Update build.yml #566
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Specify 6 CI | |
on: [push] | |
jobs: | |
build: | |
name: Build and Package Specify 6 | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
- name: Unbase64 code signing certs | |
run: | | |
echo $MAC_PKCS12 | base64 -d > packaging/expdevidapp.p12 | |
echo $WIN_PKCS12 | base64 -d > packaging/certwithroot.pfx | |
env: | |
WIN_PKCS12: ${{ secrets.WIN_PKCS12 }} | |
MAC_PKCS12: ${{ secrets.MAC_PKCS12_V2 }} | |
- name: Set up JDK 1.8 | |
uses: actions/setup-java@v1 | |
with: | |
java-version: 1.8 | |
- name: Compile Specify 6 | |
run: ant -noinput -buildfile build.xml compile-nonmac | |
- name: Compile Specify 6 for Mac | |
run: ant -noinput -buildfile build.xml compile-mac | |
- name: Get Install4j from cache | |
id: cache-install4j | |
uses: actions/cache@v1 | |
with: | |
path: install4j8.0.11 | |
key: install4j8.0.11-cache | |
- name: Download Install4j | |
if: steps.cache-install4j.outputs.cache-hit != 'true' | |
run: | | |
wget https://download-gcdn.ej-technologies.com/install4j/install4j_unix_8_0_11.tar.gz | |
tar -zxvf install4j_unix_8_0_11.tar.gz | |
- name: Set Install4j license | |
run: install4j8.0.11/bin/install4jc --license=$INSTALL4J_LICENSE | |
env: | |
INSTALL4J_LICENSE: ${{ secrets.INSTALL4J8_LICENSE }} | |
- name: Package Specify 6 | |
run: > | |
ant -noinput -buildfile build.xml -Dinstall4j.dir=./install4j8.0.11 | |
-Dwin-keystore-password=$WIN_KEYSTORE_PASSWORD -Dmac-keystore-password=$MAC_KEYSTORE_PASSWORD | |
-Dwin.pkcs12=certwithroot.pfx -Dmac.pkcs12=expdevidapp.p12 -Dcode.signing=true | |
package-all | |
env: | |
WIN_KEYSTORE_PASSWORD: ${{ secrets.WIN_KEYSTORE_PASSWORD }} | |
MAC_KEYSTORE_PASSWORD: ${{ secrets.MAC_KEYSTORE_PASSWORD_V2 }} | |
- name: Upload Specify_windows_64.exe as artifact | |
uses: actions/upload-artifact@v1 | |
with: | |
name: Specify_windows_64 | |
path: packages/Specify_windows_64.exe | |
- name: Upload Specify_unix_64.sh as artifact | |
uses: actions/upload-artifact@v1 | |
with: | |
name: Specify_unix_64 | |
path: packages/Specify_unix_64.sh | |
- name: Upload Specify_macos.dmg as artifact | |
uses: actions/upload-artifact@v1 | |
with: | |
name: Specify_macos | |
path: packages/Specify_macos.dmg | |
- name: Upload updates.xml as artifact | |
uses: actions/upload-artifact@v1 | |
with: | |
name: updates.xml | |
path: packages/updates.xml | |
notarize: | |
name: Notarize the Specify 6 Mac package | |
needs: build | |
runs-on: macos-latest | |
steps: | |
- name: Download Specify_macos artifact | |
uses: actions/download-artifact@v1 | |
with: | |
name: Specify_macos | |
- name: Upload the Mac package for notarization | |
run: > | |
xcrun altool --notarize-app --primary-bundle-id org.specifysoftware | |
--username beach@ku.edu --password $AC_PASSWORD | |
--file Specify_macos/Specify_macos.dmg | tee notarize-app-output.txt; | |
grep -q "RequestUUID = " notarize-app-output.txt || { echo "Uploading package for notarization failed!"; exit 1; } | |
env: | |
AC_PASSWORD: ${{ secrets.AC_PASSWORD }} | |
- name: Get the request UUID | |
run: sed -En 's/RequestUUID = (.*)$/\1/p' notarize-app-output.txt | tee request-uuid.txt | |
- name: Check the notarization status | |
run: > | |
for i in {1..60}; do | |
sleep 120; | |
xcrun altool --notarization-info $(< request-uuid.txt) | |
--username beach@ku.edu --password $AC_PASSWORD | |
| tee notarization-info.txt; | |
grep -q "Status: in progress" notarization-info.txt || break; | |
done; | |
grep -q "Status: success" notarization-info.txt || { echo "Notarization failed!"; exit 1; } | |
env: | |
AC_PASSWORD: ${{ secrets.AC_PASSWORD }} # Updated | |
- name: Staple the notarization ticket to the installer | |
run: xcrun stapler staple Specify_macos/Specify_macos.dmg | |
- name: Upload the stapled Specify_macos.dmg as artifact | |
uses: actions/upload-artifact@v1 | |
with: | |
name: Specify_macos_with_ticket | |
path: Specify_macos/Specify_macos.dmg | |
release: | |
name: Create a Specify 6 release | |
needs: [build, notarize] | |
if: startsWith(github.ref, 'refs/tags/') | |
runs-on: ubuntu-latest | |
steps: | |
- name: Download Specify_windows_64 artifact | |
uses: actions/download-artifact@v1 | |
with: | |
name: Specify_windows_64 | |
- name: Download Specify_unix_64 artifact | |
uses: actions/download-artifact@v1 | |
with: | |
name: Specify_unix_64 | |
- name: Download Specify_macos_with_ticket artifact | |
uses: actions/download-artifact@v1 | |
with: | |
name: Specify_macos_with_ticket | |
- name: Download updates.xml artifact | |
uses: actions/download-artifact@v1 | |
with: | |
name: updates.xml | |
- name: Create release | |
uses: softprops/action-gh-release@v1 | |
with: | |
draft: true | |
prerelease: true | |
files: | | |
Specify_windows_64/* | |
Specify_unix_64/* | |
Specify_macos_with_ticket/* | |
updates.xml/* | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |