blob: 75b70657f6e5340f24addcb5d4f569151cab243e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
|
on:
push:
# Sequence of patterns matched against refs/tags
tags:
- 'v*' # Push events to matching v*, i.e. v1.0, v20.15.10
name: MacOS Release
jobs:
build_with_signing:
name: Upload Release Asset
runs-on: macos-latest
strategy:
matrix:
configuration: ['release'] # 'debug'
compiler: ['clang']
platform: ['x64']
targetPlatform: ['x64', 'aarch64']
steps:
- name: Checkout code
uses: actions/checkout@v2
with:
submodules: 'true'
fetch-depth: '0'
- name: Build release project
id: build
run: |
echo "starting to build..."
export CC=${{matrix.compiler}}
export CONFIGURATION=${{matrix.configuration}}
export ARCH=${{matrix.platform}}
export TARGETARCH=${{matrix.targetPlatform}}
echo "building..."
source ./github_macos_build.sh
- name: "Import signing certificate"
env:
BUILD_CERTIFICATE_BASE64: ${{ secrets.BUILD_CERTIFICATE_BASE64 }}
P12_PASSWORD: ${{ secrets.P12_PASSWORD }}
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
run: |
# create variables
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
# import certificate and provisioning profile from secrets
echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode --output $CERTIFICATE_PATH
# create temporary keychain
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
# import certificate to keychain
security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
security list-keychain -d user -s $KEYCHAIN_PATH
security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k ${KEYCHAIN_PASSWORD} $KEYCHAIN_PATH
- name: Install nortarize tools
run: |
brew install mitchellh/gon/gon
security find-identity -v
brew install coreutils
- name: Sign binaries
env:
IDENTITY_ID: d6ada82a113e4204aaad914e1013e9548ffd30d0
run: |
/usr/bin/codesign --force --options runtime -s ${IDENTITY_ID} ./bin/macosx-${{matrix.targetPlatform}}/release/libslang.dylib -v
/usr/bin/codesign --force --options runtime -s ${IDENTITY_ID} ./bin/macosx-${{matrix.targetPlatform}}/release/slangd -v
/usr/bin/codesign --force --options runtime -s ${IDENTITY_ID} ./bin/macosx-${{matrix.targetPlatform}}/release/slangc -v
- name: Package
id: package
run: |
export SLANG_OS_NAME=macos
export SLANG_ARCH_NAME=${{matrix.targetPlatform}}
export TAG_NAME=`git describe --tags`
export SLANG_TAG=${TAG_NAME#v}
echo "tag:$TAG_NAME"
echo "slang-tag:$SLANG_TAG"
export SLANG_BINARY_ARCHIVE=slang-${SLANG_TAG}-${SLANG_OS_NAME}-${SLANG_ARCH_NAME}.zip
echo "creating zip"
7z a ${SLANG_BINARY_ARCHIVE} slang.h
7z a ${SLANG_BINARY_ARCHIVE} slang-com-helper.h
7z a ${SLANG_BINARY_ARCHIVE} slang-com-ptr.h
7z a ${SLANG_BINARY_ARCHIVE} slang-tag-version.h
7z a ${SLANG_BINARY_ARCHIVE} prelude/*.h
7z a ${SLANG_BINARY_ARCHIVE} bin/*/*/libslang.dylib
7z a ${SLANG_BINARY_ARCHIVE} bin/*/*/slangc
7z a ${SLANG_BINARY_ARCHIVE} bin/*/*/slangd
7z a ${SLANG_BINARY_ARCHIVE} docs/*.md
echo "::set-output name=SLANG_BINARY_ARCHIVE::${SLANG_BINARY_ARCHIVE}"
- name: UploadBinary
uses: softprops/action-gh-release@v1
with:
files: |
${{ steps.package.outputs.SLANG_BINARY_ARCHIVE }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Notarize
env:
AC_PASSWORD: ${{secrets.APPLE_ID_PASSWORD}}
run: |
cp ./bin/macosx-${{matrix.targetPlatform}}/release/libslang.dylib libslang.dylib
cp ./bin/macosx-${{matrix.targetPlatform}}/release/slangd slangd
cp ./bin/macosx-${{matrix.targetPlatform}}/release/slangc slangc
7z a slang-macos-dist.zip libslang.dylib
7z a slang-macos-dist.zip slangd
7z a slang-macos-dist.zip slangc
cp slang-macos-dist.zip slang-macos-dist-${{matrix.targetPlatform}}.zip
timeout 1000 gon ./extras/macos-notarize.json
- name: UploadNotarizedBinary
if: always()
uses: softprops/action-gh-release@v1
with:
files: |
slang-macos-dist-${{matrix.targetPlatform}}.zip
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
