_message
continue-on-error: true
run: |
set +e
sed 's|RELEASE_TAG|${{ env.TAG_NAME }}|g' ./.github/release_message.md > release.md
pip install gitchangelog pystache mustache markdown
prelease=$(curl --silent "https://api.github.com/repos/hiddify/hiddify-app/releases/latest" | grep -Po '"tag_name": "\K([^"]*)')
echo -e "\n\n<details markdown=1><summary>All changes from $current to the latest commit:</summary>\n\n">>release.md
gitchangelog "${prelease}.." >> release.md 2>&1 || echo "Error in gitchangelog"
echo -e "\n\n</details>">>release.md
- name: Create or Update Draft Release
uses: softprops/action-gh-release@v2
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
files: ./out/*
name: 'draft'
tag_name: 'draft'
body_path: './release.md'
prerelease: true
- name: Create or Update Draft Release
uses: softprops/action-gh-release@v2
env:
GITHUB_TOKEN: ${{ secrets.TOKEN_FOR_HIDDIFY_APP_REPO }}
GITHUB_REPOSITORY: hiddify/hiddify-app
with:
files: ./out/*
name: 'draft'
tag_name: 'draft'
body_path: './release.md'
target_commitish: '530bf77839a74d4f13847ba244a20734ac7ab119'
prerelease: true
repository: hiddify/hiddify-app
upload-release:
permissions: write-all
if: ${{ inputs.upload-artifact && inputs.tag-name != 'draft' }}
needs: [build]
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v6
- name: Download Artifact
uses: actions/download-artifact@v7
with:
merge-multiple: true
pattern: "*"
path: ./out/
- name: Display Files Structure
run: |
ls -R ./out
ls -R ./.github/
ls -R ./.git/
mv out/hiddify-android-market.aab hiddify-android-market.aab
- name: prepare_release_message
run: |
sed 's|RELEASE_TAG|${{ env.TAG_NAME }}|g' ./.github/release_message.md >> release.md
- name: Upload Release
uses: softprops/action-gh-release@v2
if: ${{ success() }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
# prerelease: ${{ env.CHANNEL == 'dev' }}
prerelease: true
tag_name: ${{ env.TAG_NAME }}
body_path: './release.md'
files: ./out/*
- name: Create service_account.json
run: echo '${{ secrets.GOOGLE_PLAY_SERVICE_ACCOUNT_JSON }}' > service_account.json
- name: Deploy to Google Play Internal Testers
uses: r0adkll/upload-google-play@v1
with:
serviceAccountJson: service_account.json
packageName: app.hiddify.com
releaseName: ${{ env.TAG_NAME }}
releaseFiles: ./hiddify-android-market.aab
track: 'beta'
upload-to-testflight:
needs: [build]
if: ${{ inputs.upload-artifact && inputs.tag-name != 'draft' }}
#if: ${{ inputs.upload-artifact }}
runs-on: macOS-latest
timeout-minutes: 30
steps:
- name: Download Artifact
uses: actions/download-artifact@v7
with:
merge-multiple: true
pattern: "*ios*"
path: ./out/
- uses: Apple-Actions/import-codesign-certs@v6
with:
p12-file-base64: ${{ secrets.APPLE_UPLOAD_CERTIFICATE_P12 }}
p12-password: ${{ secrets.APPLE_CERTIFICATE_P12_PASSWORD }}
- uses: Apple-Actions/download-provisioning-profiles@v1
with:
bundle-id: app.hiddify.com
issuer-id: ${{ secrets.APPSTORE_ISSUER_ID }}
api-key-id: ${{ secrets.APPSTORE_API_KEY_ID }}
api-private-key: ${{ secrets.APPSTORE_API_PRIVATE_KEY }}
- uses: Apple-Actions/download-provisioning-profiles@v1
with:
bundle-id: app.hiddify.com.SingBoxPacketTunnel
issuer-id: ${{ secrets.APPSTORE_ISSUER_ID }}
api-key-id: ${{ secrets.APPSTORE_API_KEY_ID }}
api-private-key: ${{ secrets.APPSTORE_API_PRIVATE_KEY }}
- name: Import Apple Mobile Provisioning Profile
run: |
mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles
echo "${{secrets.APPLE_DIST_PROVISIONING_PROFILES_TARGZ_BASE64}}"|base64 --decode | tar xz -C ~/Library/MobileDevice/Provisioning\ Profiles
#echo "${{secrets.NEW_APPLE_STORE_PROVISIONING_PROFILES_TARXZ_BASE64}}"|base64 --decode | tar xJ -C ~/Library/MobileDevice/Provisioning\ Profiles
- uses: Apple-Actions/upload-testflight-build@v4
with:
app-path: 'out/Hiddify-iOS.ipa'
issuer-id: ${{ secrets.APPSTORE_ISSUER_ID }}
api-key-id: ${{ secrets.APPSTORE_API_KEY_ID }}
api-private-key: ${{ secrets.APPSTORE_API_PRIVATE_KEY }}
Reference in New Issue View Git Blame Copy Permalink