Merge pull request #15 from StrangeLoopsAudio/dependabot/github_actio… #15
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Harmonigon | |
permissions: | |
contents: write | |
on: | |
workflow_dispatch: # lets you run a build from the UI | |
push: | |
# When pushing new commits, cancel any running builds on that branch | |
concurrency: | |
group: ${{ github.ref }} | |
cancel-in-progress: true | |
env: | |
PROJECT_NAME: Harmonigon | |
BUILD_TYPE: Release | |
BUILD_DIR: Builds | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
CMAKE_BUILD_PARALLEL_LEVEL: 3 # Use up to 3 cpus to build juceaide, etc | |
HOMEBREW_NO_INSTALL_CLEANUP: 1 | |
# jobs are run in paralell on different machines | |
# all steps run in series | |
jobs: | |
build_and_test: | |
name: ${{ matrix.name }} | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false # show all errors for each platform (vs. cancel jobs on error) | |
matrix: | |
include: | |
- name: Linux | |
os: ubuntu-22.04 | |
ccache: ccache | |
- name: macOS | |
os: macos-12 | |
ccache: ccache | |
- name: Windows | |
os: windows-latest | |
ccache: sccache | |
steps: | |
# This is just easier than debugging different compilers on different platforms | |
- name: Set up Clang | |
if: ${{ matrix.name != 'macOS' }} | |
uses: egor-tensin/setup-clang@v1 | |
# This also starts up our "fake" display Xvfb, needed for pluginval | |
- name: Install JUCE's Linux Deps | |
if: runner.os == 'Linux' | |
# Thanks to McMartin & co https://forum.juce.com/t/list-of-juce-dependencies-under-linux/15121/44 | |
run: | | |
sudo apt-get update && sudo apt install libasound2-dev libx11-dev libxinerama-dev libxext-dev libfreetype6-dev libwebkit2gtk-4.0-dev libglu1-mesa-dev xvfb ninja-build | |
sudo /usr/bin/Xvfb $DISPLAY & | |
#- name: Cache IPP (Windows) | |
# if: runner.os == 'Windows' | |
# id: cache-ipp | |
# uses: actions/cache@v3 | |
# with: | |
# key: ipp-v1 | |
# path: C:\Program Files (x86)\Intel\oneAPI\ipp | |
# | |
#- name: Install IPP (Windows) | |
# if: (runner.os == 'Windows') && (steps.cache-ipp.outputs.cache-hit != 'true') | |
# shell: bash | |
# run: | | |
# curl --output oneapi.exe https://registrationcenter-download.intel.com/akdlm/irc_nas/19078/w_BaseKit_p_2023.0.0.25940_offline.exe | |
# ./oneapi.exe -s -x -f oneapi | |
# ./oneapi/bootstrapper.exe -s -c --action install --components=intel.oneapi.win.ipp.devel --eula=accept -p=NEED_VS2022_INTEGRATION=1 --log-dir=. | |
# | |
#- name: Save IPP cache even on job fail | |
# if: runner.os == 'Windows' && (steps.cache-ipp.outputs.cache-hit != 'true') | |
# uses: actions/cache/save@v3 | |
# with: | |
# path: C:\Program Files (x86)\Intel\oneAPI\ipp | |
# key: ipp-v1 | |
# | |
# This lets us use sscache on Windows | |
# We need to install ccache here for Windows to grab the right version | |
- name: Install Ninja (Windows) | |
if: runner.os == 'Windows' | |
shell: bash | |
run: choco install ninja ccache | |
- name: Install macOS Deps | |
if: ${{ matrix.name == 'macOS' }} | |
run: brew install ninja osxutils | |
- name: Checkout code | |
uses: actions/checkout@v3 | |
with: | |
submodules: true # Get JUCE populated | |
- name: Setup Environment Variables | |
shell: bash | |
run: | | |
VERSION=$(cat VERSION) | |
echo "ARTIFACTS_PATH=${{ env.BUILD_DIR }}/${{ env.PROJECT_NAME }}_artefacts/${{ env.BUILD_TYPE }}" >> $GITHUB_ENV | |
echo "STANDALONE_PATH=${{ env.PROJECT_NAME }}_artefacts/${{ env.BUILD_TYPE }}/${{ env.PROJECT_NAME }}.app" >> $GITHUB_ENV | |
echo "PRODUCT_NAME=${{ env.PROJECT_NAME }}-$VERSION-${{ matrix.name }}" >> $GITHUB_ENV | |
- name: ccache | |
uses: hendrikmuhs/ccache-action@main | |
with: | |
key: v3-${{ matrix.os }}-${{ matrix.type }} | |
variant: ${{ matrix.ccache }} | |
- name: Import Certificates (macOS) | |
uses: apple-actions/import-codesign-certs@v1 | |
if: ${{ matrix.name == 'macOS' }} | |
with: | |
p12-file-base64: ${{ secrets.DEV_ID_APP_CERT }} | |
p12-password: ${{ secrets.DEV_ID_APP_PASSWORD }} | |
- name: Configure | |
shell: bash | |
run: cmake -B ${{ env.BUILD_DIR }} -G Ninja -DCMAKE_BUILD_TYPE=${{ env.BUILD_TYPE}} -DCMAKE_C_COMPILER_LAUNCHER=${{ matrix.ccache }} -DCMAKE_CXX_COMPILER_LAUNCHER=${{ matrix.ccache }} -DCMAKE_OSX_ARCHITECTURES="arm64;x86_64" . | |
- name: Build | |
shell: bash | |
run: cmake --build ${{ env.BUILD_DIR }} --config ${{ env.BUILD_TYPE }} --parallel 4 | |
- name: Test | |
working-directory: ${{ env.BUILD_DIR }} | |
run: ctest --output-on-failure -j4 | |
- name: Codesign (macOS) | |
working-directory: ${{ env.BUILD_DIR }} | |
if: ${{ matrix.name == 'macOS' }} | |
run: | | |
# Each plugin must be code signed | |
codesign --force -s "${{ secrets.DEVELOPER_ID_APPLICATION}}" -v ${{ env.STANDALONE_PATH }} --deep --strict --options=runtime --timestamp | |
- name: Create DMG, Notarize and Staple (macOS) | |
if: ${{ matrix.name == 'macOS' }} | |
run: | | |
npm install -g appdmg | |
mkdir -p packaging/dmg | |
# Move built files to dmg folder | |
mv "${{ env.BUILD_DIR }}/${{ env.STANDALONE_PATH }}" packaging/dmg | |
# Run appdmg to create the .dmg | |
cd packaging && appdmg dmg.json ${{ env.PRODUCT_NAME}}.dmg | |
codesign -s "${{ secrets.DEVELOPER_ID_APPLICATION}}" --timestamp -i com.StrangeLoops.Harmonigon --force ${{ env.PRODUCT_NAME }}.dmg | |
xcrun notarytool submit ${{ env.PRODUCT_NAME }}.dmg --apple-id ${{ secrets.NOTARIZATION_USERNAME }} --password ${{ secrets.NOTARIZATION_PASSWORD }} --team-id ${{ secrets.TEAM_ID }} --wait | |
xcrun stapler staple ${{ env.PRODUCT_NAME }}.dmg | |
- name: Zip | |
if: ${{ matrix.name == 'Linux' }} | |
working-directory: ${{ env.ARTIFACTS_PATH }} | |
run: 7z a -tzip ${{ env.PRODUCT_NAME }}.zip . | |
- name: Generate Installer and Sign with EV cert on Azure (Windows) | |
if: ${{ matrix.name == 'Windows' }} | |
shell: bash | |
run: | | |
iscc "packaging\installer.iss" | |
mv "packaging/Output/${{ env.PRODUCT_NAME }}.exe" "${{ env.ARTIFACTS_PATH }}/" | |
#dotnet tool install --global AzureSignTool | |
#AzureSignTool sign -kvu "${{ secrets.AZURE_KEY_VAULT_URI }}" -kvi "${{ secrets.AZURE_CLIENT_ID }}" -kvt "${{ secrets.AZURE_TENANT_ID }}" -kvs "${{ secrets.AZURE_CLIENT_SECRET }}" -kvc ${{ secrets.AZURE_CERT_NAME }} -tr http://timestamp.digicert.com -v "${{ env.ARTIFACTS_PATH }}/${{ env.PRODUCT_NAME }}.exe" | |
- name: Upload Exe (Windows) | |
if: ${{ matrix.name == 'Windows' }} | |
uses: actions/upload-artifact@v3 | |
with: | |
name: ${{ env.PRODUCT_NAME }}.exe | |
path: '${{ env.ARTIFACTS_PATH }}/${{ env.PRODUCT_NAME }}.exe' | |
- name: Upload Zip (Linux) | |
if: ${{ matrix.name == 'Linux' }} | |
uses: actions/upload-artifact@v3 | |
with: | |
name: ${{ env.PRODUCT_NAME }}.zip | |
path: '${{ env.ARTIFACTS_PATH }}/${{ env.PRODUCT_NAME }}.zip' | |
- name: Upload DMG (MacOS) | |
if: ${{ matrix.name == 'macOS' }} | |
uses: actions/upload-artifact@v3 | |
with: | |
name: ${{ env.PRODUCT_NAME }}.dmg | |
path: packaging/${{ env.PRODUCT_NAME }}.dmg | |
release: | |
if: contains(github.ref, 'tags/v') | |
runs-on: ubuntu-latest | |
needs: build_and_test | |
steps: | |
- name: Get Artifacts | |
uses: actions/download-artifact@v4.1.7 | |
- name: Create Release | |
uses: softprops/action-gh-release@v1 | |
with: | |
prerelease: true | |
# download-artifact puts these files in their own dirs... | |
# Using globs sidesteps having to pass the version around | |
files: | | |
*/*.exe | |
*/*.zip | |
*/*.dmg |