Disable signing for now #469

Workflow file for this run

	name: CI

	on:
	push:
	branches:
	- master
	release:
	types:
	- published
	pull_request:

	env:
	SIGNING_ENABLED: ${{ false }}

	jobs:
	build_win:
	name: Build (Windows)
	runs-on: windows-latest

	steps:
	- uses: microsoft/[email protected]

	- uses: nuget/setup-nuget@v1

	- uses: actions/checkout@v3

	- name: Sign resource binaries
	if: env.SIGNING_ENABLED == 'true' && github.event_name != 'pull_request'
	uses: dlemstra/code-sign-action@v1
	with:
	certificate: '${{ secrets.WINDOWS_CERTIFICATE }}'
	password: '${{ secrets.WINDOWS_CERTIFICATE_PASSWORD }}'
	folder: './windows'
	recursive: true

	- name: Build
	working-directory: ./windows
	run: \|
	nuget restore
	msbuild "QMK Toolbox.sln" /verbosity:minimal /p:Configuration=Release

	- name: Sign QMK Toolbox
	if: env.SIGNING_ENABLED == 'true' && github.event_name != 'pull_request'
	uses: dlemstra/code-sign-action@v1
	with:
	certificate: '${{ secrets.WINDOWS_CERTIFICATE }}'
	password: '${{ secrets.WINDOWS_CERTIFICATE_PASSWORD }}'
	folder: './windows/QMK Toolbox/bin/Release'
	recursive: true

	- name: Create installer
	working-directory: ./windows
	run: \|
	iscc install_compiler.iss

	- name: Sign QMK Toolbox installer
	if: env.SIGNING_ENABLED == 'true' && github.event_name != 'pull_request'
	uses: dlemstra/code-sign-action@v1
	with:
	certificate: '${{ secrets.WINDOWS_CERTIFICATE }}'
	password: '${{ secrets.WINDOWS_CERTIFICATE_PASSWORD }}'
	folder: './windows'

	- uses: actions/upload-artifact@v3
	with:
	name: qmk_toolbox.exe
	path: windows/QMK Toolbox/bin/Release/qmk_toolbox.exe

	- uses: actions/upload-artifact@v3
	with:
	name: qmk_toolbox_install.exe
	path: windows/qmk_toolbox_install.exe

	build_macos:
	name: Build (macOS)
	runs-on: macOS-latest

	steps:
	- uses: maxim-lobanov/setup-xcode@v1
	with:
	xcode-version: latest-stable

	- uses: actions/checkout@v3

	- name: "Import Certificate: Development"
	if: env.SIGNING_ENABLED == 'true' && github.event_name != 'pull_request'
	uses: apple-actions/import-codesign-certs@v2
	with:
	p12-file-base64: ${{ secrets.DEVELOPMENT_CERTIFICATE_DATA }}
	p12-password: ${{ secrets.DEVELOPMENT_CERTIFICATE_PASSPHRASE }}
	keychain-password: ${{ secrets.KEYCHAIN_PASSWORD }}

	- name: "Import Certificate: App Distribution"
	if: env.SIGNING_ENABLED == 'true' && github.event_name != 'pull_request'
	uses: apple-actions/import-codesign-certs@v2
	with:
	p12-file-base64: ${{ secrets.APP_DISTRIBUTION_CERTIFICATE_DATA }}
	p12-password: ${{ secrets.APP_DISTRIBUTION_CERTIFICATE_PASSPHRASE }}
	keychain-password: ${{ secrets.KEYCHAIN_PASSWORD }}
	create-keychain: false

	- name: "Import Certificate: Installer Distribution"
	if: env.SIGNING_ENABLED == 'true' && github.event_name != 'pull_request'
	uses: apple-actions/import-codesign-certs@v2
	with:
	p12-file-base64: ${{ secrets.INSTALLER_DISTRIBUTION_CERTIFICATE_DATA }}
	p12-password: ${{ secrets.INSTALLER_DISTRIBUTION_CERTIFICATE_PASSPHRASE }}
	keychain-password: ${{ secrets.KEYCHAIN_PASSWORD }}
	create-keychain: false

	- name: Check binary permissions
	working-directory: ./macos/QMK Toolbox/Resources
	env:
	QMK_BINARIES: avrdude bootloadHID dfu-programmer dfu-util mdloader teensy_loader_cli wb32-dfu-updater_cli
	run: \|
	status=0
	for b in $QMK_BINARIES; do
	perm=$(stat -f "%Lp" $b)
	echo "$b: $perm"
	[[ $perm == "755" ]] \|\| status=1
	done
	exit $status

	- name: Archive
	if: env.SIGNING_ENABLED == 'true' && github.event_name != 'pull_request'
	uses: devbotsxyz/xcode-archive@v1
	with:
	workspace: "macos/QMK Toolbox.xcworkspace"
	scheme: "QMK Toolbox"
	export-path: "macos/build"

	- name: Export & Sign Release Build
	if: env.SIGNING_ENABLED == 'true' && github.event_name != 'pull_request'
	uses: devbotsxyz/xcode-export-archive@master
	with:
	workspace: "macos/QMK Toolbox.xcworkspace"
	scheme: "QMK Toolbox"
	export-path: "macos/build"

	- name: Notarize Release Build
	if: env.SIGNING_ENABLED == 'true' && github.event_name != 'pull_request'
	uses: devbotsxyz/xcode-notarize@v1
	with:
	product-path: "macos/build/QMK Toolbox.app"
	appstore-connect-username: ${{ secrets.NOTARIZATION_USERNAME }}
	appstore-connect-password: ${{ secrets.NOTARIZATION_PASSWORD }}

	- name: Staple Release Build
	if: env.SIGNING_ENABLED == 'true' && github.event_name != 'pull_request'
	uses: devbotsxyz/xcode-staple@v1
	with:
	product-path: "macos/build/QMK Toolbox.app"

	- name: Build (unsigned-only)
	if: env.SIGNING_ENABLED == 'false' \|\| github.event_name == 'pull_request'
	working-directory: ./macos
	run: \|
	mkdir build
	xcodebuild CONFIGURATION_BUILD_DIR=build -configuration Debug

	- name: Package for Distribution
	run: ditto -ck --rsrc --sequesterRsrc -v --keepParent "macos/build/QMK Toolbox.app" macos/build/QMK.Toolbox.app.zip

	- uses: actions/upload-artifact@v3
	with:
	name: QMK.Toolbox.app.zip
	path: macos/build/QMK.Toolbox.app.zip

	- name: Create Installer
	working-directory: ./macos
	run: \|
	brew install packages
	packagesbuild -v "QMK Toolbox.pkgproj"

	- name: Sign Installer
	if: env.SIGNING_ENABLED == 'true' && github.event_name != 'pull_request'
	working-directory: ./macos
	run: productsign -s "${{ secrets.DEVELOPER_ID_INSTALLER_NAME }}" "build/QMK Toolbox.pkg" build/QMK.Toolbox.pkg

	- name: Notarize Installer
	if: env.SIGNING_ENABLED == 'true' && github.event_name != 'pull_request'
	uses: devbotsxyz/xcode-notarize@v1
	with:
	product-path: "macos/build/QMK.Toolbox.pkg"
	appstore-connect-username: ${{ secrets.NOTARIZATION_USERNAME }}
	appstore-connect-password: ${{ secrets.NOTARIZATION_PASSWORD }}
	primary-bundle-id: fm.qmk.toolbox

	- name: Staple Installer
	if: env.SIGNING_ENABLED == 'true' && github.event_name != 'pull_request'
	uses: devbotsxyz/xcode-staple@v1
	with:
	product-path: "macos/build/QMK.Toolbox.pkg"

	- name: Move installer (unsigned-only)
	if: env.SIGNING_ENABLED == 'false' \|\| github.event_name == 'pull_request'
	working-directory: ./macos
	run: mv "build/QMK Toolbox.pkg" build/QMK.Toolbox.pkg

	- uses: actions/upload-artifact@v3
	with:
	name: QMK.Toolbox.pkg
	path: macos/build/QMK.Toolbox.pkg

	publish_release:
	name: Publish (Release)
	runs-on: ubuntu-latest

	needs: [build_win, build_macos]

	if: github.event.release.tag_name

	steps:
	- uses: actions/download-artifact@v3

	- uses: softprops/action-gh-release@v1
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	with:
	name: ${{ github.event.release.name }}
	files: \|
	./qmk_toolbox.exe/qmk_toolbox.exe
	./qmk_toolbox_install.exe/qmk_toolbox_install.exe
	./QMK.Toolbox.app.zip/QMK.Toolbox.app.zip
	./QMK.Toolbox.pkg/QMK.Toolbox.pkg

	publish_beta:
	name: Publish (Beta)
	runs-on: ubuntu-latest

	needs: [build_win, build_macos]

	if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/master' }}

	steps:
	- uses: actions/download-artifact@v3

	- uses: marvinpinto/action-automatic-releases@latest
	with:
	repo_token: "${{ secrets.GITHUB_TOKEN }}"
	automatic_release_tag: "beta"
	prerelease: true
	title: "Latest Beta"
	files: \|
	./qmk_toolbox.exe/qmk_toolbox.exe
	./qmk_toolbox_install.exe/qmk_toolbox_install.exe
	./QMK.Toolbox.app.zip/QMK.Toolbox.app.zip
	./QMK.Toolbox.pkg/QMK.Toolbox.pkg

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Disable signing for now #469

Workflow file

Disable signing for now #469

Jobs

Run details

Workflow file for this run