mirror
/
inkstitch
kopia lustrzana https://github.com/inkstitch/inkstitch
1
0
Forkuj 0
Kod Zgłoszenia Projekty Wydania Wiki Aktywność
inkstitch/bin/build-distribution-archives

159 wiersze
7.1 KiB
Plaintext
Czysty Wina Historia

VERSION="${VERSION:-$(echo ${GITHUB_REF} | sed -e 's|refs/heads/||' -e 's|refs/tags/||' -e 's|/|-|g')}"
OS="${BUILD:-$(uname)}"
ARCH="$(uname -m)"
mkdir artifacts
if [ "$BUILD" = "osx" ]; then
cp -a icons locales print LICENSE VERSION palettes symbols fonts tiles dbus inx dist/inkstitch.app/Contents/Resources
# adding version to Info.plist
plutil -replace CFBundleShortVersionString -string ${VERSION} dist/inkstitch.app/Contents/Info.plist
rm -rf dist/inkstitch/
# Install location for pkgbuild
PKG_INSTALL_PATH="/tmp/inkstitch/"
# inside the scripts folder are:
# - preinstaller (checks for previously installed inkstitch and deletes it, Inkscape check with error message) and
# - postinstaller (moves inkstitch folder from /tmp to user Inkscape extensions folder in $HOME)
# The postinstaller is a workaround for a proper way to install in user $HOME space
# Build on GitHub will be handled differently from local builds.
# Local builds will not be signed nor notarized. They are run to produce releases for legacy versions of macOS.
# Notarization for development branches can be forced with this variable set to true
NOTARIZE_DEVELOPMENT_BUILDS=false
if [[ ! -z "${GITHUB_REF}" ]]; then
# This code signs and notarize the inkstitch.app
DEV_IDENT="Developer ID Application: Lex Neva (929A568N58)"
echo "Signing of inkstitch.app"
# signing the binary may fix notary issue
/usr/bin/codesign -s "${DEV_IDENT}" \
--deep \
--force \
--entitlements installer_scripts/entitlements.plist \
-o runtime \
--timestamp \
dist/inkstitch.app/Contents/MacOS/inkstitch -v
# last signing before packaging
/usr/bin/codesign -s "${DEV_IDENT}" \
--deep \
--force \
--entitlements installer_scripts/entitlements.plist \
-o runtime \
--timestamp \
dist/inkstitch.app -v
echo "Running pkgbuild"
INSTALLER_IDENT="Developer ID Installer: Lex Neva (929A568N58)"
/usr/bin/pkgbuild --root dist/inkstitch.app \
-s "${INSTALLER_IDENT}" \
--ownership recommended \
--identifier org.inkstitch.installer \
--version ${VERSION} \
--scripts installer_scripts/scripts \
--install-location ${PKG_INSTALL_PATH}inkstitch.app \
artifacts/inkstitch-${VERSION}-${OS}-${ARCH}.pkg
if [[ "${GITHUB_REF}" =~ ^refs/tags/v[0-9.]+$ || $NOTARIZE_DEVELOPMENT_BUILDS == true ]]; then
echo "Notary starting"
echo "Adding keychain item for notarytool"
xcrun notarytool store-credentials "inkstitch-profile" \
--apple-id "${NOTARY_ACCOUNT}" \
--team-id '929A568N58' \
--password "${NOTARY_PASSWORD}"
echo "Invoking notary process"
xcrun notarytool submit -f json --wait \
--keychain-profile "inkstitch-profile" \
artifacts/inkstitch-${VERSION}-${OS}-${ARCH}.pkg 2>&1 | tee /tmp/notarization_info.json
echo "Stapling the pkg for release"
xcrun stapler staple artifacts/inkstitch-${VERSION}-${OS}-${ARCH}.pkg
echo "Fetching the Notary Log"
# code snippet is from https://github.com/ddev/signing_tools/blob/master/macos_notarize.sh
status=$(jq -r .status </tmp/notarization_info.json)
id=$(jq -r .id </tmp/notarization_info.json)
echo "status=${status} id=${id}"
xcrun notarytool log --apple-id "${NOTARY_ACCOUNT}" --team-id '929A568N58' --password "${NOTARY_PASSWORD}" ${id} -f json >/tmp/notarization_log.json
issues=$(jq -r .issues </tmp/notarization_log.json)
if [ "$issues" != "null" ]; then
printf "There are issues with the notarization (${issues})\n"
printf "=== Log output === \n$(cat /tmp/notarization_log.json)\n"
exit 7;
fi;
fi
else
# local builds will not be signed or notarized
pkgbuild --root dist/inkstitch.app \
--ownership recommended \
--identifier org.inkstitch.installer \
--version ${VERSION} \
--scripts installer_scripts/scripts \
--install-location ${PKG_INSTALL_PATH}inkstitch.app \
artifacts/inkstitch-${VERSION}-${OS}-${ARCH}.pkg
fi
# Creating the zip for Drag n' Drop install
cd dist
7z a ../artifacts/inkstitch-${VERSION}-${OS}-${ARCH}.zip *
cd ..
else
cp -a palettes symbols fonts tiles dbus inx LICENSE VERSION dist/inkstitch
cp -a icons locales print dist/inkstitch/bin
fi
if [ "$BUILD" = "windows" ]; then
# build the installer locally
# remotely it will be called through build.yml after signing
if [[ -z "${GITHUB_REF}" ]]; then
bash bin/build-windows-installer
fi
fi
if [ "$BUILD" = "linux" ] || [ "$BUILD" = "linux-new" ] || [ "$BUILD" = "linux-old" ] || [ "$BUILD" = "linux32" ]; then
if [[ "$VERSION" =~ ^v[0-9][.0-9]+$ ]]; then
VERSION=${VERSION#v}
else
# dpkg requires versions to start with a number, so we have to add
# 0.0.1 for development builds
VERSION="0.0.1-${VERSION}"
fi
echo -n "$INKSTITCH_GPG_KEY" | base64 -d | gpg --import
cat <<EOF > $HOME/.rpmmacros
%_gpg_name EA93BCE2CCD0FB2E77B2CC29E8120E50709E5C44
%_signature gpg
EOF
deb_version="$(sed -E 's/[^a-zA-Z0-9.+]/./g' <<< "$VERSION")"
fpm -s dir \
-t deb \
-n inkstitch \
-v "$deb_version" \
-d "inkscape >= 1.0.0" \
--deb-compression xz \
--license "GPL-3.0" \
--description "An open-source machine embroidery design platform based on Inkscape" \
--url "https://inkstitch.org" \
--maintainer "maintainer@inkstitch.org" \
--after-install bin/after-install \
--before-remove bin/before-remove \
--verbose \
dist/inkstitch=/opt
fpm -s dir \
-t rpm \
-n inkstitch \
-v "$VERSION" \
-d "inkscape >= 1.0.0" \
--rpm-compression xz \
--license "GPL-3.0" \
--description "An open-source machine embroidery design platform based on Inkscape" \
--url "https://inkstitch.org" \
--maintainer "maintainer@inkstitch.org" \
--after-install bin/after-install \
--before-remove bin/before-remove \
--verbose \
dist/inkstitch=/opt
rpmsign --addsign inkstitch*.rpm
mv inkstitch*.deb inkstitch*.rpm artifacts/
tar -C dist -Jcf artifacts/inkstitch-${VERSION}-${OS}.tar.xz inkstitch
cat "$(dirname "$0")/linux-sh-installer" artifacts/inkstitch-${VERSION}-${OS}.tar.xz > artifacts/inkstitch-${VERSION}-${OS}.sh
fi
Reference in New Issue View Git Blame Kopiuj bezpośredni odnośnik