-
Notifications
You must be signed in to change notification settings - Fork 101
117 lines (107 loc) · 4.73 KB
/
package_installers.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
name: Package Installers
on:
push:
branches: [ master ]
paths-ignore:
- '**.md'
pull_request:
branches: [ master ]
paths-ignore:
- '**.md'
release:
types: [ prereleased, released ]
workflow_dispatch:
jobs:
validate_gradle_wrapper:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: gradle/wrapper-validation-action@v1
build_push:
needs: [ validate_gradle_wrapper ]
name: Build and upload packaged app
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ macos-latest, windows-latest, ubuntu-latest ]
steps:
- uses: actions/checkout@v3
with:
# We need to download all tags so that the axion-release-plugin
# can resolve the most recent version tag.
fetch-depth: 0
- name: Set up JDK 17
uses: actions/setup-java@v3
with:
# We need a recent version of Java with jpackage included.
java-version: '17'
# We use the zulu distribution, which is an OpenJDK distro.
distribution: 'zulu'
# We create a code-signing keychain on MacOS before building and packaging the app, as the
# app will be signed as part of the jpackage build phase.
- name: "MacOS - Import Certificate: Developer ID Application"
if: matrix.os == 'macos-latest' && (github.event_name == 'push' || github.event_name == 'release')
uses: devbotsxyz/import-signing-certificate@v1
with:
# This should be a certificate + private key, exported as a p12 file and base64 encoded as
# a GitHub secret. The certificate should be the:
# 'Developer ID Application: The International Data Organization For Transport (BF2U75HN4D)'
# certificate, locked with the specified passphrase.
certificate-data: ${{ secrets.MACOS_DEVELOPER_ID_APPLICATION_CERTIFICATE_P12_BASE64 }}
certificate-passphrase: ${{ secrets.MACOS_DEVELOPER_ID_APPLICATION_CERTIFICATE_PASSWORD }}
# The resulting keychain will be locked with this separate password.
keychain-password: ${{ secrets.MACOS_KEYCHAIN_PASSWORD }}
- name: "Package GUI app installer with Gradle"
uses: gradle/gradle-build-action@v2
with:
arguments: |
jpackage
-Psign-app=${{github.event_name == 'push' || github.event_name == 'release'}}
# On MacOS, we now submit the app for "notarization", where Apple will scan the app for
# malware and other issues. This step can take a few minutes or more; the action will wait
# until the report is available.
- name: "MacOS - Notarize Release Build"
if: matrix.os == 'macos-latest' && (github.event_name == 'push' || github.event_name == 'release')
uses: devbotsxyz/xcode-notarize@v1
with:
product-path: "app/pkg/build/jpackage/GTFS Validator.app"
# The Apple developer account used to run notarization. This account will receive an
# email every time notarization is run.
appstore-connect-username: ${{ secrets.MACOS_NOTARIZATION_USERNAME }}
# The app-specific password configured for the Apple developer account that will be used
# for authentication (different from the main password for the dev account).
appstore-connect-password: ${{ secrets.MACOS_NOTARIZATION_PASSWORD }}
# Now that we have a notarization report, we attach it to the app binary.
- name: "Mac OS - Staple Release Build"
if: matrix.os == 'macos-latest' && (github.event_name == 'push' || github.event_name == 'release')
uses: devbotsxyz/xcode-staple@v1
with:
product-path: "app/pkg/build/jpackage/GTFS Validator.app"
# Now that we have a notarized app, we can package it.
- name: "Mac OS - Package the app"
if: matrix.os == 'macos-latest'
shell: bash
run: |
appVersion=$(./gradlew cV -q -Prelease.quiet)
appVersion=${appVersion//-SNAPSHOT/}
jpackage \
--type dmg \
--name 'GTFS Validator' \
--app-version ${appVersion} \
--app-image app/pkg/build/jpackage/GTFS\ Validator.app \
--dest app/pkg/build/jpackage
jpackage \
--type pkg \
--name 'GTFS Validator' \
--app-version ${appVersion} \
--app-image app/pkg/build/jpackage/GTFS\ Validator.app \
--dest app/pkg/build/jpackage
- name: "Upload Installer"
uses: actions/upload-artifact@v3
with:
name: Installer - ${{matrix.os}}
path: |
app/pkg/build/jpackage/*.msi
app/pkg/build/jpackage/*.dmg
app/pkg/build/jpackage/*.pkg
app/pkg/build/jpackage/*.deb