electron/.github/workflows/build.yml

name: Build

on:
  workflow_dispatch:
    inputs:
      build-image-sha:
        type: string
        description: 'SHA for electron/build image'
        default: 'eac3529546ea8f3aa356d31e345715eef342233b'
        required: true
      skip-macos:
        type: boolean
        description: 'Skip macOS builds'
        default: false
        required: false
      skip-linux:
        type: boolean
        description: 'Skip Linux builds'
        default: false
        required: false
      skip-windows:
        type: boolean
        description: 'Skip Windows builds'
        default: false
        required: false
      skip-lint:
        type: boolean
        description: 'Skip lint check'
        default: false
        required: false
      enable-ssh:
        description: 'Enable SSH debugging'
        required: false
        type: boolean
        default: false
  push:
    branches:
      - main
      - '[1-9][0-9]-x-y'
  pull_request:

defaults:
  run:
    shell: bash

permissions: {}

jobs:
  setup:
    if: github.repository == 'electron/electron'
    runs-on: ubuntu-latest
    permissions:
      contents: read
      pull-requests: read
    outputs:
        docs: ${{ steps.filter.outputs.docs }}
        src: ${{ steps.filter.outputs.src }}
        build-image-sha: ${{ steps.set-output.outputs.build-image-sha }}
        docs-only: ${{ steps.set-output.outputs.docs-only }}
    steps:
    - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
      with:
        ref: ${{ github.event.pull_request.head.sha }}
    - uses: dorny/paths-filter@fbd0ab8f3e69293af611ebaee6363fc25e6d187d # v4.0.1
      id: filter
      with:
        filters: |
          docs:
            - 'docs/**'
            - README.md
            - SECURITY.md
            - CONTRIBUTING.md
            - CODE_OF_CONDUCT.md
          src:
            - '!docs/**'
    - name: Set Outputs for Build Image SHA & Docs Only
      id: set-output
      run: |
        if [ -z "${{ inputs.build-image-sha }}" ]; then
          echo "build-image-sha=eac3529546ea8f3aa356d31e345715eef342233b" >> "$GITHUB_OUTPUT"
        else
          echo "build-image-sha=${{ inputs.build-image-sha }}" >> "$GITHUB_OUTPUT"
        fi
        echo "docs-only=${{ steps.filter.outputs.docs == 'true' && steps.filter.outputs.src == 'false' }}" >> "$GITHUB_OUTPUT"

  # Lint Jobs
  lint:
    needs: setup
    if: ${{ !inputs.skip-lint }}
    uses: ./.github/workflows/pipeline-electron-lint.yml
    permissions:
      contents: read
    with:
      container: '{"image":"ghcr.io/electron/build:${{ needs.setup.outputs.build-image-sha }}","options":"--user root"}'
    secrets: inherit

  # Docs Only Jobs
  docs-only:
    needs: [setup, checkout-linux]
    if: ${{ needs.setup.outputs.docs-only == 'true' }}
    uses: ./.github/workflows/pipeline-electron-docs-only.yml
    permissions:
      contents: read
    with:
      container: '{"image":"ghcr.io/electron/build:${{ needs.checkout-linux.outputs.build-image-sha }}","options":"--user root","volumes":["/mnt/cross-instance-cache:/mnt/cross-instance-cache"]}'
    secrets: inherit

  # Checkout Jobs
  checkout-macos:
    needs: setup
    if: ${{ needs.setup.outputs.src == 'true' && !inputs.skip-macos}}
    runs-on: electron-arc-centralus-linux-amd64-32core
    permissions:
      contents: read
    container:
      image: ghcr.io/electron/build:${{ needs.setup.outputs.build-image-sha }}
      options: --user root
      volumes:
        - /mnt/cross-instance-cache:/mnt/cross-instance-cache
        - /var/run/sas:/var/run/sas
    env:
      CHROMIUM_GIT_COOKIE: ${{ secrets.CHROMIUM_GIT_COOKIE }}
      GCLIENT_EXTRA_ARGS: '--custom-var=checkout_mac=True --custom-var=host_os=mac'
    outputs:
      build-image-sha: ${{ needs.setup.outputs.build-image-sha }}
    steps:
    - name: Checkout Electron
      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
      with:
        path: src/electron
        fetch-depth: 0
        ref: ${{ github.event.pull_request.head.sha }}
    - name: Checkout & Sync & Save
      uses: ./src/electron/.github/actions/checkout
      with:
        generate-sas-token: 'true'
        target-platform: macos

  checkout-linux:
    needs: setup
    if: ${{ !inputs.skip-linux}}
    runs-on: electron-arc-centralus-linux-amd64-32core
    permissions:
      contents: read
    container:
      image: ghcr.io/electron/build:${{ needs.setup.outputs.build-image-sha }}
      options: --user root
      volumes:
        - /mnt/cross-instance-cache:/mnt/cross-instance-cache
        - /var/run/sas:/var/run/sas
    env:
      CHROMIUM_GIT_COOKIE: ${{ secrets.CHROMIUM_GIT_COOKIE }}
      DD_API_KEY: ${{ secrets.DD_API_KEY }}
      GCLIENT_EXTRA_ARGS: '--custom-var=checkout_arm=True --custom-var=checkout_arm64=True'
      PATCH_UP_APP_CREDS: ${{ secrets.PATCH_UP_APP_CREDS }}
    outputs:
      build-image-sha: ${{ needs.setup.outputs.build-image-sha}}
    steps:
    - name: Checkout Electron
      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
      with:
        path: src/electron
        fetch-depth: 0
        ref: ${{ github.event.pull_request.head.sha }}
    - name: Checkout & Sync & Save
      uses: ./src/electron/.github/actions/checkout
      with:
        target-platform: linux

  checkout-windows:
    needs: setup
    if: ${{ needs.setup.outputs.src == 'true' && !inputs.skip-windows }}
    runs-on: electron-arc-centralus-linux-amd64-32core
    permissions:
      contents: read
    container:
      image: ghcr.io/electron/build:${{ needs.setup.outputs.build-image-sha }}
      options: --user root --device /dev/fuse --cap-add SYS_ADMIN
      volumes:
        - /mnt/win-cache:/mnt/win-cache
        - /var/run/sas:/var/run/sas
    env:
      CHROMIUM_GIT_COOKIE: ${{ secrets.CHROMIUM_GIT_COOKIE }}
      CHROMIUM_GIT_COOKIE_WINDOWS_STRING: ${{ secrets.CHROMIUM_GIT_COOKIE_WINDOWS_STRING }}
      GCLIENT_EXTRA_ARGS: '--custom-var=checkout_win=True'
      TARGET_OS: 'win'
      ELECTRON_DEPOT_TOOLS_WIN_TOOLCHAIN: '1'
    outputs:
      build-image-sha: ${{ needs.setup.outputs.build-image-sha}}
    steps:
    - name: Checkout Electron
      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
      with:
        path: src/electron
        fetch-depth: 0
        ref: ${{ github.event.pull_request.head.sha }}
    - name: Checkout & Sync & Save
      uses: ./src/electron/.github/actions/checkout
      with:
        generate-sas-token: 'true'
        target-platform: win

  # GN Check Jobs
  macos-gn-check:
    uses: ./.github/workflows/pipeline-segment-electron-gn-check.yml
    permissions:
      contents: read
    needs: checkout-macos
    with:
      target-platform: macos
      target-archs: x64 arm64
      check-runs-on: macos-15
      gn-build-type: testing
    secrets: inherit

  linux-gn-check:
    uses: ./.github/workflows/pipeline-segment-electron-gn-check.yml
    permissions:
      contents: read
    needs: checkout-linux
    if: ${{ needs.setup.outputs.src == 'true' }}
    with:
      target-platform: linux
      target-archs: x64 arm arm64
      check-runs-on: electron-arc-centralus-linux-amd64-8core
      check-container: '{"image":"ghcr.io/electron/build:${{ needs.checkout-linux.outputs.build-image-sha }}","options":"--user root","volumes":["/mnt/cross-instance-cache:/mnt/cross-instance-cache"]}'
      gn-build-type: testing
    secrets: inherit

  windows-gn-check:
    uses: ./.github/workflows/pipeline-segment-electron-gn-check.yml
    permissions:
      contents: read
    needs: checkout-windows
    with:
      target-platform: win
      target-archs: x64 x86 arm64
      check-runs-on: electron-arc-centralus-linux-amd64-8core
      check-container: '{"image":"ghcr.io/electron/build:${{ needs.checkout-windows.outputs.build-image-sha }}","options":"--user root --device /dev/fuse --cap-add SYS_ADMIN","volumes":["/mnt/win-cache:/mnt/win-cache"]}'
      gn-build-type: testing
    secrets: inherit

  # Build Jobs - These cascade into testing jobs
  macos-x64:
    permissions:
      contents: read
      issues: read
      pull-requests: read
    uses: ./.github/workflows/pipeline-electron-build-and-test.yml
    needs: checkout-macos
    with:
      build-runs-on: macos-15-xlarge
      test-runs-on: macos-15-large
      target-platform: macos
      target-arch: x64
      is-release: false
      gn-build-type: testing
      generate-symbols: false
      upload-to-storage: '0'
      enable-ssh: ${{ inputs.enable-ssh || false }}
    secrets: inherit
  
  macos-arm64:
    permissions:
      contents: read
      issues: read
      pull-requests: read
    uses: ./.github/workflows/pipeline-electron-build-and-test.yml
    needs: checkout-macos
    with:
      build-runs-on: macos-15-xlarge
      test-runs-on: macos-15
      target-platform: macos
      target-arch: arm64
      is-release: false
      gn-build-type: testing
      generate-symbols: false
      upload-to-storage: '0'
      enable-ssh: ${{ inputs.enable-ssh || false }}
    secrets: inherit

  linux-x64:
    permissions:
      contents: read
      issues: read
      pull-requests: read
    uses: ./.github/workflows/pipeline-electron-build-and-tidy-and-test-and-nan.yml
    needs: checkout-linux
    if: ${{ needs.setup.outputs.src == 'true' }}
    with:
      build-runs-on: electron-arc-centralus-linux-amd64-32core
      clang-tidy-runs-on: electron-arc-centralus-linux-amd64-8core
      test-runs-on: electron-arc-centralus-linux-amd64-4core
      build-container: '{"image":"ghcr.io/electron/build:${{ needs.checkout-linux.outputs.build-image-sha }}","options":"--user root","volumes":["/mnt/cross-instance-cache:/mnt/cross-instance-cache"]}'
      clang-tidy-container: '{"image":"ghcr.io/electron/build:${{ needs.checkout-linux.outputs.build-image-sha }}","options":"--user root","volumes":["/mnt/cross-instance-cache:/mnt/cross-instance-cache"]}'
      test-container: '{"image":"ghcr.io/electron/build:${{ needs.checkout-linux.outputs.build-image-sha }}","options":"--user root --privileged --init"}'
      target-platform: linux
      target-arch: x64
      is-release: false
      gn-build-type: testing
      generate-symbols: false
      upload-to-storage: '0'
    secrets: inherit

  linux-x64-asan:
    permissions:
      contents: read
      issues: read
      pull-requests: read
    uses: ./.github/workflows/pipeline-electron-build-and-test.yml
    needs: checkout-linux
    if: ${{ needs.setup.outputs.src == 'true' }}
    with:
      build-runs-on: electron-arc-centralus-linux-amd64-32core
      test-runs-on: electron-arc-centralus-linux-amd64-4core
      build-container: '{"image":"ghcr.io/electron/build:${{ needs.checkout-linux.outputs.build-image-sha }}","options":"--user root","volumes":["/mnt/cross-instance-cache:/mnt/cross-instance-cache"]}'
      test-container: '{"image":"ghcr.io/electron/build:${{ needs.checkout-linux.outputs.build-image-sha }}","options":"--user root --privileged --init"}'
      target-platform: linux
      target-arch: x64
      is-release: false
      gn-build-type: testing
      generate-symbols: false
      upload-to-storage: '0'
      is-asan: true
    secrets: inherit
  
  linux-arm:
    permissions:
      contents: read
      issues: read
      pull-requests: read
    uses: ./.github/workflows/pipeline-electron-build-and-test.yml
    needs: checkout-linux
    if: ${{ needs.setup.outputs.src == 'true' }}
    with:
      build-runs-on: electron-arc-centralus-linux-amd64-32core
      test-runs-on: electron-arc-centralus-linux-arm64-4core
      build-container: '{"image":"ghcr.io/electron/build:${{ needs.checkout-linux.outputs.build-image-sha }}","options":"--user root","volumes":["/mnt/cross-instance-cache:/mnt/cross-instance-cache"]}'
      test-container: '{"image":"ghcr.io/electron/test:arm32v7-${{ needs.checkout-linux.outputs.build-image-sha }}","options":"--user root --privileged --init --memory=12g","volumes":["/home/runner/externals:/mnt/runner-externals"]}'
      target-platform: linux
      target-arch: arm
      is-release: false
      gn-build-type: testing
      generate-symbols: false
      upload-to-storage: '0'
    secrets: inherit
  
  linux-arm64:
    permissions:
      contents: read
      issues: read
      pull-requests: read
    uses: ./.github/workflows/pipeline-electron-build-and-test.yml
    needs: checkout-linux
    if: ${{ needs.setup.outputs.src == 'true' }}
    with:
      build-runs-on: electron-arc-centralus-linux-amd64-32core
      test-runs-on: ubuntu-22.04-arm
      build-container: '{"image":"ghcr.io/electron/build:${{ needs.checkout-linux.outputs.build-image-sha }}","options":"--user root","volumes":["/mnt/cross-instance-cache:/mnt/cross-instance-cache"]}'
      test-container: '{"image":"ghcr.io/electron/test:arm64v8-${{ needs.checkout-linux.outputs.build-image-sha }}","options":"--user root --privileged --init"}'
      target-platform: linux
      target-arch: arm64
      is-release: false
      gn-build-type: testing
      generate-symbols: false
      upload-to-storage: '0'
    secrets: inherit
    
  test-linux-arm64-64k:
    uses: ./.github/workflows/pipeline-segment-electron-test-64k.yml
    permissions:
      contents: read
      issues: read
      pull-requests: read
    needs: [checkout-linux, linux-arm64]
    with:
      test-runs-on: ubuntu-22.04-arm
      test-container: '{"image":"ghcr.io/electron/test:arm64v8-${{ needs.checkout-linux.outputs.build-image-sha }}","options":"--user root --privileged --init"}'
    secrets: inherit

  windows-x64:
    permissions:
      contents: read
      issues: read
      pull-requests: read
    uses: ./.github/workflows/pipeline-electron-build-and-test.yml
    needs: checkout-windows
    if: ${{ needs.setup.outputs.src == 'true' && !inputs.skip-windows }}
    with:
      build-runs-on: electron-arc-centralus-windows-amd64-16core
      test-runs-on: windows-latest
      target-platform: win
      target-arch: x64
      is-release: false
      gn-build-type: testing
      generate-symbols: false
      upload-to-storage: '0'
    secrets: inherit

  windows-x86:
    permissions:
      contents: read
      issues: read
      pull-requests: read
    uses: ./.github/workflows/pipeline-electron-build-and-test.yml
    needs: checkout-windows
    if: ${{ needs.setup.outputs.src == 'true' && !inputs.skip-windows }}
    with:
      build-runs-on: electron-arc-centralus-windows-amd64-16core
      test-runs-on: windows-latest
      target-platform: win
      target-arch: x86
      is-release: false
      gn-build-type: testing
      generate-symbols: false
      upload-to-storage: '0'
    secrets: inherit

  windows-arm64:
    permissions:
      contents: read
      issues: read
      pull-requests: read
    uses: ./.github/workflows/pipeline-electron-build-and-test.yml
    needs: checkout-windows
    if: ${{ needs.setup.outputs.src == 'true' && !inputs.skip-windows }}
    with:
      build-runs-on: electron-arc-centralus-windows-amd64-16core
      test-runs-on: windows-11-arm
      target-platform: win
      target-arch: arm64
      is-release: false
      gn-build-type: testing
      generate-symbols: false
      upload-to-storage: '0'
    secrets: inherit

  gha-done:
    name: GitHub Actions Completed
    runs-on: ubuntu-latest
    permissions:
      contents: read
    needs: [docs-only, macos-x64, macos-arm64, linux-x64, linux-x64-asan, linux-arm, linux-arm64, windows-x64, windows-x86, windows-arm64]
    if: always() && github.repository == 'electron/electron' && !contains(needs.*.result, 'failure')
    steps:
    - name: GitHub Actions Jobs Done
      run: |
        echo "All GitHub Actions Jobs are done"