-
Notifications
You must be signed in to change notification settings - Fork 8
289 lines (243 loc) · 10.7 KB
/
build-hammer.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
name: Build Hammer
on:
push:
branches: [main]
pull_request_target:
workflow_dispatch:
jobs:
build:
name: ${{matrix.buildname}}
runs-on: ${{matrix.os}}
strategy:
fail-fast: false
matrix:
include:
- os: ubuntu-20.04
# name to show in the logs
buildname: 'linux'
# qml.net version to use from https://github.com/qmlnet/qt-runtimes/releases/tag/releases
qt-version: '5.15.1-7fc8b10'
# .NET platform identifier
dotnet-platform: 'linux-x64'
# .NET platform version:
dotnet-version: 'net5.0'
# resulting zip or executable name
deployment-platform: 'linux'
- os: macos-10.15
buildname: 'macos'
qt-version: '5.15.1-7fc8b10'
dotnet-platform: 'osx-x64'
dotnet-version: 'net5.0'
deployment-platform: 'macos'
- os: windows-2019
buildname: 'windows'
qt-version: '5.15.1-7fc8b10'
dotnet-platform: 'win-x64'
dotnet-version: 'net5.0'
deployment-platform: 'windows'
env:
DOTNET_CLI_TELEMETRY_OPTOUT: true
DOTNET_NOLOGO: true
steps:
- name: Checkout source code
uses: actions/checkout@v3
- name: Restore maven cache
uses: actions/[email protected]
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
- name: Setup .NET Core SDK
uses: actions/[email protected]
with:
dotnet-version: 5.0.x
- name: Clone Java validator
run: git clone --depth 1 --shallow-submodules https://github.com/health-validator/org.hl7.fhir.core
# build Java first as it's needed by .NET for copying into the publish folder
- name: Build Java validator
shell: bash
run: |
cd org.hl7.fhir.core
echo "Git revision of the validator code: $(git rev-parse HEAD)"
mvn package -Dmaven.test.skip=true --projects org.hl7.fhir.validation.cli --no-transfer-progress
mv org.hl7.fhir.validation.cli/target/org.hl7.fhir.validation.cli*-SNAPSHOT.jar $GITHUB_WORKSPACE/org.hl7.fhir.validator.jar
# validate Java validator works
cd $GITHUB_WORKSPACE
java -jar org.hl7.fhir.validator.jar
- name: (Linux) Build Hammer
if: runner.os == 'Linux'
run: |
sed -i 's|// import appmodel 1.0|import appmodel 1.0|g' Main.qml
dotnet publish --configuration Release --runtime ${{matrix.dotnet-platform}}
- name: (macOS) Build Hammer
if: runner.os == 'macOS'
run: |
sed -i '' 's|// import appmodel 1.0|import appmodel 1.0|g' Main.qml
dotnet restore --runtime=osx-x64
dotnet msbuild -p:Configuration=Release -t:BundleApp -p:RuntimeIdentifier=osx-x64 -p:UseAppHost=true
- name: (Windows) Build Hammer
if: runner.os == 'Windows'
run: |
sed -i 's|// import appmodel 1.0|import appmodel 1.0|g' Main.qml
dotnet publish --configuration Release --runtime ${{matrix.dotnet-platform}}
- name: (Windows) Trim createdump
if: runner.os == 'Windows'
shell: bash
run: |
# remove createdump.exe as it's not necessary
jqi() {
cat <<< "$(jq "$1" < "$2")" > "$2"
}
jqi "del(..|.\"createdump.exe\"?)" bin/Release/${{matrix.dotnet-version}}/${{matrix.dotnet-platform}}/publish/Hammer.deps.json
rm -f bin/Release/${{matrix.dotnet-version}}/${{matrix.dotnet-platform}}/publish/createdump.exe
- name: Download runtime
shell: bash
run: |
curl --location --output qt-runtime.tar.gz https://github.com/qmlnet/qt-runtimes/releases/download/releases/qt-${{matrix.qt-version}}-${{matrix.dotnet-platform}}-runtime.tar.gz
- name: (macOS) Extract runtime
shell: bash
if: runner.os == 'macOS'
run: |
mkdir -p bin/Release/${{matrix.dotnet-version}}/${{matrix.dotnet-platform}}/publish/Hammer.app/Contents/MacOS/qt-runtime
tar -xf qt-runtime.tar.gz -C bin/Release/${{matrix.dotnet-version}}/${{matrix.dotnet-platform}}/publish/Hammer.app/Contents/MacOS/qt-runtime
# trim unnecessary Tools folder (containing only Conan support)
rm -rf bin/Release/${{matrix.dotnet-version}}/${{matrix.dotnet-platform}}/publish/Hammer.app/Contents/MacOS/qt-runtime/Tools
# clean up the publish folder, leaving the .app only
cd bin/Release/${{matrix.dotnet-version}}/${{matrix.dotnet-platform}}/publish
mv Hammer.app /tmp/Hammer.app
rm -rf *
cp -r /tmp/Hammer.app .
- name: (Windows/Linux) Extract runtime
shell: bash
if: runner.os == 'Windows' || runner.os == 'Linux'
run: |
mkdir -p bin/Release/${{matrix.dotnet-version}}/${{matrix.dotnet-platform}}/publish/qt-runtime
tar -xf qt-runtime.tar.gz -C bin/Release/${{matrix.dotnet-version}}/${{matrix.dotnet-platform}}/publish/qt-runtime
- name: (macOS) Generate dmg & sign the app
shell: bash
if: runner.os == 'macOS'
env:
MACOS_SIGNING_PASS: ${{secrets.MACOS_SIGNING_PASS}}
AC_USERNAME: ${{secrets.APPLE_USERNAME}}
AC_PASSWORD: ${{secrets.APPLE_PASSWORD}}
run: |
brew install mitchellh/gon/gon
KEYCHAIN=build.keychain
security create-keychain -p travis $KEYCHAIN
security default-keychain -s $KEYCHAIN
security unlock-keychain -p travis $KEYCHAIN
security set-keychain-settings -t 3600 -u $KEYCHAIN
security import assets/code-signing-certificate-macos.p12 -k $KEYCHAIN -P "$MACOS_SIGNING_PASS" -T /usr/bin/codesign
security set-key-partition-list -S apple-tool:,apple: -s -k travis $KEYCHAIN
export IDENTITY="Developer ID Application"
echo "Imported identity:"
security find-identity
echo "----"
npm install -g appdmg
cd bin/Release/${{matrix.dotnet-version}}/${{matrix.dotnet-platform}}/publish
cp -r $GITHUB_WORKSPACE/assets/hammer-appdmg.json .
cp -r $GITHUB_WORKSPACE/assets/hammer-logo.icns .
# Fix up QmlModel.2 folder which codesign does not like
pip3 install macholib
# python3 $GITHUB_WORKSPACE/assets/fix_app_qt_folder_names_for_codesign.py "Hammer.app"
# codesign --deep --force -o runtime --sign "$IDENTITY" "Hammer.app"
# deep isn't really deep; sign everything inside as well
# find Hammer.app | parallel 'codesign --deep --force -o runtime --sign "$IDENTITY" {}'
# appdmg hammer-appdmg.json Hammer.dmg
# codesign --deep --force -o runtime --sign "$IDENTITY" "Hammer.dmg"
# echo "Signed final .dmg"
cat << EOF > gon.json
{
"notarize": [{
"path": "./Hammer.dmg",
"bundle_id": "healthcare.hammer",
"staple": true
}]
}
EOF
# gon gon.json
# security delete-keychain $KEYCHAIN
- name: (Windows) Sign executables
shell: powershell
if: runner.os == 'Windows' && env.WINDOWS_CODE_SIGNING != null
env:
WINDOWS_CODE_SIGNING: ${{secrets.WINDOWS_CODE_SIGNING}}
WORKSPACEGIT: ${{runner.workspace}}\Hammer
run: |
$env:path += ";${env:ProgramFiles(x86)}\Windows Kits\10\bin\x64"
Get-ChildItem "bin/Release/${{matrix.dotnet-version}}/${{matrix.dotnet-platform}}/publish/" -Filter *.dll -Recurse |
Foreach-Object {
echo "Signing $($_.FullName)..."
# tried paths with \ for /f, didn't work
signtool.exe sign /a /f $env:WORKSPACEGIT/assets/code-signing-certificate-windows.p12 /p $env:WINDOWS_CODE_SIGNING /fd sha256 /tr http://timestamp.digicert.com /td sha256 "$($_.FullName)"
}
Get-ChildItem "bin/Release/${{matrix.dotnet-version}}/${{matrix.dotnet-platform}}/publish/" -Filter *.exe -Recurse |
Foreach-Object {
echo "Signing $($_.FullName)..."
signtool.exe sign /a /f $env:WORKSPACEGIT/assets/code-signing-certificate-windows.p12 /p $env:WINDOWS_CODE_SIGNING /fd sha256 /tr http://timestamp.digicert.com /td sha256 "$($_.FullName)"
}
- name: Zip up artifact
shell: bash
run: cd bin/Release/${{matrix.dotnet-version}}/${{matrix.dotnet-platform}}/publish/ && 7z a -tzip $GITHUB_WORKSPACE/publish/Hammer-${{matrix.deployment-platform}}.zip
- name: Upload as a Github artifact
uses: actions/upload-artifact@v3
with:
name: hammer-${{matrix.buildname}}
path: publish/*
# We only need to run this on one OS - so run it on the quickest one
- name: (Linux) Publish pre-release to nuget
if: runner.os == 'Linux' && github.ref == 'refs/heads/main'
env:
NUGET_API_KEY: ${{secrets.NUGET_API_KEY}}
shell: bash
run: |
sed -i -r 's|<Version>(.+?)<\/Version>|<Version>\1-rc${{github.run_number}}</Version>|g' Hammer.csproj
sed -i 's|<PackageId>Hammer</PackageId>|<PackageId>Hammer.TestVersion</PackageId>|g' Hammer.csproj
dotnet pack
dotnet nuget push nupkg/Hammer.*.nupkg --skip-duplicate --api-key ${{env.NUGET_API_KEY}} --source https://api.nuget.org/v3/index.json
upload_artifacts:
name: Upload to pre-release
runs-on: ubuntu-20.04
needs: build
if: github.event_name == 'push'
steps:
- uses: actions/download-artifact@v3
with:
path: artifacts
- name: Deploy to a preview link
uses: marvinpinto/[email protected]
with:
repo_token: ${{secrets.GITHUB_TOKEN}}
prerelease: true
automatic_release_tag: preview
title: Latest in-development build
files: |
artifacts/hammer-linux/Hammer-linux.zip
artifacts/hammer-windows/Hammer-windows.zip
artifacts/hammer-macos/Hammer-macos.zip
validate_examples_metadata:
name: Validate examples metadata file
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 2
- name: Check if metadata or schema have changed
id: changed-files-specific
uses: tj-actions/[email protected]
with:
files: |
assets/examples/.metadata.schema.json
assets/examples/metadata.json
- name: Set up npm
if: steps.changed-files-specific.outputs.any_changed == 'true'
uses: actions/[email protected]
with:
node-version: 12
- name: Install ajv
if: steps.changed-files-specific.outputs.any_changed == 'true'
run: npm install -g ajv-cli
- name: Validate metadata
if: steps.changed-files-specific.outputs.any_changed == 'true'
run: ajv -s assets/examples/.metadata.schema.json -d assets/examples/metadata.json