Skip to content

Commit

Permalink
feat: macos signing
Browse files Browse the repository at this point in the history
  • Loading branch information
@Julusian
Julusian committed Mar 20, 2022
1 parent a9572bb commit c1b61da
Show file tree
Hide file tree
Showing 4 changed files with 134 additions and 33 deletions.
127 changes: 97 additions & 30 deletions .github/workflows/node.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,19 +3,13 @@ name: Build/release
on: push

jobs:
release:
runs-on: ${{ matrix.os }}

strategy:
matrix:
os: [macos-latest, ubuntu-latest, windows-latest]

Linux-x64:
runs-on: ubuntu-latest
steps:
- name: Check out Git repository
uses: actions/checkout@v1

- name: Install linux dependencies
if: runner.os == 'Linux'
- name: Install dependencies
run: |
sudo apt-get update
sudo apt-get install -y yasm libudev-dev libusb-1.0-0-dev
Expand All @@ -25,16 +19,100 @@ jobs:
with:
node-version: 16

- name: Build/release Electron app
uses: samuelmeuli/action-electron-builder@v1
- name: Run build
run: |
# try and avoid timeout errors
yarn config set network-timeout 100000 -g
yarn
yarn dist
- name: Determine files to upload
if: github.ref == 'refs/heads/master' # always publish for just the master branch
id: filenames
shell: bash
run: |
HASH=$(git rev-parse --short HEAD)
COUNT=$(git rev-list --count HEAD)
echo ::set-output name=sourcename::"electron-output/companion-satellite-x64.tar.gz"
echo ::set-output name=targetname::"companion-satellite-x64-${COUNT}-${HASH}.tar.gz"
- name: Upload app
if: ${{ steps.filenames.outputs.sourcename }}
uses: ./.github/actions/s3-upload
with:
source-filename: ${{ steps.filenames.outputs.sourcename }}
destination-filename: ${{ steps.filenames.outputs.targetname }}
host: ${{ secrets.S3_HOST }}
bucket: ${{ secrets.S3_BUCKET }}
access-key: ${{ secrets.S3_KEY }}
secret-key: ${{ secrets.S3_SECRET }}

Windows-x64:
runs-on: windows-latest
steps:
- name: Check out Git repository
uses: actions/checkout@v1

- name: Install Node.js, NPM and Yarn
uses: actions/setup-node@v1
with:
node-version: 16

- name: Run build
run: |
# try and avoid timeout errors
yarn config set network-timeout 100000 -g
yarn
yarn dist
- name: Determine files to upload
if: github.ref == 'refs/heads/master' # always publish for just the master branch
id: filenames
shell: bash
run: |
HASH=$(git rev-parse --short HEAD)
COUNT=$(git rev-list --count HEAD)
echo ::set-output name=sourcename::"electron-output/companion-satellite-x64.exe"
echo ::set-output name=targetname::"companion-satellite-x64-${COUNT}-${HASH}.exe"
- name: Upload app
if: ${{ steps.filenames.outputs.sourcename }}
uses: ./.github/actions/s3-upload
with:
# GitHub token, automatically provided to the action
# (No need to define this secret in the repo settings)
github_token: ${{ secrets.github_token }}
source-filename: ${{ steps.filenames.outputs.sourcename }}
destination-filename: ${{ steps.filenames.outputs.targetname }}
host: ${{ secrets.S3_HOST }}
bucket: ${{ secrets.S3_BUCKET }}
access-key: ${{ secrets.S3_KEY }}
secret-key: ${{ secrets.S3_SECRET }}

Mac-x64:
runs-on: macos-latest
steps:
- name: Check out Git repository
uses: actions/checkout@v1

- name: Install Node.js, NPM and Yarn
uses: actions/setup-node@v1
with:
node-version: 16

- name: Run build
run: |
# try and avoid timeout errors
yarn config set network-timeout 100000 -g
# If the commit is tagged with a version (e.g. "v1.0.0"),
# release the app after building
release: ${{ startsWith(github.ref, 'refs/tags/v') }}
yarn
yarn dist
env:
CSC_LINK: ${{ secrets.OSX_CSC_LINK }}
CSC_KEY_PASSWORD: ${{ secrets.OSX_CSC_KEY_PASSWORD }}
APPLEID: ${{ secrets.APPLEID }}
APPLEIDPASS: ${{ secrets.APPLEIDPASS }}

- name: Determine files to upload
if: github.ref == 'refs/heads/master' # always publish for just the master branch
Expand All @@ -44,19 +122,8 @@ jobs:
HASH=$(git rev-parse --short HEAD)
COUNT=$(git rev-list --count HEAD)
if [ "$RUNNER_OS" == "Windows" ]; then
echo ::set-output name=sourcename::"electron-output/companion-satellite-x64.exe"
echo ::set-output name=targetname::"companion-satellite-x64-${COUNT}-${HASH}.exe"
elif [ "$RUNNER_OS" == "macOS" ]; then
echo ::set-output name=sourcename::"electron-output/companion-satellite-x64.dmg"
echo ::set-output name=targetname::"companion-satellite-x64-${COUNT}-${HASH}.dmg"
elif [ "$RUNNER_OS" == "Linux" ]; then
echo ::set-output name=sourcename::"electron-output/companion-satellite-x64.tar.gz"
echo ::set-output name=targetname::"companion-satellite-x64-${COUNT}-${HASH}.tar.gz"
else
echo "$RUNNER_OS not supported"
exit 0
fi
echo ::set-output name=sourcename::"electron-output/companion-satellite-x64.dmg"
echo ::set-output name=targetname::"companion-satellite-x64-${COUNT}-${HASH}.dmg"
- name: Upload app
if: ${{ steps.filenames.outputs.sourcename }}
Expand Down
8 changes: 5 additions & 3 deletions package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@
"lint:raw": "eslint --ext .ts --ext .js --ext .tsx --ext .jsx --ignore-pattern dist",
"lint": "yarn lint:raw .",
"license-validate": "yarn sofie-licensecheck",
"dist": "yarn build && yarn electron-builder"
"dist": "yarn build && yarn electron-builder --publish=never"
},
"devDependencies": {
"@sofie-automation/code-standard-preset": "~2.0",
Expand All @@ -38,6 +38,7 @@
"@types/sharp": "^0.28.5",
"electron": "^16.1.0",
"electron-builder": "^22.14.13",
"electron-notarize": "^1.1.1",
"rimraf": "^3.0.2",
"standard-version": "^9.3.2",
"ts-node": "^9.1.1",
Expand Down Expand Up @@ -78,6 +79,7 @@
"productName": "Companion Satellite",
"appId": "remote.companion.bitfocus.no",
"remoteBuild": false,
"afterSign": "tools/notarize.js",
"directories": {
"buildResources": "assets/",
"output": "electron-output/"
Expand All @@ -102,11 +104,11 @@
"perMachine": true,
"oneClick": false,
"allowElevation": true,
"artifactName": "companion-satellite-x64.exe"
"artifactName": "companion-satellite-x64.exe"
},
"linux": {
"target": "tar.gz",
"artifactName": "companion-satellite-${arch}.tar.gz",
"artifactName": "companion-satellite-${arch}.tar.gz",
"extraFiles": [
{
"from": "./node_modules/sharp/vendor/8.10.6/lib",
Expand Down
24 changes: 24 additions & 0 deletions tools/notarize.js
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
/* Based on https://kilianvalkhof.com/2019/electron/notarizing-your-electron-application/ */

const { notarize } = require('electron-notarize')

exports.default = async function notarizing(context) {
const { electronPlatformName, appOutDir } = context
if (electronPlatformName !== 'darwin') {
return
}

if (!process.env.APPLEID || !process.env.APPLEIDPASS) {
console.log('Skipping notarizing, due to missing APPLEID or APPLEIDPASS environment variables')
return
}

const appName = context.packager.appInfo.productFilename

return await notarize({
appBundleId: 'companion.bitfocus.no',
appPath: `${appOutDir}/${appName}.app`,
appleId: process.env.APPLEID,
appleIdPassword: process.env.APPLEIDPASS,
})
}
8 changes: 8 additions & 0 deletions yarn.lock
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1682,6 +1682,14 @@ electron-builder@^22.14.13:
update-notifier "^5.1.0"
yargs "^17.0.1"

electron-notarize@^1.1.1:
version "1.1.1"
resolved "https://registry.yarnpkg.com/electron-notarize/-/electron-notarize-1.1.1.tgz#3ed274b36158c1beb1dbef14e7faf5927e028629"
integrity sha512-kufsnqh86CTX89AYNG3NCPoboqnku/+32RxeJ2+7A4Rbm4bbOx0Nc7XTy3/gAlBfpj9xPAxHfhZLOHgfi6cJVw==
dependencies:
debug "^4.1.1"
fs-extra "^9.0.1"

electron-osx-sign@^0.5.0:
version "0.5.0"
resolved "https://registry.yarnpkg.com/electron-osx-sign/-/electron-osx-sign-0.5.0.tgz#fc258c5e896859904bbe3d01da06902c04b51c3a"
Expand Down

0 comments on commit c1b61da

Please sign in to comment.