From 4c3ea1a875793aa6b0a98d62bab75d936064a6c4 Mon Sep 17 00:00:00 2001 From: Kondal Kolipaka Date: Fri, 10 May 2024 21:10:18 +0530 Subject: [PATCH 1/6] fix: remove - arg from base64 command --- .github/workflows/ci_beta.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci_beta.yml b/.github/workflows/ci_beta.yml index c149bcf1c..c20517712 100644 --- a/.github/workflows/ci_beta.yml +++ b/.github/workflows/ci_beta.yml @@ -29,7 +29,7 @@ jobs: export JARSIGNER_ALIAS=${{secrets.JARSIGNER_REL_ALIAS}} KEYSTORE_FILE="${PWD}/{{secrets.JARSIGNER_KEYSTORE}}" echo "${KEYSTORE_FILE}" - printf "%s" "${JARSIGNER_KEYSTORE_B64}" | base64 -d - > "${KEYSTORE_FILE}" + printf "%s" "${JARSIGNER_KEYSTORE_B64}" | base64 -d > "${KEYSTORE_FILE}" mvn -e -X clean install -Djarsigner.keystore="${KEYSTORE_FILE}" -Djarsigner.alias="${JARSIGNER_ALIAS}" -Djarsigner.storepass="${JARSIGNER_STOREPASS}" -DskipTests=true rm -v "${KEYSTORE_FILE}" From 092663fd887f87c74e37683507dcb1bb84715378 Mon Sep 17 00:00:00 2001 From: Kondal Kolipaka Date: Tue, 14 May 2024 23:49:36 +0530 Subject: [PATCH 2/6] fix: test script for notarytool --- .github/workflows/ci_beta.yml | 179 +++++++++++++++++++--------------- 1 file changed, 98 insertions(+), 81 deletions(-) diff --git a/.github/workflows/ci_beta.yml b/.github/workflows/ci_beta.yml index c20517712..bd78c7aae 100644 --- a/.github/workflows/ci_beta.yml +++ b/.github/workflows/ci_beta.yml @@ -1,13 +1,18 @@ # This workflow will build a Java project with Maven # For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-maven -name: Beta builds +name: Beta builds + +# on: +# push: +# tags: +# - "v[0-9]+.[0-9]+.[0-9]+-beta" on: push: - tags: - - "v[0-9]+.[0-9]+.[0-9]+-beta" - + branches: [ master ] + pull_request: + branches: [ master ] jobs: build: @@ -63,94 +68,106 @@ jobs: /usr/bin/codesign --options runtime --force -s "ESPRESSIF SYSTEMS (SHANGHAI) CO., LTD. (QWXF6GB4AV)" $PWD/releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-aarch64.dmg -v /usr/bin/codesign -v -vvv --deep $PWD/releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-aarch64.dmg + # - name: Notarize Espressif-IDE-macosx-cocoa-x86_64.dmg + # env: + # NOTARIZATION_USERNAME: ${{ secrets.NOTARIZATION_USERNAME }} + # NOTARIZATION_PASSWORD: ${{ secrets.NOTARIZATION_PASSWORD }} + # run: | + # echo "Notarization of Espressif-IDE-macosx-cocoa-x86_64.dmg" + # xcrun altool --notarize-app -f $PWD/releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-x86_64.dmg -u $NOTARIZATION_USERNAME -p $NOTARIZATION_PASSWORD --primary-bundle-id Espressif-IDE.app + - name: Notarize Espressif-IDE-macosx-cocoa-x86_64.dmg env: NOTARIZATION_USERNAME: ${{ secrets.NOTARIZATION_USERNAME }} NOTARIZATION_PASSWORD: ${{ secrets.NOTARIZATION_PASSWORD }} run: | + echo "Create keychain profile" + xcrun notarytool store-credentials "ide-notarytool-profile" --apple-id "$NOTARIZATION_USERNAME" --team-id "$NOTARIZATION_TEAM_ID" --password "$NOTARIZATION_PASSWORD" echo "Notarization of Espressif-IDE-macosx-cocoa-x86_64.dmg" - xcrun altool --notarize-app -f $PWD/releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-x86_64.dmg -u $NOTARIZATION_USERNAME -p $NOTARIZATION_PASSWORD --primary-bundle-id Espressif-ide.app + xcrun notarytool submit $PWD/releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-x86_64.dmg --keychain-profile "ide-notarytool-profile" --wait + echo "Attach staple" + xcrun stapler staple $PWD/releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-x86_64.dmg - - name: Notarize Espressif-IDE-macosx-cocoa-aarch64.dmg - env: - NOTARIZATION_USERNAME: ${{ secrets.NOTARIZATION_USERNAME }} - NOTARIZATION_PASSWORD: ${{ secrets.NOTARIZATION_PASSWORD }} - run: | - echo "Notarization of Espressif-IDE-macosx-cocoa-aarch64.dmg" - xcrun altool --notarize-app -f $PWD/releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-aarch64.dmg -u $NOTARIZATION_USERNAME -p $NOTARIZATION_PASSWORD --primary-bundle-id Espressif-ide.app + # - name: Notarize Espressif-IDE-macosx-cocoa-aarch64.dmg + # env: + # NOTARIZATION_USERNAME: ${{ secrets.NOTARIZATION_USERNAME }} + # NOTARIZATION_PASSWORD: ${{ secrets.NOTARIZATION_PASSWORD }} + # run: | + # echo "Notarization of Espressif-IDE-macosx-cocoa-aarch64.dmg" + # xcrun altool --notarize-app -f $PWD/releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-aarch64.dmg -u $NOTARIZATION_USERNAME -p $NOTARIZATION_PASSWORD --primary-bundle-id Espressif-IDE.app - - name: Upload Espressif-IDE-macosx-cocoa-x86_64.dmg - if: ${{ !cancelled() }} - uses: actions/upload-artifact@v2 - with: - name: espressif-ide-macosx-cocoa-x86_64 - path: releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-x86_64.dmg + # - name: Upload Espressif-IDE-macosx-cocoa-x86_64.dmg + # if: ${{ !cancelled() }} + # uses: actions/upload-artifact@v2 + # with: + # name: espressif-ide-macosx-cocoa-x86_64 + # path: releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-x86_64.dmg - - name: Upload Espressif-IDE-macosx-cocoa-aarch64.dmg - if: ${{ !cancelled() }} - uses: actions/upload-artifact@v2 - with: - name: espressif-ide-macosx.cocoa.aarch64 - path: releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-aarch64.dmg + # - name: Upload Espressif-IDE-macosx-cocoa-aarch64.dmg + # if: ${{ !cancelled() }} + # uses: actions/upload-artifact@v2 + # with: + # name: espressif-ide-macosx.cocoa.aarch64 + # path: releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-aarch64.dmg - - name: Upload build artifacts - if: ${{ !cancelled() }} - uses: actions/upload-artifact@v2 - with: - name: com.espressif.idf.update - path: releng/com.espressif.idf.update/target/repository + # - name: Upload build artifacts + # if: ${{ !cancelled() }} + # uses: actions/upload-artifact@v2 + # with: + # name: com.espressif.idf.update + # path: releng/com.espressif.idf.update/target/repository - - name: Upload windows rcp - if: ${{ !cancelled() }} - uses: actions/upload-artifact@v2 - with: - name: espressif-ide-win32 - path: releng/com.espressif.idf.product/target/products/Espressif-IDE-*-win32.win32.x86_64.zip + # - name: Upload windows rcp + # if: ${{ !cancelled() }} + # uses: actions/upload-artifact@v2 + # with: + # name: espressif-ide-win32 + # path: releng/com.espressif.idf.product/target/products/Espressif-IDE-*-win32.win32.x86_64.zip - - name: Upload linux rcp - if: ${{ !cancelled() }} - uses: actions/upload-artifact@v2 - with: - name: espressif-ide-linux - path: releng/com.espressif.idf.product/target/products/Espressif-IDE-*-linux.gtk.x86_64.tar.gz + # - name: Upload linux rcp + # if: ${{ !cancelled() }} + # uses: actions/upload-artifact@v2 + # with: + # name: espressif-ide-linux + # path: releng/com.espressif.idf.product/target/products/Espressif-IDE-*-linux.gtk.x86_64.tar.gz - - name: Upload build assets to dl.espressif.com - id: upload-release-asset-espressif - env: - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }} - run: | - ARCHIVE_DIR="/releng/com.espressif.idf.update/target/" - ARCHIVE_NAME="com.espressif.idf.update*.zip" - echo "${ARCHIVE_DIR}" - echo ${PWD}${ARCHIVE_DIR} - ARCHIVE_FILE_NAME="$(find ${PWD}${ARCHIVE_DIR}${ARCHIVE_NAME})" - echo "${ARCHIVE_FILE_NAME}" - ARCHIVE_PREFIX="com.espressif.idf.update-" - ARCHIVE_SUFFIX="-SNAPSHOT.zip"; - tmp=${ARCHIVE_FILE_NAME#*${ARCHIVE_PREFIX}} # remove prefix - ARCHIVE_VERSION=${tmp%${ARCHIVE_SUFFIX}*} # remove suffix - echo "${ARCHIVE_VERSION}" - FOLDER_NAME="v${ARCHIVE_VERSION}-beta" - mkdir "${FOLDER_NAME}" && cd "${FOLDER_NAME}" && unzip -q ${ARCHIVE_FILE_NAME} && cd .. - echo ${PWD} - ARCHIVE_VERSION_NEW="${ARCHIVE_PREFIX}${ARCHIVE_VERSION}.zip" - echo ${ARCHIVE_VERSION_NEW} - mv ${ARCHIVE_FILE_NAME} ${ARCHIVE_VERSION_NEW} - mv releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-x86_64.dmg "releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-x86_64-${FOLDER_NAME}.dmg" - mv releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-aarch64.dmg "releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-aarch64-${FOLDER_NAME}.dmg" - aws s3 rm s3://${{ secrets.DL_BUCKET }}/dl/idf-eclipse-plugin/updates/beta --recursive - aws s3 cp --acl=public-read --recursive "./${FOLDER_NAME}/" s3://${{ secrets.DL_BUCKET }}/dl/idf-eclipse-plugin/updates/beta - aws s3 cp --acl=public-read "./releng/index.html" s3://${{ secrets.DL_BUCKET }}/dl/idf-eclipse-plugin/updates/beta/ - aws s3 cp --acl=public-read --recursive "./${FOLDER_NAME}/" s3://${{ secrets.DL_BUCKET }}/dl/idf-eclipse-plugin/updates/${FOLDER_NAME} - aws s3 cp --acl=public-read --recursive --exclude "*" --include "Espressif-IDE-*" ./releng/com.espressif.idf.product/target/products/ s3://${{ secrets.DL_BUCKET }}/dl/idf-eclipse-plugin/ide/ - aws s3 cp --acl=public-read "${ARCHIVE_VERSION_NEW}" s3://${{ secrets.DL_BUCKET }}/dl/idf-eclipse-plugin/updates/ - aws s3 cp --acl=public-read "./releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-x86_64-${FOLDER_NAME}.dmg" s3://${{ secrets.DL_BUCKET }}/dl/idf-eclipse-plugin/ide/ - aws s3 cp --acl=public-read "./releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-aarch64-${FOLDER_NAME}.dmg" s3://${{ secrets.DL_BUCKET }}/dl/idf-eclipse-plugin/ide/ - aws cloudfront create-invalidation --distribution-id ${{ secrets.DL_DISTRIBUTION_ID }} --paths "/dl/idf-eclipse-plugin/updates/beta/*" - aws s3api put-object --acl=public-read --bucket espdldata --key "dl/idf-eclipse-plugin/ide/Espressif-IDE-win32.win32.x86_64/beta" --website-redirect-location "/dl/idf-eclipse-plugin/ide/Espressif-IDE-${ARCHIVE_VERSION}-win32.win32.x86_64.zip" - aws s3api put-object --acl=public-read --bucket espdldata --key "dl/idf-eclipse-plugin/ide/Espressif-IDE-macosx-cocoa-x86_64/beta" --website-redirect-location "/dl/idf-eclipse-plugin/ide/Espressif-IDE-macosx-cocoa-x86_64-v${ARCHIVE_VERSION}.dmg" - aws s3api put-object --acl=public-read --bucket espdldata --key "dl/idf-eclipse-plugin/ide/Espressif-IDE-macosx-cocoa-aarch64/beta" --website-redirect-location "/dl/idf-eclipse-plugin/ide/Espressif-IDE-macosx-cocoa-aarch64-v${ARCHIVE_VERSION}.dmg" - aws s3api put-object --acl=public-read --bucket espdldata --key "dl/idf-eclipse-plugin/ide/Espressif-IDE-linux.gtk.x86_64/beta" --website-redirect-location "/dl/idf-eclipse-plugin/ide/Espressif-IDE-${ARCHIVE_VERSION}-linux.gtk.x86_64.tar.gz" \ No newline at end of file + # - name: Upload build assets to dl.espressif.com + # id: upload-release-asset-espressif + # env: + # AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + # AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + # AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + # run: | + # ARCHIVE_DIR="/releng/com.espressif.idf.update/target/" + # ARCHIVE_NAME="com.espressif.idf.update*.zip" + # echo "${ARCHIVE_DIR}" + # echo ${PWD}${ARCHIVE_DIR} + # ARCHIVE_FILE_NAME="$(find ${PWD}${ARCHIVE_DIR}${ARCHIVE_NAME})" + # echo "${ARCHIVE_FILE_NAME}" + # ARCHIVE_PREFIX="com.espressif.idf.update-" + # ARCHIVE_SUFFIX="-SNAPSHOT.zip"; + # tmp=${ARCHIVE_FILE_NAME#*${ARCHIVE_PREFIX}} # remove prefix + # ARCHIVE_VERSION=${tmp%${ARCHIVE_SUFFIX}*} # remove suffix + # echo "${ARCHIVE_VERSION}" + # FOLDER_NAME="v${ARCHIVE_VERSION}-beta" + # mkdir "${FOLDER_NAME}" && cd "${FOLDER_NAME}" && unzip -q ${ARCHIVE_FILE_NAME} && cd .. + # echo ${PWD} + # ARCHIVE_VERSION_NEW="${ARCHIVE_PREFIX}${ARCHIVE_VERSION}.zip" + # echo ${ARCHIVE_VERSION_NEW} + # mv ${ARCHIVE_FILE_NAME} ${ARCHIVE_VERSION_NEW} + # mv releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-x86_64.dmg "releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-x86_64-${FOLDER_NAME}.dmg" + # mv releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-aarch64.dmg "releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-aarch64-${FOLDER_NAME}.dmg" + # aws s3 rm s3://${{ secrets.DL_BUCKET }}/dl/idf-eclipse-plugin/updates/beta --recursive + # aws s3 cp --acl=public-read --recursive "./${FOLDER_NAME}/" s3://${{ secrets.DL_BUCKET }}/dl/idf-eclipse-plugin/updates/beta + # aws s3 cp --acl=public-read "./releng/index.html" s3://${{ secrets.DL_BUCKET }}/dl/idf-eclipse-plugin/updates/beta/ + # aws s3 cp --acl=public-read --recursive "./${FOLDER_NAME}/" s3://${{ secrets.DL_BUCKET }}/dl/idf-eclipse-plugin/updates/${FOLDER_NAME} + # aws s3 cp --acl=public-read --recursive --exclude "*" --include "Espressif-IDE-*" ./releng/com.espressif.idf.product/target/products/ s3://${{ secrets.DL_BUCKET }}/dl/idf-eclipse-plugin/ide/ + # aws s3 cp --acl=public-read "${ARCHIVE_VERSION_NEW}" s3://${{ secrets.DL_BUCKET }}/dl/idf-eclipse-plugin/updates/ + # aws s3 cp --acl=public-read "./releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-x86_64-${FOLDER_NAME}.dmg" s3://${{ secrets.DL_BUCKET }}/dl/idf-eclipse-plugin/ide/ + # aws s3 cp --acl=public-read "./releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-aarch64-${FOLDER_NAME}.dmg" s3://${{ secrets.DL_BUCKET }}/dl/idf-eclipse-plugin/ide/ + # aws cloudfront create-invalidation --distribution-id ${{ secrets.DL_DISTRIBUTION_ID }} --paths "/dl/idf-eclipse-plugin/updates/beta/*" + # aws s3api put-object --acl=public-read --bucket espdldata --key "dl/idf-eclipse-plugin/ide/Espressif-IDE-win32.win32.x86_64/beta" --website-redirect-location "/dl/idf-eclipse-plugin/ide/Espressif-IDE-${ARCHIVE_VERSION}-win32.win32.x86_64.zip" + # aws s3api put-object --acl=public-read --bucket espdldata --key "dl/idf-eclipse-plugin/ide/Espressif-IDE-macosx-cocoa-x86_64/beta" --website-redirect-location "/dl/idf-eclipse-plugin/ide/Espressif-IDE-macosx-cocoa-x86_64-v${ARCHIVE_VERSION}.dmg" + # aws s3api put-object --acl=public-read --bucket espdldata --key "dl/idf-eclipse-plugin/ide/Espressif-IDE-macosx-cocoa-aarch64/beta" --website-redirect-location "/dl/idf-eclipse-plugin/ide/Espressif-IDE-macosx-cocoa-aarch64-v${ARCHIVE_VERSION}.dmg" + # aws s3api put-object --acl=public-read --bucket espdldata --key "dl/idf-eclipse-plugin/ide/Espressif-IDE-linux.gtk.x86_64/beta" --website-redirect-location "/dl/idf-eclipse-plugin/ide/Espressif-IDE-${ARCHIVE_VERSION}-linux.gtk.x86_64.tar.gz" \ No newline at end of file From 46ae6f12fff070be550f3c2a43754afe2ce43c5b Mon Sep 17 00:00:00 2001 From: Kondal Kolipaka Date: Wed, 15 May 2024 00:03:42 +0530 Subject: [PATCH 3/6] fix: teamid issue --- .github/workflows/ci_beta.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci_beta.yml b/.github/workflows/ci_beta.yml index bd78c7aae..8a3cb70fc 100644 --- a/.github/workflows/ci_beta.yml +++ b/.github/workflows/ci_beta.yml @@ -82,7 +82,7 @@ jobs: NOTARIZATION_PASSWORD: ${{ secrets.NOTARIZATION_PASSWORD }} run: | echo "Create keychain profile" - xcrun notarytool store-credentials "ide-notarytool-profile" --apple-id "$NOTARIZATION_USERNAME" --team-id "$NOTARIZATION_TEAM_ID" --password "$NOTARIZATION_PASSWORD" + xcrun notarytool store-credentials "ide-notarytool-profile" --apple-id $NOTARIZATION_USERNAME --team-id $NOTARIZATION_TEAM_ID --password $NOTARIZATION_PASSWORD echo "Notarization of Espressif-IDE-macosx-cocoa-x86_64.dmg" xcrun notarytool submit $PWD/releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-x86_64.dmg --keychain-profile "ide-notarytool-profile" --wait echo "Attach staple" From 68ba9a1da8dc99246f7231c8bfcdb87522983f1c Mon Sep 17 00:00:00 2001 From: Kondal Kolipaka Date: Wed, 15 May 2024 00:14:47 +0530 Subject: [PATCH 4/6] fix: teamid issue --- .github/workflows/ci_beta.yml | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/.github/workflows/ci_beta.yml b/.github/workflows/ci_beta.yml index 8a3cb70fc..591f56dc6 100644 --- a/.github/workflows/ci_beta.yml +++ b/.github/workflows/ci_beta.yml @@ -80,6 +80,7 @@ jobs: env: NOTARIZATION_USERNAME: ${{ secrets.NOTARIZATION_USERNAME }} NOTARIZATION_PASSWORD: ${{ secrets.NOTARIZATION_PASSWORD }} + NOTARIZATION_TEAM_ID: ${{ secrets.NOTARIZATION_TEAM_ID }} run: | echo "Create keychain profile" xcrun notarytool store-credentials "ide-notarytool-profile" --apple-id $NOTARIZATION_USERNAME --team-id $NOTARIZATION_TEAM_ID --password $NOTARIZATION_PASSWORD @@ -96,12 +97,12 @@ jobs: # echo "Notarization of Espressif-IDE-macosx-cocoa-aarch64.dmg" # xcrun altool --notarize-app -f $PWD/releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-aarch64.dmg -u $NOTARIZATION_USERNAME -p $NOTARIZATION_PASSWORD --primary-bundle-id Espressif-IDE.app - # - name: Upload Espressif-IDE-macosx-cocoa-x86_64.dmg - # if: ${{ !cancelled() }} - # uses: actions/upload-artifact@v2 - # with: - # name: espressif-ide-macosx-cocoa-x86_64 - # path: releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-x86_64.dmg + - name: Upload Espressif-IDE-macosx-cocoa-x86_64.dmg + if: ${{ !cancelled() }} + uses: actions/upload-artifact@v2 + with: + name: espressif-ide-macosx-cocoa-x86_64 + path: releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-x86_64.dmg # - name: Upload Espressif-IDE-macosx-cocoa-aarch64.dmg # if: ${{ !cancelled() }} From 873bbdb37eefdd4af0325757cce015ef99184004 Mon Sep 17 00:00:00 2001 From: Kondal Kolipaka Date: Wed, 15 May 2024 00:45:36 +0530 Subject: [PATCH 5/6] fix: add arm64 also for test --- .github/workflows/ci_beta.yml | 70 +++++++++++++++-------------------- 1 file changed, 29 insertions(+), 41 deletions(-) diff --git a/.github/workflows/ci_beta.yml b/.github/workflows/ci_beta.yml index 591f56dc6..e084ab5da 100644 --- a/.github/workflows/ci_beta.yml +++ b/.github/workflows/ci_beta.yml @@ -68,14 +68,6 @@ jobs: /usr/bin/codesign --options runtime --force -s "ESPRESSIF SYSTEMS (SHANGHAI) CO., LTD. (QWXF6GB4AV)" $PWD/releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-aarch64.dmg -v /usr/bin/codesign -v -vvv --deep $PWD/releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-aarch64.dmg - # - name: Notarize Espressif-IDE-macosx-cocoa-x86_64.dmg - # env: - # NOTARIZATION_USERNAME: ${{ secrets.NOTARIZATION_USERNAME }} - # NOTARIZATION_PASSWORD: ${{ secrets.NOTARIZATION_PASSWORD }} - # run: | - # echo "Notarization of Espressif-IDE-macosx-cocoa-x86_64.dmg" - # xcrun altool --notarize-app -f $PWD/releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-x86_64.dmg -u $NOTARIZATION_USERNAME -p $NOTARIZATION_PASSWORD --primary-bundle-id Espressif-IDE.app - - name: Notarize Espressif-IDE-macosx-cocoa-x86_64.dmg env: NOTARIZATION_USERNAME: ${{ secrets.NOTARIZATION_USERNAME }} @@ -86,16 +78,12 @@ jobs: xcrun notarytool store-credentials "ide-notarytool-profile" --apple-id $NOTARIZATION_USERNAME --team-id $NOTARIZATION_TEAM_ID --password $NOTARIZATION_PASSWORD echo "Notarization of Espressif-IDE-macosx-cocoa-x86_64.dmg" xcrun notarytool submit $PWD/releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-x86_64.dmg --keychain-profile "ide-notarytool-profile" --wait - echo "Attach staple" + echo "Attach staple for x86_64.dmg" xcrun stapler staple $PWD/releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-x86_64.dmg - - # - name: Notarize Espressif-IDE-macosx-cocoa-aarch64.dmg - # env: - # NOTARIZATION_USERNAME: ${{ secrets.NOTARIZATION_USERNAME }} - # NOTARIZATION_PASSWORD: ${{ secrets.NOTARIZATION_PASSWORD }} - # run: | - # echo "Notarization of Espressif-IDE-macosx-cocoa-aarch64.dmg" - # xcrun altool --notarize-app -f $PWD/releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-aarch64.dmg -u $NOTARIZATION_USERNAME -p $NOTARIZATION_PASSWORD --primary-bundle-id Espressif-IDE.app + echo "Notarization of Espressif-IDE-macosx-cocoa-aarch64.dmg" + xcrun notarytool submit $PWD/releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-aarch64.dmg --keychain-profile "ide-notarytool-profile" --wait + echo "Attach staple for aarch64.dmg" + xcrun stapler staple $PWD/releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-aarch64.dmg - name: Upload Espressif-IDE-macosx-cocoa-x86_64.dmg if: ${{ !cancelled() }} @@ -104,33 +92,33 @@ jobs: name: espressif-ide-macosx-cocoa-x86_64 path: releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-x86_64.dmg - # - name: Upload Espressif-IDE-macosx-cocoa-aarch64.dmg - # if: ${{ !cancelled() }} - # uses: actions/upload-artifact@v2 - # with: - # name: espressif-ide-macosx.cocoa.aarch64 - # path: releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-aarch64.dmg + - name: Upload Espressif-IDE-macosx-cocoa-aarch64.dmg + if: ${{ !cancelled() }} + uses: actions/upload-artifact@v2 + with: + name: espressif-ide-macosx.cocoa.aarch64 + path: releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-aarch64.dmg - # - name: Upload build artifacts - # if: ${{ !cancelled() }} - # uses: actions/upload-artifact@v2 - # with: - # name: com.espressif.idf.update - # path: releng/com.espressif.idf.update/target/repository + - name: Upload build artifacts + if: ${{ !cancelled() }} + uses: actions/upload-artifact@v2 + with: + name: com.espressif.idf.update + path: releng/com.espressif.idf.update/target/repository - # - name: Upload windows rcp - # if: ${{ !cancelled() }} - # uses: actions/upload-artifact@v2 - # with: - # name: espressif-ide-win32 - # path: releng/com.espressif.idf.product/target/products/Espressif-IDE-*-win32.win32.x86_64.zip + - name: Upload windows rcp + if: ${{ !cancelled() }} + uses: actions/upload-artifact@v2 + with: + name: espressif-ide-win32 + path: releng/com.espressif.idf.product/target/products/Espressif-IDE-*-win32.win32.x86_64.zip - # - name: Upload linux rcp - # if: ${{ !cancelled() }} - # uses: actions/upload-artifact@v2 - # with: - # name: espressif-ide-linux - # path: releng/com.espressif.idf.product/target/products/Espressif-IDE-*-linux.gtk.x86_64.tar.gz + - name: Upload linux rcp + if: ${{ !cancelled() }} + uses: actions/upload-artifact@v2 + with: + name: espressif-ide-linux + path: releng/com.espressif.idf.product/target/products/Espressif-IDE-*-linux.gtk.x86_64.tar.gz # - name: Upload build assets to dl.espressif.com From b18b8f5a917a4f6a0db638dd8e8b8ee21d65334e Mon Sep 17 00:00:00 2001 From: Kondal Kolipaka Date: Wed, 15 May 2024 00:55:14 +0530 Subject: [PATCH 6/6] fix: replace with notarytool --- .github/workflows/ci_beta.yml | 91 +++++++++++++++++------------------ 1 file changed, 43 insertions(+), 48 deletions(-) diff --git a/.github/workflows/ci_beta.yml b/.github/workflows/ci_beta.yml index e084ab5da..d82801497 100644 --- a/.github/workflows/ci_beta.yml +++ b/.github/workflows/ci_beta.yml @@ -3,16 +3,11 @@ name: Beta builds -# on: -# push: -# tags: -# - "v[0-9]+.[0-9]+.[0-9]+-beta" - on: push: - branches: [ master ] - pull_request: - branches: [ master ] + tags: + - "v[0-9]+.[0-9]+.[0-9]+-beta" + jobs: build: @@ -68,7 +63,7 @@ jobs: /usr/bin/codesign --options runtime --force -s "ESPRESSIF SYSTEMS (SHANGHAI) CO., LTD. (QWXF6GB4AV)" $PWD/releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-aarch64.dmg -v /usr/bin/codesign -v -vvv --deep $PWD/releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-aarch64.dmg - - name: Notarize Espressif-IDE-macosx-cocoa-x86_64.dmg + - name: Notarize macOS dmg files env: NOTARIZATION_USERNAME: ${{ secrets.NOTARIZATION_USERNAME }} NOTARIZATION_PASSWORD: ${{ secrets.NOTARIZATION_PASSWORD }} @@ -121,42 +116,42 @@ jobs: path: releng/com.espressif.idf.product/target/products/Espressif-IDE-*-linux.gtk.x86_64.tar.gz - # - name: Upload build assets to dl.espressif.com - # id: upload-release-asset-espressif - # env: - # AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} - # AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - # AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }} - # run: | - # ARCHIVE_DIR="/releng/com.espressif.idf.update/target/" - # ARCHIVE_NAME="com.espressif.idf.update*.zip" - # echo "${ARCHIVE_DIR}" - # echo ${PWD}${ARCHIVE_DIR} - # ARCHIVE_FILE_NAME="$(find ${PWD}${ARCHIVE_DIR}${ARCHIVE_NAME})" - # echo "${ARCHIVE_FILE_NAME}" - # ARCHIVE_PREFIX="com.espressif.idf.update-" - # ARCHIVE_SUFFIX="-SNAPSHOT.zip"; - # tmp=${ARCHIVE_FILE_NAME#*${ARCHIVE_PREFIX}} # remove prefix - # ARCHIVE_VERSION=${tmp%${ARCHIVE_SUFFIX}*} # remove suffix - # echo "${ARCHIVE_VERSION}" - # FOLDER_NAME="v${ARCHIVE_VERSION}-beta" - # mkdir "${FOLDER_NAME}" && cd "${FOLDER_NAME}" && unzip -q ${ARCHIVE_FILE_NAME} && cd .. - # echo ${PWD} - # ARCHIVE_VERSION_NEW="${ARCHIVE_PREFIX}${ARCHIVE_VERSION}.zip" - # echo ${ARCHIVE_VERSION_NEW} - # mv ${ARCHIVE_FILE_NAME} ${ARCHIVE_VERSION_NEW} - # mv releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-x86_64.dmg "releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-x86_64-${FOLDER_NAME}.dmg" - # mv releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-aarch64.dmg "releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-aarch64-${FOLDER_NAME}.dmg" - # aws s3 rm s3://${{ secrets.DL_BUCKET }}/dl/idf-eclipse-plugin/updates/beta --recursive - # aws s3 cp --acl=public-read --recursive "./${FOLDER_NAME}/" s3://${{ secrets.DL_BUCKET }}/dl/idf-eclipse-plugin/updates/beta - # aws s3 cp --acl=public-read "./releng/index.html" s3://${{ secrets.DL_BUCKET }}/dl/idf-eclipse-plugin/updates/beta/ - # aws s3 cp --acl=public-read --recursive "./${FOLDER_NAME}/" s3://${{ secrets.DL_BUCKET }}/dl/idf-eclipse-plugin/updates/${FOLDER_NAME} - # aws s3 cp --acl=public-read --recursive --exclude "*" --include "Espressif-IDE-*" ./releng/com.espressif.idf.product/target/products/ s3://${{ secrets.DL_BUCKET }}/dl/idf-eclipse-plugin/ide/ - # aws s3 cp --acl=public-read "${ARCHIVE_VERSION_NEW}" s3://${{ secrets.DL_BUCKET }}/dl/idf-eclipse-plugin/updates/ - # aws s3 cp --acl=public-read "./releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-x86_64-${FOLDER_NAME}.dmg" s3://${{ secrets.DL_BUCKET }}/dl/idf-eclipse-plugin/ide/ - # aws s3 cp --acl=public-read "./releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-aarch64-${FOLDER_NAME}.dmg" s3://${{ secrets.DL_BUCKET }}/dl/idf-eclipse-plugin/ide/ - # aws cloudfront create-invalidation --distribution-id ${{ secrets.DL_DISTRIBUTION_ID }} --paths "/dl/idf-eclipse-plugin/updates/beta/*" - # aws s3api put-object --acl=public-read --bucket espdldata --key "dl/idf-eclipse-plugin/ide/Espressif-IDE-win32.win32.x86_64/beta" --website-redirect-location "/dl/idf-eclipse-plugin/ide/Espressif-IDE-${ARCHIVE_VERSION}-win32.win32.x86_64.zip" - # aws s3api put-object --acl=public-read --bucket espdldata --key "dl/idf-eclipse-plugin/ide/Espressif-IDE-macosx-cocoa-x86_64/beta" --website-redirect-location "/dl/idf-eclipse-plugin/ide/Espressif-IDE-macosx-cocoa-x86_64-v${ARCHIVE_VERSION}.dmg" - # aws s3api put-object --acl=public-read --bucket espdldata --key "dl/idf-eclipse-plugin/ide/Espressif-IDE-macosx-cocoa-aarch64/beta" --website-redirect-location "/dl/idf-eclipse-plugin/ide/Espressif-IDE-macosx-cocoa-aarch64-v${ARCHIVE_VERSION}.dmg" - # aws s3api put-object --acl=public-read --bucket espdldata --key "dl/idf-eclipse-plugin/ide/Espressif-IDE-linux.gtk.x86_64/beta" --website-redirect-location "/dl/idf-eclipse-plugin/ide/Espressif-IDE-${ARCHIVE_VERSION}-linux.gtk.x86_64.tar.gz" \ No newline at end of file + - name: Upload build assets to dl.espressif.com + id: upload-release-asset-espressif + env: + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }} + run: | + ARCHIVE_DIR="/releng/com.espressif.idf.update/target/" + ARCHIVE_NAME="com.espressif.idf.update*.zip" + echo "${ARCHIVE_DIR}" + echo ${PWD}${ARCHIVE_DIR} + ARCHIVE_FILE_NAME="$(find ${PWD}${ARCHIVE_DIR}${ARCHIVE_NAME})" + echo "${ARCHIVE_FILE_NAME}" + ARCHIVE_PREFIX="com.espressif.idf.update-" + ARCHIVE_SUFFIX="-SNAPSHOT.zip"; + tmp=${ARCHIVE_FILE_NAME#*${ARCHIVE_PREFIX}} # remove prefix + ARCHIVE_VERSION=${tmp%${ARCHIVE_SUFFIX}*} # remove suffix + echo "${ARCHIVE_VERSION}" + FOLDER_NAME="v${ARCHIVE_VERSION}-beta" + mkdir "${FOLDER_NAME}" && cd "${FOLDER_NAME}" && unzip -q ${ARCHIVE_FILE_NAME} && cd .. + echo ${PWD} + ARCHIVE_VERSION_NEW="${ARCHIVE_PREFIX}${ARCHIVE_VERSION}.zip" + echo ${ARCHIVE_VERSION_NEW} + mv ${ARCHIVE_FILE_NAME} ${ARCHIVE_VERSION_NEW} + mv releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-x86_64.dmg "releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-x86_64-${FOLDER_NAME}.dmg" + mv releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-aarch64.dmg "releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-aarch64-${FOLDER_NAME}.dmg" + aws s3 rm s3://${{ secrets.DL_BUCKET }}/dl/idf-eclipse-plugin/updates/beta --recursive + aws s3 cp --acl=public-read --recursive "./${FOLDER_NAME}/" s3://${{ secrets.DL_BUCKET }}/dl/idf-eclipse-plugin/updates/beta + aws s3 cp --acl=public-read "./releng/index.html" s3://${{ secrets.DL_BUCKET }}/dl/idf-eclipse-plugin/updates/beta/ + aws s3 cp --acl=public-read --recursive "./${FOLDER_NAME}/" s3://${{ secrets.DL_BUCKET }}/dl/idf-eclipse-plugin/updates/${FOLDER_NAME} + aws s3 cp --acl=public-read --recursive --exclude "*" --include "Espressif-IDE-*" ./releng/com.espressif.idf.product/target/products/ s3://${{ secrets.DL_BUCKET }}/dl/idf-eclipse-plugin/ide/ + aws s3 cp --acl=public-read "${ARCHIVE_VERSION_NEW}" s3://${{ secrets.DL_BUCKET }}/dl/idf-eclipse-plugin/updates/ + aws s3 cp --acl=public-read "./releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-x86_64-${FOLDER_NAME}.dmg" s3://${{ secrets.DL_BUCKET }}/dl/idf-eclipse-plugin/ide/ + aws s3 cp --acl=public-read "./releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-aarch64-${FOLDER_NAME}.dmg" s3://${{ secrets.DL_BUCKET }}/dl/idf-eclipse-plugin/ide/ + aws cloudfront create-invalidation --distribution-id ${{ secrets.DL_DISTRIBUTION_ID }} --paths "/dl/idf-eclipse-plugin/updates/beta/*" + aws s3api put-object --acl=public-read --bucket espdldata --key "dl/idf-eclipse-plugin/ide/Espressif-IDE-win32.win32.x86_64/beta" --website-redirect-location "/dl/idf-eclipse-plugin/ide/Espressif-IDE-${ARCHIVE_VERSION}-win32.win32.x86_64.zip" + aws s3api put-object --acl=public-read --bucket espdldata --key "dl/idf-eclipse-plugin/ide/Espressif-IDE-macosx-cocoa-x86_64/beta" --website-redirect-location "/dl/idf-eclipse-plugin/ide/Espressif-IDE-macosx-cocoa-x86_64-v${ARCHIVE_VERSION}.dmg" + aws s3api put-object --acl=public-read --bucket espdldata --key "dl/idf-eclipse-plugin/ide/Espressif-IDE-macosx-cocoa-aarch64/beta" --website-redirect-location "/dl/idf-eclipse-plugin/ide/Espressif-IDE-macosx-cocoa-aarch64-v${ARCHIVE_VERSION}.dmg" + aws s3api put-object --acl=public-read --bucket espdldata --key "dl/idf-eclipse-plugin/ide/Espressif-IDE-linux.gtk.x86_64/beta" --website-redirect-location "/dl/idf-eclipse-plugin/ide/Espressif-IDE-${ARCHIVE_VERSION}-linux.gtk.x86_64.tar.gz" \ No newline at end of file