Skip to content

Tweak CI.

Tweak CI. #10

Workflow file for this run

name: CI pipeline
on: push
jobs:
debug:
runs-on: macos-14
steps:
- uses: actions/checkout@v3
- name: Build code
run: make debug
release:
runs-on: macos-14
environment: release-macos
steps:
- uses: actions/checkout@v3
- name: Install the Apple certificate and provisioning profile
env:
BUILD_CERTIFICATE_BASE64: ${{ secrets.BUILD_CERTIFICATE_BASE64 }}
P12_PASSWORD: ${{ secrets.P12_PASSWORD }}
BUILD_PROVISION_PROFILE_BASE64: ${{ secrets.BUILD_PROVISION_PROFILE_BASE64 }}
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
run: |
# create variables
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
PP_PATH=$RUNNER_TEMP/build_pp.mobileprovision
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
# import certificate profile from secrets
echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode -o $CERTIFICATE_PATH
# create temporary keychain
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
# import certificate to keychain
security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
security list-keychain -d user -s $KEYCHAIN_PATH
- name: Build code
run: make release
- name: Run check
run: make check-release
- uses: actions/upload-artifact@v2
with:
path: build/Release/qlview
- name: Clean up keychain
if: ${{ always() }}
run: |
security delete-keychain $RUNNER_TEMP/app-signing.keychain-db
publish_release:
permissions:
contents: write
runs-on: macos-14
if: (startsWith(github.ref, 'refs/tags/v') && !contains(github.ref, '-dev'))
needs: [release]
steps:
- name: Checkout code
uses: actions/checkout@v2
with:
submodules: recursive
- name: Prepare release message
run: |
cat CHANGES | awk '/^[0-9]+\./{ n++; next; } n < 2 { print }' >${{ runner.temp }}/release-msg
echo "release_name=$(echo ${{ github.ref_name }} | sed 's/^v//')" >> $GITHUB_ENV
- uses: actions/download-artifact@v2
with:
path: artifacts
- name: Display artifacts
run: ls -al artifacts/*/*
- name: Upload artifacts
uses: softprops/action-gh-release@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
draft: false
prerelease: false
name: ${{ env.release_name }}
body_path: ${{ runner.temp }}/release-msg
files: |
artifacts/*/*