CI/CD for an Electron App with GitHub Actions
Package and publish your Electron app for every OS from one workflow.
Electron apps bundle a Chromium runtime with your web app and package into OS-specific installers. electron-builder handles packaging and publishing across a matrix of operating systems. This recipe builds and releases per platform.
What the pipeline does
- run on a macOS, Windows, and Linux matrix
- install deps with npm ci
- lint and test
- package with electron-builder
- publish installers to a GitHub Release
The workflow
electron-builder reads its config from package.json or electron-builder.yml and publishes to the release matching the tag. GH_TOKEN lets it create release assets.
name: Release
on:
push:
tags: ['v*']
jobs:
build:
strategy:
matrix:
os: [macos-latest, ubuntu-latest, windows-latest]
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: 20
cache: npm
- run: npm ci
- run: npm run lint --if-present
- run: npm test --if-present
- run: npx electron-builder --publish always
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}Caching and speed
cache: npm covers installs and electron-builder caches downloaded Electron binaries under ~/.cache/electron and ~/.cache/electron-builder, which actions/cache can persist. Packaging across three OSes is the slow part; cheaper managed runners such as Latchkey (around 69% cheaper than GitHub-hosted) reduce the cost of every release matrix.
Deploying
electron-builder --publish always uploads .dmg, .exe (NSIS), .deb, and .AppImage assets to the GitHub Release. For auto-update, enable the publish provider and electron-updater in the app. macOS notarization and Windows signing need certificates supplied as secrets.
Key takeaways
- electron-builder packages and publishes per OS.
- Cache the Electron and builder download caches.
- Signing and notarization need certificates as secrets.