diff --git a/.github/workflows/deployment.yml b/.github/workflows/deployment.yml
index 02a12b4846e..c448f1d85f3 100644
--- a/.github/workflows/deployment.yml
+++ b/.github/workflows/deployment.yml
@@ -19,6 +19,7 @@ env:
SpringerNatureAPIKey: ${{ secrets.SpringerNatureAPIKey }}
AstrophysicsDataSystemAPIKey: ${{ secrets.AstrophysicsDataSystemAPIKey }}
IEEEAPIKey: ${{ secrets.IEEEAPIKey }}
+ OSXCERT: ${{ secrets.OSX_SIGNING_CERT }}
jobs:
build:
@@ -36,10 +37,8 @@ jobs:
- os: macOS-latest
displayName: macOS
archivePortable: brew install pigz && tar -c -C build/distribution JabRef.app | pigz --rsyncable > build/distribution/JabRef-portable_macos.tar.gz && rm -R build/distribution/JabRef.app
-
runs-on: ${{ matrix.os }}
name: Create installer and portable version for ${{ matrix.displayName }}
-
steps:
- name: Fetch all history for all tags and branches
uses: actions/checkout@v2
@@ -48,14 +47,22 @@ jobs:
- name: Install GitVersion
uses: gittools/actions/gitversion/setup@v0.9.4
with:
- versionSpec: '5.2.x'
+ versionSpec: "5.2.x"
- name: Run GitVersion
id: gitversion
uses: gittools/actions/gitversion/execute@v0.9.4
- - name: Set up JDK
+ - name: Set up Adotptopen JDK mac
+ uses: joschi/setup-jdk@v2
+ with:
+ # reason: https://bugs.openjdk.java.net/browse/JDK-8238184
+ java-version: 15
+ release_type: ea
+ if: matrix.os == 'macos-latest'
+ - name: Set up JDK for linux and windows
uses: actions/setup-java@v1
with:
- java-version: 14
+ java-version: 15-ea
+ if: matrix.os != 'macos-latest'
- name: Restore gradle cache
uses: actions/cache@master
with:
@@ -63,26 +70,75 @@ jobs:
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*') }}
restore-keys: |
${{ runner.os }}-gradle-
+ - name: Setup OSX key chain on OSX
+ if: matrix.os == 'macos-latest'
+ uses: apple-actions/import-codesign-certs@v1
+ with:
+ p12-file-base64: ${{ secrets.OSX_SIGNING_CERT }}
+ p12-password: ${{ secrets.OSX_CERT_PWD }}
+ keychain-password: jabref
+ - name: Setup OSX key chain on OSX for app id cert
+ if: matrix.os == 'macos-latest'
+ uses: apple-actions/import-codesign-certs@v1
+ with:
+ p12-file-base64: ${{ secrets.OSX_SIGNING_CERT_APPLICATION }}
+ p12-password: ${{ secrets.OSX_CERT_PWD }}
+ create-keychain: false
+ keychain-password: jabref
- name: Build runtime image
run: ./gradlew -PprojVersion="${{ steps.gitversion.outputs.AssemblySemVer }}" -PprojVersionInfo="${{ steps.gitversion.outputs.InformationalVersion }}" jlinkZip
- name: Build installer
run: ./gradlew -i -PprojVersion="${{ steps.gitversion.outputs.AssemblySemVer }}" -PprojVersionInfo="${{ steps.gitversion.outputs.InformationalVersion }}" jpackage
shell: bash
+ - name: Resign app image for OSX and build dmg
+ if: matrix.os == 'macos-latest'
+ shell: bash
+ run: |
+ codesign --entitlements buildres/mac/myapp.entitlements --options runtime -vvv -f --sign "Developer ID Application: Tobias Diez (W2PU6LW5U5)" build/distribution/JabRef.app/Contents/runtime/Contents/MacOS/libjli.dylib
+ codesign --entitlements buildres/mac/myapp.entitlements --options runtime -vvv -f --sign "Developer ID Application: Tobias Diez (W2PU6LW5U5)" build/distribution/JabRef.app/Contents/MacOS/JabRef
+ codesign --entitlements buildres/mac/myapp.entitlements --options runtime -vvv -f --sign "Developer ID Application: Tobias Diez (W2PU6LW5U5)" build/distribution/JabRef.app
+ jpackage --type pkg --dest build/distribution --name JabRef --app-version "${{ steps.gitversion.outputs.Major }}.${{ steps.gitversion.outputs.Minor }}" --app-image build/distribution/JabRef.app --verbose --type dmg --vendor JabRef --app-version "${{ steps.gitversion.outputs.Major }}.${{ steps.gitversion.outputs.Minor }}" --file-associations buildres/mac/bibtexAssociations.properties --resource-dir buildres/mac
+ codesign -s "Developer ID Application: Tobias Diez (W2PU6LW5U5)" --options runtime --entitlements buildres/mac/myapp.entitlements -vvvv --deep "build/distribution/JabRef-${{ steps.gitversion.outputs.Major }}.${{ steps.gitversion.outputs.Minor }}.dmg"
+ REQUEST_UUID=$(xcrun altool --verbose --notarize-app --primary-bundle-id "org.jabref" --username ${{ secrets.OSX_NOTARIZATION_APP_USERNAME }} --password ${{ secrets.OSX_NOTARIZATION_APP_PWD }} --asc-provider "W2PU6LW5U5" --file "build/distribution/JabRef-${{ steps.gitversion.outputs.Major }}.${{ steps.gitversion.outputs.Minor }}.dmg" | grep RequestUUID | awk '{print $3}')
+ while xcrun altool --notarization-info "$REQUEST_UUID" -u ${{ secrets.OSX_NOTARIZATION_APP_USERNAME }} -p ${{ secrets.OSX_NOTARIZATION_APP_PWD }} | grep "Status: in progress" > /dev/null; do
+ echo "Verification in progress..."
+ sleep 30
+ done
+ xcrun stapler staple "build/distribution/JabRef-${{ steps.gitversion.outputs.Major }}.${{ steps.gitversion.outputs.Minor }}.dmg"
+ spctl -vvv --assess --type exec build/distribution/JabRef.app
+ codesign -vvv --deep --strict "build/distribution/JabRef-${{ steps.gitversion.outputs.Major }}.${{ steps.gitversion.outputs.Minor }}.dmg"
+ codesign -dvv "build/distribution/JabRef-${{ steps.gitversion.outputs.Major }}.${{ steps.gitversion.outputs.Minor }}.dmg"
+ - name: Build, sign and notarize pkg installer for OSX
+ if: matrix.os == 'macos-latest'
+ shell: bash
+ run: |
+ jpackage --type pkg --dest build/distribution --name JabRef --app-version "${{ steps.gitversion.outputs.Major }}.${{ steps.gitversion.outputs.Minor }}" --app-image build/distribution/JabRef.app --verbose --type pkg --vendor JabRef --app-version "${{ steps.gitversion.outputs.Major }}.${{ steps.gitversion.outputs.Minor }}" --file-associations buildres/mac/bibtexAssociations.properties --resource-dir buildres/mac
+ productsign --sign "Developer ID Installer: Tobias Diez (W2PU6LW5U5)" "build/distribution/JabRef-${{ steps.gitversion.outputs.Major }}.${{ steps.gitversion.outputs.Minor }}.pkg" "build/distribution/JabRef-${{ steps.gitversion.outputs.Major }}.${{ steps.gitversion.outputs.Minor }}-signed.pkg"
+ REQUEST_UUID=$(xcrun altool --verbose --notarize-app --primary-bundle-id "org.jabref" --username ${{ secrets.OSX_NOTARIZATION_APP_USERNAME }} --password ${{ secrets.OSX_NOTARIZATION_APP_PWD }} --asc-provider "W2PU6LW5U5" --file "build/distribution/JabRef-${{ steps.gitversion.outputs.Major }}.${{ steps.gitversion.outputs.Minor }}-signed.pkg" | grep RequestUUID | awk '{print $3}')
+ while xcrun altool --notarization-info "$REQUEST_UUID" -u ${{ secrets.OSX_NOTARIZATION_APP_USERNAME }} -p ${{ secrets.OSX_NOTARIZATION_APP_PWD }} | grep "Status: in progress" > /dev/null; do
+ echo "Verification in progress..."
+ sleep 30
+ done
+ xcrun stapler staple "build/distribution/JabRef-${{ steps.gitversion.outputs.Major }}.${{ steps.gitversion.outputs.Minor }}-signed.pkg"
+ rm "build/distribution/JabRef-${{ steps.gitversion.outputs.Major }}.${{ steps.gitversion.outputs.Minor }}.pkg"
+ mv "build/distribution/JabRef-${{ steps.gitversion.outputs.Major }}.${{ steps.gitversion.outputs.Minor }}-signed.pkg" "build/distribution/JabRef-${{ steps.gitversion.outputs.Major }}.${{ steps.gitversion.outputs.Minor }}.pkg"
- name: Package application image
- run: ${{ matrix.archivePortable }}
shell: bash
+ run: ${{ matrix.archivePortable }}
- name: Rename files
+ shell: pwsh
run: |
get-childitem -Path build/distribution/*
get-childitem -Path build/distribution/* | rename-item -NewName {$_.name -replace "${{ steps.gitversion.outputs.AssemblySemVer }}","${{ steps.gitversion.outputs.Major }}.${{ steps.gitversion.outputs.Minor }}"}
get-childitem -Path build/distribution/* | rename-item -NewName {$_.name -replace "portable","${{ steps.gitversion.outputs.Major }}.${{ steps.gitversion.outputs.Minor }}-portable"}
- shell: pwsh
- name: Upload to GitHub workflow artifacts store
uses: actions/upload-artifact@master
with:
name: JabRef-${{ matrix.displayName }}
path: build/distribution
deploy:
+ strategy:
+ fail-fast: false
name: Deploy binaries on builds.jabref.org
runs-on: ubuntu-latest
needs: [build]
@@ -137,4 +193,3 @@ jobs:
ssh_options: '-p 9922'
src: 'build/distribution/'
dest: jrrsync@build-upload.jabref.org:/var/www/builds.jabref.org/www/${{ steps.gitversion.outputs.branchName }}/
-
diff --git a/build.gradle b/build.gradle
index 9446ae58832..5d0c8b513a5 100644
--- a/build.gradle
+++ b/build.gradle
@@ -685,6 +685,9 @@ jlink {
'--icon', "${projectDir}/src/main/resources/icons/jabref.icns",
'--resource-dir', "${projectDir}/buildres/mac"
]
+ // Due to a signing bug in jpackage we have to first resign the created app and therefore build the dmg manually
+ // See https://bugs.openjdk.java.net/browse/JDK-8251892 for details
+ skipInstaller = true
installerOptions = [
'--verbose',
'--vendor', 'JabRef',
diff --git a/buildres/mac/JabRef-background-darkAqua.png b/buildres/mac/JabRef-background-darkAqua.png
new file mode 100644
index 00000000000..0612c825c9f
Binary files /dev/null and b/buildres/mac/JabRef-background-darkAqua.png differ
diff --git a/buildres/mac/JabRef-background.png b/buildres/mac/JabRef-background.png
new file mode 100644
index 00000000000..0612c825c9f
Binary files /dev/null and b/buildres/mac/JabRef-background.png differ
diff --git a/buildres/mac/JabRef-dmg-setup.scpt b/buildres/mac/JabRef-dmg-setup.scpt
new file mode 100644
index 00000000000..326355cbd69
--- /dev/null
+++ b/buildres/mac/JabRef-dmg-setup.scpt
@@ -0,0 +1,38 @@
+tell application "Finder"
+ set theDisk to a reference to (disks whose URL = "DEPLOY_VOLUME_URL")
+ open theDisk
+
+ set theWindow to a reference to (container window of disks whose URL = "DEPLOY_VOLUME_URL")
+
+ set current view of theWindow to icon view
+ set toolbar visible of theWindow to false
+ set statusbar visible of theWindow to false
+
+ -- size of window should fit the size of background
+ set the bounds of theWindow to {346, 100, 920, 500}
+
+ set theViewOptions to a reference to the icon view options of theWindow
+ set arrangement of theViewOptions to not arranged
+ set icon size of theViewOptions to 128
+
+ set background picture of theViewOptions to POSIX file "DEPLOY_BG_FILE"
+
+ -- Create alias for install location
+ make new alias file at POSIX file "DEPLOY_VOLUME_PATH" to POSIX file "DEPLOY_INSTALL_LOCATION" with properties {name:"DEPLOY_INSTALL_LOCATION"}
+
+ set allTheFiles to the name of every item of theWindow
+ repeat with theFile in allTheFiles
+ set theFilePath to POSIX path of theFile
+ if theFilePath is "DEPLOY_INSTALL_LOCATION" then
+ -- Position install location
+ set position of item theFile of theWindow to {430, 170}
+ else
+ -- Position application or runtime
+ set position of item theFile of theWindow to {140, 170}
+ end if
+ end repeat
+
+ update theDisk without registering applications
+ delay 5
+ close (get window of theDisk)
+end tell
diff --git a/buildres/mac/Jabref-volume.icns b/buildres/mac/Jabref-volume.icns
new file mode 100755
index 00000000000..cf7a8d59d26
Binary files /dev/null and b/buildres/mac/Jabref-volume.icns differ
diff --git a/buildres/mac/README.md b/buildres/mac/README.md
new file mode 100644
index 00000000000..a6dda0f7236
--- /dev/null
+++ b/buildres/mac/README.md
@@ -0,0 +1,12 @@
+# Mac Resources
+
+## Modifying DMG Setup scpt
+
+Rename `JabRef-dmg-setup.scpt script` to `JabRef-dmg-setup.applescript`.
+Only modify the `JabRef-dmg-setup.applescript` in the OS X Script Editor. Afterwards copy over the file and rename it to `JabRef-dmg-setup.scpt`.
+Normally the `scpt` file is a binary compiled variant and the `.applescript` the uncompiled format but jpackage expects the sctp in uncompiled format
+
+## Generate iconsets
+
+To generate icns files use the script under `src/main/resources/icons`
+Install [svg2png](https://formulae.brew.sh/formula/svg2png) and call the script with the svg filename as first argument.
diff --git a/buildres/mac/launcher.icns b/buildres/mac/launcher.icns
new file mode 100755
index 00000000000..cf7a8d59d26
Binary files /dev/null and b/buildres/mac/launcher.icns differ
diff --git a/buildres/mac/myapp.entitlements b/buildres/mac/myapp.entitlements
new file mode 100644
index 00000000000..ba4ffa13f75
--- /dev/null
+++ b/buildres/mac/myapp.entitlements
@@ -0,0 +1,24 @@
+
+
+
+
+ com.apple.security.app-sandbox
+
+ com.apple.security.network.server
+
+ com.apple.security.network.client
+
+ com.apple.security.files.user-selected.read-write
+
+ com.apple.security.cs.allow-jit
+
+ com.apple.security.cs.allow-unsigned-executable-memory
+
+ com.apple.security.cs.disable-executable-page-protection
+
+ com.apple.security.cs.disable-library-validation
+
+ com.apple.security.cs.allow-dyld-environment-variables
+
+
+
\ No newline at end of file
diff --git a/buildres/windows/JabRef-post-image.wsf b/buildres/windows/JabRef-post-image.wsf
index fc6b6f202db..a614c82460f 100644
--- a/buildres/windows/JabRef-post-image.wsf
+++ b/buildres/windows/JabRef-post-image.wsf
@@ -23,9 +23,6 @@
// Add registry values for JabRef Browser Extension
contents = contents.replace("", "");
- // Specify correct icon in Add/Remove Programs
- contents = contents.replace("", "");
-
// Specify banner
contents = contents.replace("", "");
//contents = contents.replace("", "");
diff --git a/myapp.entitlements b/myapp.entitlements
new file mode 100644
index 00000000000..ba4ffa13f75
--- /dev/null
+++ b/myapp.entitlements
@@ -0,0 +1,24 @@
+
+
+
+
+ com.apple.security.app-sandbox
+
+ com.apple.security.network.server
+
+ com.apple.security.network.client
+
+ com.apple.security.files.user-selected.read-write
+
+ com.apple.security.cs.allow-jit
+
+ com.apple.security.cs.allow-unsigned-executable-memory
+
+ com.apple.security.cs.disable-executable-page-protection
+
+ com.apple.security.cs.disable-library-validation
+
+ com.apple.security.cs.allow-dyld-environment-variables
+
+
+
\ No newline at end of file
diff --git a/src/main/resources/icons/jabref.icns b/src/main/resources/icons/jabref.icns
index 874d5ab4cf8..cf7a8d59d26 100755
Binary files a/src/main/resources/icons/jabref.icns and b/src/main/resources/icons/jabref.icns differ
diff --git a/src/main/resources/icons/svg2icns.sh b/src/main/resources/icons/svg2icns.sh
new file mode 100755
index 00000000000..f1a001a1606
--- /dev/null
+++ b/src/main/resources/icons/svg2icns.sh
@@ -0,0 +1,30 @@
+#!/bin/sh
+
+set -e
+
+SIZES="
+16,16x16
+32,16x16@2x
+32,32x32
+64,32x32@2x
+128,128x128
+256,128x128@2x
+256,256x256åç
+512,256x256@2x
+512,512x512
+1024,512x512@2x
+"
+
+for SVG in "$@"; do
+ BASE=$(basename "$SVG" | sed 's/\.[^\.]*$//')
+ ICONSET="$BASE.iconset"
+ mkdir -p "$ICONSET"
+ for PARAMS in $SIZES; do
+ SIZE=$(echo $PARAMS | cut -d, -f1)
+ LABEL=$(echo $PARAMS | cut -d, -f2)
+ svg2png "$SVG" -w $SIZE -h $SIZE "$ICONSET"/icon_$LABEL.png
+ done
+
+ iconutil -c icns "$ICONSET"
+ rm -rf "$ICONSET"
+done