Skip to content

Build CLI: Fix MacOS notarize logs #97

Build CLI: Fix MacOS notarize logs

Build CLI: Fix MacOS notarize logs #97

Workflow file for this run

name: BuildAndReleaseMaster
on:
push:
tags:
- "*"
jobs:
create_release:
name: Create release
runs-on: ubuntu-latest
outputs:
upload_url: ${{ steps.create_release.outputs.upload_url }}
env:
PUBLISH_FOR_PULL_REQUEST: true
CSC_FOR_PULL_REQUEST: true
steps:
- name: Release
if: startsWith(github.ref, 'refs/tags/')
id: create_release
uses: softprops/action-gh-release@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
prerelease: true
tag_name: ${{ github.ref_name }}
name: ${{ github.ref_name }}
build_release:
name: Build release
needs: create_release
runs-on: ${{ matrix.os }}
env:
PUBLISH_FOR_PULL_REQUEST: 1
CSC_FOR_PULL_REQUEST: true
strategy:
matrix:
os: [ubuntu-20.04, windows-latest, macos-13, macOS-latest]
rust: [stable]
steps:
- name: Checkout
uses: actions/checkout@v3
- name: libudev-dev
if: runner.os == 'Linux'
run: |
sudo apt-get update
sudo apt-get install -y libudev-dev
- name: install node
uses: actions/setup-node@master
with:
node-version: "lts/*"
- name: install rust
uses: hecrj/setup-rust-action@v1
with:
rust-version: ${{ matrix.rust }}
- name: Rust Cache
uses: Swatinem/rust-cache@v2.7.3
- name: cargo install nj-cli
run: cargo install nj-cli
- name: install wasm-pack
run: curl https://rustwasm.github.io/wasm-pack/installer/init.sh -sSf | sh
- name: Install Build CLI tool
run: cargo install --path=cli
- name: enable corepack for yarnpkg upgrade
run: |
corepack enable
yarn cache clean
- name: setup keychain for signing and notarising
if: runner.os == 'macOS'
env:
KEYCHAIN_NAME: "build.keychain"
CSC_LINK: ${{ secrets.CSC_LINK }}
CSC_KEY_PASSWORD: ${{ secrets.CSC_KEY_PASSWORD }}
KEYCHAIN_PWD: ${{ secrets.KEYCHAIN_PWD }}
run: |
security create-keychain -p "$KEYCHAIN_PWD" "$KEYCHAIN_NAME"
security default-keychain -s "$KEYCHAIN_NAME"
certfile="${HOME}/buildcert.p12"
echo "$CSC_LINK" | base64 -d > "$certfile"
security import \
"$certfile" \
-P "$CSC_KEY_PASSWORD" \
-A \
-k "$KEYCHAIN_NAME"
rm "$certfile"
security set-key-partition-list \
-S apple-tool:,apple:,codesign: \
-s \
-k "$KEYCHAIN_PWD" \
"$KEYCHAIN_NAME"
security set-keychain-settings -lut 1200
- name: build release macOS
if: runner.os == 'macOS'
run: |
cargo chipmunk release -c cli/config/codesign_macos.toml
env:
KEYCHAIN_NAME: "build.keychain"
CSC_LINK: ${{ secrets.CSC_LINK }}
CSC_KEY_PASSWORD: ${{ secrets.CSC_KEY_PASSWORD }}
APPLEID: ${{ secrets.APPLEID }}
APPLEIDPASS: ${{ secrets.APPLEIDPASS }}
TEAMID: ${{ secrets.TEAMID }}
SIGNING_ID: ${{ secrets.SIGNING_ID }}
KEYCHAIN_PWD: ${{ secrets.KEYCHAIN_PWD }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: build release
if: runner.os != 'macOS'
run: |
cargo chipmunk release
- name: list release files
working-directory: ./application/holder/release
run: ls
- name: upload files
if: startsWith(github.ref, 'refs/tags/')
uses: AButler/upload-release-assets@v2.0
with:
files: "./application/holder/release/*.tgz;./application/holder/release/*.zip"
repo-token: ${{ secrets.GITHUB_TOKEN }}
release-tag: ${{ github.ref_name }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
invoke_package_distribution:
name: Invoke chipmunk package creation and distribution for different package managers
needs: build_release
runs-on: ubuntu-latest
steps:
- name: Checkout chipmunk-distribution
uses: actions/checkout@v2
with:
repository: esrlabs/chipmunk-distribution
path: './chipmunk-distribution'
token: ${{secrets.PUSH_TOKEN}}
- name: Push tag
working-directory: ./chipmunk-distribution
run: |
git config user.name "esrlabs"
git config user.email "esrlabs@gmail.com"
git remote set-url origin "https://esrlabs:${{secrets.PUSH_TOKEN}}@github.com/esrlabs/chipmunk-distribution"
git tag ${{ github.ref_name }}
git push origin ${{ github.ref_name }}