PIV: Make PUBLIC-KEY optional when generating certificate #1217
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: macOS | |
on: [push, pull_request] | |
# Adapted from https://github.com/sabnzbd/sabnzbd/blob/develop/.github/workflows/build_release.yml#L80 | |
jobs: | |
build: | |
runs-on: macos-latest | |
env: | |
MACOSX_DEPLOYMENT_TARGET: "11.0" | |
CFLAGS: -arch x86_64 -arch arm64 | |
ARCHFLAGS: -arch x86_64 -arch arm64 | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Install Poetry | |
run: pipx install poetry | |
- name: Set up Python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: '3.12.4' | |
cache: poetry | |
- name: Install dependencies | |
run: poetry install | |
- name: Explicitly use universal versions | |
run: | | |
# Export exact versions | |
poetry export --without-hashes > requirements.txt | |
grep cryptography requirements.txt > cryptography.txt | |
grep cffi requirements.txt > source-reqs.txt | |
grep pyscard requirements.txt >> source-reqs.txt | |
# Remove non-universal packages | |
poetry run pip uninstall -y cryptography cffi pyscard | |
# Build cffi from source to get universal build | |
poetry run pip install --upgrade -r source-reqs.txt --no-binary :all: | |
# Explicitly install pre-build universal build of cryptography | |
poetry run pip download -r cryptography.txt --platform macosx_10_12_universal2 --only-binary :all: --no-deps --dest . | |
poetry run pip install -r cryptography.txt --no-cache-dir --no-index --find-links . | |
- name: PyInstaller | |
run: | | |
poetry run pyinstaller ykman.spec | |
dist/ykman/ykman --version | |
[[ -z "$(dist/ykman/ykman --version | grep -E "not found|missing")" ]] | |
- name: Simplify Python bundle | |
working-directory: ./dist/ykman/_internal | |
run: | | |
mv $(readlink Python) Python | |
rm -rf Python.framework | |
- name: Copy scripts | |
shell: bash | |
run: cp -r resources/macos dist/scripts | |
- name: Build installer | |
working-directory: ./dist | |
run: ./scripts/make_pkg.sh | |
- name: Upload build | |
uses: actions/upload-artifact@v4 | |
with: | |
name: ykman-builds-macos | |
path: dist |