Use toitlang/action-setup (#13) #77
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright (C) 2023 Toitware ApS. All rights reserved. | |
| name: CI | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| sign_macos: | |
| description: Sign the macOS binary | |
| type: boolean | |
| required: true | |
| default: false | |
| sign_windows: | |
| description: Sign the Windows binary | |
| type: boolean | |
| required: true | |
| default: false | |
| release: | |
| types: [published] | |
| push: | |
| branches: | |
| - "*" | |
| - "*/*" | |
| env: | |
| TOIT_VERSION: v2.0.0-alpha.119 | |
| APP_NAME: pngdiff | |
| jobs: | |
| build: | |
| strategy: | |
| matrix: | |
| os: [ ubuntu-latest, macos-latest, windows-latest ] | |
| runs-on: ${{ matrix.os }} | |
| steps: | |
| - uses: actions/checkout@v3 | |
| with: | |
| submodules: recursive | |
| - name: Setup Toit | |
| id: setup-toit | |
| uses: toitlang/action-setup@v1 | |
| with: | |
| toit-version: ${{ env.TOIT_VERSION }} | |
| # Fetch the dependencies. Different for each platform. | |
| - name: Install dependencies - Linux | |
| if: runner.os == 'Linux' | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install ninja-build | |
| ninja --version | |
| cmake --version | |
| - name: Install dependencies - macOS | |
| if: runner.os == 'macOS' | |
| run: | | |
| brew install ninja | |
| ninja --version | |
| cmake --version | |
| - name: Install dependencies - Windows | |
| if: runner.os == 'Windows' | |
| run: | | |
| choco install ninja | |
| ninja --version | |
| cmake --version | |
| - name: Run cmake | |
| shell: bash | |
| run: | | |
| make rebuild-cmake | |
| - name: Build binaries | |
| shell: bash | |
| run: | | |
| make | |
| - name: Run tests | |
| shell: bash | |
| run: | | |
| make test | |
| - name: Upload binary artifacts | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: binaries-${{ runner.os }} | |
| path: build/png* | |
| sign-windows: | |
| runs-on: windows-signing | |
| needs: [build] | |
| if: github.event_name == 'release' || inputs.sign_windows | |
| steps: | |
| - name: Clean workspace | |
| run: | | |
| rm -Recurse -Force ${{ github.workspace }}\* | |
| - uses: actions/download-artifact@v3 | |
| with: | |
| name: binaries-Windows | |
| path: in | |
| - name: Copy to build | |
| run: | | |
| mkdir build/windows | |
| copy in/${{env.APP_NAME}}.exe build/${{env.APP_NAME}}.exe | |
| - name: Sign ${{env.APP_NAME}} | |
| working-directory: ./build | |
| # Signs in place. | |
| run: | | |
| signtool sign /debug /n "Toitware ApS" /t http://timestamp.digicert.com/ $PWD/${{env.APP_NAME}}.exe | |
| - name: Copy signed to out | |
| run: | | |
| mkdir out | |
| copy build/${{env.APP_NAME}}.exe out/${{env.APP_NAME}}.exe | |
| - name: Zip signed | |
| run: | | |
| cd out | |
| 7z a ${{env.APP_NAME}}-windows.zip ${{env.APP_NAME}}.exe | |
| - name: Upload artifacts | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: binaries-Windows-signed | |
| path: ./out | |
| - name: Upload release Windows executable | |
| if: github.event_name == 'release' | |
| uses: svenstaro/upload-release-action@v2 | |
| with: | |
| repo_token: ${{ secrets.GITHUB_TOKEN }} | |
| file: out/${{env.APP_NAME}}-windows.zip | |
| tag: ${{ github.event.release.tag_name }} | |
| overwrite: true | |
| sign_macos: | |
| runs-on: macos-latest | |
| needs: [build] | |
| if: github.event_name == 'release' || inputs.sign_macos | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - uses: actions/download-artifact@v3 | |
| with: | |
| name: binaries-macOS | |
| path: in | |
| - name: Install dependencies | |
| run: | | |
| set -e | |
| brew install create-dmg | |
| brew install zip | |
| - name: Copy to build | |
| run: | | |
| mkdir -p build | |
| cp in/${{env.APP_NAME}} build/${{env.APP_NAME}} | |
| - name: Setup binary rights | |
| run: | | |
| chmod +x build/${{env.APP_NAME}} | |
| - name: Sign and notarize | |
| uses: toitlang/[email protected] | |
| with: | |
| certificate: ${{ secrets.MACOS_CERTIFICATE }} | |
| certificate-password: ${{ secrets.MACOS_CERTIFICATE_PWD }} | |
| username: ${{ secrets.AC_USERNAME }} | |
| password: ${{ secrets.AC_PASSWORD }} | |
| apple-team-id: 33DS2ZRDST | |
| # Signs in place. | |
| app-path: build/${{env.APP_NAME}} | |
| - name: Create out folder | |
| run: | | |
| mkdir -p out | |
| - name: Create a DMG | |
| run: | | |
| # Use an empty directory as source so we don't accidentally add other files than the | |
| # ${{env.APP_NAME}} binary. | |
| set -e | |
| mkdir empty | |
| create-dmg \ | |
| --volname "${{env.APP_NAME}}" \ | |
| --add-file ${{env.APP_NAME}} build/${{env.APP_NAME}} 0 0 \ | |
| out/${{env.APP_NAME}}-macos.dmg \ | |
| empty | |
| - name: Create a ZIP | |
| run: | | |
| zip -j out/${{env.APP_NAME}}-macos.zip build/${{env.APP_NAME}} | |
| - name: Upload artifacts | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: binaries-macOS-signed | |
| path: ./out | |
| - name: Upload release macOS executable DMG | |
| if: github.event_name == 'release' | |
| uses: svenstaro/upload-release-action@v2 | |
| with: | |
| repo_token: ${{ secrets.GITHUB_TOKEN }} | |
| file: out/${{env.APP_NAME}}-macos.dmg | |
| tag: ${{ github.event.release.tag_name }} | |
| overwrite: true | |
| - name: Upload release macOS executable ZIP | |
| if: github.event_name == 'release' | |
| uses: svenstaro/upload-release-action@v2 | |
| with: | |
| repo_token: ${{ secrets.GITHUB_TOKEN }} | |
| file: out/${{env.APP_NAME}}-macos.zip | |
| tag: ${{ github.event.release.tag_name }} | |
| overwrite: true |