Add codesign step #340
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: build | |
on: [push, pull_request] | |
env: | |
CACHE_VERSION_LINUX: 24 | |
CACHE_VERSION_MACOS: 20 | |
CACHE_VERSION_WIN64: 19 | |
DEBIAN_FRONTEND: noninteractive | |
HOMEBREW_NO_AUTO_UPDATE: 1 | |
PAWPAW_FAST_MATH: 1 | |
PAWPAW_SKIP_LTO: 1 | |
PAWPAW_SKIP_TESTS: 1 | |
RELEASE_OS_LINUX: ubuntu:18.04 | |
RELEASE_OS_MAC: macos-12 | |
RELEASE_OS_WIN64: ubuntu:22.04 | |
jobs: | |
# NOTE cannot use actions @v4, incompatible with ubuntu:18.04 | |
# see https://github.com/actions/checkout/issues/1590 | |
linux-x86_64: | |
strategy: | |
matrix: | |
include: | |
- container: debian:11 | |
#- container: debian:12 | |
- container: ubuntu:18.04 | |
- container: ubuntu:20.04 | |
- container: ubuntu:22.04 | |
#- container: ubuntu:23.10 | |
runs-on: ubuntu-latest | |
container: | |
image: ${{ matrix.container }} | |
steps: | |
- name: Install git | |
run: | | |
apt-get update -qq && apt-get install -yqq --no-install-recommends ca-certificates git openssl | |
case "${{ matrix.container }}" in | |
"ubuntu:18.04") | |
apt-get install -yqq --no-install-recommends curl libpcre2-8-0 | |
curl -sLO https://launchpad.net/~kxstudio-debian/+archive/ubuntu/toolchain/+files/git_2.34.1-1ubuntu1~bpo18.04.1~ppa1_amd64.deb | |
curl -sLO https://launchpad.net/~kxstudio-debian/+archive/ubuntu/toolchain/+files/git-man_2.34.1-1ubuntu1~bpo18.04.1~ppa1_all.deb | |
dpkg -i *.deb | |
rm *.deb | |
;; | |
"ubuntu:20.04") | |
apt-get install -yqq --no-install-recommends curl | |
curl -sLO https://launchpad.net/~kxstudio-debian/+archive/ubuntu/toolchain/+files/git_2.34.1-1ubuntu1~bpo20.04.1~ppa1_amd64.deb | |
curl -sLO https://launchpad.net/~kxstudio-debian/+archive/ubuntu/toolchain/+files/git-man_2.34.1-1ubuntu1~bpo20.04.1~ppa1_all.deb | |
dpkg -i *.deb | |
rm *.deb | |
;; | |
esac | |
- uses: actions/checkout@v3 | |
with: | |
submodules: recursive | |
- name: Set up dependencies | |
run: | | |
./src/PawPaw/.github/workflows/bootstrap-deps.sh linux-x86_64 | |
if [ "${{ matrix.container }}" = "ubuntu:18.04" ]; then | |
freetypepkgname="libfreetype6-dev" | |
else | |
freetypepkgname="libfreetype-dev" | |
fi | |
apt-get install -yqq ${freetypepkgname} p7zip-full unzip wget xdg-user-dirs zip | |
- name: Set up cache | |
id: cache | |
uses: actions/cache@v3 | |
with: | |
path: | | |
~/PawPawBuilds | |
key: linux-x86_64-${{ env.PAWPAW_PACK_NAME }}-v${{ env.CACHE_VERSION_LINUX }} | |
- name: Build dependencies | |
run: | | |
./src/PawPaw/bootstrap-mod.sh linux-x86_64 && ./src/PawPaw/.cleanup.sh linux-x86_64 | |
- name: Build | |
if: false | |
#if: steps.cache.outputs.cache-hit == 'true' | |
run: | | |
make | |
- name: Validate plugins | |
if: false | |
#if: steps.cache.outputs.cache-hit == 'true' | |
run: | | |
./utils/plugin-builder/validate-plugins.sh | |
# FIXME dirty carla leaves temp folders around | |
rm -rf *.tmp | |
- name: Set version tag for release | |
if: ${{ startsWith(github.ref, 'refs/tags/') }} | |
run: | | |
echo "VERSION_TAG=$(cat VERSION)" >> $GITHUB_ENV | |
- name: Set version tag for non-release | |
if: ${{ ! startsWith(github.ref, 'refs/tags/') }} | |
run: | | |
echo "VERSION_TAG=$(echo ${{ github.event.pull_request.number || github.sha }} | cut -c1-8)" >> $GITHUB_ENV | |
- name: Pack | |
if: false | |
#if: steps.cache.outputs.cache-hit == 'true' | |
run: | | |
./utils/linux/linux-tar.sh | |
if [ "${{ env.VERSION_TAG }}" != "$(cat VERSION)" ]; then | |
mv mod-desktop-*.tar.xz mod-desktop-${{ env.VERSION_TAG }}-linux-x86_64.tar.xz | |
fi | |
- uses: actions/upload-artifact@v3 | |
if: ${{ matrix.container == env.RELEASE_OS_LINUX }} | |
with: | |
name: mod-desktop-${{ env.VERSION_TAG }}-linux-x86_64 | |
path: | | |
*.tar.xz | |
- uses: softprops/action-gh-release@v1 | |
if: ${{ matrix.container == env.RELEASE_OS_LINUX && startsWith(github.ref, 'refs/tags/') }} | |
with: | |
tag_name: ${{ github.ref_name }} | |
name: ${{ github.ref_name }} | |
draft: false | |
prerelease: false | |
files: | | |
*.tar.xz | |
# NOTE cannot use actions @v4, incompatible with ubuntu:18.04 | |
# see https://github.com/actions/checkout/issues/1590 | |
linux-x86_64-debug: | |
strategy: | |
matrix: | |
include: | |
- container: ubuntu:18.04 | |
runs-on: ubuntu-latest | |
container: | |
image: ${{ matrix.container }} | |
env: | |
PAWPAW_DEBUG: 1 | |
steps: | |
- name: Install git | |
run: | | |
apt-get update -qq && apt-get install -yqq --no-install-recommends ca-certificates git openssl | |
case "${{ matrix.container }}" in | |
"ubuntu:18.04") | |
apt-get install -yqq --no-install-recommends curl libpcre2-8-0 | |
curl -sLO https://launchpad.net/~kxstudio-debian/+archive/ubuntu/toolchain/+files/git_2.34.1-1ubuntu1~bpo18.04.1~ppa1_amd64.deb | |
curl -sLO https://launchpad.net/~kxstudio-debian/+archive/ubuntu/toolchain/+files/git-man_2.34.1-1ubuntu1~bpo18.04.1~ppa1_all.deb | |
dpkg -i *.deb | |
rm *.deb | |
;; | |
"ubuntu:20.04") | |
apt-get install -yqq --no-install-recommends curl | |
curl -sLO https://launchpad.net/~kxstudio-debian/+archive/ubuntu/toolchain/+files/git_2.34.1-1ubuntu1~bpo20.04.1~ppa1_amd64.deb | |
curl -sLO https://launchpad.net/~kxstudio-debian/+archive/ubuntu/toolchain/+files/git-man_2.34.1-1ubuntu1~bpo20.04.1~ppa1_all.deb | |
dpkg -i *.deb | |
rm *.deb | |
;; | |
esac | |
- uses: actions/checkout@v3 | |
with: | |
submodules: recursive | |
- name: Set up dependencies | |
run: | | |
./src/PawPaw/.github/workflows/bootstrap-deps.sh linux-x86_64 | |
if [ "${{ matrix.container }}" = "ubuntu:18.04" ]; then | |
freetypepkgname="libfreetype6-dev" | |
else | |
freetypepkgname="libfreetype-dev" | |
fi | |
apt-get install -yqq ${freetypepkgname} p7zip-full unzip wget xdg-user-dirs zip | |
- name: Set up cache | |
id: cache | |
uses: actions/cache@v3 | |
with: | |
path: | | |
~/PawPawBuilds | |
key: linux-x86_64-${{ env.PAWPAW_PACK_NAME }}-v${{ env.CACHE_VERSION_LINUX }}-debug | |
- name: Build dependencies | |
run: | | |
./src/PawPaw/bootstrap-mod.sh linux-x86_64 && ./src/PawPaw/.cleanup.sh linux-x86_64 | |
- name: Build | |
if: false | |
#if: steps.cache.outputs.cache-hit == 'true' | |
run: | | |
make DEBUG=1 | |
- name: Validate plugins | |
if: false | |
#if: steps.cache.outputs.cache-hit == 'true' | |
run: | | |
./utils/plugin-builder/validate-plugins.sh | |
# FIXME dirty carla leaves temp folders around | |
rm -rf *.tmp | |
- name: Set version tag for release | |
if: ${{ startsWith(github.ref, 'refs/tags/') }} | |
run: | | |
echo "VERSION_TAG=$(cat VERSION)" >> $GITHUB_ENV | |
- name: Set version tag for non-release | |
if: ${{ ! startsWith(github.ref, 'refs/tags/') }} | |
run: | | |
echo "VERSION_TAG=$(echo ${{ github.event.pull_request.number || github.sha }} | cut -c1-8)" >> $GITHUB_ENV | |
- name: Pack | |
if: false | |
#if: steps.cache.outputs.cache-hit == 'true' | |
run: | | |
./utils/linux/linux-tar.sh | |
if [ "${{ env.VERSION_TAG }}" != "$(cat VERSION)" ]; then | |
mv mod-desktop-*.tar.xz mod-desktop-${{ env.VERSION_TAG }}-linux-x86_64-debug.tar.xz | |
fi | |
- uses: actions/upload-artifact@v3 | |
if: ${{ matrix.container == env.RELEASE_OS_LINUX }} | |
with: | |
name: mod-desktop-${{ env.VERSION_TAG }}-linux-x86_64-debug | |
path: | | |
*.tar.xz | |
macos: | |
strategy: | |
matrix: | |
include: | |
- os: macos-11 | |
target: macos-10.15 | |
- os: macos-11 | |
target: macos-universal-10.15 | |
- os: macos-12 | |
target: macos-10.15 | |
- os: macos-12 | |
target: macos-universal-10.15 | |
# - os: macos-13 | |
# target: macos-10.15 | |
# - os: macos-13 | |
# target: macos-universal-10.15 | |
runs-on: ${{ matrix.os }} | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
submodules: recursive | |
- name: Set up dependencies | |
run: | | |
brew uninstall azure-cli aws-sam-cli php | |
./src/PawPaw/.github/workflows/bootstrap-deps.sh ${{ matrix.target }} | |
brew install p7zip wget | |
- name: Set up cache | |
id: cache | |
uses: actions/cache@v4 | |
with: | |
path: | | |
~/PawPawBuilds | |
key: macos-${{ env.PAWPAW_PACK_NAME }}-v${{ env.CACHE_VERSION_MACOS }} | |
- name: Build dependencies | |
run: | | |
./src/PawPaw/bootstrap-mod.sh ${{ matrix.target }} && ./src/PawPaw/.cleanup.sh ${{ matrix.target }} | |
- name: Build | |
if: steps.cache.outputs.cache-hit == 'true' | |
run: | | |
make PAWPAW_TARGET=${{ matrix.target }} | |
- name: Validate plugins | |
if: false | |
#if: steps.cache.outputs.cache-hit == 'true' | |
run: | | |
# ./utils/plugin-builder/validate-plugins.sh ${{ matrix.target }} | |
# FIXME dirty carla leaves temp folders around | |
rm -rf *.tmp | |
- name: Set version tag for release | |
if: ${{ startsWith(github.ref, 'refs/tags/') }} | |
run: | | |
echo "VERSION_TAG=$(cat VERSION)" >> $GITHUB_ENV | |
- name: Set version tag for non-release | |
if: ${{ ! startsWith(github.ref, 'refs/tags/') }} | |
run: | | |
echo "VERSION_TAG=$(echo ${{ github.event.pull_request.number || github.sha }} | cut -c1-8)" >> $GITHUB_ENV | |
- name: Pack | |
if: steps.cache.outputs.cache-hit == 'true' | |
env: | |
CODESIGN_APP_IDENTITY: ${{ secrets.CODESIGN_APP_IDENTITY }} | |
CODESIGN_PKG_IDENTITY: ${{ secrets.CODESIGN_PKG_IDENTITY }} | |
CODESIGN_APP_P12_CONTENTS: ${{ secrets.CODESIGN_APP_P12_CONTENTS }} | |
CODESIGN_PKG_P12_CONTENTS: ${{ secrets.CODESIGN_PKG_P12_CONTENTS }} | |
CODESIGN_APP_P12_PASSWORD: ${{ secrets.CODESIGN_APP_P12_PASSWORD }} | |
CODESIGN_PKG_P12_PASSWORD: ${{ secrets.CODESIGN_PKG_P12_PASSWORD }} | |
run: | | |
./utils/macos/macos-pkg.sh ${{ matrix.target }} | |
if [ "${{ env.VERSION_TAG }}" != "$(cat VERSION)" ]; then | |
mv mod-desktop-*.pkg mod-desktop-${{ env.VERSION_TAG }}-macOS.pkg | |
fi | |
- uses: actions/upload-artifact@v4 | |
if: ${{ matrix.os == env.RELEASE_OS_MAC && matrix.target == 'macos-universal-10.15' }} | |
with: | |
name: mod-desktop-${{ env.VERSION_TAG }}-macOS | |
path: | | |
*.pkg | |
- uses: softprops/action-gh-release@v1 | |
if: ${{ matrix.os == env.RELEASE_OS_MAC && matrix.target == 'macos-universal-10.15' && startsWith(github.ref, 'refs/tags/') }} | |
with: | |
tag_name: ${{ github.ref_name }} | |
name: ${{ github.ref_name }} | |
draft: false | |
prerelease: false | |
files: | | |
*.pkg | |
win64: | |
strategy: | |
matrix: | |
include: | |
# FIXME enable and use debian:12 for releases | |
#- container: debian:12 | |
- container: ubuntu:22.04 | |
#- container: ubuntu:23.10 | |
runs-on: ubuntu-latest | |
container: | |
image: ${{ matrix.container }} | |
steps: | |
- name: Update git | |
run: | | |
apt-get update -qq && apt-get install -yqq git | |
- uses: actions/checkout@v4 | |
with: | |
submodules: recursive | |
- name: Set up dependencies | |
run: | | |
./src/PawPaw/.github/workflows/bootstrap-deps.sh win64 | |
apt-get install -yqq libfreetype-dev libx11-dev libxcursor-dev libxext-dev libxrandr-dev libxrender-dev p7zip-full unzip wget xdg-user-dirs xvfb zip | |
- name: Set up cache | |
id: cache | |
uses: actions/cache@v4 | |
with: | |
path: | | |
~/PawPawBuilds | |
key: win64-${{ env.PAWPAW_PACK_NAME }}-v${{ env.CACHE_VERSION_WIN64 }} | |
- name: Build dependencies | |
run: | | |
./src/PawPaw/bootstrap-mod.sh win64 && ./src/PawPaw/.cleanup.sh win64 | |
- name: Build | |
if: false | |
#if: steps.cache.outputs.cache-hit == 'true' | |
run: | | |
make win64 | |
- name: Validate plugins | |
if: false | |
#if: steps.cache.outputs.cache-hit == 'true' | |
run: | | |
./utils/plugin-builder/validate-plugins.sh | |
# FIXME dirty carla leaves temp folders around | |
rm -rf *.tmp | |
- name: Set version tag for release | |
if: ${{ startsWith(github.ref, 'refs/tags/') }} | |
run: | | |
echo "VERSION_TAG=$(cat VERSION)" >> $GITHUB_ENV | |
- name: Set version tag for non-release | |
if: ${{ ! startsWith(github.ref, 'refs/tags/') }} | |
run: | | |
echo "VERSION_TAG=$(echo ${{ github.event.pull_request.number || github.sha }} | cut -c1-8)" >> $GITHUB_ENV | |
- name: Pack | |
if: false | |
#if: steps.cache.outputs.cache-hit == 'true' | |
run: | | |
xvfb-run ./utils/win64/win64-installer.sh | |
./utils/win64/win64-zip.sh | |
if [ "${{ env.VERSION_TAG }}" != "$(cat VERSION)" ]; then | |
mv mod-desktop-*.exe mod-desktop-${{ env.VERSION_TAG }}-win64.exe | |
mv mod-desktop-*.zip mod-desktop-${{ env.VERSION_TAG }}-win64.zip | |
fi | |
- uses: actions/upload-artifact@v4 | |
if: ${{ matrix.container == env.RELEASE_OS_WIN64 }} | |
with: | |
name: mod-desktop-${{ env.VERSION_TAG }}-win64 | |
path: | | |
*.exe | |
*.zip | |
- uses: softprops/action-gh-release@v1 | |
if: ${{ matrix.container == env.RELEASE_OS_WIN64 && startsWith(github.ref, 'refs/tags/') }} | |
with: | |
tag_name: ${{ github.ref_name }} | |
name: ${{ github.ref_name }} | |
draft: false | |
prerelease: false | |
files: | | |
*.exe |