Skip to content

chore: update github workflows #17

chore: update github workflows

chore: update github workflows #17

Workflow file for this run

name: Build macos
on:
push:
# branches: [ "main" ]
pull_request:
branches: ["main"]
jobs:
build:
runs-on: macos-11
strategy:
fail-fast: false
matrix:
arch: [arm64, x86_64]
steps:
- uses: actions/checkout@v4
with:
submodules: true
- name: Install Qt
uses: jurplel/install-qt-action@v3
with:
version: 6.5.3
tools: 'tools_ifw tools_cmake'
modules: 'qtwebsockets qt5compat'
- name: Install the Apple certificate and provisioning profile
env:
APPLE_CERTIFICATE_BASE64: ${{ secrets.APPLE_CERTIFICATE_BASE64 }}
APPLE_P12_PASSWORD: ${{ secrets.APPLE_P12_PASSWORD }}
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
run: |
if [[ -n "$APPLE_CERTIFICATE_BASE64" ]]; then
# create variables
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
# import certificate and provisioning profile from secrets
echo -n "$APPLE_CERTIFICATE_BASE64" | base64 --decode -o $CERTIFICATE_PATH
# create temporary keychain
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
# import certificate to keychain
security import $CERTIFICATE_PATH -P "$APPLE_P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
security list-keychain -d user -s $KEYCHAIN_PATH
# list signing identities
# security find-identity -v -p codesigning
fi
- name: Run build
run: |
./tools/build-macos.sh ${{ matrix.arch }}
env:
CI: 1
BUILD_QT_PATH: ${{ github.workspace }}/Qt/6.5.3/macos
BUILD_PARALLEL_THREADS: 2
MACOS_SIGN_NAME: ${{ secrets.MACOS_SIGN_NAME }}
APPLEID: ${{ secrets.APPLEID }}
APPLEIDPASS: ${{ secrets.APPLEIDPASS }}
APPLEIDTEAM: ${{ secrets.APPLEIDTEAM }}
- name: Rename build
id: "rename-build"
shell: bash
run: |
TARGET=casparcg-client-${{ github.sha }}-${{ matrix.arch }}.dmg
mv build/CasparCG*.dmg "$TARGET"
echo "artifactname=$TARGET" >> $GITHUB_OUTPUT
# check if a release branch, or main, or a tag
if [[ "${{ github.ref_name }}" == "main" || "${{ github.ref_name }}" == "2.3.x-lts" ]]
then
# Only report if we have an sftp password
if [ -n "${{ secrets.SFTP_PASSWORD }}" ]
then
echo "uploadname=$TARGET" >> $GITHUB_OUTPUT
fi
fi
- uses: actions/upload-artifact@v4
with:
name: casparcg-client-macos-${{ matrix.arch }}
path: ${{ steps.rename-build.outputs.artifactname }}
- name: Copy single file to remote
uses: garygrossgarten/[email protected]
if: ${{ steps.rename-build.outputs.uploadname }}
with:
local: "${{ steps.rename-build.outputs.uploadname }}"
remote: "${{ secrets.SFTP_ROOT }}/${{ github.ref_name }}/${{ steps.rename-build.outputs.uploadname }}"
host: ${{ secrets.SFTP_HOST }}
username: ${{ secrets.SFTP_USERNAME }}
password: ${{ secrets.SFTP_PASSWORD }}