get golden hash into package #303

Workflow file for this run

.github/workflows/release.yml at 7e40bc5

	name: "Generate Releases"

	on:
	release:
	types: [ published ]
	# To test this workflow without creating a release, uncomment the following and add a branch name (making sure "push"
	# is at the same indent level as "release":
	push:
	branches:
	- 'feature/issue-756_airgap'

	jobs:
	release:
	runs-on: ${{ matrix.os }}
	strategy:
	matrix:
	os: [ windows-latest ] # add macos-latest-xlarge for silicon (a paid feature)
	steps:
	- name: "Create base filename for all artifacts"
	id: basefn
	shell: bash
	run: \|
	FILEPATH=$(echo rctab_${{ github.ref_name }}_${{ runner.os }}_${{ runner.arch }} \| sed -e 's/\//_/g')
	echo "FILEPATH=$FILEPATH" >> $GITHUB_OUTPUT

	# Normalize platform-specific filepaths generated by gradle
	- name: "Create .zip filename"
	id: zipfn
	shell: bash
	run: echo "FILEPATH=build/${{ steps.basefn.outputs.FILEPATH }}.zip" >> $GITHUB_OUTPUT
	- name: "Get extension"
	id: ext
	shell: bash
	run: \|
	if [ ${{ runner.os }} == 'Windows' ]; then
	echo "EXT=.exe" >> $GITHUB_OUTPUT
	elif [ ${{ runner.os }} == 'Linux' ]; then
	echo "EXT=.deb" >> $GITHUB_OUTPUT
	else
	echo "EXT=.dmg" >> $GITHUB_OUTPUT
	fi
	- name: "Get jpackage output filepath"
	id: jpackagefn
	shell: bash
	run: \|
	# TODO Sync version number with Main.java and build.gradle (github.com/BrightSpots/rcv/issues/662)
	# The version numbers are hardcoded because the files below include the version number in them,
	# and while we could use some regex to figure out the version number automatically, it seems cleaner
	# to know the expected version number upfront.
	if [ ${{ runner.os }} == 'Windows' ]; then
	echo "FILEPATH=build/jpackage/RCTab-1.3.999.exe" >> $GITHUB_OUTPUT
	elif [ ${{ runner.os }} == 'Linux' ]; then
	echo "FILEPATH=build/jpackage/rctab_1.3.999_amd64.deb" >> $GITHUB_OUTPUT
	else
	echo "FILEPATH=build/jpackage/RCTab-1.3.999.dmg" >> $GITHUB_OUTPUT
	fi
	- name: "Create executable filename"
	id: exefn
	shell: bash
	run: echo "FILEPATH=build/${{ steps.basefn.outputs.FILEPATH }}${{ steps.ext.outputs.EXT }}" >> $GITHUB_OUTPUT

	- uses: actions/checkout@v3

	- name: "Set up JDK 20.0.1"
	uses: actions/setup-java@v3
	with:
	java-version: '20.0.1'
	distribution: 'temurin'

	- name: "Validate Gradle wrapper"
	uses: gradle/wrapper-validation-action@ccb4328a959376b642e027874838f60f8e596de3

	- name: "Create zip with jlinkZip"
	uses: ./.github/actions/gradle-and-sha
	with:
	gradle-command: jlinkZip
	intermediate-filepath: build/rcv.zip
	final-filepath: ${{ steps.zipfn.outputs.FILEPATH }}

	# - name: "Create caches filename"
	# id: cachefn
	# shell: bash
	# run: \|
	# echo "FILEPATH=cache/${{ steps.basefn.outputs.FILEPATH }}.cache.zip" >> $GITHUB_OUTPUT
	#
	# - name: "Generate SHA1 and SHA256 for each maven dependency"
	# shell: bash
	# run: ./.github/workflows/generate-dependency-hashes.sh ${{ runner.os }} >> ~/.gradle/caches/checksums.csv
	#
	# - name: "Create dependency zip"
	# uses: ./.github/actions/zip
	# with:
	# # Build, then remove all non-essential files
	# command: ./gradlew assemble && ./gradlew --stop
	# input: "~/.gradle/caches"
	# zipFilename: ${{steps.cachefn.outputs.FILEPATH}}
	#
	# - name: "Generate SHA512 for plugins cache"
	# shell: bash
	# run: \|
	# ./.github/workflows/sha.sh ${{steps.cachefn.outputs.FILEPATH}} ${{ runner.os }} 512 > ${{steps.cachefn.outputs.FILEPATH}}.sha512
	#
	- name: "Generate Golden SHA512 for jlinkZip"
	uses: ./.github/actions/sha-of-zip
	with:
	zipFilename: ${{ steps.zipfn.outputs.FILEPATH }}
	shaA: 512
	#
	# - name: "Generate Golden SHA512 for plugins cache"
	# uses: ./.github/actions/sha-of-zip
	# with:
	# zipFilename: ${{steps.cachefn.outputs.FILEPATH}}
	# shaA: 512
	#
	# - name: "Prepare keychain"
	# if: matrix.os == 'macOS-latest'
	# env:
	# MACOS_CERTIFICATE: ${{ secrets.MACOS_CERTIFICATE }}
	# MACOS_CERTIFICATE_PWD: ${{ secrets.MACOS_CERTIFICATE_PWD }}
	# run: \|
	# export TEMP_PWD=temporary-password-to-avoid-GUI-prompt
	# echo "Decode Base64 certificates"
	# echo $MACOS_CERTIFICATE \| base64 --decode > certificate.p12
	# echo "Create and unlock keychain"
	# security create-keychain -p $TEMP_PWD build.keychain
	# security unlock-keychain -p $TEMP_PWD build.keychain
	# echo "Import certificates into keychain"
	# # Note: in the next command, the -A should not be used outside of github actions.
	# # It allows any application to read the keychain, which is fine in an ephemeral environment,
	# # but not fine if you run this on your own machine.
	# security import certificate.p12 -k build.keychain -P $MACOS_CERTIFICATE_PWD -A -T /usr/bin/codesign -T /usr/bin/productbuild -T /usr/bin/security
	# security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k $TEMP_PWD build.keychain
	#
	# - name: "Create executable with jpackage (and sign, on MacOS)"
	# uses: ./.github/actions/gradle-and-sha
	# with:
	# gradle-command: jpackage
	# intermediate-filepath: ${{ steps.jpackagefn.outputs.FILEPATH }}
	# final-filepath: ${{ steps.exefn.outputs.FILEPATH }}
	#
	# - name: "Notarize app bundle"
	# if: matrix.os == 'macOS-latest'
	# env:
	# MACOS_NOTARIZATION_APPLE_ID: ${{ secrets.MACOS_NOTARIZATION_APPLE_ID }}
	# MACOS_NOTARIZATION_TEAM_ID: ${{ secrets.MACOS_NOTARIZATION_TEAM_ID }}
	# MACOS_NOTARIZATION_PWD: ${{ secrets.MACOS_NOTARIZATION_PWD }}
	# IDENTITY_PUBLIC_KEY: A257HB4NS4
	# run: \|
	# echo "Unlock keychain"
	# security unlock-keychain -p temporary-password-to-avoid-GUI-prompt build.keychain
	# security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k temporary-password-to-avoid-GUI-prompt build.keychain
	# echo "Create keychain profile"
	# xcrun notarytool store-credentials "notarytool-profile" --apple-id "$MACOS_NOTARIZATION_APPLE_ID" --team-id "$MACOS_NOTARIZATION_TEAM_ID" --password "$MACOS_NOTARIZATION_PWD"
	# echo "Creating temp notarization archive"
	# ditto -c -k --sequesterRsrc --keepParent ${{ steps.exefn.outputs.FILEPATH }} "notarization.zip"
	# echo "Notarize app -- this may take a few minutes"
	# xcrun notarytool submit "notarization.zip" --keychain-profile "notarytool-profile" --wait
	# echo "Attach staple"
	# xcrun stapler staple ${{ steps.exefn.outputs.FILEPATH }}

	- uses: actions/upload-artifact@v3
	with:
	name: Package
	if-no-files-found: error
	path: \|
	#${{ github.workspace }}/${{ steps.zipfn.outputs.FILEPATH }}
	#${{ github.workspace }}/${{ steps.zipfn.outputs.FILEPATH }}.sha512
	${{ github.workspace }}/${{ steps.zipfn.outputs.FILEPATH }}.golden.sha512
	#${{ github.workspace }}/${{ steps.exefn.outputs.FILEPATH }}
	#${{ github.workspace }}/${{ steps.exefn.outputs.FILEPATH }}.sha512
	#${{ github.workspace }}/${{steps.cachefn.outputs.FILEPATH}}
	#${{ github.workspace }}/${{steps.cachefn.outputs.FILEPATH}}.sha512
	#${{ github.workspace }}/${{steps.cachefn.outputs.FILEPATH}}.golden.sha512
	retention-days: 1

	- name: "Upload binaries to release"
	uses: svenstaro/upload-release-action@v2
	if: github.event_name == 'release'
	with:
	repo_token: ${{ secrets.GITHUB_TOKEN }}
	file: build/${{ steps.basefn.outputs.FILEPATH }}*
	tag: ${{ github.ref_name }}
	overwrite: true
	file_glob: true

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

get golden hash into package #303

Workflow file

get golden hash into package #303

Jobs

Run details

Workflow file for this run