CI Pipeline — ProtonDrive Wiki

# CI/CD Pipeline The `proton-drive-linux` project uses **dual CI systems**: GitHub Actions for community-facing builds and GitLab CI for internal infrastructure. ## Pipeline Architecture

graph TB
    subgraph "GitHub"
        DEV[Developer Push]
        GH_ACTIONS[GitHub Actions]
        
        subgraph "Workflows"
            PKG[package-workflows.yml
Multi-format Builds]
            SANITY[sanity.yml
Lint & Check]
            SYNC[sync-to-gitlab.yml
Issue/PR Mirror]
        end
    end
    
    subgraph "GitLab"
        GL_CI[GitLab CI
.gitlab-ci.yml]
        GL_REPO[GitLab Repository
gitlab.dicematrix.cloud]
    end
    
    DEV --> GH_ACTIONS
    GH_ACTIONS --> PKG
    GH_ACTIONS --> SANITY
    GH_ACTIONS --> SYNC
    
    SYNC -->|mirrors issues/PRs| GL_REPO
    DEV -->|git push| GL_REPO
    GL_REPO --> GL_CI

## GitHub Actions (`package-workflows.yml`) The primary build pipeline. **Builds all package formats** on pull requests and workflow dispatch: | Package Type | Targets | |---|---| | **APK** | Alpine 3.20, 3.22, 3.23 | | **AppImage** | linux-baseline | | **DEB** | Debian 12, 13; Ubuntu 24.04, 26.04 | | **RPM** | EL10, Fedora 43, 44; openSUSE Tumbleweed | | **AUR** | arch-native (+ publish) | | **Flatpak** | GNOME 49, 50 (+ publish) | | **Snap** | core24, core26 (+ publish) | Also includes `sanity.yml` for linting, type checking, and `maintenance/` workflows for issue/PR labeling, package spec generation, and releases. ### Mirroring The `sync-to-gitlab.yml` workflow syncs GitHub issues and pull requests to GitLab as mirrored issues/comments. This keeps the GitLab project visible to internal infrastructure while GitHub remains the community-facing development hub. ## GitLab CI (`.gitlab-ci.yml`) A parallel build pipeline running on self-hosted GitLab at `gitlab.dicematrix.cloud`: | Stage | Jobs | |---|---| | **build** | APK (Alpine 3.20/3.22/3.23), AppImage, AUR, DEB (Debian 12/13, Ubuntu 24.04/26.04), RPM (EL10, Fedora 43/44, openSUSE), Flatpak (GNOME 49/50), Snap (core24/26) | | **spec** | Package spec generation (PKGBUILD, RPM spec, source dist) | | **release** | Release artifact assembly (main branch pushes and version tags) | | **publish** | Manual publish jobs for git tags | Each job clones Proton WebClients, applies distro-specific patches, builds with `scripts/build-webclients.sh`, compiles Tauri, and packages. ## Build Flow 1. Clone `ProtonMail/WebClients` at pinned commit 2. Apply platform-specific patch from `patches//.patch` 3. Run `scripts/build-webclients.sh` (installs deps, patches source, builds Drive/Account/Verify apps) 4. Set version from `package.json` 5. Compile Tauri (`cargo build --release`) 6. Package into target format 7. Store artifacts (30-day expiry)