Release #1058
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Generate a new release (alpha or beta) | |
name: Release | |
on: | |
# Generate an alpha every day | |
schedule: | |
- cron: "0 0 * * *" | |
workflow_dispatch: | |
inputs: | |
# Note: `releaseType` will be set to an empty string when automatically run without human action (via the cronjob). | |
# In that case, it means we want to generate an alpha. | |
releaseType: | |
description: 'Set to "release" for a beta release.' | |
required: false | |
default: "alpha" | |
env: | |
GITHUB_USERNAME: "nuxeodrive" | |
GITHUB_EMAILID: "[email protected]" | |
jobs: | |
release: | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false | |
matrix: | |
os: [ubuntu-latest, windows-latest, 'macos-latest'] | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
with: | |
ref: ${{ github.event.inputs.branch }} | |
# | |
# Global | |
# | |
- name: Install SSH key | |
uses: shimataro/ssh-key-action@v2 | |
with: | |
key: ${{ secrets.SSH_PRIV_KEY }} | |
known_hosts: ${{ secrets.SSH_KNOWN_HOST_DEPLOY }} | |
- name: Setup git | |
if: github.event.inputs.releaseType == 'alpha' || github.event.inputs.releaseType == '' | |
run: | | |
git config user.email ${{ env.GITHUB_EMAILID }} | |
git config user.name ${{ env.GITHUB_USERNAME }} | |
- name: Bump the version number | |
if: github.event.inputs.releaseType == 'alpha' || github.event.inputs.releaseType == '' | |
run: | | |
git fetch --unshallow --tags | |
bash tools/bump-alpha-version.sh || exit 1 | |
# | |
# GNU/Linux | |
# | |
- name: "[GNU/Linux] Install AppImage checkers" | |
if: matrix.os == 'ubuntu-latest' | |
run: sudo apt install --yes appstream desktop-file-utils | |
- name: "[GNU/Linux] Login to the docker registry" | |
if: matrix.os == 'ubuntu-latest' | |
uses: docker/login-action@v2 | |
with: | |
registry: "docker-private.packages.nuxeo.com" | |
username: ${{ secrets.DOCKER_USERNAME }} | |
password: ${{ secrets.DOCKER_PASSWORD }} | |
- name: "[GNU/Linux] Set appropriate volume folders" | |
if: matrix.os == 'ubuntu-latest' | |
run: | | |
mkdir build dist venv | |
chmod 777 build dist venv | |
- name: "[GNU/Linux] Generate the .AppImage" | |
if: matrix.os == 'ubuntu-latest' | |
env: | |
REGISTRY: "docker-private.packages.nuxeo.com" | |
REPOSITORY: "nuxeo-drive-build" | |
run: docker run -v "$(pwd)":/opt/sources "${REGISTRY}/${REPOSITORY}:py-3.9.5" # XXX_PYTHON | |
- name: "[GNU/Linux] Ensure the AppImage is correct" | |
if: matrix.os == 'ubuntu-latest' | |
run: bash tools/linux/deploy_ci_agent.sh --check | |
- name: "[GNU/Linux] Upload artifacts" | |
if: matrix.os == 'ubuntu-latest' | |
uses: actions/upload-artifact@v3 | |
with: | |
name: package-distributions | |
path: ./dist/*.AppImage | |
if-no-files-found: error | |
# | |
# macOS | |
# | |
- name: "[macOS] Setup certificates" | |
if: matrix.os == 'macos-latest' | |
run: | | |
wget https://www.apple.com/appleca/AppleIncRootCertificate.cer | |
echo "${{ secrets.CERT_APP_MACOS }}" | base64 --decode > developerID_application.cer | |
echo "${{ secrets.PRIV_APP_MACOS }}" | base64 --decode > nuxeo-drive.priv | |
- name: "[macOS] Downloading Python" | |
if: matrix.os == 'macos-latest' | |
run: curl https://www.python.org/ftp/python/3.9.5/python-3.9.5-macosx10.9.pkg -o "python.pkg" # XXX_PYTHON | |
- name: "[macOS] Install Python" | |
if: matrix.os == 'macos-latest' | |
run: sudo installer -pkg python.pkg -target / | |
- name: "[macOS] Setup the environment" | |
if: matrix.os == 'macos-latest' | |
env: | |
MACOSX_DEPLOYMENT_TARGET: "11.3" | |
SYSTEM_VERSION_COMPAT: 0 | |
run: bash tools/osx/deploy_ci_agent.sh --install-release | |
- name: "[macOS] Generate the .dmg and validate against 2021" | |
if: matrix.os == 'macos-latest' | |
timeout-minutes: 20 | |
env: | |
NXDRIVE_TEST_NUXEO_URL: "https://drive-2021.beta.nuxeocloud.com/nuxeo" | |
MACOSX_DEPLOYMENT_TARGET: "11.3" | |
KEYCHAIN_PATH: "~/Library/Keychains/drive.keychain-db" | |
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }} | |
NOTARIZATION_USERNAME: ${{ secrets.NOTARIZATION_USERNAME }} | |
NOTARIZATION_PASSWORD: ${{ secrets.NOTARIZATION_PASSWORD }} | |
NOTARIZATION_TEAMID: ${{ secrets.NOTARIZATION_TEAMID }} | |
SIGNING_ID: "NUXEO CORP" | |
SYSTEM_VERSION_COMPAT: 0 | |
run: bash tools/osx/deploy_ci_agent.sh --check-upgrade | |
- name: "[macOS] Generate the .dmg and validate against 2023" | |
if: matrix.os == 'macos-latest' | |
timeout-minutes: 20 | |
env: | |
NXDRIVE_TEST_NUXEO_URL: "https://drive-2023.beta.nuxeocloud.com/nuxeo" | |
NXDRIVE_TEST_USERNAME: ${{ secrets.NXDRIVE_2023_TEST_USERNAME }} | |
NXDRIVE_TEST_PASSWORD: ${{ secrets.NXDRIVE_2023_TEST_PASSWORD }} | |
MACOSX_DEPLOYMENT_TARGET: "11.3" | |
KEYCHAIN_PATH: "~/Library/Keychains/drive.keychain-db" | |
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }} | |
NOTARIZATION_USERNAME: ${{ secrets.NOTARIZATION_USERNAME }} | |
NOTARIZATION_PASSWORD: ${{ secrets.NOTARIZATION_PASSWORD }} | |
NOTARIZATION_TEAMID: ${{ secrets.NOTARIZATION_TEAMID }} | |
SIGNING_ID: "NUXEO CORP" | |
SYSTEM_VERSION_COMPAT: 0 | |
run: bash tools/osx/deploy_ci_agent.sh --check-upgrade | |
- name: "[macOS] Upload artifacts" | |
if: matrix.os == 'macos-latest' | |
uses: actions/upload-artifact@v3 | |
with: | |
name: package-distributions | |
path: ./dist/*.dmg | |
if-no-files-found: error | |
# | |
# Windows | |
# | |
- name: "[Windows] Setup certificate" | |
if: matrix.os == 'windows-latest' | |
run: | | |
echo "${{ secrets.CERT_APP_WINDOWS }}" > certificate.b64 | |
certutil -decode certificate.b64 certificate.pfx | |
- name: "[Windows] Unlock PowerShell" | |
if: matrix.os == 'windows-latest' | |
run: powershell Set-ExecutionPolicy -ExecutionPolicy Unrestricted -Scope LocalMachine | |
- name: "[Windows] Setup the environment" | |
if: matrix.os == 'windows-latest' | |
run: powershell ".\\tools\\windows\\deploy_ci_agent.ps1" -install_release | |
- name: "[Windows] Generate the .exe and validate against 2021" | |
timeout-minutes: 15 | |
if: matrix.os == 'windows-latest' | |
env: | |
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }} | |
NXDRIVE_TEST_NUXEO_URL: "https://drive-2021.beta.nuxeocloud.com/nuxeo" | |
SIGNING_ID: "Nuxeo" | |
SIGNTOOL_PATH: 'C:\Program Files (x86)\Windows Kits\10\bin\10.0.20348.0\x86' | |
run: powershell ".\\tools\\windows\\deploy_ci_agent.ps1" -check_upgrade | |
- name: "[Windows] Generate the .exe and validate against 2023" | |
timeout-minutes: 15 | |
if: matrix.os == 'windows-latest' | |
env: | |
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }} | |
NXDRIVE_TEST_NUXEO_URL: "https://drive-2023.beta.nuxeocloud.com/nuxeo" | |
NXDRIVE_TEST_USERNAME: ${{ secrets.NXDRIVE_2023_TEST_USERNAME }} | |
NXDRIVE_TEST_PASSWORD: ${{ secrets.NXDRIVE_2023_TEST_PASSWORD }} | |
SIGNING_ID: "Nuxeo" | |
SIGNTOOL_PATH: 'C:\Program Files (x86)\Windows Kits\10\bin\10.0.20348.0\x86' | |
run: powershell ".\\tools\\windows\\deploy_ci_agent.ps1" -check_upgrade | |
- name: "[Windows] Upload artifacts" | |
if: matrix.os == 'windows-latest' | |
uses: actions/upload-artifact@v3 | |
with: | |
name: package-distributions | |
path: ./dist/*.exe | |
if-no-files-found: error | |
deploy: | |
runs-on: ubuntu-latest | |
needs: [release] | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
with: | |
ref: ${{ github.event.inputs.branch }} | |
- name: Extract branch name | |
shell: bash | |
run: echo "branch=$(echo ${GITHUB_REF#refs/heads/})" >> $GITHUB_OUTPUT | |
id: extract_branch | |
- name: Install SSH key | |
uses: shimataro/ssh-key-action@v2 | |
with: | |
key: ${{ secrets.SSH_PRIV_KEY }} | |
known_hosts: ${{ secrets.SSH_KNOWN_HOST_DEPLOY }} | |
- name: Setup git | |
run: | | |
git config user.email ${{ env.GITHUB_EMAILID }} | |
git config user.name ${{ env.GITHUB_USERNAME }} | |
git fetch --unshallow --tags | |
git remote set-url origin "https://${{ env.GITHUB_USERNAME }}:${{ secrets.NXDRIVE_GIT_TOKEN }}@github.com/nuxeo/nuxeo-drive.git" | |
- name: Download artifacts | |
uses: actions/download-artifact@v3 | |
with: | |
name: package-distributions | |
path: dist/ | |
- name: Upload artifacts to the staging server | |
run: | | |
for f in dist/*; do | |
bash tools/upload.sh staging "${f}" | |
done | |
- name: Bump the version number | |
if: github.event.inputs.releaseType == 'alpha' || github.event.inputs.releaseType == '' | |
run: | | |
# It will fail on the git stuff, but it is not important here | |
bash tools/bump-alpha-version.sh || true | |
- name: Do the release | |
if: steps.extract_branch.outputs.branch == 'master' | |
run: | | |
release_type="${{ github.event.inputs.releaseType }}" | |
if [ "${release_type}" = "" ]; then | |
release_type="alpha" | |
fi | |
bash tools/release.sh --publish "${release_type}" || exit 1 | |
bash tools/release.sh --create "${release_type}" || exit 1 | |
env: | |
GIT_TOKEN: ${{ secrets.NXDRIVE_GIT_TOKEN }} | |
- name: Cancel the release | |
if: failure() || cancelled() | |
run: bash tools/release.sh --cancel |