added unsign #573
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build and Publish | |
on: | |
push: | |
branches: | |
- stable | |
- stable-codesign | |
- master | |
# - stable-service-api | |
paths-ignore: | |
- '**/README.md' | |
- 'sirius_doc/**/*' | |
jobs: | |
distGUI: | |
strategy: | |
matrix: | |
os: [macos-latest ] | |
runs-on: ${{ matrix.os }} | |
env: | |
GENERIC_INSTALLER_CERTIFICATE: ${{ secrets.GENERIC_INSTALLER_CERTIFICATE }} | |
MACOS_APP_IDENTITY_ID: ${{ secrets.MACOS_APP_IDENTITY_ID }} | |
MACOS_IDENTITY_ID: ${{ secrets.MACOS_IDENTITY_ID }} | |
MACOS_APPLE_ID: ${{ secrets.MACOS_APPLE_ID }} | |
MACOS_APPLE_ID_PW: ${{ secrets.MACOS_APPLE_ID_PW }} | |
SIRIUS_USER: ${{ secrets.SIRIUS_USER }} | |
SIRIUS_PW: ${{ secrets.SIRIUS_PW }} | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
lfs: true | |
- name: Git LFS Pull | |
run: git lfs pull | |
- name: Set up Zulu JDK-FX | |
uses: actions/setup-java@v1 | |
with: | |
java-version: '21' # The JDK version to make available on the path. | |
java-package: jdk # (jre, jdk, or jdk+fx) - defaults to jdk | |
architecture: x64 # (x64 or x86) - defaults to x64 | |
- name: Load Build properties | |
uses: Reedyuk/read-properties@v1.0.1 | |
id: sirius_version | |
with: | |
path: './sirius_cli/src/main/resources/sirius_frontend.build.properties' | |
property: 'de.unijena.bioinf.siriusFrontend.version' | |
- if: ${{ (matrix.os == 'macos-latest') && (env.MACOS_APP_IDENTITY_ID != '') }} | |
name: Import Apple APP Code-signing ID and p12 | |
uses: apple-actions/import-codesign-certs@v1 | |
with: | |
keychain-password: ${{ secrets.MACOS_TMP_KEYCHAIN_PWD }} | |
p12-file-base64: ${{ secrets.MACOS_APP_CERTIFICATE }} | |
p12-password: ${{ secrets.MACOS_APP_CERTIFICATE_PWD }} | |
- if: ${{ (matrix.os == 'macos-latest') && (env.MACOS_IDENTITY_ID != '') }} | |
name: Import Apple Installer Code-signing ID and p12 | |
uses: apple-actions/import-codesign-certs@v1 | |
with: | |
create-keychain: false | |
keychain-password: ${{ secrets.MACOS_TMP_KEYCHAIN_PWD }} | |
p12-file-base64: ${{ secrets.MACOS_CERTIFICATE }} | |
p12-password: ${{ secrets.MACOS_CERTIFICATE_PWD }} | |
- if: matrix.os == 'macos-latest' | |
name: Check Identities | |
run: /usr/bin/security find-identity | |
# - if: ${{ (matrix.os == 'windows-latest' || matrix.os == 'ubuntu-latest') && (env.GENERIC_INSTALLER_CERTIFICATE != '') }} | |
# name: Load generic installer codesign cert | |
# id: generic_codesign_cert | |
# uses: timheuer/base64-to-file@v1.1 | |
# with: | |
# fileName: 'generic_installer_cert.p12' | |
# encodedString: ${{ env.GENERIC_INSTALLER_CERTIFICATE }} | |
- name: Gradle Build | |
uses: eskatos/gradle-command-action@v1 | |
env: | |
WIN_INSTALLER_CERTIFICATE_FILE: ${{ steps.generic_codesign_cert.outputs.filePath }} | |
with: | |
gradle-version: 8.8 | |
build-root-directory: sirius_dist/sirius_gui_dist | |
arguments: --stacktrace clean buildJpDists -P "build.sirius.native.openjfx.exclude=true" -P "build.sirius.starter.jdk.include=true" -P "de.unijena.bioinf.build.MACOS_APP_IDENTITY_ID=${{ secrets.MACOS_APP_IDENTITY_ID }}" -P "de.unijena.bioinf.build.MACOS_IDENTITY_ID=${{ secrets.MACOS_IDENTITY_ID }}" -P "de.unijena.bioinf.build.MACOS_APPLE_ID=${{ secrets.MACOS_APPLE_ID }}" -P "de.unijena.bioinf.build.MACOS_APPLE_ID_PW=${{ secrets.MACOS_APPLE_ID_PW }}" -P "de.unijena.bioinf.build.MACOS_TEAM_ID=${{ secrets.MACOS_TEAM_ID }}" | |
# - name: Sirius Run | |
# run: | | |
# TEMP_ROOT="$(cd "$(dirname "sirius_cli")"; pwd -P)/$(basename "sirius_cli")" | |
# TEMP_DIR="${TEMP_ROOT}/build/test/temp_results" | |
# mkdir -p "${TEMP_DIR}" "${TEMP_DIR}/mgf_temp_output" "${TEMP_DIR}/mgf_temp_summary" "${TEMP_DIR}/ms_temp_output" "${TEMP_DIR}/ms_temp_summary" "${TEMP_DIR}/txt_temp_output" "${TEMP_DIR}/txt_temp_summary" | |
# DEMO_DIR="$(cd "$(dirname "sirius_doc/manual/demo-data")"; pwd -P)/$(basename "sirius_doc/manual/demo-data")" | |
# MGF_DATA="${DEMO_DIR}/mgf/laudanosine.mgf" | |
# MS_DATA="${DEMO_DIR}/ms/Bicuculline.ms" | |
# TXT_DATA_1="${DEMO_DIR}/txt/chelidonine_ms.txt" | |
# TXT_DATA_2="${DEMO_DIR}/txt/chelidonine_msms1.txt,${DEMO_DIR}/txt/chelidonine_msms2.txt" | |
# MGF_OUTPUT="${TEMP_DIR}/mgf_temp_output" | |
# MGF_SUMMARY="${TEMP_DIR}/mgf_temp_summary" | |
# MS_OUTPUT="${TEMP_DIR}/ms_temp_output" | |
# MS_SUMMARY="${TEMP_DIR}/ms_temp_summary" | |
# TXT_OUTPUT="${TEMP_DIR}/txt_temp_output" | |
# TXT_SUMMARY="${TEMP_DIR}/txt_temp_summary" | |
# case "$OSTYPE" in | |
# darwin*) SIRIUS="./sirius_dist/sirius_gui_dist/build/distributions/sirius.app/Contents/MacOS/sirius" ;; | |
# linux*) SIRIUS="./sirius_dist/sirius_gui_dist/build/distributions/sirius/bin/sirius" ;; | |
# msys*) SIRIUS="./sirius_dist/sirius_gui_dist/build/distributions/sirius/sirius.exe" ;; | |
# *) echo "Error: Could not find OS."; exit 1 ;; | |
# esac | |
# ${SIRIUS} login --show --user-env SIRIUS_USER --password-env SIRIUS_PW | |
# ${SIRIUS} login --show --select-license ${{ env.GITHUB_REF_SLUG == 'stable' && secrets.SIRIUS_SUB || secrets.SIRIUS_SUB_DEV }} | |
# ${SIRIUS} --input ${MGF_DATA} --output ${MGF_OUTPUT} formula -p orbitrap fingerprint structure compound-classes write-summaries --output ${MGF_SUMMARY} | |
# ${SIRIUS} -1 ${TXT_DATA_1} -2 ${TXT_DATA_2} -z 354.134704589844 -o ${TXT_OUTPUT} formula -p orbitrap write-summaries --output ${TXT_SUMMARY} | |
# ${SIRIUS} -o ${MS_OUTPUT} -i ${MS_DATA} --ignore-formula formula -p orbitrap -c 5 fingerprint structure compound-classes write-summaries --output ${MS_SUMMARY} | |
# shell: bash | |
# | |
# - name: Sirius MGF Test | |
# run: | | |
# RESULTS="sirius_cli/build/test/temp_results/" | |
# OUTPUT="${RESULTS}mgf_temp_output/1_laudanosine_FEATURE_1/" | |
# SUMMARY="${RESULTS}mgf_temp_summary/1_laudanosine_FEATURE_1/" | |
# CANOPUS="${OUTPUT}canopus/" | |
# CANOPUS_NPC="${OUTPUT}canopus_npc/" | |
# FINGERPRINTS="${OUTPUT}fingerprints/" | |
# FINGER_ID="${OUTPUT}fingerid/" | |
# DIRS=(${SUMMARY} ${OUTPUT} ${CANOPUS} ${CANOPUS_NPC} ${FINGERPRINTS} ${FINGER_ID}) | |
# for DIR in "${DIRS[@]}" ; do | |
# if [ -d "${DIR}" ]; then | |
# echo "Found result directory ${DIR}..." | |
# if [ "$(ls -A ${DIR})" ]; then | |
# echo "${DIR} is not empty." | |
# else | |
# echo "Error: ${DIR} is empty." | |
# exit 1 | |
# fi | |
# else | |
# echo "Error: result directory ${DIR} not found." | |
# exit 1 | |
# fi | |
# done | |
# shell: bash | |
# | |
# - name: Sirius MS Test | |
# run: | | |
# RESULTS="sirius_cli/build/test/temp_results/" | |
# OUTPUT="${RESULTS}ms_temp_output/1_Bicuculline_Bicuculline/" | |
# SUMMARY="${RESULTS}ms_temp_summary/1_Bicuculline_Bicuculline/" | |
# CANOPUS="${OUTPUT}canopus/" | |
# CANOPUS_NPC="${OUTPUT}canopus_npc/" | |
# FINGERPRINTS="${OUTPUT}fingerprints/" | |
# FINGER_ID="${OUTPUT}fingerid/" | |
# echo "${FINGER_ID}" | |
# DIRS=(${SUMMARY} ${OUTPUT} ${CANOPUS} ${CANOPUS_NPC} ${FINGERPRINTS} ${FINGER_ID}) | |
# echo "${DIRS}" | |
# for DIR in "${DIRS[@]}" ; do | |
# if [ -d "${DIR}" ]; then | |
# echo "Found result directory ${DIR}..." | |
# if [ "$(ls -A ${DIR})" ]; then | |
# echo "${DIR} is not empty." | |
# else | |
# echo "Error: ${DIR} is empty." | |
# exit 1 | |
# fi | |
# else | |
# echo "Error: result directory ${DIR} not found." | |
# exit 1 | |
# fi | |
# done | |
# shell: bash | |
# | |
# - name: Sirius TXT Test | |
# run: | | |
# RESULTS="sirius_cli/build/test/temp_results/" | |
# SUMMARY="${RESULTS}txt_temp_summary/1_unknown_/" | |
# if [ -d "${SUMMARY}" ]; then | |
# echo "Found result directory ${SUMMARY}..." | |
# if [ "$(ls -A ${SUMMARY})" ]; then | |
# echo "${SUMMARY} is not empty." | |
# else | |
# echo "Error: ${SUMMARY} is empty." | |
# exit 1 | |
# fi | |
# else | |
# echo "Error: result directory ${SUMMARY} not found." | |
# exit 1 | |
# fi | |
# shell: bash | |
# | |
# - name: Sirius Run Cleanup | |
# run: | | |
# rm -r sirius_cli/build/test/temp_results | |
- if: matrix.os == 'windows-latest' | |
name: Azure Trusted Signing for Widows MSI | |
uses: azure/trusted-signing-action@v0.3.16 | |
with: | |
azure-tenant-id: ${{ secrets.AZURE_TENANT_ID }} | |
azure-client-id: ${{ secrets.AZURE_CLIENT_ID }} | |
azure-client-secret: ${{ secrets.AZURE_CLIENT_SECRET }} | |
endpoint: ${{ secrets.AZURE_ENDPOINT }} | |
code-signing-account-name: ${{ secrets.AZURE_CODE_SIGNING_NAME }} | |
certificate-profile-name: ${{ secrets.AZURE_CERT_PROFILE_NAME }} | |
# Sign all exes inside the folder | |
files-folder: ./sirius_dist/sirius_gui_dist/build/jpDists/ | |
files-folder-filter: msi | |
file-digest: SHA256 | |
- name: Upload Distributions | |
uses: actions/upload-artifact@v2 | |
with: | |
retention-days: 1 | |
name: "sirius-${{ steps.sirius_version.outputs.value }}-${{ runner.os }}-x86-64" | |
path: | | |
./sirius_dist/sirius_gui_dist/build/jpDists/*.zip | |
./sirius_dist/sirius_gui_dist/build/jpDists/*.msi | |
./sirius_dist/sirius_gui_dist/build/jpDists/*.pkg | |
./sirius_dist/sirius_gui_dist/build/jpDists/*.deb | |
./sirius_dist/sirius_gui_dist/build/jpDists/*.sha256 | |
# dockergen: | |
# needs: [ distGUI ] | |
# uses: ./.github/workflows/dockergen.yaml | |
# secrets: inherit | |
release: | |
needs: [distGUI] | |
# needs: [ distCLI, distGUI] | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
lfs: true | |
- name: Git LFS Pull | |
run: git lfs pull | |
- name: Inject slug/short variables | |
uses: rlespinasse/github-slug-action@v3.x | |
- name: Load Build properties | |
uses: Reedyuk/read-properties@v1.0.1 | |
id: sirius_version | |
with: | |
path: './sirius_cli/src/main/resources/sirius_frontend.build.properties' | |
property: 'de.unijena.bioinf.siriusFrontend.version' | |
- uses: actions/download-artifact@v2 | |
with: | |
path: sirius_dist/build/tmp/artifacts/ | |
- name: Display downloaded artifact files | |
run: ls -lah | |
working-directory: sirius_dist/build/tmp/artifacts/ | |
- uses: ncipollo/release-action@v1 | |
with: | |
artifacts: "sirius_dist/build/tmp/artifacts/*/*" | |
body: | | |
### Prebuilt SIRIUS releases for all supported platforms. | |
Package names are made up as follows: `<App Name>-<Version>-<Operating System>-<Flavor>.<PackageType>`. Package types are either generic `.zip` archives or operating system specific installers (e.g. `.pkg` or `.msi`). The flavors describe builds with different features: | |
* no _Flavor_ suffix represents for the standard SIRIUS package that contains the Graphical User Interface (GUI) and the Command Line Tool (CLI) | |
* `headless` represents a command line only version that does not contain GUI relevant packages. It is smaller and does not need any GUI libraries installed on the users system (good for servers). | |
* `service` like standard but additionally contains the experimental _service mode_ of SIRIUS which allows to start SIRIUS as a background service that can be queried form scripting languages or as part of workflows. See the [online documentation](https://v6.docs.sirius-ms.io/quick-start/#background-service---generic-sirius-api) for details. | |
Changelog can be found [here](https://v6.docs.sirius-ms.io/changelog/). | |
name: "SIRIUS v${{ steps.sirius_version.outputs.value }}" | |
tag: "v${{ steps.sirius_version.outputs.value }}" | |
prerelease: ${{ endsWith(steps.sirius_version.outputs.value, '-SNAPSHOT') }} | |
allowUpdates: ${{ endsWith(steps.sirius_version.outputs.value, '-SNAPSHOT') }} | |
draft: ${{ env.GITHUB_REF_SLUG == 'stable' && 'false' || 'true' }} | |
token: ${{ secrets.GITHUB_TOKEN }} | |
trigger-client-api-build: | |
needs: [ release ] | |
runs-on: ubuntu-latest | |
steps: | |
- name: Trigger Actions on sirius-client-openAPI | |
run: curl -X POST -H "Authorization:Bearer ${{ secrets.CLIENT_API_REPO_TOKEN }}" -H "Accept:application/vnd.github.v3+json" ${{ vars.CLIENT_API_REPO_URL }} -d '{"ref":"master"}' |