forked from jamulussoftware/jamulus
-
Notifications
You must be signed in to change notification settings - Fork 0
314 lines (282 loc) · 16 KB
/
autobuild.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
# This file builds the source and produces artifacts for every supported platform.
# For release tags it creates a Github release and uploads the binaries to that releases.
# The builds are instrumented with CodeQL.
# see analyse_git_reference.py for implementation of the logic:
# for every push to a branch starting with "autobuild": (can be used during development for tighter supervision of builds)
# - do CodeQl while building for every platform
# - publish the created binaries/packs only as artifacts/appendix of the github-action-run (not as release), and only retain those files for limited period
# for every pull-request to master:
# - do CodeQl while building for every platform
# - publish the created binaries/packs only as artifacts/appendix of the github-action-run (not as release), and only retain those files for limited period
# for every tag that starts with 'r' and has an arbitrary suffix (e.g. beta1, rc1, etc.)
# - do CodeQl while building for every platform
# - publish the created binaries/packs only as artifacts/appendix as a prerelease
# for every tag that starts with 'r' and does not have any suffix:
# - do CodeQl while building for every platform
# - publish the created binaries/packs only as artifacts/appendix as a release
on:
workflow_dispatch:
push:
tags:
- "r*"
branches:
# For developers: Branches starting with autobuild will be built and evaluated on each push.
- "autobuild**"
# CodeQL requires every branch from on.pull_request to be part of on.push as well in order to run comparisons.
# We also need master here to trigger builds on PR merge to master and manual pushes (e.g. as part of the release process):
- "master"
paths-ignore:
- '**README.md'
- 'docs/**'
- 'SECURITY.md'
- 'CONTRIBUTING.md'
- 'COMPILING.md'
- 'COPYING'
- 'APPLEAPPSTORE.LICENCE.WAIVER'
- '.github/ISSUE_TEMPLATE/*'
- '.github/pull_request_template.md'
pull_request:
branches:
- master
paths-ignore:
- '**README.md'
- 'docs/**'
- 'SECURITY.md'
- 'CONTRIBUTING.md'
- 'COMPILING.md'
- 'COPYING'
- 'APPLEAPPSTORE.LICENCE.WAIVER'
- '.github/ISSUE_TEMPLATE/*'
- '.github/pull_request_template.md'
name: Auto-Build
jobs:
create_release:
# Check if we are doing a release or just a normal build.
# This must be done before actually building the app to find out where to upload the binaries and if we need to create a Github release.
name: Build vars & Github release (if required)
runs-on: ubuntu-20.04
outputs:
publish_to_release: ${{ steps.get-build-vars.outputs.PUBLISH_TO_RELEASE }}
upload_url: ${{ steps.create-release.outputs.upload_url }}
build_version: ${{ steps.get-build-vars.outputs.BUILD_VERSION }}
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Determine release version, type and prerelease variables and generate Changelog
run: python3 ${{ github.workspace }}/.github/actions_scripts/analyse_git_reference.py
id: get-build-vars
- name: Remove release ${{steps.get-build-vars.outputs.RELEASE_TAG}}, if existing
if: steps.get-build-vars.outputs.PUBLISH_TO_RELEASE == 'true'
continue-on-error: true
uses: dev-drprasad/[email protected]
with:
delete_release: true
tag_name: ${{ steps.get-build-vars.outputs.RELEASE_TAG }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Create Release ${{steps.get-build-vars.outputs.RELEASE_TAG}} ${{steps.get-build-vars.outputs.RELEASE_TITLE}}
if: steps.get-build-vars.outputs.PUBLISH_TO_RELEASE == 'true'
id: create-release
uses: actions/create-release@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: ${{ steps.get-build-vars.outputs.RELEASE_TAG }}
release_name: ${{ steps.get-build-vars.outputs.RELEASE_TITLE }}
body_path: autoLatestChangelog.md
prerelease: ${{ steps.get-build-vars.outputs.IS_PRERELEASE }}
draft: false
release_assets:
name: Build for ${{ matrix.config.config_name }}
needs: create_release
strategy:
fail-fast: false
matrix:
# Think of this like a foreach loop. Basically runs the steps with every combination of
# the contents of this.
config:
- config_name: Android .apk (artifact+codeQL)
target_os: android
building_on_os: ubuntu-20.04
base_command: ./.github/autobuild/android.sh
run_codeql: true
# Jamulus.pro needs to count git history length for android versioning:
checkout_fetch_depth: '0'
- config_name: Linux .deb amd64 (artifacts+codeQL)
target_os: linux
building_on_os: ubuntu-18.04
base_command: ./.github/autobuild/linux_deb.sh
run_codeql: true
- config_name: Linux .deb armhf (artifacts)
target_os: linux
building_on_os: ubuntu-18.04
base_command: TARGET_ARCH=armhf ./.github/autobuild/linux_deb.sh
run_codeql: false
- config_name: MacOS (artifacts)
target_os: macos
# Stay on 10.15 as long as we use dmgbuild which does not work with 11's hdiutil (?):
building_on_os: macos-10.15
base_command: QT_VERSION=5.15.2 SIGN_IF_POSSIBLE=1 ./.github/autobuild/mac.sh
# Disable CodeQL on mac as it interferes with signing the binaries (signing hangs, see #2563 and #2564)
run_codeql: false
xcode_version: 12.1.1
# Reminder: If Legacy is removed, be sure to add a dedicated job for CodeQL again.
- config_name: MacOS Legacy (artifacts+CodeQL)
target_os: macos
building_on_os: macos-10.15
base_command: QT_VERSION=5.9.9 SIGN_IF_POSSIBLE=0 ARTIFACT_SUFFIX=_legacy ./.github/autobuild/mac.sh
# Enable CodeQL on mac legacy as this version does not get signed
run_codeql: true
# For Qt5 on Mac, we need to ensure SDK 10.15 is used, and not SDK 11.x.
# Xcode 12.1 is the most-recent release which still ships SDK 10.15:
# https://developer.apple.com/support/xcode/
# Xcode 12.1.1 is the most-recent 12.1.x release:
# https://xcodereleases.com/
xcode_version: 12.1.1
- config_name: iOS (artifacts)
target_os: ios
building_on_os: macos-10.15
base_command: QT_VERSION=5.15.2 ./.github/autobuild/ios.sh
# Build failed with CodeQL enabled when last tested 03/2022 (#2490).
# There are no hints that iOS is supposed to be supported by CodeQL.
# Therefore, disable it:
run_codeql: false
xcode_version: 12.1.1
- config_name: Windows (artifact+codeQL)
target_os: windows
building_on_os: windows-2019
base_command: powershell .\.github\autobuild\windows.ps1 -Stage
run_codeql: true
- config_name: Windows JACK (artifact)
target_os: windows
building_on_os: windows-2019
base_command: powershell .\.github\autobuild\windows.ps1 -BuildOption jackonwindows -Stage
run_codeql: false
runs-on: ${{ matrix.config.building_on_os }}
steps:
- name: Select Xcode version for Mac
if: matrix.config.target_os == 'macos' || matrix.config.target_os == 'ios'
uses: maxim-lobanov/setup-xcode@v1
with:
xcode-version: ${{ matrix.config.xcode_version }}
- name: Checkout code
uses: actions/checkout@v2
with:
submodules: true
fetch-depth: ${{ matrix.config.checkout_fetch_depth || '1' }}
- name: Cache Mac dependencies
if: matrix.config.target_os == 'macos'
uses: actions/cache@v2
with:
path: |
/usr/local/opt/qt
~/Library/Cache/jamulus-homebrew-bottles
key: ${{ matrix.config.target_os }}-${{ hashFiles('.github/workflows/autobuild.yml', 'autobuild/mac/autobuild_mac_1_prepare.sh', 'mac/deploy_mac.sh') }}-${{ matrix.config.base_command }}
- name: Cache Windows dependencies
if: matrix.config.target_os == 'windows'
uses: actions/cache@v2
with:
path: |
C:\Qt
C:\ChocoCache
~\windows\NSIS
~\libs\ASIOSDK2
key: ${{ matrix.config.target_os }}-${{ hashFiles('.github/workflows/autobuild.yml', 'autobuild/windows.ps1', 'windows/deploy_windows.ps1') }}-${{ matrix.config.base_command }}
- name: Cache Android dependencies
if: matrix.config.target_os == 'android'
uses: actions/cache@v2
with:
path: |
/opt/Qt
/opt/android/android-sdk
/opt/android/android-ndk
key: ${{ matrix.config.target_os }}-${{ hashFiles('.github/workflows/autobuild.yml', '.github/autobuild/android.sh') }}-${{ matrix.config.base_command }}
- name: Set up build dependencies for ${{ matrix.config.config_name }}
run: ${{ matrix.config.base_command }} setup
env:
JAMULUS_BUILD_VERSION: ${{ needs.create_release.outputs.build_version }}
- name: Initialize CodeQL
if: matrix.config.run_codeql
uses: github/codeql-action/init@v1
with:
languages: 'cpp'
- name: Build for ${{ matrix.config.config_name }}
id: build
run: ${{ matrix.config.base_command }} build
env:
JAMULUS_BUILD_VERSION: ${{ needs.create_release.outputs.build_version }}
MACOS_CERTIFICATE: ${{ secrets.MACOS_CERT}}
MACOS_CERTIFICATE_PWD: ${{ secrets.MACOS_CERT_PWD }}
MACOS_CERTIFICATE_ID: ${{ secrets.MACOS_CERT_ID }}
NOTARIZATION_PASSWORD: ${{ secrets.NOTARIZATION_PASSWORD }}
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
- name: Post-Build for ${{ matrix.config.config_name }}
id: get-artifacts
run: ${{ matrix.config.base_command }} get-artifacts
env:
JAMULUS_BUILD_VERSION: ${{ needs.create_release.outputs.build_version }}
- name: Upload Artifact 1 to Job
# Every build job has at least one artifact. Therefore, no `if` here.
# If the artifact is missing, this should fail.
uses: actions/upload-artifact@v2
with:
name: ${{ steps.get-artifacts.outputs.artifact_1 }}
path: deploy/${{ steps.get-artifacts.outputs.artifact_1 }}
retention-days: 31
if-no-files-found: error
- name: Upload Artifact 2 to Job
if: steps.get-artifacts.outputs.artifact_2
uses: actions/upload-artifact@v2
with:
name: ${{ steps.get-artifacts.outputs.artifact_2 }}
path: deploy/${{ steps.get-artifacts.outputs.artifact_2 }}
retention-days: 31
if-no-files-found: error
- name: Notarize macOS Release Build
if: >-
steps.build.outputs.macos_signed == 'true' &&
needs.create_release.outputs.publish_to_release == 'true'
id: notarize-macOS-app
uses: devbotsxyz/xcode-notarize@d7219e1c390b47db8bab0f6b4fc1e3b7943e4b3b
with:
product-path: deploy/${{ steps.get-artifacts.outputs.artifact_1 }}
primary-bundle-id: io.jamulus.Jamulus
appstore-connect-username: ${{ secrets.NOTARIZATION_USERNAME }}
appstore-connect-password: ${{ secrets.NOTARIZATION_PASSWORD }}
- name: Staple macOS Release Build
if: >-
steps.build.outputs.macos_signed == 'true' &&
needs.create_release.outputs.publish_to_release == 'true'
id: staple-macOS-app
uses: devbotsxyz/xcode-staple@v1
with:
product-path: deploy/${{ steps.get-artifacts.outputs.artifact_1 }}
- name: Upload Artifact 1 to Release
# Every build job has at least one artifact. Therefore, no `if artifact_1` condition here.
# If the artifact is missing, this should fail.
if: needs.create_release.outputs.publish_to_release == 'true'
id: upload-release-asset1
uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ needs.create_release.outputs.upload_url }}
asset_path: deploy/${{ steps.get-artifacts.outputs.artifact_1 }}
asset_name: ${{ steps.get-artifacts.outputs.artifact_1 }}
asset_content_type: application/octet-stream
- name: Upload Artifact 2 to Release
if: >-
steps.get-artifacts.outputs.artifact_2 != '' &&
needs.create_release.outputs.publish_to_release == 'true'
id: upload-release-asset2
uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ needs.create_release.outputs.upload_url }}
asset_path: deploy/${{ steps.get-artifacts.outputs.artifact_2 }}
asset_name: ${{ steps.get-artifacts.outputs.artifact_2 }}
asset_content_type: application/octet-stream
- name: Perform CodeQL Analysis
if: matrix.config.run_codeql
uses: github/codeql-action/analyze@v1