generated from ZL-Audio/ZLTemplate
-
Notifications
You must be signed in to change notification settings - Fork 8
312 lines (273 loc) · 11.7 KB
/
cmake_release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
name: Release
on:
workflow_dispatch:
# When pushing new commits, cancel any running builds on that branch
concurrency:
group: ${{ github.ref }}
cancel-in-progress: true
env:
BUILD_TYPE: Release
BUILD_DIR: Builds
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
DISPLAY: :0 # linux pluginval needs this
HOMEBREW_NO_INSTALL_CLEANUP: 1
IPP_DIR: C:\Program Files (x86)\Intel\oneAPI\ipp\latest\lib\cmake\ipp
# jobs are run in paralell on different machines
# all steps run in series
jobs:
build_and_test:
name: ${{ matrix.name }}
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false # show all errors for each platform (vs. cancel jobs on error)
matrix:
include:
- name: Linux
os: ubuntu-22.04
pluginval-binary: ./pluginval
boost_platform_version: "22.04"
boost_toolset: "gcc"
plugin_os_format: "VST3;LV2;Standalone"
juce_branch: "juce7"
app_suffix: ""
cmake_extra_flags: -DCMAKE_C_COMPILER=clang-17 -DCMAKE_CXX_COMPILER=clang++-17
- name: macOS
os: macos-15
pluginval-binary: pluginval.app/Contents/MacOS/pluginval
boost_platform_version: "11"
boost_toolset: "clang"
plugin_os_format: "VST3;AU;Standalone"
juce_branch: "main"
app_suffix: ".app"
cmake_extra_flags: -DCMAKE_OSX_ARCHITECTURES="arm64;x86_64"
- name: Windows
os: windows-latest
pluginval-binary: ./pluginval.exe
boost_platform_version: "2022"
boost_toolset: "msvc"
plugin_os_format: "VST3;LV2;Standalone"
juce_branch: "main"
app_suffix: ".exe"
- name: Windows-Software
os: windows-latest
pluginval-binary: ./pluginval.exe
boost_platform_version: "2022"
boost_toolset: "msvc"
plugin_os_format: "VST3;LV2;Standalone"
juce_branch: "juce7"
app_suffix: ".exe"
cmake_extra_flags: -DCMAKE_C_COMPILER=clang -DCMAKE_CXX_COMPILER=clang++
steps:
- name: Set up Clang (Linux)
if: runner.os == 'Linux'
run: |
wget https://apt.llvm.org/llvm.sh
chmod +x ./llvm.sh
sudo ./llvm.sh 17
# This also starts up our "fake" display Xvfb, needed for pluginval
- name: Install JUCE's Linux Deps (Linux)
if: runner.os == 'Linux'
# Thanks to McMartin & co https://forum.juce.com/t/list-of-juce-dependencies-under-linux/15121/44
run: |
sudo apt-get update && sudo apt install libasound2-dev libx11-dev libxinerama-dev libxext-dev libfreetype-dev libfontconfig1-dev libwebkit2gtk-4.1-dev libglu1-mesa-dev xvfb ninja-build
sudo /usr/bin/Xvfb $DISPLAY &
- name: Set up Clang (Windows)
if: runner.os == 'Windows'
uses: KyleMayes/install-llvm-action@v2
with:
version: "17.0.6"
- name: Cache IPP (Windows)
if: runner.os == 'Windows'
id: cache-ipp
uses: actions/cache@v4
with:
key: ipp-v5
path: C:\Program Files (x86)\Intel
- name: Install IPP (Windows)
if: (runner.os == 'Windows') && (steps.cache-ipp.outputs.cache-hit != 'true')
shell: bash
run: |
curl --output oneapi.exe https://registrationcenter-download.intel.com/akdlm/IRC_NAS/b4adec02-353b-4144-aa21-f2087040f316/w_ipp_oneapi_p_2021.11.0.533_offline.exe
./oneapi.exe -s -x -f oneapi
./oneapi/bootstrapper.exe -s -c --action install --components=intel.oneapi.win.ipp.devel --eula=accept -p=NEED_VS2022_INTEGRATION=1 --log-dir=.
- name: Save IPP cache (even on CI fail)
if: runner.os == 'Windows' && (steps.cache-ipp.outputs.cache-hit != 'true')
uses: actions/cache/save@v4
with:
path: C:\Program Files (x86)\Intel
key: ipp-v5
- name: Install Ninja (Windows)
if: runner.os == 'Windows'
shell: bash
run: choco install ninja
- name: Install macOS Deps
if: ${{ runner.os == 'macOS' }}
run: brew install ninja osxutils
# This block can be removed once 15.1 is default (JUCE requires it when building on macOS 14)
- name: Use latest Xcode on system (macOS)
if: ${{ runner.os == 'macOS' }}
uses: maxim-lobanov/setup-xcode@v1
with:
xcode-version: latest-stable
- name: Checkout code
uses: actions/checkout@v4
with:
submodules: recursive
fetch-depth: 0
- name: Import Certificates (macOS)
uses: apple-actions/import-codesign-certs@v3 # only exists as a tag right now
if: ${{ (runner.os == 'macOS') && (env.p12-file-base64 != '') }}
with:
p12-file-base64: ${{ secrets.DEV_ID_APP_CERT }}
p12-password: ${{ secrets.DEV_ID_APP_PASSWORD }}
env:
p12-file-base64: ${{ secrets.DEV_ID_APP_CERT }}
- name: Configure
shell: bash
run: cmake -B ${{ env.BUILD_DIR }} -G Ninja -DCMAKE_BUILD_TYPE=${{ env.BUILD_TYPE}} ${{ matrix.cmake_extra_flags }} .
env:
PLUGIN_OS_FORMAT: ${{ matrix.plugin_os_format }}
JUCE_BRANCH: ${{ matrix.juce_branch }}
- name: Build
shell: bash
run: cmake --build ${{ env.BUILD_DIR }} --config ${{ env.BUILD_TYPE }} --parallel 4
- name: Test
working-directory: ${{ env.BUILD_DIR }}
run: ctest --output-on-failure -j4 -VV
- name: Read in .env from CMake # see GitHubENV.cmake
shell: bash
run: |
cat .env # show us the config
cat .env >> $GITHUB_ENV # pull in our PRODUCT_NAME, etc
- name: Set up custom git config
run: git config --global http.postBuffer 1048576000
- name: Download AAX pre-release repo
if: ${{ (runner.os != 'Linux') && (matrix.juce_branch != 'juce7') }}
uses: actions/checkout@v4
with:
repository: "ZL-Audio/ZLEqualizerAAX"
path: "aax_releases"
ssh-key: ${{ secrets.AAX_RELEASE_DEPLOY_KEY }}
- name: Set additional env vars for next steps
shell: bash
run: |
ARTIFACTS_PATH=${{ env.BUILD_DIR }}/${{ env.PROJECT_NAME }}_artefacts/${{ env.BUILD_TYPE }}
echo "ARTIFACTS_PATH=$ARTIFACTS_PATH" >> $GITHUB_ENV
echo "VST3_PATH=$ARTIFACTS_PATH/VST3/${{ env.PRODUCT_NAME }}.vst3" >> $GITHUB_ENV
echo "AU_PATH=$ARTIFACTS_PATH/AU/${{ env.PRODUCT_NAME }}.component" >> $GITHUB_ENV
echo "LV2_PATH=$ARTIFACTS_PATH/LV2/${{ env.PRODUCT_NAME }}.lv2" >> $GITHUB_ENV
echo "AAX_PATH=aax_releases/${{ matrix.name }}/${{ env.PRODUCT_NAME }}.aaxplugin" >> $GITHUB_ENV
echo "Standalone_PATH=$ARTIFACTS_PATH/Standalone/${{ env.PRODUCT_NAME }}${{ matrix.app_suffix }}" >> $GITHUB_ENV
echo "ARTIFACT_NAME=${{ env.PRODUCT_NAME }}-${{ env.VERSION }}-${{ matrix.name }}" >> $GITHUB_ENV
- name: Pluginval setup
shell: bash
run: |
curl -LO "https://github.com/Tracktion/pluginval/releases/download/v1.0.3/pluginval_${{ runner.os }}.zip"
7z x pluginval_${{ runner.os }}.zip
echo "PLUGINVAL_DISABLED=Plugin state restoration" >> $GITHUB_ENV
- name: Setup Pluginval random seed
uses: josStorer/get-current-time@v2
id: current-time
with:
format: YYYYMMDD
- name: Pluginval VST3 validations
shell: bash
run: |
${{ matrix.pluginval-binary }} --verbose --validate "${{ env.VST3_PATH }}" --disabled-tests "${{ env.PLUGINVAL_DISABLED }}"
env:
STRICTNESS_LEVEL: 10
TIMEOUT_MS: 1440000
REPEAT: 1
RANDOM_SEED: "${{ steps.current-time.outputs.formattedTime }}"
- name: Codesign and Create Individual Packages (macOS)
if: ${{ runner.os == 'macOS' }}
run: |
python3 -u packaging/packager_macOS.py
env:
DEVELOPER_ID_APPLICATION: ${{ secrets.DEVELOPER_ID_APPLICATION }}
- name: Sign Final Package (macOS)
if: ${{ (runner.os == 'macOS') && (env.APPLE_INSTALLER_DEV != '') }}
run: productsign --sign "${{ secrets.APPLE_INSTALLER_DEV }}" "${{ env.ARTIFACT_NAME }}_unsigned.pkg" "${{ env.ARTIFACT_NAME }}.pkg"
env:
APPLE_INSTALLER_DEV: ${{ secrets.APPLE_INSTALLER_DEV }}
- name: Rename Final Package (macOS)
if: ${{ (runner.os == 'macOS') && (env.APPLE_INSTALLER_DEV == '') }}
run: mv "${{ env.ARTIFACT_NAME }}_unsigned.pkg" "${{ env.ARTIFACT_NAME }}.pkg"
env:
APPLE_INSTALLER_DEV: ${{ secrets.APPLE_INSTALLER_DEV }}
- name: Notarize and Staple PKG (macOS)
if: ${{ (runner.os == 'macOS') && (env.NOTARIZATION_USERNAME != '')}}
run: |
xcrun notarytool submit "${{ env.ARTIFACT_NAME }}.pkg" --apple-id ${{ secrets.NOTARIZATION_USERNAME }} --password ${{ secrets.NOTARIZATION_PASSWORD }} --team-id ${{ secrets.TEAM_ID }} --wait
xcrun stapler staple "${{ env.ARTIFACT_NAME }}.pkg"
env:
NOTARIZATION_USERNAME: ${{ secrets.NOTARIZATION_USERNAME }}
- name: Create DMG (macOS)
if: ${{ runner.os == 'macOS' }}
run: |
mkdir "${{ env.ARTIFACTS_PATH }}/dmgtmp"
mv "${{ env.ARTIFACT_NAME }}.pkg" "${{ env.ARTIFACTS_PATH }}/dmgtmp"
hdiutil create "${{ env.ARTIFACTS_PATH }}/tmp.dmg" -ov -volname "${{ env.ARTIFACT_NAME }}" -fs HFS+ -srcfolder "${{ env.ARTIFACTS_PATH }}/dmgtmp"
hdiutil convert "${{ env.ARTIFACTS_PATH }}/tmp.dmg" -format UDZO -o "${{ env.ARTIFACT_NAME }}.dmg"
- name: Upload DMG (macOS)
if: ${{ runner.os == 'macOS' }}
uses: actions/upload-artifact@v4
with:
name: ${{ env.ARTIFACT_NAME }}.dmg
path: "${{ env.ARTIFACT_NAME }}.dmg"
- name: Generate InnoScript (Windows)
if: ${{ runner.os == 'Windows' }}
shell: bash
run: |
python3 -u packaging/packager_Windows.py
cat "packaging\installer.iss"
- name: Generate Installer (Windows)
if: ${{ runner.os == 'Windows' }}
shell: bash
run: |
iscc "packaging\installer.iss"
mv "packaging/Output/${{ env.ARTIFACT_NAME }}.exe" "${{ env.ARTIFACTS_PATH }}/"
- name: Upload Exe (Windows)
if: ${{ runner.os == 'Windows' }}
uses: actions/upload-artifact@v4
with:
name: ${{ env.ARTIFACT_NAME }}.exe
path: "${{ env.ARTIFACTS_PATH }}/${{ env.ARTIFACT_NAME }}.exe"
- name: Generate Zip (Linux)
if: ${{ runner.os == 'Linux' }}
working-directory: ${{ env.ARTIFACTS_PATH }}
run: 7z a -tzip "${{ env.ARTIFACT_NAME }}.zip" "-xr!lib${{ env.PRODUCT_NAME }}_SharedCode.a" .
- name: Upload Zip (Linux)
if: ${{ runner.os == 'Linux' }}
uses: actions/upload-artifact@v4
with:
name: ${{ env.ARTIFACT_NAME }}.zip
path: "${{ env.ARTIFACTS_PATH }}/${{ env.ARTIFACT_NAME }}.zip"
release:
if: contains(github.ref, 'tags/')
runs-on: ubuntu-latest
needs: build_and_test
permissions:
contents: write
id-token: write
attestations: write
steps:
- name: Get Artifacts
uses: actions/download-artifact@v4
- name: Generate Signed Build Provenance Attestations
uses: actions/attest-build-provenance@v1
with:
subject-path: |
*/*.exe
*/*.zip
*/*.dmg
- name: Create Release
uses: softprops/action-gh-release@v2
with:
prerelease: true
# download-artifact puts these files in their own dirs...
# Using globs sidesteps having to pass the version around
files: |
*/*.exe
*/*.zip
*/*.dmg