Bump version after merge into release #159
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Package with Briefcase and Create Release | |
on: | |
push: | |
branches: | |
- release | |
- prerelease | |
jobs: | |
package: | |
runs-on: macos-latest | |
env: | |
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }} | |
APPLE_ID: ${{ secrets.APPLE_ID }} | |
CERTIFICATE_PASSWORD: ${{ secrets.CERTIFICATE_PASSWORD }} | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Get commit messages | |
id: get_commit_messages | |
run: | | |
set -x | |
git fetch --tags | |
echo "github.ref: ${{ github.ref }}" | |
if [ "${{ github.ref }}" = "refs/heads/prerelease" ]; then | |
LAST_TAG=$(git ls-remote --tags --refs --sort="v:refname" | tail -n1 | sed 's/.*\///; s/\^{}//' 2>/dev/null || git rev-list --max-parents=0 HEAD) | |
else | |
LAST_TAG=$(git describe --tags --abbrev=0 2>/dev/null || git rev-list --max-parents=0 HEAD) | |
fi | |
MESSAGES=$(git log --no-merges --pretty=format:"- [%h](https://github.com/${{ github.repository }}/commit/%H) %s" "$LAST_TAG"..HEAD | grep -v "Bump version") | |
echo "messages<<EOF" >> $GITHUB_OUTPUT | |
echo "$MESSAGES" >> $GITHUB_OUTPUT | |
echo "EOF" >> $GITHUB_OUTPUT | |
echo "Commit messages since last release or initial commit:" | |
echo "$MESSAGES" | |
- name: Set up Python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: '3.12.4' | |
- name: Install Poetry | |
run: | | |
curl -sSL https://install.python-poetry.org | python3 - | |
echo "$HOME/.poetry/bin" >> $GITHUB_PATH | |
- name: Install dependencies | |
run: | | |
pip install opencv-python | |
poetry install --no-interaction | |
- name: Install certificates | |
run: | | |
KEYCHAIN_PATH=$(pwd)/build.keychain | |
security create-keychain -p $KEYCHAIN_PASSWORD $KEYCHAIN_PATH | |
security default-keychain -s $KEYCHAIN_PATH | |
security unlock-keychain -p $KEYCHAIN_PASSWORD $KEYCHAIN_PATH | |
# Import both certificates | |
echo "${{ secrets.CERTIFICATE }}" | base64 --decode > app_certificate.p12 | |
echo "${{ secrets.CERTIFICATE_INSTALLER }}" | base64 --decode > installer_certificate.p12 | |
security import app_certificate.p12 -k $KEYCHAIN_PATH -P $CERTIFICATE_PASSWORD -A -T "/usr/bin/codesign" -T "/usr/bin/productsign" | |
security import installer_certificate.p12 -k $KEYCHAIN_PATH -P $CERTIFICATE_PASSWORD -A -T "/usr/bin/codesign" -T "/usr/bin/productsign" | |
security set-key-partition-list -S apple-tool:,apple:,codesign:,productsign: -s -k $KEYCHAIN_PATH | |
- name: Store Notarization Credentials | |
run: | | |
echo "${{ secrets.KEYCHAIN_PASSWORD }}" | xcrun altool --store-password-in-keychain-item "${{ secrets.KEYCHAIN_NAME }}" -u "${{ secrets.APPLE_ID }}" -p - | |
xcrun notarytool store-credentials "${{ secrets.KEYCHAIN_NAME }}" --apple-id "${{ secrets.APPLE_ID }}" --password "${{ secrets.KEYCHAIN_PASSWORD }}" --team-id "${{ secrets.TEAM_ID }}" | |
- name: Extract version | |
id: extract_version | |
run: | | |
version=$(sed -n 's/^version = "\(.*\)"/\1/p' pyproject.toml | head -n 1 | tr -d '"' | xargs) | |
echo "Extracted version: '${version}'" | |
echo "version=${version}" >> $GITHUB_OUTPUT | |
- name: Package application for GitHub | |
run: | | |
poetry run briefcase create | |
poetry run briefcase build | |
find . -name QtWebEngineCore.framework -type d | while read dir; do | |
find "$dir" -type f -execdir codesign --force --verify --verbose --sign "${{ secrets.DEV_ID }}" {} \; | |
done | |
find build/bd-to-avp/macos/app -name "*.dylib" -exec codesign --force --sign - {} \; | |
poetry run briefcase package -i "${{ secrets.DEV_ID }}" | |
- name: Upload log on failure | |
if: failure() | |
uses: actions/upload-artifact@v4 | |
with: | |
name: briefcase-log | |
path: /Users/runner/work/BD_to_AVP/BD_to_AVP/logs/briefcase.*.build.log | |
- name: Create Release | |
id: create_release | |
uses: softprops/action-gh-release@v2 | |
with: | |
body: | | |
** After entering your password it will take a few minutes (maybe ten). It will appear to be doing nothing. If it fails, it should pop up with an error. Otherwise it should install all the dependences in the background and eventually pop up the GUI. If you do not want to type your password in, you can use the installer.sh script in the 'Terminal install or update' section of the readme. ** | |
You can use the terminal version with "/Applications/Blu-ray to AVP.app/Contents/MacOS/Blu-ray to AVP". If you run the binary with any arguments, it will work like the previous terminal app. No arguments will open the GUI. | |
Commits: | |
${{ steps.get_commit_messages.outputs.messages }} | |
draft: false | |
prerelease: ${{ github.ref == 'refs/heads/prerelease' }} | |
tag_name: v${{ steps.extract_version.outputs.VERSION }} | |
name: Release v${{ steps.extract_version.outputs.VERSION }} | |
files: | | |
dist/*.zip | |
dist/*.dmg | |
dist/*.pkg | |