Build: macOS #811
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: 'Build: macOS' | |
on: | |
push: | |
branches: | |
- 3.x | |
pull_request: | |
branches: | |
- 3.x | |
schedule: | |
- cron: '0 4 */1 * *' # At 04:00 on every day-of-month | |
workflow_dispatch: | |
inputs: | |
build_mode: | |
description: 'Build mode: devel, nightly, testing, stable' | |
default: 'devel' | |
required: true | |
publish: | |
description: 'Publish to FTP: on - publish' | |
default: 'off' | |
required: false | |
workflow_call: | |
inputs: | |
build_mode: | |
description: 'Build mode: devel, nightly, testing, stable' | |
default: 'devel' | |
type: string | |
required: true | |
publish: | |
description: 'Publish to FTP: on - publish' | |
default: 'off' | |
type: string | |
required: false | |
env: | |
CURRENT_RELEASE_BRANCH: 3.x | |
DEVELOPER_DIR: /Applications/Xcode_15.2.app/Contents/Developer | |
jobs: | |
macos: | |
runs-on: macos-13 | |
steps: | |
- name: Cancel Previous Runs | |
uses: styfle/[email protected] | |
with: | |
access_token: ${{ github.token }} | |
- name: Clone repository | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 3 | |
- name: "Configure workflow" | |
env: | |
pull_request_title: ${{ github.event.pull_request.title }} | |
run: | | |
bash ./build/ci/tools/make_build_mode_env.sh -e ${{ github.event_name }} -m ${{ inputs.build_mode }} | |
BUILD_MODE=$(cat ./build.artifacts/env/build_mode.env) | |
bash ./build/ci/tools/make_build_number.sh | |
BUILD_NUMBER=$(cat ./build.artifacts/env/build_number.env) | |
DO_PUBLISH='false' | |
if [[ "${{ inputs.publish }}" == "on" || "$BUILD_MODE" == "nightly" ]]; then | |
DO_PUBLISH='true' | |
if [ -z "${{ secrets.OSUOSL_SSH_ENCRYPT_SECRET }}" ]; then | |
echo "warning: not set OSUOSL_SSH_ENCRYPT_SECRET, publish disabled" | |
DO_PUBLISH='false' | |
fi | |
fi | |
DO_NOTARIZE='false' | |
if [ "$BUILD_MODE" != "devel" ]; then | |
DO_NOTARIZE='true' | |
if [ -z "${{ secrets.APPLE_USERNAME }}" ]; then | |
echo "warning: not set APPLE_USERNAME, notarize disabled" | |
DO_NOTARIZE='false' | |
fi | |
if [ -z "${{ secrets.APPLE_PASSWORD }}" ]; then | |
echo "warning: not set APPLE_PASSWORD, notarize disabled" | |
DO_NOTARIZE='false' | |
fi | |
fi | |
DO_BUILD='true' | |
ADD_INFO="_${GITHUB_REF#refs/heads/}" | |
if [ "${{ github.event_name }}" == "schedule" ] && [ "${{ github.event.schedule }}" == "0 5 */1 */1 *" ]; then ADD_INFO="_${CURRENT_RELEASE_BRANCH}"; fi | |
if [ "${{ github.event_name }}" == "pull_request" ]; then ADD_INFO="_${{ github.event.pull_request.number }}_${pull_request_title}"; fi | |
UPLOAD_ARTIFACT_NAME="$(tr '":<>|*?/\\?' '_' <<<"Mu3.7_${BUILD_NUMBER}_Mac${ADD_INFO}")" | |
echo "github.repository: ${{ github.repository }}" | |
echo "BUILD_MODE=$BUILD_MODE" >> $GITHUB_ENV | |
echo "BUILD_MODE: $BUILD_MODE" | |
echo "BUILD_NUMBER=$BUILD_NUMBER" >> $GITHUB_ENV | |
echo "BUILD_NUMBER: $BUILD_NUMBER" | |
echo "DO_BUILD=$DO_BUILD" >> $GITHUB_ENV | |
echo "DO_BUILD: $DO_BUILD" | |
echo "DO_NOTARIZE=$DO_NOTARIZE" >> $GITHUB_ENV | |
echo "DO_NOTARIZE: $DO_NOTARIZE" | |
echo "DO_PUBLISH=$DO_PUBLISH" >> $GITHUB_ENV | |
echo "DO_PUBLISH: $DO_PUBLISH" | |
echo "UPLOAD_ARTIFACT_NAME=$UPLOAD_ARTIFACT_NAME" >> $GITHUB_ENV | |
echo "UPLOAD_ARTIFACT_NAME: $UPLOAD_ARTIFACT_NAME" | |
- name: Free disk space | |
if: env.DO_BUILD == 'true' | |
run: | | |
sudo rm -rf "/Applications/Visual Studio.app" | |
sudo rm -rf "/Applications/Visual Studio 2019.app" | |
sudo rm -rf "/Users/runner/Library/Android/sdk" | |
- name: Setup environment | |
if: env.DO_BUILD == 'true' | |
run: | | |
bash ./build/ci/macos/setup.sh | |
- name: Build | |
if: env.DO_BUILD == 'true' | |
run: | | |
T_ID=${{ secrets.TELEMETRY_TRACK_ID }}; if [ -z "$T_ID" ]; then T_ID="''"; fi | |
bash ./build/ci/macos/build.sh -n ${{ github.run_id }} --telemetry $T_ID | |
- name: Package | |
if: env.DO_BUILD == 'true' | |
run: | | |
S_S="${{ secrets.MAC_SIGN_CERTIFICATE_ENCRYPT_SECRET }}"; if [ -z "$S_S" ]; then S_S="''"; fi | |
S_P="${{ secrets.MAC_SIGN_CERTIFICATE_PASSWORD }}"; if [ -z "$S_P" ]; then S_P="''"; fi | |
bash ./build/ci/macos/package.sh --signpass "$S_P" --signsecret "$S_S" | |
- name: Notarize | |
if: env.DO_NOTARIZE == 'true' | |
run: | | |
USER=${{ secrets.APPLE_USERNAME }}; if [ -z "$USER" ]; then USER="''"; fi | |
PW=${{ secrets.APPLE_PASSWORD }}; if [ -z "$PW" ]; then PW="''"; fi | |
bash ./build/ci/macos/notarize.sh -u $USER -p $PW | |
- name: Checksum | |
if: env.DO_BUILD == 'true' | |
run: | | |
bash ./build/ci/tools/checksum.sh | |
- name: Publish package | |
if: env.DO_PUBLISH == 'true' | |
run: | | |
sudo bash ./build/ci/tools/osuosl/publish.sh -s ${{ secrets.OSUOSL_SSH_ENCRYPT_SECRET }} --os macos -v 3 | |
- name: AppCast | |
if: env.DO_BUILD == 'true' | |
run: | | |
bash ./build/ci/tools/sparkle_appcast_gen.sh -p macos | |
- name: Upload artifacts on GitHub | |
if: env.DO_BUILD == 'true' | |
uses: actions/upload-artifact@v4 | |
with: | |
name: ${{ env.UPLOAD_ARTIFACT_NAME }} | |
path: ./build.artifacts/ |