fix: Linux desktop app freeze — layered CSP with runtime port pinning #42
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Desktop Artifacts | |
| on: | |
| workflow_dispatch: | |
| pull_request: | |
| paths: | |
| - 'desktop/**' | |
| - 'frontend/**' | |
| - 'go.mod' | |
| - 'go.sum' | |
| - '.github/workflows/desktop-*.yml' | |
| permissions: | |
| contents: read | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.head_ref || github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| build: | |
| name: Desktop Build (${{ matrix.platform }}) | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - platform: macos | |
| os: macos-15 | |
| bundle: app | |
| bundle_dir: macos | |
| - platform: windows | |
| os: windows-latest | |
| bundle: nsis | |
| bundle_dir: nsis | |
| - platform: linux | |
| os: ubuntu-22.04 | |
| bundle: appimage | |
| bundle_dir: appimage | |
| steps: | |
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| persist-credentials: false | |
| - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0 | |
| with: | |
| go-version-file: go.mod | |
| - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0 | |
| with: | |
| node-version: "24" | |
| - name: Setup MinGW (Windows) | |
| if: matrix.platform == 'windows' | |
| uses: msys2/setup-msys2@4f806de0a5a7294ffabaff804b38a9b435a73bda # v2 | |
| with: | |
| msystem: MINGW64 | |
| update: false | |
| install: mingw-w64-x86_64-gcc | |
| path-type: inherit | |
| - name: Install Linux system dependencies | |
| if: matrix.platform == 'linux' | |
| run: | | |
| sudo apt-get update -q | |
| sudo apt-get install -y \ | |
| libwebkit2gtk-4.1-dev libgtk-3-dev \ | |
| libappindicator3-dev librsvg2-dev \ | |
| patchelf | |
| - name: Install desktop dependencies | |
| run: npm ci | |
| working-directory: desktop | |
| - name: Desktop smoke tests (shell scripts) | |
| shell: bash | |
| run: | | |
| bash desktop/scripts/test-prepare-sidecar.sh | |
| bash desktop/scripts/test-startup-ui.sh | |
| - name: Build desktop bundle | |
| shell: bash | |
| run: | | |
| cd desktop | |
| npm run prepare-sidecar | |
| npx tauri build --bundles "${{ matrix.bundle }}" \ | |
| --config '{"bundle":{"createUpdaterArtifacts":false}}' | |
| - name: Desktop smoke tests (Rust unit tests) | |
| shell: bash | |
| run: cargo test --manifest-path desktop/src-tauri/Cargo.toml --lib | |
| - name: Smoke check sidecar metadata | |
| shell: bash | |
| run: | | |
| target_triple="${TAURI_ENV_TARGET_TRIPLE:-${CARGO_BUILD_TARGET:-$(rustc -vV | awk '/^host: /{print $2}')}}" | |
| if [ -z "$target_triple" ]; then | |
| echo "target triple is empty" >&2 | |
| exit 1 | |
| fi | |
| ext="" | |
| if [[ "$target_triple" == *"windows"* ]]; then | |
| ext=".exe" | |
| fi | |
| sidecar="desktop/src-tauri/binaries/agentsview-${target_triple}${ext}" | |
| if [ ! -f "$sidecar" ]; then | |
| echo "missing sidecar binary: $sidecar" >&2 | |
| exit 1 | |
| fi | |
| "$sidecar" version > sidecar-version.txt | |
| if grep -q "agentsview dev" sidecar-version.txt; then | |
| echo "sidecar version should not be dev: $(cat sidecar-version.txt)" >&2 | |
| exit 1 | |
| fi | |
| if grep -q "commit unknown" sidecar-version.txt; then | |
| echo "sidecar metadata missing commit: $(cat sidecar-version.txt)" >&2 | |
| exit 1 | |
| fi | |
| if grep -Eq "built[[:space:]]*\)$" sidecar-version.txt; then | |
| echo "sidecar metadata missing build date: $(cat sidecar-version.txt)" >&2 | |
| exit 1 | |
| fi | |
| - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 | |
| with: | |
| name: agentsview-desktop-${{ matrix.platform }} | |
| path: desktop/src-tauri/target/release/bundle/${{ matrix.bundle_dir }}/ | |
| if-no-files-found: error |