Skip to content

Experiment master (HEAD) for Intel Chips #264

Experiment master (HEAD) for Intel Chips

Experiment master (HEAD) for Intel Chips #264

name: "Experiment master (HEAD) for Intel Chips"
on:
workflow_dispatch:
schedule:
- cron: '0 2 * * *'
jobs:
nightly-x86_64:
runs-on: macos-13
timeout-minutes: 60
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Install the Apple certificate and provisioning profile
env:
BUILD_CERTIFICATE_BASE64: ${{ secrets.BUILD_CERTIFICATE_BASE64 }}
DISTRIBUTE_CERTIFICATE_BASE64: ${{ secrets.DISTRIBUTE_CERTIFICATE_BASE64 }}
P12_PASSWORD: ${{ secrets.P12_PASSWORD }}
BUILD_PROVISION_PROFILE_BASE64: ${{ secrets.BUILD_PROVISION_PROFILE_BASE64 }}
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
APP_PASSWORD: ${{ secrets.APP_PASSWORD }}
APPLE_ID: ${{ secrets.APPLE_ID }}
run: |
# create variables
BUILD_CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
DISTRIBUTE_CERTIFICATE_PATH=$RUNNER_TEMP/distribute_certificate.p12
PP_PATH=$RUNNER_TEMP/build_pp.provisionprofile
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
# import certificate and provisioning profile from secrets
echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode -o $BUILD_CERTIFICATE_PATH
echo -n "$DISTRIBUTE_CERTIFICATE_BASE64" | base64 --decode -o $DISTRIBUTE_CERTIFICATE_PATH
echo -n "$BUILD_PROVISION_PROFILE_BASE64" | base64 --decode -o $PP_PATH
# create temporary keychain
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
# import certificate to keychain
security import $BUILD_CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
security import $DISTRIBUTE_CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
security set-key-partition-list -S apple-tool:,apple:,codesign: -k "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security list-keychain -d user -s $KEYCHAIN_PATH
# apply provisioning profile
mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles
cp $PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles
# register a profile to keychain for notarize
xcrun notarytool store-credentials "github-emacs-build" --apple-id $APPLE_ID --team-id "H2PH8KNN3H" --password $APP_PASSWORD
- name: Setup to build
run: sh build/setup.sh
- name: Build HEAD with inline patch
run: sh build/emacs-head.sh -d ${{ github.workspace }}
- name: Verification
run: ${{ github.workspace }}/emacs/nextstep/Emacs.app/Contents/MacOS/Emacs --batch --eval="(unless (fboundp 'mac-input-method-mode) (error \"The inline-patch is NOT integrated\"))"
- name: Portable
run: sh release/portable-emacs.sh -b master -d ${{ github.workspace }}
- name: Notarize
run: sh release/notarize-emacs.sh -b master -d ${{ github.workspace }} -s ${{ github.workspace }} -p inline -a "github-emacs-build"
- name: Export
env:
ORZ_HOST: ${{ secrets.ORZ_HOST }}
ORZ_PORT: ${{ secrets.ORZ_PORT }}
ORZ_ID_BASE64: ${{ secrets.ORZ_ID_BASE64 }}
run: |
ID_PATH=$RUNNER_TEMP/orz_id
rm -f ~/.ssh/known_hosts
echo -n "$ORZ_ID_BASE64" | base64 --decode -o $ID_PATH
chmod 600 $ID_PATH
sftp -b release/upload.bat -o StrictHostKeyChecking=no -i $ID_PATH -P $ORZ_PORT github-ci@$ORZ_HOST
- name: Clean up keychain and provisioning profile
if: ${{ always() }}
run: |
security delete-keychain $RUNNER_TEMP/app-signing.keychain-db
rm ~/Library/MobileDevice/Provisioning\ Profiles/build_pp.provisionprofile
rm $RUNNER_TEMP/orz_id
nightly-native-x86_64:
runs-on: macos-13
timeout-minutes: 120
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Install the Apple certificate and provisioning profile
env:
BUILD_CERTIFICATE_BASE64: ${{ secrets.BUILD_CERTIFICATE_BASE64 }}
DISTRIBUTE_CERTIFICATE_BASE64: ${{ secrets.DISTRIBUTE_CERTIFICATE_BASE64 }}
P12_PASSWORD: ${{ secrets.P12_PASSWORD }}
BUILD_PROVISION_PROFILE_BASE64: ${{ secrets.BUILD_PROVISION_PROFILE_BASE64 }}
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
APP_PASSWORD: ${{ secrets.APP_PASSWORD }}
APPLE_ID: ${{ secrets.APPLE_ID }}
run: |
# create variables
BUILD_CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
DISTRIBUTE_CERTIFICATE_PATH=$RUNNER_TEMP/distribute_certificate.p12
PP_PATH=$RUNNER_TEMP/build_pp.provisionprofile
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
# import certificate and provisioning profile from secrets
echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode -o $BUILD_CERTIFICATE_PATH
echo -n "$DISTRIBUTE_CERTIFICATE_BASE64" | base64 --decode -o $DISTRIBUTE_CERTIFICATE_PATH
echo -n "$BUILD_PROVISION_PROFILE_BASE64" | base64 --decode -o $PP_PATH
# create temporary keychain
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
# import certificate to keychain
security import $BUILD_CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
security import $DISTRIBUTE_CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
security set-key-partition-list -S apple-tool:,apple:,codesign: -k "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security list-keychain -d user -s $KEYCHAIN_PATH
# apply provisioning profile
mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles
cp $PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles
# register a profile to keychain for notarize
xcrun notarytool store-credentials "github-emacs-build" --apple-id $APPLE_ID --team-id "H2PH8KNN3H" --password $APP_PASSWORD
- name: Setup to build
run: sh build/setup.sh
- name: Build HEAD with inline patch
run: sh build/emacs-head.sh -d ${{ github.workspace }} -n
- name: Verification
run: ${{ github.workspace }}/emacs/nextstep/Emacs.app/Contents/MacOS/Emacs --batch --eval="(unless (fboundp 'mac-input-method-mode) (error \"The inline-patch is NOT integrated\"))"
- name: Portable
run: sh release/portable-emacs.sh -b master -d ${{ github.workspace }}
- name: Notarize
run: sh release/notarize-emacs.sh -b master -d ${{ github.workspace }} -s ${{ github.workspace }} -p inline -a "github-emacs-build"
- name: Export
env:
ORZ_HOST: ${{ secrets.ORZ_HOST }}
ORZ_PORT: ${{ secrets.ORZ_PORT }}
ORZ_ID_BASE64: ${{ secrets.ORZ_ID_BASE64 }}
run: |
ID_PATH=$RUNNER_TEMP/orz_id
rm -f ~/.ssh/known_hosts
echo -n "$ORZ_ID_BASE64" | base64 --decode -o $ID_PATH
chmod 600 $ID_PATH
sftp -b release/upload.bat -o StrictHostKeyChecking=no -i $ID_PATH -P $ORZ_PORT github-ci@$ORZ_HOST
- name: Clean up keychain and provisioning profile
if: ${{ always() }}
run: |
security delete-keychain $RUNNER_TEMP/app-signing.keychain-db
rm ~/Library/MobileDevice/Provisioning\ Profiles/build_pp.provisionprofile
rm $RUNNER_TEMP/orz_id