Skip to content

🔨 [CI] Sign MacOS executable #5

🔨 [CI] Sign MacOS executable

🔨 [CI] Sign MacOS executable #5

name: "Release Installer"
on:
push:
tags:
- "*"
env:
cmake_configure_args: "" # -D WARNINGS_AS_ERRORS_FOR_COOLLAB_LAUNCHER=ON # TODO(Launcher) Check warnings
cmakelists_folder: "."
cmake_target: Coollab-Launcher
jobs:
create-release-executables:
name: ${{matrix.config.name}}
runs-on: ${{matrix.config.os}}
strategy:
fail-fast: false
matrix:
config:
- {
name: Windows,
os: windows-latest,
cmake_configure_args: -D CMAKE_C_COMPILER=cl CMAKE_CXX_COMPILER=cl -G Ninja,
cpack_generator: NSIS,
installer_name: Coollab-Launcher-Windows.exe,
}
- {
name: Linux,
os: ubuntu-latest,
cmake_configure_args: -D CMAKE_C_COMPILER=clang -D CMAKE_CXX_COMPILER=clang++ -G Ninja,
cpack_generator: STGZ,
installer_name: Coollab-Launcher-Linux.sh,
}
- {
name: MacOS,
os: macos-latest,
cmake_configure_args: -D CMAKE_C_COMPILER=clang -D CMAKE_CXX_COMPILER=clang++ -G Ninja -DOPENSSL_ROOT_DIR=/usr/local/opt/openssl -DOPENSSL_LIBRARIES=/usr/local/opt/openssl/lib,
cpack_generator: Bundle,
installer_name: Coollab-Launcher-MacOS.dmg,
}
steps:
- uses: actions/checkout@v3
with:
submodules: recursive
- uses: mjp41/workaround8649@c8550b715ccdc17f89c8d5c28d7a48eeff9c94a8 # Temporary workaround for Linux Clang not working atm. See https://github.com/actions/runner-images/issues/8659
with:
os: ${{ matrix.config.os }}
- name: Set up MSVC # NOTE: required to find cl.exe when using the Ninja generator. And we need to use Ninja in order for ccache to be able to cache stuff with MSVC.
if: matrix.config.name == 'Windows'
uses: ilammy/msvc-dev-cmd@v1.13.0
- name: ccache
uses: hendrikmuhs/ccache-action@main
with:
key: ${{matrix.config.name}} Clang-Release # Key name should match the one used in build_and_run_tests.yml so that we can reuse its cache.
- name: Install Linux dependencies
if: runner.os == 'Linux'
run: |
sudo apt-get update -y
sudo apt-get install -y libgtk-3-dev
- name: Install MacOS dependencies
if: runner.os == 'MacOS'
run: |
brew install openssl
- name: Build
uses: lukka/run-cmake@v3
with:
cmakeListsOrSettingsJson: CMakeListsTxtAdvanced
cmakeListsTxtPath: ${{github.workspace}}/${{env.cmakelists_folder}}/CMakeLists.txt
cmakeAppendedArgs: ${{env.cmake_configure_args}} -D CPACK_GENERATOR=${{matrix.config.cpack_generator}} -D CMAKE_BUILD_TYPE=Release ${{matrix.config.cmake_configure_args}} -D CMAKE_C_COMPILER_LAUNCHER=ccache -D CMAKE_CXX_COMPILER_LAUNCHER=ccache
buildWithCMakeArgs: --config Release --target ${{env.cmake_target}}
cmakeBuildType: Release
buildDirectory: ${{github.workspace}}/build
- name: Import signing certificate
if: runner.os == 'MacOS'
env:
MACOS_CERT_P12: ${{ secrets.MACOS_CERT_P12 }}
MACOS_CERT_PASSWORD: ${{ secrets.MACOS_CERT_PASSWORD }}
MACOS_CERT_KEYCHAIN_PASSWORD: ${{ secrets.MACOS_CERT_KEYCHAIN_PASSWORD }}
run: |
echo "$MACOS_CERT_P12" | base64 --decode > macos_cert.p12
security create-keychain -p "$MACOS_CERT_KEYCHAIN_PASSWORD" build.keychain
security import macos_cert.p12 -k build.keychain -P "$MACOS_CERT_PASSWORD" -T /usr/bin/codesign
security list-keychains -s build.keychain
security set-keychain-settings -t 3600 -u build.keychain
security unlock-keychain -p "$MACOS_CERT_KEYCHAIN_PASSWORD" build.keychain
security find-identity -v -p codesigning build.keychain
- name: Sign the application
if: runner.os == 'MacOS'
env:
MACOS_CERT_KEYCHAIN_PASSWORD: ${{ secrets.MACOS_CERT_KEYCHAIN_PASSWORD }}
run: |
security unlock-keychain -p "$MACOS_CERT_KEYCHAIN_PASSWORD" build.keychain
codesign --deep --force --verify --verbose --sign "Jules Fouchy" ${{github.workspace}}/bin/Release/Coollab-Launcher
- name: Create Installer
run: |
cd ${{github.workspace}}/build
cpack
- name: Release
uses: softprops/action-gh-release@v1
with:
files: |
${{runner.os != 'Windows' && github.workspace || ''}}${{runner.os != 'Windows' && '/' || ''}}build/${{matrix.config.installer_name}}