osx sign and notarization #74

Workflow file for this run

	name: Build Electron App

	on:
	push:
	branches:
	- main
	pull_request:

	jobs:
	build-macos:
	runs-on: macos-latest
	if: ${{ github.event.head_commit.message != 'Automated commit by GitHub Actions' }}
	steps:
	- name: Check out repository
	uses: actions/checkout@v2

	- name: Set up Node.js
	uses: actions/setup-node@v2
	with:
	node-version: '20.10.0'

	- name: Install Python and set up venv
	run: \|
	brew install [email protected]
	python3.9 -m venv myenv
	source myenv/bin/activate
	python3.9 -m ensurepip
	python3.9 -m pip install --upgrade pip
	python3.9 -m pip install setuptools
	working-directory: ./jccm

	- name: Install dependencies
	run: \|
	source myenv/bin/activate
	npm install
	working-directory: ./jccm

	- name: Install appdmg
	run: \|
	source myenv/bin/activate
	npm install --save-dev appdmg
	working-directory: ./jccm

	- name: Install signing certificate
	run: \|
	KEYCHAIN_NAME=build.keychain
	KEYCHAIN_PASSWORD=$(openssl rand -base64 12)
	echo "Decode signing certificate..."
	echo "${{ secrets.SIGNING_CERTIFICATE }}" \| base64 --decode > signing_certificate.p12
	echo "Creating keychain..."
	security create-keychain -p $KEYCHAIN_PASSWORD $KEYCHAIN_NAME
	echo "Setting default keychain..."
	security default-keychain -s $KEYCHAIN_NAME
	echo "Unlocking keychain..."
	security unlock-keychain -p $KEYCHAIN_PASSWORD $KEYCHAIN_NAME
	echo "Importing certificate..."
	security import signing_certificate.p12 -k $KEYCHAIN_NAME -P "${{ secrets.SIGNING_CERTIFICATE_PASSWORD }}" -T /usr/bin/codesign
	echo "Listing keychains..."
	security list-keychains -s $KEYCHAIN_NAME
	echo "Setting key partition list..."
	security set-key-partition-list -S apple-tool:,apple: -s -k $KEYCHAIN_PASSWORD $KEYCHAIN_NAME
	- name: Build and package (arm64 and x64)
	env:
	APPLE_ID: ${{ secrets.APPLE_ID }}
	APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.APPLE_APP_SPECIFIC_PASSWORD }}
	APPLE_DEVELOPER_TEAM_ID: ${{ secrets.APPLE_DEVELOPER_TEAM_ID }}
	run: \|
	source myenv/bin/activate
	npm run make
	working-directory: ./jccm

	- name: Upload macOS artifacts
	uses: actions/upload-artifact@v2
	with:
	name: macos-installers
	path: \|
	./jccm/out/make/jccm-darwin-x64.dmg
	./jccm/out/make/jccm-darwin-arm64.dmg
	build-windows:
	needs: build-macos
	runs-on: windows-latest
	if: ${{ github.event.head_commit.message != 'Automated commit by GitHub Actions' }}
	steps:
	- uses: actions/checkout@v2

	- name: Set up Node.js
	uses: actions/setup-node@v2
	with:
	node-version: '20.10.0'

	- name: Install dependencies
	run: npm install
	working-directory: ./jccm

	- name: Build and package (x64)
	run: npm run make -- --platform=win32 --arch=x64
	working-directory: ./jccm

	- name: Upload windows artifacts
	uses: actions/upload-artifact@v2
	with:
	name: windows-installers
	path: \|
	./jccm/out/make/squirrel.windows/x64/*.exe
	./jccm/out/make/squirrel.windows/x64/*.msi
	release:
	needs: [build-macos, build-windows]
	runs-on: ubuntu-latest
	steps:
	- name: Check out repository
	uses: actions/checkout@v2

	- name: Set up Node.js
	uses: actions/setup-node@v2
	with:
	node-version: '20.10.0'

	- name: Read version from package.json
	id: get_version
	run: echo "VERSION=$(jq -r '.version' ./jccm/package.json)" >> $GITHUB_ENV

	- name: Download macOS artifacts
	uses: actions/download-artifact@v2
	with:
	name: macos-installers
	path: ./installers/macos

	- name: Download windows artifacts
	uses: actions/download-artifact@v2
	with:
	name: windows-installers
	path: ./installers/windows

	- name: Install GitHub CLI
	run: sudo apt-get install gh

	- name: Check for existing release and delete if it exists
	run: \|
	if gh release view ${{ env.VERSION }}; then
	gh release delete ${{ env.VERSION }} --yes
	fi
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

	- name: Create Release
	id: create_release
	uses: actions/create-release@v1
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	with:
	tag_name: ${{ env.VERSION }}
	release_name: 'Release ${{ env.VERSION }}'
	draft: false
	prerelease: false

	- name: Upload macOS x64 Release Asset
	uses: actions/upload-release-asset@v1
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	with:
	upload_url: ${{ steps.create_release.outputs.upload_url }}
	asset_path: ./installers/macos/jccm-darwin-x64.dmg
	asset_name: jccm-darwin-x64.dmg
	asset_content_type: application/octet-stream

	- name: Upload macOS arm64 Release Asset
	uses: actions/upload-release-asset@v1
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	with:
	upload_url: ${{ steps.create_release.outputs.upload_url }}
	asset_path: ./installers/macos/jccm-darwin-arm64.dmg
	asset_name: jccm-darwin-arm64.dmg
	asset_content_type: application/octet-stream

	- name: Upload Windows Release Asset
	uses: actions/upload-release-asset@v1
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	with:
	upload_url: ${{ steps.create_release.outputs.upload_url }}
	asset_path: ./installers/windows/jccm-windows-x64-setup.exe
	asset_name: jccm-windows-x64-setup.exe
	asset_content_type: application/octet-stream

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

osx sign and notarization #74

Workflow file

osx sign and notarization #74

Jobs

Run details

Workflow file for this run