Skip to content
Build FontGoggles Application

Build FontGoggles Application #95

Sign in to view logs

Build FontGoggles Application

Build FontGoggles Application #95

Workflow file for this run

.github/workflows/buildapp.yml at b87ecb0
name: Build FontGoggles Application
on:
push:
tags:
- "v*"
workflow_dispatch: # allow manual trigger
jobs:
build:
runs-on: macos-latest
steps:
- name: Install Certificates
run: |
echo ${{ secrets.CERTIFICATE_P12 }} | base64 --decode > certificate.p12
security import certificate.p12 -P ${{ secrets.CERTIFICATE_PASSWORD }}
security create-keychain -p fgKeychain fg.keychain
security default-keychain -s fg.keychain
security set-keychain-settings -l -u -t 8000
security unlock-keychain -p fgKeychain fg.keychain
security import certificate.p12 -k fg.keychain -P ${{ secrets.CERTIFICATE_PASSWORD }} -T /usr/bin/codesign
security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k fgKeychain fg.keychain
rm -fr *.p12
# security find-identity -v -p codesigning
- name: Set up Python from python.org
run: |
curl https://www.python.org/ftp/python/3.12.3/python-3.12.3-macos11.pkg --output python-installer.pkg
sudo installer -pkg python-installer.pkg -target /
- name: Check Python
run: |
python3-intel64 --version
python3-intel64 -c "import platform; print('macOS version:', platform.mac_ver()[0], platform.platform())"
- name: Checkout
uses: actions/checkout@v1
- name: Setup Virtual Environment
run: |
python3-intel64 -m venv venv
source venv/bin/activate
python -c "import sys; print('\n'.join(sys.path))"
- name: Install Dependencies
run: |
source venv/bin/activate
python -m pip install --upgrade pip
python -m pip --version
python -m pip install -r requirements.txt
python -m pip install -r requirements-dev.txt
python -m pip install .
- name: Run Tests
run: |
source venv/bin/activate
pytest
- name: Build Application
run: |
source venv/bin/activate
python App/setup.py py2app --arch intel
- name: Codesign and Notarize
run: |
APP_PATH="App/dist/FontGoggles.app"
DMG_PATH="App/dist/FontGoggles.dmg"
ENTITLEMENTS_PATH="App/Distribute/entitlements.xml"
source venv/bin/activate
App/Distribute/codesign_app.sh "${{ secrets.CODESIGN_NAME }}" "$APP_PATH" "$ENTITLEMENTS_PATH"
python App/Distribute/build_dmg.py "$APP_PATH" "$DMG_PATH"
codesign --sign "${{ secrets.CODESIGN_NAME }}" "$DMG_PATH"
echo "Run notarytool..."
xcrun notarytool submit \
--apple-id "${{ secrets.NOTARIZE_DEVELOPER }}" \
--team-id "${{ secrets.NOTARIZE_TEAM_ID }}" \
--password "${{ secrets.NOTARIZE_PASSWORD }}" \
--output-format json \
--wait \
$DMG_PATH \
| python App/Distribute/print_notarize_log.py \
"${{ secrets.NOTARIZE_DEVELOPER }}" \
"${{ secrets.NOTARIZE_TEAM_ID }}" \
"${{ secrets.NOTARIZE_PASSWORD }}"
xcrun stapler staple "$DMG_PATH"
- name: Storing macOS Artifacts
uses: actions/upload-artifact@v4
with:
name: FontGoggles
path: App/dist/FontGoggles.dmg
- name: Read CHANGELOG.md
id: changelog
if: github.ref == 'refs/heads/master'
env:
GITHUB_REF: ${{ github.ref }}
run: |
source venv/bin/activate
echo "changelog_contents=$(python App/Distribute/extract_changes.py)" >>$GITHUB_OUTPUT
- name: Create Release
id: create_release
if: github.ref == 'refs/heads/master'
uses: actions/create-release@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: ${{ github.ref }}
release_name: Release ${{ github.ref }}
body: ${{ steps.changelog.outputs.changelog_contents }}
draft: true
prerelease: false
- name: Upload Release Asset
id: upload-release-asset
if: github.ref == 'refs/heads/master'
uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ steps.create_release.outputs.upload_url }} # This pulls from the CREATE RELEASE step above, referencing it's ID to get its outputs object, which include a `upload_url`. See this blog post for more info: https://jasonet.co/posts/new-features-of-github-actions/#passing-data-to-future-steps
asset_path: App/dist/FontGoggles.dmg
asset_name: FontGoggles.dmg
asset_content_type: application/octet-stream