IOPS-1797 Add GH Action workflow for MacOS arm64. #35
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: 'BUILD-MACOS-ARM64' | |
on: | |
push: | |
paths-ignore: ['**.md'] | |
branches: | |
- master | |
- 'release/**' | |
- "m**" | |
tags: ['*'] | |
pull_request: | |
paths-ignore: ['**.md'] | |
branches: [master] | |
env: | |
CACHE_REVISION: '006' | |
CEF_BUILD_VERSION_MAC: '5060' | |
CEF_HASH_MAC_X86_64: '88b950aa0bfc001061c35e7f1f3fefba856a6afb35e38b2b7b42ddd8dd239182' | |
CEF_HASH_MAC_ARM64: '98679b92eea6ea9959ac5aa54f46ca60681d8a86c768c35f496dbdd409bf0642' | |
CEF_BUILD_VERSION_LINUX: '5060' | |
CEF_BUILD_VERSION_WIN: '5060' | |
QT_VERSION_MAC: '6.3.1' | |
QT_HASH_MAC_X86_64: 'a83f72a11023b03b6cb2dc365f0a66ad9df31163bbb4fe2df32d601856a9fad3' | |
QT_HASH_MAC_ARM64: '2f30af90c049670a5660656adbb440668aa1b0567f75a5f29e1def9108928403' | |
QT_HASH_MAC_UNIVERSAL: '252e6684f43ab9c6f262c73af739e2296ce391b998da2c4ee04c254aaa07db18' | |
QT_VERSION_WIN: '6.3.1' | |
DEPS_VERSION_MAC: '2022-08-02' | |
DEPS_HASH_MAC_X86_64: '7637e52305e6fc53014b5aabd583f1a4490b1d97450420e977cae9a336a29525' | |
DEPS_HASH_MAC_ARM64: '755e0fa69b17a3ae444e1befa9d91d77e3cafe628fbd1c6333686091826595cd' | |
DEPS_VERSION_WIN: '2022-08-02' | |
VLC_VERSION_MAC: '3.0.8' | |
VLC_HASH_MAC: 'e0149ef4a20a19b9ecd87309c2d27787ee3f47dfd47c6639644bc1f6fd95bdf6' | |
VLC_VERSION_WIN: '3.0.0-git' | |
TWITCH_CLIENTID: ${{ secrets.TWITCH_CLIENT_ID }} | |
TWITCH_HASH: ${{ secrets.TWITCH_HASH }} | |
RESTREAM_CLIENTID: ${{ secrets.RESTREAM_CLIENTID }} | |
RESTREAM_HASH: ${{ secrets.RESTREAM_HASH }} | |
YOUTUBE_CLIENTID: ${{ secrets.YOUTUBE_CLIENTID }} | |
YOUTUBE_CLIENTID_HASH: ${{ secrets.YOUTUBE_CLIENTID_HASH }} | |
YOUTUBE_SECRET: ${{ secrets.YOUTUBE_SECRET }} | |
YOUTUBE_SECRET_HASH: ${{ secrets.YOUTUBE_SECRET_HASH }} | |
OBS_VERSION: "1.5.1-28.1.2-m112" | |
LIBWEBRTC_RELEASE_TAG: "m112-release" | |
LIBWEBRTC_VERSION: "112.0" | |
WORKSPACE_ROOT: "obs-studio" | |
jobs: | |
macos_build: | |
name: 'MACOS-ARM64' | |
runs-on: ['self-hosted', 'macOS', 'ARM64'] | |
strategy: | |
matrix: | |
arch: ['arm64'] | |
env: | |
MACOSX_DEPLOYMENT_TARGET_X86_64: '10.15' | |
MACOSX_DEPLOYMENT_TARGET_ARM64: '11.0' | |
SPARKLE_VERSION: '1.26.0' | |
SPARKLE_HASH: '8312cbf7528297a49f1b97692c33cb8d33254c396dc51be394e9484e4b6833a0' | |
BLOCKED_FORMULAS: 'speexdsp curl php composer' | |
CODESIGN_IDENT: '-' | |
HAVE_CODESIGN_IDENTITY: ${{ secrets.MACOS_SIGNING_IDENTITY != '' && secrets.MACOS_SIGNING_CERT != '' }} | |
defaults: | |
run: | |
shell: bash | |
working-directory: ${{ env.WORKSPACE_ROOT }} | |
steps: | |
- name: 'Checkout' | |
uses: actions/checkout@v3 | |
with: | |
submodules: 'recursive' | |
path: ${{ env.WORKSPACE_ROOT }} | |
fetch-depth: 0 | |
- name: 'Check for Github Labels' | |
run: | | |
if test -n "$(curl -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" -s "${{ github.event.pull_request.url }}" | jq -e '.labels[] | select(.name == "Seeking Testers")')"; then | |
echo "SEEKING_TESTERS=1" >> $GITHUB_ENV | |
else | |
echo "SEEKING_TESTERS=0" >> $GITHUB_ENV | |
fi | |
echo "CACHE_DATE=$(date +"%Y-%m-%d")" >> $GITHUB_ENV | |
- name: 'Restore ccache from cache' | |
id: ccache-cache | |
uses: actions/cache@v3 | |
env: | |
CACHE_NAME: 'ccache-cache' | |
with: | |
path: ${{ github.workspace }}/.ccache | |
key: ${{ runner.os }}-pr-${{ env.CACHE_NAME }}-${{ matrix.arch }}-${{ env.CACHE_DATE }} | |
- name: 'Restore Chromium Embedded Framework from cache' | |
id: cef-cache | |
uses: actions/cache@v3 | |
env: | |
CACHE_NAME: 'cef-cache' | |
with: | |
path: ${{ github.workspace }}/obs-build-dependencies/cef_binary_${{ env.CEF_BUILD_VERSION_MAC }}_macos_${{ matrix.arch }} | |
key: ${{ runner.os }}-pr-${{ env.CACHE_NAME }}-${{ env.CEF_BUILD_VERSION_MAC }}-${{ matrix.arch }}-${{ env.CACHE_REVISION }} | |
- name: 'Restore VLC dependency from cache' | |
id: vlc-cache | |
uses: actions/cache@v3 | |
env: | |
CACHE_NAME: 'vlc-cache' | |
with: | |
path: ${{ github.workspace }}/obs-build-dependencies/vlc-${{ env.VLC_VERSION_MAC }} | |
key: ${{ runner.os }}-pr-${{ env.CACHE_NAME }}-${{ env.VLC_VERSION_MAC }}-${{ env.CACHE_REVISION }} | |
- name: 'Restore Sparkle dependency from cache' | |
id: sparkle-cache | |
uses: actions/cache@v3 | |
env: | |
CACHE_NAME: 'sparkle-cache' | |
with: | |
path: ${{ github.workspace }}/obs-build-dependencies/obs-deps/lib/Sparkle.framework | |
key: ${{ runner.os }}-pr-${{ env.CACHE_NAME }}-${{ env.SPARKLE_VERSION }}-${{ env.CACHE_REVISION }} | |
- name: 'Setup build environment' | |
id: setup | |
run: | | |
REMOVE_FORMULAS="" | |
for FORMULA in ${{ env.BLOCKED_FORMULAS }}; do | |
if [ -d "/usr/local/opt/${FORMULA}" ]; then | |
REMOVE_FORMULAS="${REMOVE_FORMULAS}${FORMULA} " | |
fi | |
done | |
if [ -n "${REMOVE_FORMULAS}" ]; then | |
brew uninstall ${REMOVE_FORMULAS} | |
fi | |
echo "commitHash=$(git rev-parse --short=9 HEAD)" >> $GITHUB_OUTPUT | |
- name: Download libwebrtc | |
env: | |
LIBWEBRTC_RELEASE_TAG: ${{ env.LIBWEBRTC_RELEASE_TAG }} | |
LIBWEBRTC_ASSETS_PATTERN: "^libWebRTC-${{ env.LIBWEBRTC_VERSION }}-.*64-Release-H264-OpenSSL_1_1_1.*.dmg.*" | |
GH_APP_RELEASECREATOR_TOKEN_PYTHON_SCRIPT: ${{ secrets.GH_APP_RELEASECREATOR_TOKEN_PYTHON_SCRIPT }} | |
GH_APP_RELEASECREATOR_PRIV_KEY: ${{ secrets.GH_APP_RELEASECREATOR_PRIV_KEY }} | |
GH_APP_ID: ${{ secrets.GH_APP_ID }} | |
GH_APP_INSTALLATION_ID: ${{ secrets.GH_APP_INSTALLATION_ID }} | |
run: | | |
python3 -m pip install jwt requests | |
echo ${GH_APP_RELEASECREATOR_TOKEN_PYTHON_SCRIPT} | base64 -d > ./generate_gh_app_installation_token.py | |
echo ${GH_APP_RELEASECREATOR_PRIV_KEY} | base64 -d > ./gh_app_priv_key.pem | |
export PEM_FILE=./gh_app_priv_key.pem | |
export GH_ACCESS_TOKEN_1H_EXPIRATION=$( python3 ./generate_gh_app_installation_token.py ) | |
rm ./gh_app_priv_key.pem ./generate_gh_app_installation_token.py | |
echo "GH_ACCESS_TOKEN_1H_EXPIRATION=${GH_ACCESS_TOKEN_1H_EXPIRATION}" >> $GITHUB_OUTPUT | |
echo "GH_ACCESS_TOKEN_1H_EXPIRATION is ready!" | |
echo "Looking for libwebrtc using the pattern: ${LIBWEBRTC_ASSETS_PATTERN}" | |
echo "LibWebRTC release tag: ${LIBWEBRTC_RELEASE_TAG}" | |
export LIBWEBRTC_RELEASE_URL=$(curl -L -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${GH_ACCESS_TOKEN_1H_EXPIRATION}" -H "X-GitHub-Api-Version: 2022-11-28" https://api.github.com/repos/CoSMoSoftware/libwebrtc-cmake/releases/tags/${LIBWEBRTC_RELEASE_TAG} | jq .url | tr -d '"') | |
echo "LIBWEBRTC_RELEASE_URL: ${LIBWEBRTC_RELEASE_URL}" | |
curl -L -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${GH_ACCESS_TOKEN_1H_EXPIRATION}" -H "X-GitHub-Api-Version: 2022-11-28" ${LIBWEBRTC_RELEASE_URL}/assets > assets.json | |
for asset_pair in $(cat assets.json | jq '.[] | (.id|tostring) + "|" + .name' | tr -d '"') | |
do | |
asset_pair=( ${asset_pair//|/ } ) | |
if [[ $(echo ${asset_pair[1]} | grep -e ${LIBWEBRTC_ASSETS_PATTERN}) ]]; then | |
echo "Downloading ${asset_pair[1]} from GitHub - GH_ASSET_ID: ${asset_pair[0]}..." | |
curl -L -H "Accept: application/octet-stream" -H "Authorization: Bearer ${GH_ACCESS_TOKEN_1H_EXPIRATION}" -H "X-GitHub-Api-Version: 2022-11-28" https://api.github.com/repos/CoSMoSoftware/libwebrtc-cmake/releases/assets/${asset_pair[0]} > ${asset_pair[1]} | |
fi | |
done | |
rm assets.json | |
- name: 'Install dependencies' | |
env: | |
RESTORED_VLC: ${{ steps.vlc-cache.outputs.cache-hit }} | |
RESTORED_SPARKLE: ${{ steps.sparkle-cache.outputs.cache-hit }} | |
RESTORED_CEF: ${{ steps.cef-cache.outputs.cache-hit }} | |
run: CI/macos/01_install_dependencies.sh --architecture "${{ matrix.arch }}" | |
- name: 'Unlock keychain' | |
run: | | |
security -v unlock-keychain -p ${MACOS_KEYCHAIN_PASSWORD} ${MACOS_KEYCHAIN_PATH} | |
env: | |
MACOS_KEYCHAIN_PASSWORD: ${{ secrets.MACOS_KEYCHAIN_PASSWORD }} | |
MACOS_KEYCHAIN_PATH: /Users/dolbyvoice/Library/Keychains/cosmosoftware.keychain-db | |
# Geneate OBS without obs-ndi plugin | |
- name: 'Build OBS - no NDI' | |
run: CI/macos/02_build_obs.sh --codesign --architecture "${{ matrix.arch }}" | |
env: | |
CODESIGN_IDENT: ${{ secrets.CODESIGN_IDENT }} | |
CODESIGN_TEAM_ID: ${{ secrets.CODESIGN_TEAM_ID }} | |
CODESIGN_IDENT_USER: ${{ secrets.CODESIGN_IDENT_USER }} | |
NOTARIZE_APP_SPECIFIC_PASSWORD: ${{ secrets.NOTARIZE_APP_SPECIFIC_PASSWORD }} | |
- name: 'Create build artifact' | |
run: | | |
CI/macos/03_package_obs.sh --codesign --architecture "${{ matrix.arch }}" | |
ARTIFACT_NAME=$(basename $(find build/. -name "obs-webrtc*.dmg")) | |
echo "FILE_NAME=${ARTIFACT_NAME}" >> $GITHUB_ENV | |
echo "ARTIFACT READY: ${ARTIFACT_NAME}" | |
env: | |
CODESIGN_IDENT: ${{ secrets.CODESIGN_IDENT }} | |
CODESIGN_TEAM_ID: ${{ secrets.CODESIGN_TEAM_ID }} | |
CODESIGN_IDENT_USER: ${{ secrets.CODESIGN_IDENT_USER }} | |
NOTARIZE_APP_SPECIFIC_PASSWORD: ${{ secrets.NOTARIZE_APP_SPECIFIC_PASSWORD }} | |
- name: 'Upload build Artifact' | |
uses: actions/upload-artifact@v3 | |
with: | |
name: 'obs-studio-macos-${{ matrix.arch }}-${{ steps.setup.outputs.commitHash }}' | |
path: '${{ github.workspace }}/obs-studio/build/${{ env.FILE_NAME }}' | |
# Geneate OBS with obs-ndi plugin | |
- name: 'Build OBS - with NDI' | |
run: CI/macos/02_build_obs.sh --codesign --architecture "${{ matrix.arch }}" --ndi | |
env: | |
CODESIGN_IDENT: ${{ secrets.CODESIGN_IDENT }} | |
CODESIGN_TEAM_ID: ${{ secrets.CODESIGN_TEAM_ID }} | |
CODESIGN_IDENT_USER: ${{ secrets.CODESIGN_IDENT_USER }} | |
NOTARIZE_APP_SPECIFIC_PASSWORD: ${{ secrets.NOTARIZE_APP_SPECIFIC_PASSWORD }} | |
- name: 'Create build artifact' | |
run: | | |
CI/macos/03_package_obs.sh --codesign --architecture "${{ matrix.arch }}" --ndi | |
ARTIFACT_NAME=$(basename $(find build/. -name "obs-webrtc*.dmg")) | |
echo "FILE_NAME=${ARTIFACT_NAME}" >> $GITHUB_ENV | |
echo "ARTIFACT READY: ${ARTIFACT_NAME}" | |
env: | |
CODESIGN_IDENT: ${{ secrets.CODESIGN_IDENT }} | |
CODESIGN_TEAM_ID: ${{ secrets.CODESIGN_TEAM_ID }} | |
CODESIGN_IDENT_USER: ${{ secrets.CODESIGN_IDENT_USER }} | |
NOTARIZE_APP_SPECIFIC_PASSWORD: ${{ secrets.NOTARIZE_APP_SPECIFIC_PASSWORD }} | |
- name: 'Upload build Artifact' | |
uses: actions/upload-artifact@v3 | |
with: | |
name: 'obs-studio-macos-${{ matrix.arch }}-${{ steps.setup.outputs.commitHash }}-ndi' | |
path: '${{ github.workspace }}/obs-studio/build/${{ env.FILE_NAME }}' |