Build and package #620
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and package | |
| on: | |
| push: | |
| tags: | |
| - "v*.*.*" | |
| workflow_dispatch: | |
| jobs: | |
| build_macos: | |
| runs-on: macos-latest | |
| name: Build app bundle | |
| steps: | |
| - name: Checkout project | |
| uses: actions/checkout@v4 | |
| - name: Import signing certificate into keychain | |
| uses: apple-actions/import-codesign-certs@v3 | |
| with: | |
| p12-file-base64: ${{ secrets.SIGNING_CERTIFICATE_P12_DATA }} | |
| p12-password: ${{ secrets.SIGNING_CERTIFICATE_PASSWORD }} | |
| - name: Store notary service credentials in keychain | |
| run: | | |
| xcrun notarytool store-credentials \ | |
| --team-id $TEAM_ID \ | |
| --apple-id $APPLE_ID \ | |
| --password ${{ secrets.NOTARIZE_PASSWORD }} \ | |
| "briefcase-macOS-$TEAM_ID" | |
| env: | |
| APPLE_ID: "[email protected]" | |
| TEAM_ID: "G34LNR8C4Y" | |
| - name: Set up Python | |
| run: | | |
| wget -q https://www.python.org/ftp/python/3.12.2/python-3.12.2-macos11.pkg | |
| sudo installer -pkg python-3.12.2-macos11.pkg -target / | |
| python3 -c "import sys; print(sys.version)" | |
| echo "/Library/Frameworks/Python.framework/Versions/3.12/bin" >> $GITHUB_PATH | |
| - name: Install dependencies | |
| run: | | |
| python3 -m pip install -U pip | |
| python3 -m pip install -U briefcase | |
| python3 -m pip install -U bump2version | |
| - name: Bump build number | |
| run: | | |
| bump2version major --config-file .bumpversion-build.cfg | |
| - name: Build app | |
| id: build | |
| run: | | |
| # Update app code and dependencies. | |
| briefcase create macOS Xcode --no-input | |
| # Build app. | |
| briefcase build macOS Xcode --no-input | |
| # Run post-build scripts. | |
| # - add CLI executable | |
| # - keep .pyc files only to save space | |
| APP_PATH=$( find . -name "*Maestral.app" | head -n 1) | |
| python3 scripts/post-build-macos.py $APP_PATH | |
| # Attempt to codesign manually to see errors. | |
| codesign /Users/runner/work/maestral-cocoa/maestral-cocoa/build/maestral-cocoa/macos/xcode/build/Release/Maestral.app --sign C90016D845C6D782E7C061AB6D5476C9ABB7FB48 --force --entitlements /Users/runner/work/maestral-cocoa/maestral-cocoa/build/maestral-cocoa/macos/xcode/Maestral/maestral-cocoa.entitlements --options runtime --verbose | |
| # Package as dmg. | |
| briefcase package macOS Xcode --identity "$DEV_ID" --no-input | |
| # Prepare output for upload. | |
| DMG_PATH=$( find . -name "*.dmg" ) | |
| DMG_PATH=$( find . -name "*.dmg" ) | |
| DMG_NAME=$( basename "$DMG_PATH" ) | |
| echo "dmg created: $DMG_PATH" | |
| echo "dmg_name=${DMG_NAME}" >> $GITHUB_OUTPUT | |
| echo "dmg_path=${DMG_PATH}" >> $GITHUB_OUTPUT | |
| env: | |
| DEV_ID: "C90016D845C6D782E7C061AB6D5476C9ABB7FB48" | |
| PIP_NO_BINARY: "watchdog" | |
| - name: Upload build logs | |
| if: always() | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: build-logs | |
| path: /Users/runner/work/maestral-cocoa/maestral-cocoa/logs | |
| - name: Upload artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: ${{ steps.build.outputs.dmg_name }} | |
| path: ${{ steps.build.outputs.dmg_path }} | |
| - name: Push back Xcode project updates | |
| uses: stefanzweifel/git-auto-commit-action@v5 | |
| if: github.event_name == 'push' | |
| with: | |
| commit_message: Auto-commit build updates | |
| branch: main | |
| - name: Push back Xcode project updates | |
| uses: stefanzweifel/git-auto-commit-action@v5 | |
| if: github.event_name != 'push' | |
| with: | |
| commit_message: Auto-commit build updates |