-
Notifications
You must be signed in to change notification settings - Fork 84
132 lines (114 loc) · 5.56 KB
/
main.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
name: CI
on:
push:
pull_request:
workflow_dispatch:
release:
types: [published]
env:
PROJECT_TYPE: TOOL
jobs:
build:
name: Build
runs-on: macos-latest
env:
JOB_TYPE: BUILD
steps:
- uses: actions/checkout@v3
- name: Install Dependencies
run: brew install create-dmg
env:
HOMEBREW_NO_INSTALL_CLEANUP: 1
HOMEBREW_NO_AUTO_UPDATE: 1
- name: CI Bootstrap
run: |
src=$(/usr/bin/curl -Lfs https://raw.githubusercontent.com/acidanthera/ocbuild/master/ci-bootstrap.sh) && eval "$src" || exit 1
/usr/bin/curl -OL "https://github.com/acidanthera/ocbuild/raw/62c8088f73ebcaa07aec31bd450866f41fcf1c8f/codesign/appsign.sh" || exit 1
chmod a+x appsign.sh || exit 1
- name: Compile with codesign (DEBUG)
if: github.repository_owner == 'acidanthera' && github.event_name != 'pull_request'
env:
MAC_CERTIFICATE_PASSWORD: ${{ secrets.MAC_CERTIFICATE_PASSWORD }}
MAC_ACCOUNT_NAME: ${{ secrets.MAC_ACCOUNT_NAME }}
MAC_ACCOUNT_PASSWORD: ${{ secrets.MAC_ACCOUNT_PASSWORD }}
run: DEPLOY_SCRIPT="$(pwd)/appsign.sh" xcodebuild -jobs 1 -configuration Debug
- name: Compile with codesign (RELEASE)
if: github.repository_owner == 'acidanthera' && github.event_name != 'pull_request'
env:
MAC_CERTIFICATE_PASSWORD: ${{ secrets.MAC_CERTIFICATE_PASSWORD }}
MAC_ACCOUNT_NAME: ${{ secrets.MAC_ACCOUNT_NAME }}
MAC_ACCOUNT_PASSWORD: ${{ secrets.MAC_ACCOUNT_PASSWORD }}
run: DEPLOY_SCRIPT="$(pwd)/appsign.sh" xcodebuild -jobs 1 -configuration Release
- name: Compile (DEBUG)
if: github.repository_owner != 'acidanthera' || github.event_name == 'pull_request'
run: xcodebuild -jobs 1 -configuration Debug
- name: Compile (RELEASE)
if: github.repository_owner != 'acidanthera' || github.event_name == 'pull_request'
run: xcodebuild -jobs 1 -configuration Release
- name: Upload to Artifacts
if: github.repository_owner == 'acidanthera' && github.event_name != 'pull_request'
uses: actions/upload-artifact@v3
with:
name: Artifacts
path: build/*/*.dmg
- name: Upload to Release
if: github.event_name == 'release' && github.repository_owner == 'acidanthera'
uses: svenstaro/upload-release-action@e74ff71f7d8a4c4745b560a485cc5fdb9b5b999d
with:
repo_token: ${{ secrets.GITHUB_TOKEN }}
file: build/*/*.dmg
tag: ${{ github.ref }}
file_glob: true
- name: Get Sparkle 1.26
if: github.event_name == 'release' && github.repository_owner == 'acidanthera'
run: |
curl -L -s "https://github.com/sparkle-project/Sparkle/releases/download/1.26.0/Sparkle-1.26.0.tar.xz" -o Sparkle.tar.xz || exit 1
tar -xf Sparkle.tar.xz || exit 1
- name: Get Information & Sign
if: github.event_name == 'release' && github.repository_owner == 'acidanthera'
run: |
TAG_VER=${GITHUB_REF/refs\/tags\//}
DATE=$(date -R)
./bin/sign_update -s ${{ secrets.SIGNATURE_FOR_SIGNING }} build/Release/MaciASL-${TAG_VER}-RELEASE.dmg || exit 1
./bin/generate_appcast -o appcast.xml -s ${{ secrets.SIGNATURE_FOR_SIGNING }} --download-url-prefix https://github.com/acidanthera/MaciASL/releases/download/${TAG_VER}/ build/Release || exit 1
- name: Commit Appcast
if: github.event_name == 'release' && github.repository_owner == 'acidanthera'
run: |
# The 41898282 identifier comes from the GitHub Actions API: https://api.github.com/users/github-actions%5Bbot%5D.
git config --local user.email "41898282+github-actions[bot]@users.noreply.github.com"
git config --local user.name "GitHub Action"
git checkout --orphan appcast
git add appcast.xml
git commit appcast.xml -m "Update Appcast"
git push --set-upstream origin appcast --force
analyze-clang:
name: Analyze Clang
runs-on: macos-latest
env:
JOB_TYPE: ANALYZE
steps:
- uses: actions/checkout@v3
- name: CI Bootstrap
run: |
src=$(/usr/bin/curl -Lfs https://raw.githubusercontent.com/acidanthera/ocbuild/master/ci-bootstrap.sh) && eval "$src" || exit 1
- run: xcodebuild analyze -quiet -scheme MaciASL -configuration Debug CLANG_ANALYZER_OUTPUT=plist-html CLANG_ANALYZER_OUTPUT_DIR="$(pwd)/clang-analyze" && [ "$(find clang-analyze -name "*.html")" = "" ]
- run: xcodebuild clean -quiet -scheme MaciASL
- run: xcodebuild analyze -quiet -scheme MaciASL -configuration Release CLANG_ANALYZER_OUTPUT=plist-html CLANG_ANALYZER_OUTPUT_DIR="$(pwd)/clang-analyze" && [ "$(find clang-analyze -name "*.html")" = "" ]
analyze-coverity:
name: Analyze Coverity
runs-on: macos-latest
env:
JOB_TYPE: COVERITY
if: github.repository_owner == 'acidanthera' && github.event_name != 'pull_request'
steps:
- uses: actions/checkout@v3
- name: CI Bootstrap
run: |
src=$(/usr/bin/curl -Lfs https://raw.githubusercontent.com/acidanthera/ocbuild/master/ci-bootstrap.sh) && eval "$src" || exit 1
- name: Run Coverity
run: |
src=$(/usr/bin/curl -Lfs https://raw.githubusercontent.com/acidanthera/ocbuild/master/coverity/covstrap.sh) && eval "$src" || exit 1
env:
COVERITY_SCAN_TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
COVERITY_SCAN_EMAIL: ${{ secrets.COVERITY_SCAN_EMAIL }}
COVERITY_BUILD_COMMAND: xcodebuild -configuration Release