electron/.github/workflows/linux-publish.yml

name: Publish Linux

on:
  workflow_dispatch:
    inputs:
      build-image-sha:
        type: string
        description: 'SHA for electron/build image'
        default: ''
        required: false
      upload-to-storage:
        description: 'Uploads to Azure storage'
        required: false
        default: '1'
        type: string
      run-linux-publish:
        description: 'Run the publish jobs vs just the build jobs'
        type: boolean
        default: false

permissions: {}

jobs:
  setup:
    if: github.repository == 'electron/electron'
    runs-on: ubuntu-slim
    permissions:
      contents: read
    outputs:
      build-image-sha: ${{ steps.build-image-sha.outputs.build-image-sha }}
    steps:
    - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
    - name: Set Build Image SHA
      id: build-image-sha
      uses: ./.github/actions/build-image-sha
      with:
        override: ${{ inputs.build-image-sha }}

  checkout-linux:
    needs: setup
    runs-on: electron-arc-centralus-linux-amd64-32core
    permissions:
      contents: read
    container:
      image: ghcr.io/electron/build:${{ needs.setup.outputs.build-image-sha }}
      options: --user root
      volumes:
        - /mnt/cross-instance-cache:/mnt/cross-instance-cache
        - /var/run/sas:/var/run/sas
    env:
      CHROMIUM_GIT_COOKIE: ${{ secrets.CHROMIUM_GIT_COOKIE }}
      GCLIENT_EXTRA_ARGS: '--custom-var=checkout_arm=True --custom-var=checkout_arm64=True'
    steps:
    - name: Checkout Electron
      uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
      with:
        path: src/electron
        fetch-depth: 0
    - name: Checkout & Sync & Save
      uses: ./src/electron/.github/actions/checkout

  publish-x64:
    uses: ./.github/workflows/pipeline-segment-electron-publish.yml
    permissions:
      artifact-metadata: write
      attestations: write
      contents: read
      id-token: write
    needs: [setup, checkout-linux]
    with:
      environment: production-release
      build-runs-on: electron-arc-centralus-linux-amd64-32core
      build-container: '{"image":"ghcr.io/electron/build:${{ needs.setup.outputs.build-image-sha }}","options":"--user root","volumes":["/mnt/cross-instance-cache:/mnt/cross-instance-cache"]}'
      target-platform: linux
      target-arch: x64
      is-release: true
      gn-build-type: release
      generate-symbols: true
      upload-to-storage: ${{ inputs.upload-to-storage }}
    secrets: inherit

  publish-arm:
    uses: ./.github/workflows/pipeline-segment-electron-publish.yml
    permissions:
      artifact-metadata: write
      attestations: write
      contents: read
      id-token: write
    needs: [setup, checkout-linux]
    with:
      environment: production-release
      build-runs-on: electron-arc-centralus-linux-amd64-32core
      build-container: '{"image":"ghcr.io/electron/build:${{ needs.setup.outputs.build-image-sha }}","options":"--user root","volumes":["/mnt/cross-instance-cache:/mnt/cross-instance-cache"]}'
      target-platform: linux
      target-arch: arm
      is-release: true
      gn-build-type: release
      generate-symbols: true
      upload-to-storage: ${{ inputs.upload-to-storage }}
    secrets: inherit

  publish-arm64:
    uses: ./.github/workflows/pipeline-segment-electron-publish.yml
    permissions:
      artifact-metadata: write
      attestations: write
      contents: read
      id-token: write
    needs: [setup, checkout-linux]
    with:
      environment: production-release
      build-runs-on: electron-arc-centralus-linux-amd64-32core
      build-container: '{"image":"ghcr.io/electron/build:${{ needs.setup.outputs.build-image-sha }}","options":"--user root","volumes":["/mnt/cross-instance-cache:/mnt/cross-instance-cache"]}'
      target-platform: linux
      target-arch: arm64
      is-release: true
      gn-build-type: release
      generate-symbols: true
      upload-to-storage: ${{ inputs.upload-to-storage }}
    secrets: inherit