-
Notifications
You must be signed in to change notification settings - Fork 41
94 lines (79 loc) · 3.67 KB
/
nightly-build.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
name: Nightly Build
on:
push:
branches:
- main
jobs:
#Reuse ci.yml workflow on main branch and upload artifacts to release page
reuse_main_ci:
uses: ./.github/workflows/ci.yml
secrets: inherit
upload_nighly_builds:
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ macos-latest]
python-version: [ 3.8 ]
needs: reuse_main_ci
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Retrieve saved artifacts
uses: actions/download-artifact@v3
with:
path: installers/dist
- name: Display structure of downloaded files
run: ls -R
working-directory: installers/dist
- name: Set up Python
uses: actions/setup-python@v1
with:
python-version: ${{ matrix.python-version }}
- name: Sign executable and create dmg (OSX)
if: ${{ matrix.installer && startsWith(matrix.os, 'macos') }}
env:
MACOS_CERTIFICATE: ${{ secrets.MACOS_CERTIFICATE }}
MACOS_CERTIFICATE_PWD: ${{ secrets.MACOS_CERTIFICATE_PWD }}
run: |
echo $MACOS_CERTIFICATE | base64 --decode > certificate.p12
security create-keychain -p DloaAcYP build.keychain
security default-keychain -s build.keychain
security unlock-keychain -p DloaAcYP build.keychain
security import certificate.p12 -k build.keychain -P $MACOS_CERTIFICATE_PWD -T /usr/bin/codesign
security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k DloaAcYP build.keychain
cd installers/dist
python ../../build_tools/fix_qt_folder_names_for_codesign.py SasView5.app
python ../../build_tools/code_sign_osx.py
codesign --verify --options=runtime --entitlements ../../build_tools/entitlements.plist --timestamp --deep --verbose=4 --force --sign "Developer ID Application: European Spallation Source Eric (W2AG9MPZ43)" SasView5.app
hdiutil create SasView5.dmg -srcfolder SasView5.app -ov -format UDZO
codesign -s "Developer ID Application: European Spallation Source Eric (W2AG9MPZ43)" SasView5.dmg
- name: Rename artifacts
run: |
mv installers/dist/SasView-Installer-windows-*/setupSasView.exe installers/dist/setupSasView-nightly-Win64.exe
mv installers/dist/SasView-Installer-macos-*/SasView5.dmg installers/dist/SasView-nightly-MacOSX.dmg
mv installers/dist/SasView-Installer-ubuntu-*/sasview5.tar.gz installers/dist/SasView-nightly-Linux.tar.gz
- name: Notarize Release Build (OSX)
uses: GuillaumeFalourd/xcode-notarize@v1
with:
product-path: "installers/dist/SasView-nightly-MacOSX.dmg"
primary-bundle-id: "org.sasview.SasView5"
appstore-connect-username: ${{ secrets.NOTARIZATION_USERNAME }}
appstore-connect-password: ${{ secrets.NOTARIZATION_PASSWORD }}
verbose: True
- name: Staple Release Build (OSX)
if: ${{ startsWith(matrix.os, 'macos') }}
uses: BoundfoxStudios/action-xcode-staple@v1
with:
product-path: "installers/dist/SasView-nightly-MacOSX.dmg"
- name: Upload Nightly Build Installer to GitHub releases
uses: ncipollo/release-action@v1
with:
draft: false
prerelease: true
allowUpdates: true
replacesArtifacts: true
token: ${{ secrets.GITHUB_TOKEN }}
artifacts: "installers/dist/setupSasView-nightly-Win64.exe, installers/dist/SasView-nightly-MacOSX.dmg, installers/dist/SasView-nightly-Linux.tar.gz"
body: "Nightly build of main SasView branch"
name: "nightly-build"
tag: "nightly-build"