Skip to content
Build and Release Packages

v26.5.0-alpha.0 #329

Sign in to view logs

v26.5.0-alpha.0

v26.5.0-alpha.0 #329

Workflow file for this run

.github/workflows/package.yml at 1f7ab53
# Build and release workflow for Backend.AI Desktop and WebUI bundle.
#
# Architecture: 3 parallel jobs after a shared web build step.
#
# build_web (ubuntu) ──┬──> build_mac (macos) → DMG x64/arm64 + local proxy
# ├──> build_desktop (ubuntu) → Win/Linux ZIP x64/arm64 + local proxy
# └──> upload web bundle
#
# Key optimizations over the previous single-job approach:
# 1. Parallel jobs: macOS + win/linux builds run concurrently (~10 min saved)
# 2. No double React build: publicPath patching replaces full rebuild (~5 min saved)
# 3. Parallel local proxy compilation within each job (~3 min saved)
# 4. Optimized ZIP compression level (-6 vs -9, marginal size diff, ~1 min saved)
name: Build and Release Packages
on:
release:
types: [published]
workflow_dispatch:
inputs:
dry_run:
description: 'Skip release asset upload (for testing the build pipeline)'
type: boolean
default: true
env:
NODE_OPTIONS: --max-old-space-size=4096
jobs:
# ──────────────────────────────────────────────────────────────────────
# Job 1: Build web assets and create the web bundle (ubuntu, ~8 min)
# ──────────────────────────────────────────────────────────────────────
build_web:
permissions:
contents: write
runs-on: ubuntu-latest
steps:
- name: Check out Git repository
uses: actions/checkout@v4
- uses: pnpm/action-setup@v4
name: Install pnpm
with:
version: latest
run_install: false
- name: Install Node.js
uses: actions/setup-node@v4
with:
node-version-file: '.nvmrc'
cache: 'pnpm'
- name: Install Dependencies
run: pnpm install --no-frozen-lockfile
- name: Build web assets
run: make dep_web
- name: Create web bundle
run: make bundle
- name: Upload release bundle
if: inputs.dry_run != true
run: node upload-release.js app
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# Share build artifacts with downstream desktop jobs
- name: Upload build artifacts
uses: actions/upload-artifact@v4
with:
name: web-build
path: |
build/web/
src/wsproxy/dist/
retention-days: 1
compression-level: 3
# ──────────────────────────────────────────────────────────────────────
# Job 2: Build macOS desktop apps — requires macOS for code signing,
# notarization, and DMG creation (~10 min)
# ──────────────────────────────────────────────────────────────────────
build_mac:
needs: build_web
permissions:
contents: write
runs-on: macos-latest
# Use the protected `app-packaging` environment for real releases (which
# gates access to signing secrets). Dry runs use a separate unprotected
# name because GitHub Actions rejects an empty environment value.
environment: ${{ inputs.dry_run != true && 'app-packaging' || 'app-packaging-dryrun' }}
steps:
- name: Check out Git repository
uses: actions/checkout@v4
- uses: pnpm/action-setup@v4
name: Install pnpm
with:
version: latest
run_install: false
- name: Install Node.js
uses: actions/setup-node@v4
with:
node-version-file: '.nvmrc'
cache: 'pnpm'
- name: Install Dependencies
run: pnpm install --no-frozen-lockfile
- name: Download web build artifacts
uses: actions/download-artifact@v4
with:
name: web-build
- name: Prepare Electron app
run: make dep_electron
- name: Compile local proxies (parallel)
run: |
make compile_localproxy os=macos arch=x64 local_proxy_postfix= &
make compile_localproxy os=macos arch=arm64 local_proxy_postfix= &
wait
- name: Package macOS Desktop Apps (signed)
if: inputs.dry_run != true
run: |
make mac_x64
make mac_arm64
env:
BAI_APP_SIGN: 1
BAI_APP_SIGN_APPLE_TEAM_ID: ${{ secrets.BAI_APP_SIGN_APPLE_TEAM_ID }}
BAI_APP_SIGN_APPLE_ID: ${{ secrets.BAI_APP_SIGN_APPLE_ID }}
BAI_APP_SIGN_APPLE_ID_PASSWORD: ${{ secrets.BAI_APP_SIGN_APPLE_ID_PASSWORD }}
BAI_APP_SIGN_IDENTITY: ${{ secrets.BAI_APP_SIGN_IDENTITY }}
BAI_APP_SIGN_KEYCHAIN_B64: ${{ secrets.BAI_APP_SIGN_KEYCHAIN_B64 }}
BAI_APP_SIGN_KEYCHAIN_PASSWORD: ${{ secrets.BAI_APP_SIGN_KEYCHAIN_PASSWORD }}
- name: Package macOS Desktop Apps (unsigned, dry run)
if: inputs.dry_run == true
run: |
make mac_x64
make mac_arm64
- name: Upload macOS release assets
if: inputs.dry_run != true
run: node upload-release.js app
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# ──────────────────────────────────────────────────────────────────────
# Job 3: Build Windows + Linux desktop apps (ubuntu, ~8 min)
# No code signing needed — can run on cheaper/faster ubuntu runners.
# ──────────────────────────────────────────────────────────────────────
build_desktop:
needs: build_web
permissions:
contents: write
runs-on: ubuntu-latest
steps:
- name: Check out Git repository
uses: actions/checkout@v4
- uses: pnpm/action-setup@v4
name: Install pnpm
with:
version: latest
run_install: false
- name: Install Node.js
uses: actions/setup-node@v4
with:
node-version-file: '.nvmrc'
cache: 'pnpm'
- name: Install Dependencies
run: pnpm install --no-frozen-lockfile
- name: Download web build artifacts
uses: actions/download-artifact@v4
with:
name: web-build
- name: Prepare Electron app
run: make dep_electron
- name: Compile local proxies (parallel)
run: |
make compile_localproxy os=win arch=x64 local_proxy_postfix=.exe &
make compile_localproxy os=win arch=arm64 local_proxy_postfix=.exe &
make compile_localproxy os=linux arch=x64 local_proxy_postfix= &
make compile_localproxy os=linux arch=arm64 local_proxy_postfix= &
wait
- name: Package Windows & Linux Desktop Apps
run: |
make win_x64
make win_arm64
make linux_x64
make linux_arm64
- name: Upload release assets
if: inputs.dry_run != true
run: node upload-release.js app
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}