-
-
Notifications
You must be signed in to change notification settings - Fork 387
325 lines (319 loc) · 12.4 KB
/
package.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
name: Package and release
on:
push:
paths:
- '.github/workflows/package.yml'
- '.github/workflows/pypi-release.yml'
- 'installer/**'
- 'picard/**'
- 'po/**.po'
- 'resources/win10/**'
- 'scripts/package/*'
- 'scripts/pyinstaller/*'
- 'test/**'
- 'appxmanifest.xml.in'
- 'picard.icns'
- 'picard.ico'
- 'picard.spec'
- 'requirements*.txt'
- 'setup.py'
- 'tagger.py.in'
- 'win.version-info.txt.in'
pull_request:
permissions: {}
jobs:
package-macos:
runs-on: macos-13
strategy:
matrix:
setup:
- macos-deployment-version: 10.12
python-version: 3.9.12-macosx10.9
python-sha256sum: 7888174c6fe441b00448c7ab3e9cbf0e6c3c7dea0750577baf09e1383fc44656
disable-webp: 1
- macos-deployment-version: 10.14
python-version: 3.11.5-macos11
python-sha256sum: c6cd76659bfb364c2ac63bc57f6b10c1e131a20170359c5d65e2d41fdc674a4f
disable-webp: 0
env:
DISCID_VERSION: 0.6.4
DISCID_SHA256SUM: 829133dd38acbdaa2b989de59e256c8d139ac34cb4dd4b8fd3c9d55a97c824f3
FPCALC_VERSION: 1.5.1
FPCALC_SHA256SUM: d4d8faff4b5f7c558d9be053da47804f9501eaa6c2f87906a9f040f38d61c860
PYTHON_VERSION: ${{ matrix.setup.python-version }}
PYTHON_SHA256SUM: ${{ matrix.setup.python-sha256sum }}
MACOSX_DEPLOYMENT_TARGET: ${{ matrix.setup.macos-deployment-version }}
CODESIGN: 0
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # Fetch entire history, needed for setting the build number
- run: git fetch --depth=1 origin +refs/tags/release-*:refs/tags/release-*
- name: Setup macOS build environment
run: |
./scripts/package/macos-setup.sh
PYTHON_BASE_VERSION=$(echo $PYTHON_VERSION | sed -e "s/\.[0-9]\{1,\}$//")
echo "/Library/Frameworks/Python.framework/Versions/$PYTHON_BASE_VERSION/bin" >> $GITHUB_PATH
echo "/usr/local/opt/gettext/bin" >> $GITHUB_PATH
RELEASE_TAG=$(git describe --match "release-*" --abbrev=0 --always HEAD)
BUILD_NUMBER=$(git rev-list --count $RELEASE_TAG..HEAD)
echo "BUILD_NUMBER=$BUILD_NUMBER" >> $GITHUB_ENV
mkdir artifacts
python3 -m pip install --upgrade pip setuptools wheel
- name: Patch build version
if: startsWith(github.ref, 'refs/tags/') != true
run: |
python3 setup.py patch_version --platform=$BUILD_NUMBER.$(git rev-parse --short HEAD)
- name: Compile and install PyInstaller
run: |
git clone --depth 1 --branch "$PYINSTALLER_VERSION" https://github.com/pyinstaller/pyinstaller.git pyinstaller
cd pyinstaller/bootloader
python3 ./waf --verbose all
cd ..
pip3 install .
env:
PYINSTALLER_VERSION: v5.13.2
CFLAGS: -mmacosx-version-min=${{ matrix.setup.macos-deployment-version }}
CPPFLAGS: -mmacosx-version-min=${{ matrix.setup.macos-deployment-version }}
LDFLAGS: -mmacosx-version-min=${{ matrix.setup.macos-deployment-version }}
LINKFLAGS: -mmacosx-version-min=${{ matrix.setup.macos-deployment-version }}
- name: Install dependencies
run: |
pip3 install -r requirements-build.txt
pip3 install -r requirements-macos-${MACOSX_DEPLOYMENT_TARGET}.txt
- name: Run tests
timeout-minutes: 30
run: |
python3 setup.py test
- name: Prepare code signing certificate
run: |
if [ -n "$CODESIGN_MACOS_P12_URL" ] && [ -n "$AWS_ACCESS_KEY_ID" ]; then
pip3 install awscli
aws s3 cp "$CODESIGN_MACOS_P12_URL" ./scripts/package/appledev.p12
else
echo "::warning::No code signing certificate available, skipping code signing."
fi
env:
AWS_DEFAULT_REGION: eu-central-1
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
CODESIGN_MACOS_P12_URL: ${{ secrets.CODESIGN_MACOS_P12_URL }}
- name: Build macOS app
run: |
./scripts/package/macos-package-app.sh
rm -f ./scripts/package/appledev.p12
mv dist/*.dmg artifacts/
env:
APPLE_ID_USER: ${{ secrets.APPLE_ID_USER }}
APPLE_ID_TEAM: ${{ secrets.APPLE_ID_TEAM }}
APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }}
CODESIGN_MACOS_P12_PASSWORD: ${{ secrets.CODESIGN_MACOS_P12_PASSWORD }}
DISABLE_WEBP: ${{ matrix.setup.disable-webp }}
- name: Archive production artifacts
uses: actions/upload-artifact@v4
with:
name: macos-app-${{ matrix.setup.macos-deployment-version }}
path: artifacts/
package-windows:
runs-on: windows-2019
strategy:
matrix:
type:
- store-app
- signed-app
- installer
- portable
fail-fast: false
env:
CODESIGN: 0
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # Fetch entire history, needed for setting the build number
- run: git fetch --depth=1 origin +refs/tags/release-*:refs/tags/release-*
- name: Set up Python 3.8
uses: actions/setup-python@v5
with:
python-version: 3.8
- name: Setup Windows build environment
run: |
& .\scripts\package\win-setup.ps1 `
-DiscidVersion $Env:DISCID_VERSION -DiscidSha256Sum $Env:DISCID_SHA256SUM `
-FpcalcVersion $Env:FPCALC_VERSION -FpcalcSha256Sum $Env:FPCALC_SHA256SUM
Add-Content $env:GITHUB_PATH "C:\Program Files (x86)\Windows Kits\10\bin\10.0.18362.0\x64"
$ReleaseTag = $(git describe --match "release-*" --abbrev=0 --always HEAD)
$BuildNumber = $(git rev-list --count "$ReleaseTag..HEAD")
Add-Content $env:GITHUB_ENV "BUILD_NUMBER=$BuildNumber"
New-Item -Name .\artifacts -ItemType Directory
env:
DISCID_VERSION: 0.6.4
DISCID_SHA256SUM: 330199495d71f71251e91eb0b4e3103b6c663fea09ffc9fd3e5108d48e0452c8
FPCALC_VERSION: 1.5.1
FPCALC_SHA256SUM: 36b478e16aa69f757f376645db0d436073a42c0097b6bb2677109e7835b59bbc
- name: Install gettext
run: |
& .\scripts\package\win-setup-gettext.ps1 `
-GettextVersion $Env:GETTEXT_VERSION -GettextSha256Sum $Env:GETTEXT_SHA256SUM
Add-Content $env:GITHUB_PATH (Join-Path -Path (Resolve-Path .) -ChildPath gettext\bin)
env:
GETTEXT_VERSION: 0.22.4
GETTEXT_SHA256SUM: 220068ac0b9e7aedda03534a3088e584640ac1e639800b3a0baa9410aa6d012a
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install -r requirements-build.txt
pip install -r requirements-win.txt
- name: Patch build version
if: startsWith(github.ref, 'refs/tags/') != true
run: |
python setup.py patch_version --platform=$Env:BUILD_NUMBER.$(git rev-parse --short HEAD)
- name: Run tests
timeout-minutes: 30
run: python setup.py test
- name: Prepare code signing certificate
if: matrix.type != 'store-app'
run: |
If ($Env:CODESIGN_P12_URL -And $Env:AWS_ACCESS_KEY_ID) {
pip install awscli
aws s3 cp "$Env:CODESIGN_P12_URL" .\codesign.pfx
Add-Content $env:GITHUB_ENV "CODESIGN=1"
} Else {
Write-Output "::warning::No code signing certificate available, skipping code signing."
}
env:
AWS_DEFAULT_REGION: eu-central-1
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
CODESIGN_P12_URL: ${{ secrets.CODESIGN_P12_URL }}
- name: Build Windows 10 store app package
if: matrix.type == 'store-app'
run: |
& .\scripts\package\win-package-appx.ps1 -BuildNumber $Env:BUILD_NUMBER
Move-Item .\dist\*.msix .\artifacts
env:
PICARD_APPX_PUBLISHER: CN=0A9169B7-05A3-4ED9-8876-830F17846709
- name: Build Windows 10 signed app package
if: matrix.type == 'signed-app' && env.CODESIGN == '1'
run: |
$CertificateFile = ".\codesign.pfx"
$CertificatePassword = ConvertTo-SecureString -String $Env:CODESIGN_P12_PASSWORD -Force -AsPlainText
& .\scripts\package\win-package-appx.ps1 -BuildNumber $Env:BUILD_NUMBER `
-CertificateFile $CertificateFile -CertificatePassword $CertificatePassword
Move-Item .\dist\*.msix .\artifacts
env:
CODESIGN_P12_PASSWORD: ${{ secrets.CODESIGN_P12_PASSWORD }}
- name: Build Windows installer
if: matrix.type == 'installer'
run: |
# choco install nsis
If ($Env:CODESIGN -eq "1") {
$CertificateFile = ".\codesign.pfx"
$CertificatePassword = ConvertTo-SecureString -String $Env:CODESIGN_P12_PASSWORD -Force -AsPlainText
} Else {
$CertificateFile = $null
$CertificatePassword = $null
}
& .\scripts\package\win-package-installer.ps1 -BuildNumber $Env:BUILD_NUMBER `
-CertificateFile $CertificateFile -CertificatePassword $CertificatePassword
Move-Item .\installer\*.exe .\artifacts
dist\picard\fpcalc -version
env:
CODESIGN_P12_PASSWORD: ${{ secrets.CODESIGN_P12_PASSWORD }}
- name: Build Windows portable app
if: matrix.type == 'portable'
run: |
If ($Env:CODESIGN -eq "1") {
$CertificateFile = ".\codesign.pfx"
$CertificatePassword = ConvertTo-SecureString -String $Env:CODESIGN_P12_PASSWORD -Force -AsPlainText
} Else {
$CertificateFile = $null
$CertificatePassword = $null
}
& .\scripts\package\win-package-portable.ps1 -BuildNumber $Env:BUILD_NUMBER `
-CertificateFile $CertificateFile -CertificatePassword $CertificatePassword
Move-Item .\dist\*.exe .\artifacts
env:
CODESIGN_P12_PASSWORD: ${{ secrets.CODESIGN_P12_PASSWORD }}
- name: Cleanup
if: env.CODESIGN == '1'
run: Remove-Item .\codesign.pfx
- name: Archive production artifacts
uses: actions/upload-artifact@v4
if: matrix.type != 'signed-app' || env.CODESIGN == '1'
with:
name: windows-${{ matrix.type }}
path: artifacts/
package-pypi:
uses: ./.github/workflows/package-pypi.yml
secrets: inherit
permissions:
id-token: write
github-release:
runs-on: ubuntu-latest
if: startsWith(github.ref, 'refs/tags/')
needs:
- package-macos
- package-windows
- package-pypi
permissions:
contents: write
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: 3.9
- uses: actions/download-artifact@v4
with:
name: macos-app-10.12
path: artifacts/
- uses: actions/download-artifact@v4
with:
name: macos-app-10.14
path: artifacts/
# - uses: actions/download-artifact@v4
# with:
# name: windows-signed-app
# path: artifacts/
- uses: actions/download-artifact@v4
with:
name: windows-store-app
path: artifacts/
- uses: actions/download-artifact@v4
with:
name: windows-installer
path: artifacts/
- uses: actions/download-artifact@v4
with:
name: windows-portable
path: artifacts/
- uses: actions/download-artifact@v4
with:
name: picard-sdist
path: artifacts/
- name: Generate checksums
run: |
cd artifacts
sha256sum * > SHA256SUMS
- name: Prepare changelog
id: changelog
continue-on-error: true
run: |
PICARD_VERSION=$(python -c "import picard; print(picard.__version__)")
echo "version=$PICARD_VERSION" >> $GITHUB_OUTPUT
if [[ "$PICARD_VERSION" =~ (a|b|rc|dev) ]]; then
echo "::notice::Releasing pre-release $PICARD_VERSION"
echo "prerelease=true" >> $GITHUB_OUTPUT
else
echo "::notice::Releasing production release $PICARD_VERSION"
fi
echo -e "*Please refer to the [download page](https://picard.musicbrainz.org/downloads/) for official download locations.*\n" > changes-$PICARD_VERSION.md
./scripts/tools/changelog-for-version.py $PICARD_VERSION >> changes-$PICARD_VERSION.md
- name: Create release
uses: softprops/action-gh-release@v2
with:
name: MusicBrainz Picard ${{ steps.changelog.outputs.version }}
body_path: changes-${{ steps.changelog.outputs.version }}.md
prerelease: ${{ steps.changelog.outputs.prerelease }}
files: artifacts/*
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}