Skip to content

Commit

Permalink
add github action
Browse files Browse the repository at this point in the history
  • Loading branch information
@schorschii
schorschii committed Apr 25, 2024
1 parent 8d3a52c commit 22d5c1c
Show file tree
Hide file tree
Showing 2 changed files with 186 additions and 2 deletions.
168 changes: 168 additions & 0 deletions .github/workflows/build_packages.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,168 @@
name: Release with packages

on:
workflow_dispatch: # allow manual execution
push:
tags:
- 'v*'

jobs:
create_release_deb: # used to identify the output in other jobs
name: Create Release with Debian package
runs-on: ubuntu-latest

permissions:
contents: write

outputs:
upload_url: ${{ steps.create_release.outputs.upload_url }}

steps:
- name: Checkout code
uses: actions/checkout@v3

- name: Install dependencies
run: |
sudo apt install -y qttools5-dev-tools qtchooser $(cat installer/deb/laps4linux-client/DEBIAN/control | grep 'Depends' | cut -d: -f2 | sed -e 's/,/ /g' | sed -r 's/\([<>=.0-9]+\)//g') $(cat installer/deb/laps4linux-runner/DEBIAN/control | grep 'Depends' | cut -d: -f2 | sed -e 's/,/ /g' | sed -r 's/\([<>=.0-9]+\)//g')
- name: Get version name for Github release title
run: cd laps-client && echo "VERSION=Version $(python3 -c 'import laps_client; print(laps_client.__version__)')" >> $GITHUB_ENV && cd ..

- name: Execute build
run: cd installer/deb/ && ./build.sh

- id: create_release
name: Create Github release
uses: actions/create-release@v1
env:
# this token is provided automatically by Actions with permissions declared above
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
draft: true # create a release draft - only the master of disaster is allowed to publish it
prerelease: false
release_name: ${{ env.VERSION }}
tag_name: ${{ github.ref }}

- name: Upload artifact
uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ github.token }}
with:
upload_url: ${{ steps.create_release.outputs.upload_url }}
asset_path: installer/deb/laps4linux-client.deb
asset_name: laps4linux-client.deb
asset_content_type: application/vnd.debian.binary-package
- name: Upload artifact
uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ github.token }}
with:
upload_url: ${{ steps.create_release.outputs.upload_url }}
asset_path: installer/deb/laps4linux-runner.deb
asset_name: laps4linux-runner.deb
asset_content_type: application/vnd.debian.binary-package

create_pkg:
name: Create macOS package
runs-on: macos-13
needs: create_release_deb

permissions:
contents: write

steps:
- name: Checkout code
uses: actions/checkout@v3

- name: Install Python
uses: actions/setup-python@v5
with:
python-version: '3.8'

- name: Importing signing certificates
run: |
# create and unlock temporary keychain
KEYCHAIN_NAME=$RUNNER_TEMP/build.keychain
KEYCHAIN_PASS=$(head -c 8 /dev/urandom | od -An -tu8 | awk '{$1=$1};1')
security create-keychain -p $KEYCHAIN_PASS $KEYCHAIN_NAME
security default-keychain -s $KEYCHAIN_NAME
security set-keychain-settings -lut 21600 $KEYCHAIN_NAME
security unlock-keychain -p $KEYCHAIN_PASS $KEYCHAIN_NAME
# add certificate to keychain
CERT_FILE=build.p12
echo "${{ secrets.DEVELOPER_ID_APPLICATION_CERT_BASE64 }}" | base64 --decode > $CERT_FILE
security import $CERT_FILE -k $KEYCHAIN_NAME -P "${{ secrets.DEVELOPER_ID_APPLICATION_CERT_PASSWORD }}" -T /usr/bin/codesign >/dev/null 2>&1
rm -fr $CERT_FILE
#security find-identity -v #-p codesigning
# enable codesigning from a non user interactive shell
security set-key-partition-list -S apple-tool:,apple: -s -k $KEYCHAIN_PASS $KEYCHAIN_NAME >/dev/null 2>&1
- name: Create venv, install Python packages, compile binaries
run: |
cd laps-client
python -m venv venv
venv/bin/pip3 install pyinstaller .
venv/bin/pyinstaller laps-client.macos.spec
cd ..
- name: Execute package build
run: cd installer/macos/ && ./build.sh
env:
DEVELOPER_ACCOUNT_USERNAME: ${{ secrets.DEVELOPER_ACCOUNT_USERNAME }}
DEVELOPER_ACCOUNT_PASSWORD: ${{ secrets.DEVELOPER_ACCOUNT_PASSWORD }}
DEVELOPER_ACCOUNT_TEAM: ${{ secrets.DEVELOPER_ACCOUNT_TEAM }}

- name: Purging signing keychain
run: |
security delete-keychain $RUNNER_TEMP/build.keychain
- name: Upload artifact
uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ github.token }}
with:
upload_url: ${{ needs.create_release_deb.outputs.upload_url }}
asset_path: installer/macos/laps4linux-client.dmg
asset_name: laps4linux-client.dmg
asset_content_type: application/octet-stream

create_exe:
name: Create Windows package
runs-on: windows-2022
needs: create_release_deb

permissions:
contents: write

steps:
- name: Checkout code
uses: actions/checkout@v3

- name: Install Python
uses: actions/setup-python@v5
with:
python-version: '3.8'

- name: Create venv, install Python packages, compile binaries
run: |
cd laps-client
python -m venv venv
venv/Scripts/pip.exe install pyinstaller==5.13.2 .
venv/Scripts/pyinstaller.exe laps-client.windows.spec
cd ..
- name: Execute package build
shell: cmd
run: cd installer\windows\ && "%programfiles(x86)%\Inno Setup 6\iscc.exe" "setup.iss"

- name: Upload artifact
uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ github.token }}
with:
upload_url: ${{ needs.create_release_deb.outputs.upload_url }}
asset_path: installer/windows/laps4linux-client.exe
asset_name: laps4linux-client.exe
asset_content_type: application/vnd.microsoft.portable-executable
20 changes: 18 additions & 2 deletions installer/macos/build.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,27 +6,35 @@ SRC_DIR="../../laps-client/dist"
DMG_FILE_TMP_MOUNT="/Volumes/LAPS4LINUX"
DMG_FILE_TMP="laps4linux-rw.dmg"
DMG_FILE="laps4linux-client.dmg"
#DEVELOPER_ACCOUNT_USERNAME=""
#DEVELOPER_ACCOUNT_PASSWORD=""
#DEVELOPER_ACCOUNT_TEAM=""


# remove temp build folder
rm -r "$SRC_DIR/LAPS4LINUX"


# check if mount point is free
if [ -d "$DMG_FILE_TMP_MOUNT" ]; then
echo "ERROR: $DMG_FILE_TMP_MOUNT already mounted"
exit 1
fi


# create DMG with .app directory and /Applications link
rm "$SRC_DIR/.DS_Store"
hdiutil create -srcfolder "$SRC_DIR" -volname "LAPS4LINUX" -fs HFS+ -fsargs "-c c=64,a=16,e=16" -format UDRW "$DMG_FILE_TMP"
hdiutil attach -readwrite -noverify -noautoopen "$DMG_FILE_TMP"
ln -s "/Applications" "$DMG_FILE_TMP_MOUNT/Applications"


# set volume icon
cp "../../assets/setup.icns" "$DMG_FILE_TMP_MOUNT/.VolumeIcon.icns"
SetFile -c icnC "$DMG_FILE_TMP_MOUNT/.VolumeIcon.icns"
SetFile -a C "$DMG_FILE_TMP_MOUNT"


# create final DMG
sleep 1
rm -rf "$DMG_FILE_TMP_MOUNT/.fseventsd"
Expand All @@ -35,10 +43,18 @@ sleep 1
hdiutil convert "$DMG_FILE_TMP" -format UDZO -o "$DMG_FILE"
rm "$DMG_FILE_TMP"


# notarize (only possible with valid signature)
# preparation for this step:
# xcrun notarytool store-credentials "notarytool-password" --apple-id "..." --team-id ...
if [ "$DEVELOPER_ACCOUNT_USERNAME" != "" ] && [ "$DEVELOPER_ACCOUNT_PASSWORD" != "" ] && [ "$DEVELOPER_ACCOUNT_TEAM" != "" ]; then
echo "Store credentials for notarization ..."
xcrun notarytool store-credentials "notarytool-password" --apple-id "$DEVELOPER_ACCOUNT_USERNAME" --password "$DEVELOPER_ACCOUNT_PASSWORD" --team-id "$DEVELOPER_ACCOUNT_TEAM"
fi

echo "Notarize package ..."
xcrun notarytool submit "$DMG_FILE" --wait --keychain-profile "notarytool-password"

# get logfile with additional information:
# xcrun notarytool log --keychain-profile "notarytool-password" xxx-xxx-xxx-xxx developer_log.json


echo "Build finished"

0 comments on commit 22d5c1c

Please sign in to comment.