Update CHANGELOG.md #118
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: release_github | |
on: | |
workflow_dispatch: | |
inputs: | |
release: | |
description: 'Release after build' | |
required: true | |
default: 'no' | |
push: | |
tags: | |
- "v[0-9]+.[0-9]+.[0-9]+" | |
env: | |
BUILD_PYTHON_VERSION: 3.8 | |
BUILD_POETRY_VERSION: 1.4 | |
PACKAGE_NAME: airlift | |
jobs: | |
build_python: | |
runs-on: ubuntu-latest | |
env: | |
POETRY_VIRTUALENVS_CREATE: false | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
- name: Set up Python ${{ env.BUILD_PYTHON_VERSION }} | |
uses: actions/setup-python@v4 | |
with: | |
python-version: ${{ env.BUILD_PYTHON_VERSION }} | |
- name: Set up Poetry ${{ env.BUILD_POETRY_VERSION }} | |
uses: abatilo/[email protected] | |
with: | |
poetry-version: ${{ env.BUILD_POETRY_VERSION }} | |
- name: Export requirements | |
run: poetry export --without-hashes -f requirements.txt --output requirements.txt | |
- name: Build project for distribution | |
run: poetry build | |
- name: Save release python requirements | |
uses: actions/upload-artifact@v3 | |
with: | |
name: release_dist_reqs | |
path: requirements.txt | |
- name: Save release python packages | |
uses: actions/upload-artifact@v3 | |
with: | |
name: release_dist_python | |
path: dist | |
build_binaries: | |
needs: build_python | |
runs-on: ${{ matrix.os }} | |
strategy: | |
matrix: | |
include: | |
- os: macos-latest | |
OS_CODE: macos | |
- os: ubuntu-latest | |
OS_CODE: linux | |
- os: windows-latest | |
OS_CODE: win | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Get version | |
if: matrix.os == 'macos-latest' | |
shell: bash | |
run: | | |
APP_VERSION=$(perl -n -e'/^__version__ = "([^"]+)"$/ && print $1' ${{ env.PACKAGE_NAME }}/version.py) | |
echo "APP_VERSION=$APP_VERSION" >> $GITHUB_ENV | |
- name: Get version | |
if: matrix.os != 'macos-latest' | |
shell: bash | |
run: | | |
APP_VERSION=$(sed -n 's/^__version__ = "\([^"]\+\)"$/\1/p' ${{ env.PACKAGE_NAME }}/version.py) | |
echo "APP_VERSION=$APP_VERSION" >> $GITHUB_ENV | |
- name: Load release python requirements | |
uses: actions/download-artifact@v3 | |
with: | |
name: release_dist_reqs | |
- name: Set up Python ${{ env.BUILD_PYTHON_VERSION }} | |
uses: actions/setup-python@v4 | |
with: | |
python-version: ${{ env.BUILD_PYTHON_VERSION }} | |
- name: Install dependencies | |
run: | | |
python -m pip install --upgrade pip | |
pip install pyinstaller | |
pip install -r requirements.txt | |
- name: Build with pyinstaller | |
run: pyinstaller ${{ env.PACKAGE_NAME }}.spec | |
- name: Make directory for bins | |
run: mkdir dist_bin | |
- name: Copy LICENSE file | |
run: | | |
cp ./LICENSE ./dist_bin/LICENSE | |
if: success() | |
- name: Pack up binary for macos | |
if: matrix.os == 'macos-latest' | |
env: | |
APPLE_CERT_DATA: ${{ secrets.APPLE_CERT_DATA }} | |
APPLE_CERT_PASSWORD: ${{ secrets.APPLE_CERT_PASSWORD }} | |
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }} | |
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} | |
APPLE_DEV_ID: ${{ secrets.APPLE_DEV_ID }} | |
APPLE_DEV_ID_PASSWORD: ${{ secrets.APPLE_DEV_ID_PASSWORD }} | |
run: | | |
mkdir -p dist | |
PARENT=$( cd "$(dirname "${BASH_SOURCE[0]}")" ; pwd -P ) | |
mkdir -p "$PARENT/dist/bin" | |
mkdir -p "$PARENT/dist/pkg-build" | |
cp -R ./dist/${{ env.PACKAGE_NAME }} "$PARENT/dist/bin" | |
cp -R ./bin/entitlements.plist "$PARENT/dist/bin" | |
APP="$PARENT/dist/bin/${{ env.PACKAGE_NAME }}" | |
ENTITLE="$PARENT/dist/bin/entitlements.plist" | |
ls -l "$PARENT/dist/bin" | |
echo $APPLE_CERT_DATA | base64 --decode > certificate.p12 | |
security create-keychain -p $KEYCHAIN_PASSWORD build.keychain | |
security default-keychain -s build.keychain | |
security unlock-keychain -p $KEYCHAIN_PASSWORD build.keychain | |
security import certificate.p12 -k build.keychain -P $APPLE_CERT_PASSWORD -T /usr/bin/codesign | |
security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k $KEYCHAIN_PASSWORD build.keychain | |
chmod +x "$ENTITLE" | |
/usr/bin/codesign --force -s $APPLE_TEAM_ID --identifier "co.theacharya.Airlift" --options runtime --entitlements "$ENTITLE" "$APP" -v | |
echo "Create Keychain Profile" | |
xcrun notarytool store-credentials "notarytool-profile" --apple-id $APPLE_DEV_ID --password $APPLE_DEV_ID_PASSWORD --team-id $APPLE_TEAM_ID | |
echo "Creating Temp Notarization Archive" | |
ditto -c -k --keepParent "$APP" "notarization.zip" | |
echo "Notarize App" | |
xcrun notarytool submit "notarization.zip" --keychain-profile "notarytool-profile" --progress --wait | |
cp -R "$PARENT/dist/bin/${{ env.PACKAGE_NAME }}" dist/ | |
cp -R ./bin/entitlements.plist dist/ | |
cp ./LICENSE dist/ | |
zip -q -r dist_bin/bin_${{ env.PACKAGE_NAME }}_${{ env.APP_VERSION }}_${{ matrix.OS_CODE }}_x64.zip "dist/" | |
- name: Create pkg and productsign it | |
if: matrix.os == 'macos-latest' | |
env: | |
APPLE_INTSALL_CERT_DATA: ${{ secrets.APPLE_INSTALL_CERT_DATA }} | |
APPLE_INSTALL_CERT_PASSWORD: ${{ secrets.APPLE_INSTALL_CERT_PASSWORD }} | |
KEYCHAIN_PASSWORD_IN: ${{ secrets.KEYCHAIN_PASSWORD_IN }} | |
APPLE_TEAM_ID_INSTALL: ${{ secrets.APPLE_TEAM_ID_INSTALL }} | |
APPLE_DEV_ID: ${{ secrets.APPLE_DEV_ID }} | |
APPLE_DEV_ID_PASSWORD: ${{ secrets.APPLE_DEV_ID_PASSWORD }} | |
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} | |
run: | | |
PARENT=$( cd "$(dirname "${BASH_SOURCE[0]}")" ; pwd -P ) | |
BINARY_PATH="$PARENT/dist/bin/${{ env.PACKAGE_NAME }}" | |
PKG_IDENTIFIER="co.theacharya.Airlift" | |
INSTALL_LOCATION="/usr/local/bin" | |
PACKAGE_NAME="Airlift-unsigned" | |
OUTPUT_DIR="$PARENT/dist/pkg-build" | |
VERSION=${{ env.APP_VERSION }} | |
echo "Creating Temp Dir" | |
TMP_DIR="$OUTPUT_DIR/tmp_pkgbuild" | |
mkdir -p "$TMP_DIR" | |
cp "$BINARY_PATH" "$TMP_DIR/$(basename "$BINARY_PATH")" | |
echo "Running Creating PKG" | |
pkgbuild --root "$TMP_DIR" --identifier "$PKG_IDENTIFIER" --version "$VERSION" --install-location "$INSTALL_LOCATION" "$OUTPUT_DIR/$PACKAGE_NAME.pkg" | |
echo "Checking pkg files..." | |
ls -l "$PARENT/dist/pkg-build" | |
PKG="$PARENT/dist/pkg-build/Airlift-unsigned.pkg" | |
SPKG="$PARENT/dist/pkg-build/Airlift_${{env.APP_VERSION}}.pkg" | |
SIGNING_IDENTITY="$APPLE_TEAM_ID_INSTALL" | |
echo "sign pkg" | |
echo $APPLE_INTSALL_CERT_DATA | base64 --decode > certificate.p12 | |
security create-keychain -p $KEYCHAIN_PASSWORD_IN build-i.keychain | |
security default-keychain -s build-i.keychain | |
security unlock-keychain -p $KEYCHAIN_PASSWORD_IN build-i.keychain | |
security import certificate.p12 -k build-i.keychain -P $APPLE_INSTALL_CERT_PASSWORD -T /usr/bin/productsign | |
security set-key-partition-list -S apple-tool:,apple:,productsign: -s -k $KEYCHAIN_PASSWORD_IN build-i.keychain | |
/usr/bin/productsign --sign "$SIGNING_IDENTITY" "$PKG" "$SPKG" | |
SPKG="$PARENT/dist/pkg-build/Airlift_${{env.APP_VERSION}}.pkg" | |
echo "SPKG=$SPKG" >> $GITHUB_ENV | |
echo "Create Keychain Profile" | |
xcrun notarytool store-credentials "notarytool-profile" --apple-id $APPLE_DEV_ID --password $APPLE_DEV_ID_PASSWORD --team-id $APPLE_TEAM_ID | |
echo "Notarize Airlift PKG" | |
xcrun notarytool submit "$SPKG" --keychain-profile "notarytool-profile" --progress --wait | |
echo "Attach staple" | |
xcrun stapler staple "$SPKG" | |
cp "$SPKG" "dist/" | |
ls "dist" | |
rm -rf "$TMP_DIR" | |
- name: Pack up binary for linux | |
if: matrix.os == 'ubuntu-latest' | |
run: | | |
cp -R ./LICENSE ./dist | |
tar -zcvf dist_bin/bin_${{ env.PACKAGE_NAME }}_${{ env.APP_VERSION }}_${{ matrix.OS_CODE }}_x64.tar.gz -C ./dist . | |
- name: Pack up binary for windows | |
if: matrix.os == 'windows-latest' | |
run: | | |
choco install zip | |
copy ./LICENSE dist/ | |
zip -q -r dist_bin/bin_${{ env.PACKAGE_NAME }}_${{ env.APP_VERSION }}_${{ matrix.OS_CODE }}_x64.zip "dist/" | |
- name: Save release binaries for macos | |
if: matrix.os == 'macos-latest' | |
uses: actions/upload-artifact@v3 | |
with: | |
name: release_airlift_pkg | |
path: ${{ env.SPKG }} | |
- name: Save release binaries for ${{ matrix.OS_CODE }} | |
uses: actions/upload-artifact@v3 | |
with: | |
name: release_dist_bin_${{ matrix.OS_CODE }} | |
path: dist_bin | |
release: | |
if: github.event_name == 'push' || github.event.inputs.release == 'yes' | |
needs: [build_binaries] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Get tag version | |
run: | | |
APP_VERSION=$(sed -n 's/^__version__ = "\([^"]\+\)"$/\1/p' ${{ env.PACKAGE_NAME }}/version.py) | |
echo "TAG_VERSION=v$APP_VERSION" >> $GITHUB_ENV | |
- name: Load release python packages | |
uses: actions/download-artifact@v3 | |
with: | |
name: release_dist_python | |
path: dist | |
- name: Load release binaries for linux | |
uses: actions/download-artifact@v3 | |
with: | |
name: release_dist_bin_linux | |
path: dist | |
- name: Load release binaries for windows | |
uses: actions/download-artifact@v3 | |
with: | |
name: release_dist_bin_win | |
path: dist | |
- name: Load release binaries for macos | |
uses: actions/download-artifact@v3 | |
with: | |
name: release_dist_bin_macos | |
path: dist | |
- name: Load release pkg | |
uses: actions/download-artifact@v3 | |
with: | |
name: release_airlift_pkg | |
path: dist | |
- name: Create Release | |
uses: ncipollo/release-action@v1 | |
with: | |
artifacts: "dist/*" | |
token: ${{ secrets.GITHUB_TOKEN }} | |
tag: ${{ env.TAG_VERSION }} | |
draft: true |