debug: add system monitoring and diagnostics for RPM hang #30
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and Publish Desktop App | |
| on: | |
| workflow_dispatch: | |
| push: | |
| branches: | |
| - release | |
| jobs: | |
| publish-tauri: | |
| permissions: | |
| contents: write | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| # - platform: "macos-latest" # for Arm based macs (M1 and above). | |
| # args: "--target aarch64-apple-darwin" | |
| # - platform: "macos-latest" # for Intel based macs. | |
| # args: "--target x86_64-apple-darwin" | |
| # python-arch: "x64" | |
| - platform: "ubuntu-22.04" | |
| args: "" | |
| # - platform: "windows-latest" | |
| # args: "" | |
| runs-on: ${{ matrix.platform }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: install dependencies (ubuntu only) | |
| if: matrix.platform == 'ubuntu-22.04' | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y libwebkit2gtk-4.1-dev libappindicator3-dev librsvg2-dev patchelf strace | |
| - uses: oven-sh/setup-bun@v2 | |
| with: | |
| bun-version: latest | |
| - name: install Rust stable | |
| uses: dtolnay/rust-toolchain@stable | |
| with: | |
| # Those targets are only used on macos runners so it's in an `if` to slightly speed up windows and linux builds. | |
| targets: ${{ startsWith(matrix.platform, 'macos') && 'aarch64-apple-darwin,x86_64-apple-darwin' || '' }} | |
| - name: Rust cache | |
| uses: swatinem/rust-cache@v2 | |
| with: | |
| workspaces: "./src-tauri -> target" | |
| - name: Setup Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.12" | |
| architecture: ${{ matrix.python-arch || '' }} | |
| - name: Setup uv | |
| uses: astral-sh/setup-uv@v4 | |
| - name: Install backend dependencies | |
| run: uv pip install -e "backend/.[build,libs]" --system | |
| - name: install frontend dependencies | |
| run: bun install --cwd frontend | |
| - name: import Apple Developer Certificate | |
| if: startsWith(matrix.platform, 'macos') | |
| # Prevents keychain from locking automatically for 3600 seconds. | |
| env: | |
| APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }} | |
| APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }} | |
| KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }} | |
| run: | | |
| echo $APPLE_CERTIFICATE | base64 --decode > certificate.p12 | |
| security create-keychain -p "$KEYCHAIN_PASSWORD" build.keychain | |
| security default-keychain -s build.keychain | |
| security unlock-keychain -p "$KEYCHAIN_PASSWORD" build.keychain | |
| security set-keychain-settings -t 3600 -u build.keychain | |
| security import certificate.p12 -k build.keychain -P "$APPLE_CERTIFICATE_PASSWORD" -T /usr/bin/codesign | |
| security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k "$KEYCHAIN_PASSWORD" build.keychain | |
| security find-identity -v -p codesigning build.keychain | |
| - name: verify certificate | |
| if: startsWith(matrix.platform, 'macos') | |
| run: | | |
| CERT_INFO=$(security find-identity -v -p codesigning build.keychain | grep "Developer ID Application") | |
| CERT_ID=$(echo "$CERT_INFO" | awk -F'"' '{print $2}') | |
| echo "CERT_ID=$CERT_ID" >> $GITHUB_ENV | |
| echo "APPLE_SIGNING_IDENTITY=$CERT_ID" >> $GITHUB_ENV | |
| echo "Certificate imported." | |
| - name: Build backend and frontend | |
| if: matrix.platform == 'ubuntu-22.04' | |
| env: | |
| SKIP_BACKEND: "false" | |
| SKIP_FRONTEND: "false" | |
| run: bash src-tauri/before_build.sh | |
| - name: Report backend bundle size | |
| if: matrix.platform == 'ubuntu-22.04' | |
| run: | | |
| echo "=== Backend bundle size ===" | |
| du -sh src-tauri/target/syft-space-backend-dist/ | |
| echo "=== File count ===" | |
| find src-tauri/target/syft-space-backend-dist/ -type f | wc -l | |
| echo "=== Top 20 largest files ===" | |
| find src-tauri/target/syft-space-backend-dist/ -type f -exec du -h {} + | sort -rh | head -20 | |
| echo "=== Available memory ===" | |
| free -h | |
| echo "=== Disk space ===" | |
| df -h . | |
| - name: Start system monitor | |
| if: matrix.platform == 'ubuntu-22.04' | |
| run: | | |
| # Log memory + CPU every 10s in background | |
| (while true; do | |
| echo "--- $(date -u '+%H:%M:%S') ---" | |
| free -m | head -2 | |
| echo "CPU: $(top -bn1 | head -3 | tail -1)" | |
| # Check if tauri/cargo is running and show its RSS | |
| ps aux --sort=-rss | grep -E '(tauri|cargo)' | grep -v grep | head -3 | |
| sleep 10 | |
| done) > /tmp/sysmon.log 2>&1 & | |
| echo $! > /tmp/sysmon.pid | |
| echo "System monitor started (PID $(cat /tmp/sysmon.pid))" | |
| - name: build and publish | |
| uses: tauri-apps/tauri-action@v0 | |
| timeout-minutes: 30 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| APPLE_ID: ${{ secrets.APPLE_ID }} | |
| APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }} | |
| APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} | |
| APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }} | |
| APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }} | |
| APPLE_SIGNING_IDENTITY: ${{ env.APPLE_SIGNING_IDENTITY }} | |
| TAURI_SIGNING_PRIVATE_KEY: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY }} | |
| TAURI_SIGNING_PRIVATE_KEY_PASSWORD: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY_PASSWORD }} | |
| TAURI_BUNDLER_DMG_IGNORE_CI: "true" | |
| RUST_LOG: trace | |
| SKIP_BACKEND: "true" | |
| SKIP_FRONTEND: "true" | |
| with: | |
| tagName: v__VERSION__ # the action automatically replaces \_\_VERSION\_\_ with the app version. | |
| releaseName: "Release v__VERSION__" | |
| releaseBody: "See the assets to download this version and install." | |
| releaseDraft: true | |
| prerelease: false | |
| args: ${{ matrix.args }} | |
| - name: Dump system monitor log | |
| if: always() && matrix.platform == 'ubuntu-22.04' | |
| run: | | |
| kill $(cat /tmp/sysmon.pid) 2>/dev/null || true | |
| echo "=== System monitor log ===" | |
| cat /tmp/sysmon.log |