kopia lustrzana https://github.com/inkstitch/inkstitch
175 wiersze
7.8 KiB
Plaintext
175 wiersze
7.8 KiB
Plaintext
VERSION="${VERSION:-$(echo ${GITHUB_REF} | sed -e 's|refs/heads/||' -e 's|refs/tags/||' -e 's|/|-|g')}"
|
|
OS="${BUILD:-$(uname)}"
|
|
ARCH="$(uname -m)"
|
|
mkdir artifacts
|
|
|
|
if [ "$BUILD" = "osx" ]; then
|
|
cp -a icons locales print LICENSE VERSION images/examples palettes symbols fonts tiles dbus inx dist/inkstitch.app/Contents/Resources
|
|
# adding version to Info.plist
|
|
plutil -replace CFBundleShortVersionString -string ${VERSION} dist/inkstitch.app/Contents/Info.plist
|
|
rm -rf dist/inkstitch/
|
|
# Install location for pkgbuild
|
|
PKG_INSTALL_PATH="/tmp/inkstitch/"
|
|
# Checking arch of macos and setting path of electron for arm64 or intel
|
|
echo "Checking for macOS arch."
|
|
if [ "${ARCH}" = "arm64" ]; then
|
|
ELECTRON_BUILD_PATH="electron/build/mac-arm64"
|
|
echo "found arm64"
|
|
else
|
|
ELECTRON_BUILD_PATH="electron/build/mac"
|
|
echo "found intel"
|
|
fi
|
|
# inside the scripts folder are:
|
|
# - preinstaller (checks for previously installed inkstitch and deletes it, Inkscape check with error message) and
|
|
# - postinstaller (moves inkstitch folder from /tmp to user Inkscape extensions folder in $HOME)
|
|
# The postinstaller is a workaround for a proper way to install in user $HOME space
|
|
|
|
# Build on GitHub will be handled differently from local builds.
|
|
# Local builds will not be signed nor notarized. They are run to produce releases for legacy versions of macOS.
|
|
# Notarization for development branches can be forced with this variable set to true
|
|
NOTARIZE_DEVELOPMENT_BUILDS=false
|
|
|
|
if [[ ! -z "${GITHUB_REF}" ]]; then
|
|
# This code signs and notarize the inkstitch.app
|
|
DEV_IDENT="Developer ID Application: Lex Neva (929A568N58)"
|
|
echo "Signing of inkstitch.app"
|
|
# Coyping inkstitch-gui.app into inkstitch
|
|
ditto "${ELECTRON_BUILD_PATH}" dist/inkstitch.app/Contents/Frameworks/electron
|
|
# signing the binary may fix notary issue
|
|
/usr/bin/codesign -s "${DEV_IDENT}" \
|
|
--deep \
|
|
--force \
|
|
--entitlements installer_scripts/entitlements.plist \
|
|
-o runtime \
|
|
--timestamp \
|
|
dist/inkstitch.app/Contents/MacOS/inkstitch -v
|
|
# last signing before packaging
|
|
/usr/bin/codesign -s "${DEV_IDENT}" \
|
|
--deep \
|
|
--force \
|
|
--entitlements installer_scripts/entitlements.plist \
|
|
-o runtime \
|
|
--timestamp \
|
|
dist/inkstitch.app -v
|
|
echo "Running pkgbuild"
|
|
INSTALLER_IDENT="Developer ID Installer: Lex Neva (929A568N58)"
|
|
/usr/bin/pkgbuild --root dist/inkstitch.app \
|
|
-s "${INSTALLER_IDENT}" \
|
|
--component-plist installer_scripts/inkstitch.plist \
|
|
--ownership recommended \
|
|
--identifier org.inkstitch.installer \
|
|
--version ${VERSION} \
|
|
--scripts installer_scripts/scripts \
|
|
--install-location ${PKG_INSTALL_PATH}inkstitch.app \
|
|
artifacts/inkstitch-${VERSION}-${OS}.pkg
|
|
if [[ "${GITHUB_REF}" =~ ^refs/tags/v[0-9.]+$ || $NOTARIZE_DEVELOPMENT_BUILDS == true ]]; then
|
|
echo "Notary starting"
|
|
echo "Adding keychain item for notarytool"
|
|
xcrun notarytool store-credentials "inkstitch-profile" \
|
|
--apple-id "${NOTARY_ACCOUNT}" \
|
|
--team-id '929A568N58' \
|
|
--password "${NOTARY_PASSWORD}"
|
|
echo "Invoking notary process"
|
|
xcrun notarytool submit -f json --wait \
|
|
--keychain-profile "inkstitch-profile" \
|
|
artifacts/inkstitch-${VERSION}-${OS}.pkg 2>&1 | tee /tmp/notarization_info.json
|
|
echo "Stapling the pkg for release"
|
|
xcrun stapler staple artifacts/inkstitch-${VERSION}-${OS}.pkg
|
|
echo "Fetching the Notary Log"
|
|
# code snippet is from https://github.com/ddev/signing_tools/blob/master/macos_notarize.sh
|
|
status=$(jq -r .status </tmp/notarization_info.json)
|
|
id=$(jq -r .id </tmp/notarization_info.json)
|
|
echo "status=${status} id=${id}"
|
|
xcrun notarytool log --apple-id "${NOTARY_ACCOUNT}" --team-id '929A568N58' --password "${NOTARY_PASSWORD}" ${id} -f json >/tmp/notarization_log.json
|
|
issues=$(jq -r .issues </tmp/notarization_log.json)
|
|
if [ "$issues" != "null" ]; then
|
|
printf "There are issues with the notarization (${issues})\n"
|
|
printf "=== Log output === \n$(cat /tmp/notarization_log.json)\n"
|
|
exit 7;
|
|
fi;
|
|
fi
|
|
else
|
|
# local builds will not be signed or notarized
|
|
cp -a "${ELECTRON_BUILD_PATH}" dist/inkstitch.app/Contents/Frameworks/electron
|
|
pkgbuild --root dist/inkstitch.app \
|
|
--component-plist installer_scripts/inkstitch.plist \
|
|
--ownership recommended \
|
|
--identifier org.inkstitch.installer \
|
|
--version ${VERSION} \
|
|
--scripts installer_scripts/scripts \
|
|
--install-location ${PKG_INSTALL_PATH}inkstitch.app \
|
|
artifacts/inkstitch-${VERSION}-${OS}.pkg
|
|
fi
|
|
# Creating the zip for Drag n' Drop install
|
|
cd dist
|
|
7z a ../artifacts/inkstitch-${VERSION}-${OS}.zip *
|
|
cd ..
|
|
else
|
|
cp -a images/examples palettes symbols fonts tiles dbus inx LICENSE VERSION dist/inkstitch
|
|
cp -a icons locales print dist/inkstitch/bin
|
|
cp -a electron/build/*-unpacked dist/inkstitch/electron
|
|
fi
|
|
|
|
if [ "$BUILD" = "windows" ]; then
|
|
# build the installer locally
|
|
# remotely it will be called through build.yml after signing
|
|
if [[ -z "${GITHUB_REF}" ]]; then
|
|
bash bin/build-windows-installer
|
|
fi
|
|
fi
|
|
|
|
if [ "$BUILD" = "linux" ]; then
|
|
gem install fpm
|
|
|
|
if [[ "$VERSION" =~ ^v[0-9][.0-9]+$ ]]; then
|
|
VERSION=${VERSION#v}
|
|
else
|
|
# dpkg requires versions to start with a number, so we have to add
|
|
# 0.0.1 for development builds
|
|
VERSION="0.0.1-${VERSION}"
|
|
fi
|
|
|
|
echo -n "$INKSTITCH_GPG_KEY" | base64 -d | gpg --import
|
|
cat <<EOF > $HOME/.rpmmacros
|
|
%_gpg_name EA93BCE2CCD0FB2E77B2CC29E8120E50709E5C44
|
|
%_signature gpg
|
|
EOF
|
|
|
|
deb_version="$(sed -E 's/[^a-zA-Z0-9.+]/./g' <<< "$VERSION")"
|
|
fpm -s dir \
|
|
-t deb \
|
|
-n inkstitch \
|
|
-v "$deb_version" \
|
|
-d "inkscape >= 1.0.0" \
|
|
--deb-compression xz \
|
|
--license "GPL-3.0" \
|
|
--description "An open-source machine embroidery design platform based on Inkscape" \
|
|
--url "https://inkstitch.org" \
|
|
--maintainer "maintainer@inkstitch.org" \
|
|
--after-install bin/after-install \
|
|
--before-remove bin/before-remove \
|
|
--verbose \
|
|
dist/inkstitch=/opt
|
|
|
|
fpm -s dir \
|
|
-t rpm \
|
|
-n inkstitch \
|
|
-v "$VERSION" \
|
|
-d "inkscape >= 1.0.0" \
|
|
--rpm-compression xz \
|
|
--license "GPL-3.0" \
|
|
--description "An open-source machine embroidery design platform based on Inkscape" \
|
|
--url "https://inkstitch.org" \
|
|
--maintainer "maintainer@inkstitch.org" \
|
|
--after-install bin/after-install \
|
|
--before-remove bin/before-remove \
|
|
--verbose \
|
|
dist/inkstitch=/opt
|
|
|
|
rpmsign --addsign inkstitch*.rpm
|
|
mv inkstitch*.deb inkstitch*.rpm artifacts/
|
|
|
|
tar -C dist -Jcf artifacts/inkstitch-${VERSION}-${OS}.tar.xz inkstitch
|
|
cat "$(dirname "$0")/linux-sh-installer" artifacts/inkstitch-${VERSION}-${OS}.tar.xz > artifacts/inkstitch-${VERSION}-${OS}.sh
|
|
fi
|