Skip to content

release

release #87

Workflow file for this run

name: release
on:
push:
tags:
- '*'
workflow_dispatch:
permissions:
contents: read
jobs:
test:
uses: ./.github/workflows/pytest.yml
build:
needs: test
strategy:
fail-fast: false
matrix:
python-ver: [3.11]
# Intel mac for macos-13, M1/2 mac for macos-14
os: [windows-latest, macos-13, macos-14]
include:
- os: windows-latest
build_cmd: build_win.bat
zip_name: PlaySK-PianoRoll-Reader-Win.x64.zip
- os: macos-13
build_cmd: bash build_mac.sh
zip_name: PlaySK-PianoRoll-Reader-Mac.x64.zip
- os: macos-14
build_cmd: bash build_mac.sh
zip_name: PlaySK-PianoRoll-Reader-Mac.ARM.zip
runs-on: ${{ matrix.os }}
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up Python ${{ matrix.python-ver }}
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-ver }}
- name: Install poetry
uses: abatilo/actions-poetry@v2
- name: Install dependencies
run: poetry install
- name: build binary
run: poetry run ${{ matrix.build_cmd }}
- name: Windows x64, collect release files
if: startsWith( matrix.os , 'windows' )
run: Compress-Archive -Path "dist/PlaySK Piano Roll Reader/*","sample_scans/" -DestinationPath ${{ matrix.zip_name }}
- name: Mac arm/x64, codesign app
if: startsWith( matrix.os, 'mac' )
env:
CERT_B64: ${{ secrets.CERT_B64 }}
CERT_PW: ${{ secrets.CERT_PW }}
CERT_NAME: ${{ secrets.CERT_NAME }}
KEYCHAIN_PW: ${{ secrets.KEYCHAIN_PW }}
run: |
pushd dist
security create-keychain -p "$KEYCHAIN_PW" build.keychain
security default-keychain -s build.keychain
security unlock-keychain -p "$KEYCHAIN_PW" build.keychain
echo $CERT_B64 | base64 --decode > cert.p12
security import cert.p12 -k build.keychain -P "$CERT_PW" -T /usr/bin/codesign
security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k "$KEYCHAIN_PW" build.keychain
/usr/bin/codesign --deep --force --options=runtime --entitlements ../entitlements.plist --sign "$CERT_NAME" --timestamp "PlaySK Piano Roll Reader.app/"
- name: Mac arm/x64, notarize app
if: startsWith( matrix.os, 'mac' )
env:
NOTARY_APPLE_ID: ${{ secrets.NOTARY_APPLE_ID }}
NOTARY_TEAM_ID: ${{ secrets.NOTARY_TEAM_ID }}
NOTARY_PW: ${{ secrets.NOTARY_PW }}
run: |
pushd dist
mkdir to_notarize
mv "PlaySK Piano Roll Reader.app" playsk_config to_notarize/
ditto -c -k -rsrc --keepParent to_notarize archive.zip
xcrun notarytool store-credentials "notary_profile" --apple-id "$NOTARY_APPLE_ID" --team-id "$NOTARY_TEAM_ID" --password "$NOTARY_PW"
xcrun notarytool submit archive.zip --keychain-profile "notary_profile" --wait
mv to_notarize/* .
rm -rf to_notarize archive.zip
xcrun stapler staple "PlaySK Piano Roll Reader.app"
- name: Mac arm/x64, create dmg installer and collect release files
if: startsWith( matrix.os, 'mac' )
run: |
pushd dist
brew install create-dmg
test -f PlaySK-Installer.dmg && rm PlaySK-Installer.dmg
create-dmg --volname "PlaySK Installer" --background ../assets/dmg-bg.tiff --window-pos 200 120 --window-size 800 500 --icon-size 100 --icon "PlaySK Piano Roll Reader.app" 100 100 --add-file "playsk_config" playsk_config 100 300 --hide-extension "PlaySK Piano Roll Reader.app" --app-drop-link 600 200 "PlaySK-Installer.dmg" "PlaySK Piano Roll Reader.app"
popd
mv dist/PlaySK-Installer.dmg "dist/How to use Mac.png" dist/3rd-party-license.txt .
zip -qr ${{ matrix.zip_name }} sample_scans/ PlaySK-Installer.dmg "How to use Mac.png" "3rd-party-license.txt"
- uses: actions/upload-artifact@v4
with:
name: ${{ matrix.zip_name }}
path: ${{ matrix.zip_name }}
release:
needs: build
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- name: Download artifacts
uses: actions/download-artifact@v4
with:
path: assets
- name: Display structure of downloaded files
run: ls -la assets/
# currently no solution for double zipped
- name: create release
uses: softprops/action-gh-release@v1
with:
draft: true
files: ./assets/*/*