-
Notifications
You must be signed in to change notification settings - Fork 6
167 lines (139 loc) · 5.29 KB
/
build.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
name: Specify 6 CI
on: [push]
jobs:
build:
name: Build and Package Specify 6
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Unbase64 code signing certs
run: |
echo $MAC_PKCS12 | base64 -d > packaging/expdevidapp.p12
echo $WIN_PKCS12 | base64 -d > packaging/certwithroot.pfx
env:
WIN_PKCS12: ${{ secrets.WIN_PKCS12 }}
MAC_PKCS12: ${{ secrets.MAC_PKCS12_V2 }}
- name: Set up JDK 1.8
uses: actions/setup-java@v1
with:
java-version: 1.8
- name: Compile Specify 6
run: ant -noinput -buildfile build.xml compile-nonmac
- name: Compile Specify 6 for Mac
run: ant -noinput -buildfile build.xml compile-mac
- name: Get Install4j from cache
id: cache-install4j
uses: actions/cache@v1
with:
path: install4j8.0.11
key: install4j8.0.11-cache
- name: Download Install4j
if: steps.cache-install4j.outputs.cache-hit != 'true'
run: |
wget https://download-gcdn.ej-technologies.com/install4j/install4j_unix_8_0_11.tar.gz
tar -zxvf install4j_unix_8_0_11.tar.gz
- name: Set Install4j license
run: install4j8.0.11/bin/install4jc --license=$INSTALL4J_LICENSE
env:
INSTALL4J_LICENSE: ${{ secrets.INSTALL4J8_LICENSE }}
- name: Package Specify 6
run: >
ant -noinput -buildfile build.xml -Dinstall4j.dir=./install4j8.0.11
-Dwin-keystore-password=$WIN_KEYSTORE_PASSWORD -Dmac-keystore-password=$MAC_KEYSTORE_PASSWORD
-Dwin.pkcs12=certwithroot.pfx -Dmac.pkcs12=expdevidapp.p12 -Dcode.signing=true
package-all
env:
WIN_KEYSTORE_PASSWORD: ${{ secrets.WIN_KEYSTORE_PASSWORD }}
MAC_KEYSTORE_PASSWORD: ${{ secrets.MAC_KEYSTORE_PASSWORD_V2 }}
- name: Upload Specify_windows_64.exe as artifact
uses: actions/upload-artifact@v1
with:
name: Specify_windows_64
path: packages/Specify_windows_64.exe
- name: Upload Specify_unix_64.sh as artifact
uses: actions/upload-artifact@v1
with:
name: Specify_unix_64
path: packages/Specify_unix_64.sh
- name: Upload Specify_macos.dmg as artifact
uses: actions/upload-artifact@v1
with:
name: Specify_macos
path: packages/Specify_macos.dmg
- name: Upload updates.xml as artifact
uses: actions/upload-artifact@v1
with:
name: updates.xml
path: packages/updates.xml
notarize:
name: Notarize the Specify 6 Mac package
needs: build
runs-on: macos-latest
steps:
- name: Download Specify_macos artifact
uses: actions/download-artifact@v1
with:
name: Specify_macos
- name: Upload the Mac package for notarization
run: >
xcrun altool --notarize-app --primary-bundle-id org.specifysoftware
--username [email protected] --password $AC_PASSWORD
--file Specify_macos/Specify_macos.dmg | tee notarize-app-output.txt;
grep -q "RequestUUID = " notarize-app-output.txt || { echo "Uploading package for notarization failed!"; exit 1; }
env:
AC_PASSWORD: ${{ secrets.AC_PASSWORD }}
- name: Get the request UUID
run: sed -En 's/RequestUUID = (.*)$/\1/p' notarize-app-output.txt | tee request-uuid.txt
- name: Check the notarization status
run: >
for i in {1..60}; do
sleep 120;
xcrun altool --notarization-info $(< request-uuid.txt)
--username [email protected] --password $AC_PASSWORD
| tee notarization-info.txt;
grep -q "Status: in progress" notarization-info.txt || break;
done;
grep -q "Status: success" notarization-info.txt || { echo "Notarization failed!"; exit 1; }
env:
AC_PASSWORD: ${{ secrets.AC_PASSWORD }} # Updated
- name: Staple the notarization ticket to the installer
run: xcrun stapler staple Specify_macos/Specify_macos.dmg
- name: Upload the stapled Specify_macos.dmg as artifact
uses: actions/upload-artifact@v1
with:
name: Specify_macos_with_ticket
path: Specify_macos/Specify_macos.dmg
release:
name: Create a Specify 6 release
needs: [build, notarize]
if: startsWith(github.ref, 'refs/tags/')
runs-on: ubuntu-latest
steps:
- name: Download Specify_windows_64 artifact
uses: actions/download-artifact@v1
with:
name: Specify_windows_64
- name: Download Specify_unix_64 artifact
uses: actions/download-artifact@v1
with:
name: Specify_unix_64
- name: Download Specify_macos_with_ticket artifact
uses: actions/download-artifact@v1
with:
name: Specify_macos_with_ticket
- name: Download updates.xml artifact
uses: actions/download-artifact@v1
with:
name: updates.xml
- name: Create release
uses: softprops/action-gh-release@v1
with:
draft: true
prerelease: true
files: |
Specify_windows_64/*
Specify_unix_64/*
Specify_macos_with_ticket/*
updates.xml/*
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}