xinyin025/jcefbuild
1
0
Fork 0
mirror of https://github.com/jcefmaven/jcefbuild.git synced 2025-09-17 21:06:38 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

Finalize script and apply to all workflows

Browse Source
This commit is contained in:
FriwiDev 2022-02-25 16:36:33 +01:00
parent 7d912fc419
commit 3a563f21b4
4 changed files with 29 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
.github/workflows/build-all.yml vendored
View File

@ -247,6 +247,8 @@ jobs:
BUILD_CERTIFICATE_BASE64: ${{ secrets.APPLE_BUILD_CERTIFICATE_BASE64 }} BUILD_CERTIFICATE_BASE64: ${{ secrets.APPLE_BUILD_CERTIFICATE_BASE64 }}
P12_PASSWORD: ${{ secrets.APPLE_P12_PASSWORD }} P12_PASSWORD: ${{ secrets.APPLE_P12_PASSWORD }}
KEYCHAIN_PASSWORD: ${{ secrets.APPLE_KEYCHAIN_PASSWORD }} KEYCHAIN_PASSWORD: ${{ secrets.APPLE_KEYCHAIN_PASSWORD }}
APPLE_API_KEY_BASE64: ${{ secrets.APPLE_API_KEY_BASE64 }}
APPLE_API_KEY_NAME: ${{ secrets.APPLE_API_KEY_NAME }}
run: | run: |
# create variables # create variables
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12 CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
@ -263,15 +265,20 @@ jobs:
# import certificate to keychain # import certificate to keychain
security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH -T /usr/bin/codesign security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH -T /usr/bin/codesign
security list-keychain -d user -s $KEYCHAIN_PATH security list-keychain -d user -s $KEYCHAIN_PATH
# import api key from secrets
mkdir "${HOME}/private_keys"
echo -n "$APPLE_API_KEY_BASE64" | base64 --decode --output "${HOME}/private_keys/AuthKey_$APPLE_API_KEY_NAME.p8"
- -
name: Build name: Build
run: | run: |
chmod +x compile_macosx.sh chmod +x compile_macosx.sh
./compile_macosx.sh amd64 Release ${{ github.event.inputs.repo }} ${{ github.event.inputs.ref }} "${{ secrets.APPLE_BUILD_CERTIFICATE_NAME }}" ./compile_macosx.sh amd64 Release ${{ github.event.inputs.repo }} ${{ github.event.inputs.ref }} "${{ secrets.APPLE_BUILD_CERTIFICATE_NAME }}" ${{ secrets.APPLE_TEAM_NAME }} ${{ secrets.APPLE_API_KEY_NAME }} ${{ secrets.APPLE_API_KEY_ISSUER }}
- name: Clean up keychain - name: Clean up keychain
if: ${{ always() }} if: ${{ always() }}
run: | run: |
security delete-keychain $RUNNER_TEMP/app-signing.keychain-db security delete-keychain $RUNNER_TEMP/app-signing.keychain-db
rm -rf "${HOME}/private_keys"
- name: Export distribution - name: Export distribution
uses: actions/upload-release-asset@v1 uses: actions/upload-release-asset@v1
env: env:
@ -307,6 +314,8 @@ jobs:
BUILD_CERTIFICATE_BASE64: ${{ secrets.APPLE_BUILD_CERTIFICATE_BASE64 }} BUILD_CERTIFICATE_BASE64: ${{ secrets.APPLE_BUILD_CERTIFICATE_BASE64 }}
P12_PASSWORD: ${{ secrets.APPLE_P12_PASSWORD }} P12_PASSWORD: ${{ secrets.APPLE_P12_PASSWORD }}
KEYCHAIN_PASSWORD: ${{ secrets.APPLE_KEYCHAIN_PASSWORD }} KEYCHAIN_PASSWORD: ${{ secrets.APPLE_KEYCHAIN_PASSWORD }}
APPLE_API_KEY_BASE64: ${{ secrets.APPLE_API_KEY_BASE64 }}
APPLE_API_KEY_NAME: ${{ secrets.APPLE_API_KEY_NAME }}
run: | run: |
# create variables # create variables
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12 CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
@ -323,15 +332,20 @@ jobs:
# import certificate to keychain # import certificate to keychain
security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH -T /usr/bin/codesign security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH -T /usr/bin/codesign
security list-keychain -d user -s $KEYCHAIN_PATH security list-keychain -d user -s $KEYCHAIN_PATH
# import api key from secrets
mkdir "${HOME}/private_keys"
echo -n "$APPLE_API_KEY_BASE64" | base64 --decode --output "${HOME}/private_keys/AuthKey_$APPLE_API_KEY_NAME.p8"
- -
name: Build name: Build
run: | run: |
chmod +x compile_macosx.sh chmod +x compile_macosx.sh
./compile_macosx.sh arm64 Release ${{ github.event.inputs.repo }} ${{ github.event.inputs.ref }} "${{ secrets.APPLE_BUILD_CERTIFICATE_NAME }}" ./compile_macosx.sh arm64 Release ${{ github.event.inputs.repo }} ${{ github.event.inputs.ref }} "${{ secrets.APPLE_BUILD_CERTIFICATE_NAME }}" ${{ secrets.APPLE_TEAM_NAME }} ${{ secrets.APPLE_API_KEY_NAME }} ${{ secrets.APPLE_API_KEY_ISSUER }}
- name: Clean up keychain - name: Clean up keychain
if: ${{ always() }} if: ${{ always() }}
run: | run: |
security delete-keychain $RUNNER_TEMP/app-signing.keychain-db security delete-keychain $RUNNER_TEMP/app-signing.keychain-db
rm -rf "${HOME}/private_keys"
- name: Export distribution - name: Export distribution
uses: actions/upload-release-asset@v1 uses: actions/upload-release-asset@v1
env: env:

9
.github/workflows/build-macosx-arm64.yml vendored
View File

@ -27,6 +27,8 @@ jobs:
BUILD_CERTIFICATE_BASE64: ${{ secrets.APPLE_BUILD_CERTIFICATE_BASE64 }} BUILD_CERTIFICATE_BASE64: ${{ secrets.APPLE_BUILD_CERTIFICATE_BASE64 }}
P12_PASSWORD: ${{ secrets.APPLE_P12_PASSWORD }} P12_PASSWORD: ${{ secrets.APPLE_P12_PASSWORD }}
KEYCHAIN_PASSWORD: ${{ secrets.APPLE_KEYCHAIN_PASSWORD }} KEYCHAIN_PASSWORD: ${{ secrets.APPLE_KEYCHAIN_PASSWORD }}
APPLE_API_KEY_BASE64: ${{ secrets.APPLE_API_KEY_BASE64 }}
APPLE_API_KEY_NAME: ${{ secrets.APPLE_API_KEY_NAME }}
run: | run: |
# create variables # create variables
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12 CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
@ -43,15 +45,20 @@ jobs:
# import certificate to keychain # import certificate to keychain
security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH -T /usr/bin/codesign security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH -T /usr/bin/codesign
security list-keychain -d user -s $KEYCHAIN_PATH security list-keychain -d user -s $KEYCHAIN_PATH
# import api key from secrets
mkdir "${HOME}/private_keys"
echo -n "$APPLE_API_KEY_BASE64" | base64 --decode --output "${HOME}/private_keys/AuthKey_$APPLE_API_KEY_NAME.p8"
- -
name: Build name: Build
run: | run: |
chmod +x compile_macosx.sh chmod +x compile_macosx.sh
./compile_macosx.sh arm64 Release ${{ github.event.inputs.repo }} ${{ github.event.inputs.ref }} "${{ secrets.APPLE_BUILD_CERTIFICATE_NAME }}" ./compile_macosx.sh arm64 Release ${{ github.event.inputs.repo }} ${{ github.event.inputs.ref }} "${{ secrets.APPLE_BUILD_CERTIFICATE_NAME }}" ${{ secrets.APPLE_TEAM_NAME }} ${{ secrets.APPLE_API_KEY_NAME }} ${{ secrets.APPLE_API_KEY_ISSUER }}
- name: Clean up keychain - name: Clean up keychain
if: ${{ always() }} if: ${{ always() }}
run: | run: |
security delete-keychain $RUNNER_TEMP/app-signing.keychain-db security delete-keychain $RUNNER_TEMP/app-signing.keychain-db
rm -rf "${HOME}/private_keys"
- -
name: Export artifacts name: Export artifacts
uses: actions/upload-artifact@v2 uses: actions/upload-artifact@v2

1
macosx_codesign.sh
View File

@ -28,7 +28,6 @@ chmod +x macosx_notarize.sh
echo "Signing helpers..." echo "Signing helpers..."
codesign --force --options runtime --entitlements "$ENTITLEMENTS_HELPER" --sign "$2" --timestamp --verbose "$APP_DIR/$APP_NAME/$FRAMEWORKS_DIR/jcef Helper.app" codesign --force --options runtime --entitlements "$ENTITLEMENTS_HELPER" --sign "$2" --timestamp --verbose "$APP_DIR/$APP_NAME/$FRAMEWORKS_DIR/jcef Helper.app"
bash macosx_notarize.sh "$APP_DIR/$APP_NAME/$FRAMEWORKS_DIR/jcef Helper.app" "$2" $3 org.jcef.jcef.helper $4 $5 bash macosx_notarize.sh "$APP_DIR/$APP_NAME/$FRAMEWORKS_DIR/jcef Helper.app" "$2" $3 org.jcef.jcef.helper $4 $5
exit 1
codesign --force --options runtime --entitlements "$ENTITLEMENTS_HELPER" --sign "$2" --timestamp --verbose "$APP_DIR/$APP_NAME/$FRAMEWORKS_DIR/jcef Helper (GPU).app" codesign --force --options runtime --entitlements "$ENTITLEMENTS_HELPER" --sign "$2" --timestamp --verbose "$APP_DIR/$APP_NAME/$FRAMEWORKS_DIR/jcef Helper (GPU).app"
bash macosx_notarize.sh "$APP_DIR/$APP_NAME/$FRAMEWORKS_DIR/jcef Helper (GPU).app" "$2" $3 org.jcef.jcef.helper.gpu $4 $5 bash macosx_notarize.sh "$APP_DIR/$APP_NAME/$FRAMEWORKS_DIR/jcef Helper (GPU).app" "$2" $3 org.jcef.jcef.helper.gpu $4 $5
codesign --force --options runtime --entitlements "$ENTITLEMENTS_HELPER" --sign "$2" --timestamp --verbose "$APP_DIR/$APP_NAME/$FRAMEWORKS_DIR/jcef Helper (Plugin).app" codesign --force --options runtime --entitlements "$ENTITLEMENTS_HELPER" --sign "$2" --timestamp --verbose "$APP_DIR/$APP_NAME/$FRAMEWORKS_DIR/jcef Helper (Plugin).app"

10
macosx_notarize.sh
View File

@ -36,9 +36,12 @@ requestUUID=$(xcrun altool --notarize-app \
--file "$1.zip" 2>&1 \ --file "$1.zip" 2>&1 \
| awk '/RequestUUID/ { print $NF; }') | awk '/RequestUUID/ { print $NF; }')
# --asc-provider "$3" \ # --asc-provider "$3" \
echo "Notarization RequestUUID: $requestUUID" echo "Notarization RequestUUID: $requestUUID"
# clean up zip
rm -f "$APP_NAME.zip"
if [[ $requestUUID == "" ]]; then if [[ $requestUUID == "" ]]; then
echo "Could not upload for notarization" echo "Could not upload for notarization"
exit 1 exit 1
@ -48,7 +51,7 @@ fi
request_status="in progress" request_status="in progress"
while [[ "$request_status" == "in progress" ]]; do while [[ "$request_status" == "in progress" ]]; do
echo -n "waiting... " echo -n "waiting... "
sleep 10 sleep 60
request_status=$(xcrun altool --notarization-info "$requestUUID" \ request_status=$(xcrun altool --notarization-info "$requestUUID" \
--apiKey "$5" \ --apiKey "$5" \
--apiIssuer "$6" 2>&1 \ --apiIssuer "$6" 2>&1 \
@ -70,7 +73,4 @@ fi
# staple # staple
xcrun stapler staple "$1" xcrun stapler staple "$1"
# clean up
rm -f "$APP_NAME.zip"
echo "##########################################################" echo "##########################################################"