Feat/smooth action #31
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This workflow will build a Java project with Maven | |
# For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-maven | |
name: Build All Installers | |
on: | |
push: | |
branches: [ master ] | |
pull_request: | |
branches: [ master ] | |
workflow_dispatch: | |
branches: [ master ] | |
env: | |
DEV_IDENTITY: BXPZTQZ35S # Your Apple Dev identity, something like BXPZTQZ35S | |
PRIMARY_BUNDLE_ID: org.janelia.saalfeldlab.Paintera # Unique to your app, often the launcher class | |
jobs: | |
build: | |
strategy: | |
matrix: | |
os: [ubuntu-latest, windows-latest, macos-latest] | |
runs-on: ${{ matrix.os }} | |
env: | |
RELEASE_INSTALLERS: ${{ github.event_name == 'push' && github.ref == 'refs/heads/master' }} | |
steps: | |
- name: Download Wix | |
uses: i3h/download-release-asset@v1 | |
if: matrix.os == 'windows-latest' | |
with: | |
owner: wixtoolset | |
repo: wix3 | |
tag: wix3112rtm | |
file: wix311-binaries.zip | |
- name: Decompress Wix | |
uses: DuckSoft/extract-7z-action@v1.0 | |
if: matrix.os == 'windows-latest' | |
with: | |
pathSource: wix311-binaries.zip | |
pathTarget: ./target/wix | |
- name: Add Wix to Path | |
run: echo "$HOME/target/wix" >> $GITHUB_PATH | |
if: matrix.os == 'windows-latest' | |
- uses: actions/checkout@v2 | |
- name: Set up JDK 17 | |
uses: actions/setup-java@v2 | |
with: | |
java-version: 18.0.2 | |
distribution: 'liberica' | |
java-package: jdk+fx | |
cache: 'maven' | |
- name: "Build with Maven" | |
if: matrix.os != 'macos-latest' | |
run: mvn -B clean install -DskipTests -Pbuild-installer --file pom.xml | |
- name: "Build with Maven (macOS No Signing)" | |
env: | |
MACOS_CERTIFICATE: ${{ secrets.MACOS_CERTIFICATE }} | |
MACOS_CERTIFICATE_PWD: ${{ secrets.MACOS_CERTIFICATE_PWD }} | |
if: ${{ env.MACOS_CERTIFICATE == null && matrix.os == 'macos-latest' }} | |
run: mvn -B clean install -DskipTests -Pbuild-installer --file pom.xml | |
- name: "Build with Maven (macOS Signed)" | |
env: | |
MACOS_CERTIFICATE: ${{ secrets.MACOS_CERTIFICATE }} | |
MACOS_CERTIFICATE_PWD: ${{ secrets.MACOS_CERTIFICATE_PWD }} | |
if: ${{ env.MACOS_CERTIFICATE != null && matrix.os == 'macos-latest' }} | |
run: | | |
echo $MACOS_CERTIFICATE | base64 --decode > certificate.p12 | |
security create-keychain -p temppass build.keychain | |
security default-keychain -s build.keychain | |
security unlock-keychain -p temppass build.keychain | |
security import certificate.p12 -k build.keychain -P $MACOS_CERTIFICATE_PWD -T /usr/bin/codesign | |
security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k temppass build.keychain | |
export IDENTITY=$(security find-identity -v) | |
echo $(security find-identity -v) | |
mvn -B clean install -DskipTests -Pbuild-installer -Pmacos-sign --file pom.xml | |
- name: "Codesign DMG" | |
env: | |
MACOS_CERTIFICATE: ${{ secrets.MACOS_CERTIFICATE }} | |
MACOS_CERTIFICATE_PWD: ${{ secrets.MACOS_CERTIFICATE_PWD }} | |
if: ${{ env.MACOS_CERTIFICATE != null && matrix.os == 'macos-latest' }} | |
run: | | |
export DMG_PATH=$(ls ./target/*.dmg) | |
/usr/bin/codesign --deep --force -s ${{ env.DEV_IDENTITY}} $DMG_PATH -v | |
echo DMG_PATH=$DMG_PATH >> $GITHUB_ENV | |
echo ${{ env.DMG_PATH }} | |
- name: "Notarize DMG" | |
env: | |
APP_EMAIL: ${{ secrets.APP_EMAIL }} | |
APP_PASS: ${{ secrets.APP_PASS }} | |
if: ${{ env.APP_EMAIL != null && matrix.os == 'macos-latest' }} | |
uses: devbotsxyz/xcode-notarize@v1 | |
with: | |
product-path: ${{ env.DMG_PATH }} | |
primary-bundle-id: ${{ env.PRIMARY_BUNDLE_ID }} | |
appstore-connect-username: ${{ secrets.APP_EMAIL }} | |
appstore-connect-password: ${{ secrets.APP_PASS }} | |
- name: "Staple DMG" | |
env: | |
APP_EMAIL: ${{ secrets.APP_EMAIL }} | |
APP_PASS: ${{ secrets.APP_PASS }} | |
if: ${{ env.APP_EMAIL != null && matrix.os == 'macos-latest' }} | |
uses: devbotsxyz/xcode-staple@v1 | |
with: | |
product-path: ${{ env.DMG_PATH }} | |
- name: Update Automatic Release | |
uses: marvinpinto/action-automatic-releases@latest | |
if: ${{ env.RELEASE_INSTALLERS }} | |
with: | |
repo_token: "${{ secrets.GITHUB_TOKEN}}" | |
automatic_release_tag: ${{ matrix.os }} | |
prerelease: true | |
title: ${{ matrix.os }} Development Build | |
files: | | |
${{ env.DMG_PATH }} | |
./target/*.msi | |
./target/*.dmg | |
./target/*.deb |