Stop uploading zip, stick with jar and exe instead #261
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Prerelease Publisher | |
| on: | |
| push: | |
| branches: [ master ] | |
| tags-ignore: | |
| - 'v*' | |
| paths-ignore: | |
| - 'bin/' | |
| - 'docs_manual/' | |
| - '.github/' | |
| workflow_dispatch: | |
| jobs: | |
| build: | |
| name: Build macOS ${{ matrix.macos_arch }} | |
| runs-on: ${{ matrix.os }} | |
| env: | |
| APPLE_CODESIGN_CERT_P12_BASE64: ${{ secrets.APPLE_CODESIGN_CERT_P12_BASE64 }} | |
| APPLE_CODESIGN_CERT_PASSWORD: ${{ secrets.APPLE_CODESIGN_CERT_PASSWORD }} | |
| APPLE_CODESIGN_IDENTITY: ${{ secrets.APPLE_CODESIGN_IDENTITY }} | |
| APPLE_NOTARY_KEY_ID: ${{ secrets.APPLE_NOTARY_KEY_ID }} | |
| APPLE_NOTARY_ISSUER_ID: ${{ secrets.APPLE_NOTARY_ISSUER_ID }} | |
| APPLE_NOTARY_API_KEY_P8_BASE64: ${{ secrets.APPLE_NOTARY_API_KEY_P8_BASE64 }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - os: macos-15 | |
| macos_arch: x64 | |
| swift_target: x86_64-apple-macos12.0 | |
| include_jars: true | |
| - os: macos-15 | |
| macos_arch: arm64 | |
| swift_target: arm64-apple-macos12.0 | |
| include_jars: false | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up JDK | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: '21' | |
| distribution: 'temurin' | |
| cache: 'maven' | |
| - name: Build with Maven | |
| run: mvn -B package --file pom.xml -P dist | |
| - name: Build macOS Vision Helper | |
| if: runner.os == 'macOS' | |
| shell: bash | |
| run: | | |
| set -euo pipefail | |
| mkdir -p native/bin | |
| binary_path="native/bin/qr-native-macos-${{ matrix.macos_arch }}" | |
| swiftc -O native/macos-vision-scanner/main.swift \ | |
| -target "${{ matrix.swift_target }}" \ | |
| -framework Vision \ | |
| -framework CoreGraphics \ | |
| -framework ImageIO \ | |
| -o "$binary_path" | |
| - name: Import Apple Code Signing Certificate | |
| if: runner.os == 'macOS' && env.APPLE_CODESIGN_CERT_P12_BASE64 != '' && env.APPLE_CODESIGN_CERT_PASSWORD != '' && env.APPLE_CODESIGN_IDENTITY != '' | |
| shell: bash | |
| env: | |
| KEYCHAIN_PASSWORD: ${{ github.run_id }}-${{ github.run_attempt }}-codesign | |
| run: | | |
| set -euo pipefail | |
| cert_path="$RUNNER_TEMP/codesign-cert.p12" | |
| keychain_path="$RUNNER_TEMP/datashot-signing.keychain-db" | |
| echo "$APPLE_CODESIGN_CERT_P12_BASE64" | base64 -D > "$cert_path" | |
| security create-keychain -p "$KEYCHAIN_PASSWORD" "$keychain_path" | |
| security set-keychain-settings -lut 21600 "$keychain_path" | |
| security unlock-keychain -p "$KEYCHAIN_PASSWORD" "$keychain_path" | |
| security import "$cert_path" -k "$keychain_path" -P "$APPLE_CODESIGN_CERT_PASSWORD" -A -t cert -f pkcs12 | |
| security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k "$KEYCHAIN_PASSWORD" "$keychain_path" | |
| security list-keychains -d user -s "$keychain_path" | |
| - name: Sign macOS Native Helper | |
| if: runner.os == 'macOS' && env.APPLE_CODESIGN_CERT_P12_BASE64 != '' && env.APPLE_CODESIGN_CERT_PASSWORD != '' && env.APPLE_CODESIGN_IDENTITY != '' | |
| shell: bash | |
| run: | | |
| set -euo pipefail | |
| binary_path="native/bin/qr-native-macos-${{ matrix.macos_arch }}" | |
| codesign --force --options runtime --timestamp --sign "$APPLE_CODESIGN_IDENTITY" "$binary_path" | |
| codesign --verify --strict --verbose=2 "$binary_path" | |
| - name: Determine Build Version | |
| id: version | |
| shell: bash | |
| run: | | |
| version="$(grep -m1 '<version>' pom.xml | sed -E 's/.*<version>([^<]+)<\/version>.*/\1/')" | |
| echo "version=$version" >> "$GITHUB_OUTPUT" | |
| - name: Prepare Upload Assets | |
| id: assets | |
| shell: bash | |
| run: | | |
| set -euo pipefail | |
| version="${{ steps.version.outputs.version }}" | |
| mkdir -p dist-assets | |
| binary_src="native/bin/qr-native-macos-${{ matrix.macos_arch }}" | |
| binary_dst="dist-assets/DataShot-${version}-qr-native-macos-${{ matrix.macos_arch }}" | |
| cp "$binary_src" "$binary_dst" | |
| chmod +x "$binary_dst" | |
| echo "binary=$binary_dst" >> "$GITHUB_OUTPUT" | |
| if [[ "${{ matrix.include_jars }}" == "true" ]]; then | |
| fat_jar="$(find target -maxdepth 1 -type f -name '*-jar-with-dependencies.jar' | head -n1)" | |
| thin_jar="$(find target -maxdepth 1 -type f -name '*.jar' ! -name '*-jar-with-dependencies.jar' ! -name '*-sources.jar' ! -name '*-javadoc.jar' | head -n1)" | |
| if [[ -z "$fat_jar" ]]; then | |
| echo "Unable to locate fat JAR in target/." >&2 | |
| exit 1 | |
| fi | |
| cp "$fat_jar" "dist-assets/DataShot-${version}-app-fat.jar" | |
| if [[ -n "$thin_jar" ]]; then | |
| cp "$thin_jar" "dist-assets/DataShot-${version}-app.jar" | |
| fi | |
| fi | |
| - name: Notarize macOS Binary | |
| if: runner.os == 'macOS' && env.APPLE_CODESIGN_CERT_P12_BASE64 != '' && env.APPLE_CODESIGN_CERT_PASSWORD != '' && env.APPLE_CODESIGN_IDENTITY != '' && env.APPLE_NOTARY_KEY_ID != '' && env.APPLE_NOTARY_ISSUER_ID != '' && env.APPLE_NOTARY_API_KEY_P8_BASE64 != '' | |
| shell: bash | |
| run: | | |
| set -euo pipefail | |
| key_path="$RUNNER_TEMP/AuthKey_${APPLE_NOTARY_KEY_ID}.p8" | |
| binary_path="${{ steps.assets.outputs.binary }}" | |
| notary_zip="$RUNNER_TEMP/$(basename "$binary_path").zip" | |
| echo "$APPLE_NOTARY_API_KEY_P8_BASE64" | base64 -D > "$key_path" | |
| ditto -c -k --sequesterRsrc --keepParent "$binary_path" "$notary_zip" | |
| xcrun notarytool submit "$notary_zip" \ | |
| --key "$key_path" \ | |
| --key-id "$APPLE_NOTARY_KEY_ID" \ | |
| --issuer "$APPLE_NOTARY_ISSUER_ID" \ | |
| --wait | |
| - name: Upload macOS Binary Artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: prerelease-macos-${{ matrix.macos_arch }}-binary | |
| path: ${{ steps.assets.outputs.binary }} | |
| if-no-files-found: error | |
| - name: Upload JAR Artifacts | |
| if: matrix.include_jars | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: prerelease-jars | |
| path: dist-assets/*.jar | |
| if-no-files-found: error | |
| publish: | |
| name: Publish Prerelease | |
| needs: build | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Determine Prerelease Name | |
| id: name_determiner | |
| run: echo "name=DataShot-$(date +'%Y%m%d-%H%M')-beta" >> "$GITHUB_OUTPUT" | |
| - name: Download Matrix Artifacts | |
| uses: actions/download-artifact@v4 | |
| with: | |
| path: dist-assets | |
| merge-multiple: true | |
| - name: Create Pre-release | |
| id: create_prerelease | |
| if: success() | |
| uses: actions/create-release@v1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| tag_name: untagged-${{ steps.name_determiner.outputs.name }}-${{ github.sha }} | |
| release_name: ${{ steps.name_determiner.outputs.name }} | |
| body: "Momentary Snapshot Version. Refer to the git history, [commit log](https://github.com/BernhardWebstudio/DataShot_DesktopApp/commits/master) for current changes" | |
| draft: false | |
| prerelease: true | |
| - name: Upload Pre-release Assets | |
| id: upload_prerelease | |
| if: success() | |
| uses: csexton/release-asset-action@v2 | |
| with: | |
| pattern: "dist-assets/*" | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| release-url: ${{ steps.create_prerelease.outputs.upload_url }} |