Add quoting to argument to defaults
, fixing local Archive
tasks
#1640
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: build | |
on: | |
push: | |
branches-ignore: | |
- 'translations_**' | |
tags: | |
- 'v*' | |
pull_request: | |
branches-ignore: | |
- 'translations_**' | |
jobs: | |
build: | |
runs-on: macos-11 | |
env: | |
QS_BUILD_ONLY: 1 | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
submodules: recursive | |
- name: Build debug version | |
working-directory: Quicksilver | |
run: ./Tools/qsrelease Debug | |
- name: Upload debug version | |
uses: actions/upload-artifact@v3 | |
with: | |
name: Quicksilver-debug | |
path: /tmp/QS/build/Debug/Quicksilver.zip | |
- name: Build release version | |
working-directory: Quicksilver | |
run: ./Tools/qsrelease | |
- name: Prepare DMG_INGREDIENTS artifact | |
working-directory: /tmp/QS/build/Release/ | |
run: | | |
cp /tmp/qs_build_settings ./dmg/ | |
cp /tmp/Quicksilver.entitlements ./dmg/ | |
tar -czvf ./dmg_ingredients.tar.gz ./dmg | |
- name: Upload components for sign action | |
uses: actions/upload-artifact@v3 | |
with: | |
name: DMG_INGREDIENTS | |
path: /tmp/QS/build/Release/dmg_ingredients.tar.gz | |
sign: | |
needs: build | |
runs-on: macos-11 | |
env: | |
MACOS_CERTIFICATE: ${{ secrets.MACOS_CERTIFICATE }} | |
MACOS_CERTIFICATE_PASSWORD: ${{ secrets.MACOS_CERTIFICATE_PASSWORD }} | |
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }} | |
SIGNING_IDENTITY: ${{ secrets.SIGNING_IDENTITY }} | |
NOTARIZING_ID: ${{ secrets.NOTARIZING_ID }} | |
NOTARIZING_PASS: ${{ secrets.NOTARIZING_PASS }} | |
KEYCHAIN_PROFILE: "Quicksilver Notarization" | |
steps: | |
- name: Download dmg folder artifact | |
uses: actions/download-artifact@v3 | |
with: | |
name: DMG_INGREDIENTS | |
path: /tmp/QS/build/Release/ | |
- name: Decompress DMG_INGREDIENTS | |
working-directory: /tmp/QS/build/Release/ | |
run: | | |
tar -xzvf ./dmg_ingredients.tar.gz | |
mv ./dmg/qs_build_settings /tmp/ | |
mv ./dmg/Quicksilver.entitlements /tmp/ | |
QS_INFO_VERSION=$(awk '/QS_INFO_VERSION/ { print $NF }' \ | |
/tmp/qs_build_settings) | |
echo "QS_INFO_VERSION=${QS_INFO_VERSION}" >> "${GITHUB_ENV}" | |
- uses: actions/checkout@v3 | |
with: | |
submodules: recursive | |
- name: Run Tools/qssign | |
working-directory: Quicksilver | |
run: | | |
# https://docs.github.com/en/actions/deployment/deploying-xcode-applications/installing-an-apple-certificate-on-macos-runners-for-xcode-development | |
KEYCHAIN_PATH=${RUNNER_TEMP}/app-signing.keychain-db | |
CERTIFICATE_PATH=${RUNNER_TEMP}/build_certificate.p12 | |
echo -n "${MACOS_CERTIFICATE}" | base64 --decode \ | |
--output "${CERTIFICATE_PATH}" | |
security create-keychain -p "${KEYCHAIN_PASSWORD}" "${KEYCHAIN_PATH}" | |
security default-keychain -s "${KEYCHAIN_PATH}" | |
security set-keychain-settings -lut 21600 "${KEYCHAIN_PATH}" | |
security unlock-keychain -p "${KEYCHAIN_PASSWORD}" "${KEYCHAIN_PATH}" | |
security import "${CERTIFICATE_PATH}" \ | |
-P "${MACOS_CERTIFICATE_PASSWORD}" \ | |
-A -t cert -f pkcs12 -k "${KEYCHAIN_PATH}" | |
xcrun notarytool store-credentials "${KEYCHAIN_PROFILE}" \ | |
--apple-id "${NOTARIZING_ID}" \ | |
--team-id "${SIGNING_IDENTITY}" \ | |
--password "${NOTARIZING_PASS}" | |
./Tools/qssign | |
- name: Create checksum | |
if: startsWith(github.ref, 'refs/tags/') | |
run: | | |
cd /tmp/QS/build/Release/ | |
shasum --algorithm 256 Quicksilver*.dmg > checksum.txt | |
- name: Upload Quicksilver.dmg | |
uses: actions/upload-artifact@v3 | |
with: | |
name: "Quicksilver_${{ env.QS_INFO_VERSION }}.dmg" | |
path: /tmp/QS/build/Release/Quicksilver*.dmg | |
- name: Upload checksum | |
if: startsWith(github.ref, 'refs/tags/') | |
uses: actions/upload-artifact@v3 | |
with: | |
path: /tmp/QS/build/Release/checksum.txt | |
- name: Download debug artifact | |
uses: actions/download-artifact@v3 | |
with: | |
name: Quicksilver-debug | |
path: /tmp/Quicksilver-debug.zip | |
- name: Release | |
uses: softprops/action-gh-release@v1 | |
if: startsWith(github.ref, 'refs/tags/') | |
with: | |
files: | | |
/tmp/QS/build/Release/Quicksilver*.dmg | |
/tmp/QS/build/Release/checksum.txt | |
/tmp/Quicksilver-debug.zip | |
- name: Update ChangesBare.html | |
if: startsWith(github.ref, 'refs/tags/') | |
env: | |
SERVER: ${{ secrets.SERVER }} | |
PORT: ${{ secrets.PORT }} | |
SSH_KEY: ${{secrets.SSH_KEY}} | |
run: | | |
echo "${SSH_KEY}" > /tmp/key | |
chmod 0600 /tmp/key | |
ssh -T "${SERVER}" -p "${PORT}" -i /tmp/key \ | |
-o StrictHostKeyChecking=no \ | |
"${GITHUB_REPOSITORY}" \ | |
<Quicksilver/SharedSupport/ChangesBare.html | |
rm /tmp/key |