vscodium/.github/workflows/macos.yml
2021-09-18 10:12:10 +02:00

131 lines
4.1 KiB
YAML

name: macos_build
on:
workflow_dispatch:
schedule:
- cron: '0 0 * * *'
push:
pull_request:
branches: [ master ]
jobs:
build:
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
include:
- vscode_arch: x64
os: macOS-10.15
- vscode_arch: arm64
os: macOS-11
env:
OS_NAME: "osx"
VSCODE_ARCH: ${{ matrix.vscode_arch }}
steps:
- uses: actions/checkout@v2
- name: Setup Node.js environment
uses: actions/setup-node@v1
with:
node-version: 14
- name: Check PR or cron
run: |
. check_cron_or_pr.sh
- name: Clone VSCode repo
run: |
. get_repo.sh
- name: Check existing VSCodium tags/releases
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
. check_tags.sh
if: env.SHOULD_DEPLOY == 'yes'
- name: Compute cache key
id: yarnCacheKey
run: echo "::set-output name=value::$(node build/azure-pipelines/computeYarnCacheKey.js)"
if: env.SHOULD_BUILD == 'yes'
- name: Get yarn cache directory path
id: yarnCacheDirPath
run: echo "::set-output name=dir::$(yarn cache dir)"
if: env.SHOULD_BUILD == 'yes'
- name: Cache yarn directory
uses: actions/cache@v2
with:
path: ${{ steps.yarnCacheDirPath.outputs.dir }}
key: ${{ env.OS_NAME }}-${{ env.VSCODE_ARCH }}-yarnCacheDir-${{ steps.yarnCacheKey.outputs.value }}
restore-keys: ${{ env.OS_NAME }}-${{ env.VSCODE_ARCH }}-yarnCacheDir-
if: env.SHOULD_BUILD == 'yes'
- name: Build
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: ./build.sh
if: env.SHOULD_BUILD == 'yes'
- name: Sign binary
env:
CERTIFICATE_OSX_P12: ${{ secrets.CERTIFICATE_OSX_P12 }}
CERTIFICATE_OSX_PASSWORD: ${{ secrets.CERTIFICATE_OSX_PASSWORD }}
CERTIFICATE_OSX_ID: ${{ secrets.CERTIFICATE_OSX_ID }}
if: env.SHOULD_BUILD == 'yes' && env.SHOULD_DEPLOY == 'yes'
run: |
if [ -d "VSCode-darwin-${VSCODE_ARCH}" ]; then # just in case the build failed
cd "VSCode-darwin-${VSCODE_ARCH}"
export CERTIFICATE_P12=VSCodium.p12
echo $CERTIFICATE_OSX_P12 | base64 --decode > $CERTIFICATE_P12
export KEYCHAIN=build.keychain
security create-keychain -p mysecretpassword $KEYCHAIN
security default-keychain -s $KEYCHAIN
security unlock-keychain -p mysecretpassword $KEYCHAIN
security import $CERTIFICATE_P12 -k $KEYCHAIN -P $CERTIFICATE_OSX_PASSWORD -T /usr/bin/codesign
security set-key-partition-list -S apple-tool:,apple: -s -k mysecretpassword $KEYCHAIN
codesign --deep --force --verbose --sign "$CERTIFICATE_OSX_ID" VSCodium.app
fi
- name: Zip release
run: |
cd "VSCode-darwin-${VSCODE_ARCH}"
zip -r -X -y ../VSCodium-darwin-${VSCODE_ARCH}-${MS_TAG}.zip ./*.app
if: env.SHOULD_BUILD == 'yes' && env.SHOULD_DEPLOY == 'yes'
- name: DMG the release
run: |
pushd "VSCode-darwin-${VSCODE_ARCH}"
npx create-dmg VSCodium.app ..
mv "../VSCodium ${MS_TAG}.dmg" "../VSCodium.${VSCODE_ARCH}.${MS_TAG}.dmg"
popd
if: env.SHOULD_BUILD == 'yes' && env.SHOULD_DEPLOY == 'yes'
- name: Generate shasums
run: ./sum.sh
if: env.SHOULD_BUILD == 'yes' && env.SHOULD_DEPLOY == 'yes'
- name: Release
uses: softprops/action-gh-release@v1
if: env.SHOULD_BUILD == 'yes' && env.SHOULD_DEPLOY == 'yes'
with:
tag_name: ${{ env.MS_TAG }}
files: |
./*.zip
./*.dmg
./*.sha256
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Update versions repo
if: env.SHOULD_BUILD == 'yes' && env.SHOULD_DEPLOY == 'yes'
run: ./update_version.sh
env:
GITHUB_TOKEN: ${{ secrets.STRONGER_GITHUB_TOKEN }}
GITHUB_USERNAME: ${{ github.repository_owner }}