Package with Briefcase and Create Release

Bump version after merge into release #176

Summary
Jobs
- package
Run details
- Usage
- Workflow file

Workflow file for this run

.github/workflows/briefcase.yml at efe64fc

	name: Package with Briefcase and Create Release

	on:
	push:
	branches:
	- release
	- prerelease

	jobs:
	package:
	runs-on: macos-latest
	env:
	KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
	APPLE_ID: ${{ secrets.APPLE_ID }}
	CERTIFICATE_PASSWORD: ${{ secrets.CERTIFICATE_PASSWORD }}
	steps:
	- name: Checkout code
	uses: actions/checkout@v4
	with:
	fetch-depth: 0
	- name: Get commit messages
	id: get_commit_messages
	run: \|
	set -x
	git fetch --tags
	echo "github.ref: ${{ github.ref }}"
	if [ "${{ github.ref }}" = "refs/heads/prerelease" ]; then
	LAST_TAG=$(git tag --sort=-v:refname \| head -n 1)
	else
	LAST_TAG=$(curl --silent "https://api.github.com/repos/cbusillo/BD_to_AVP/releases/latest" \| jq -r .tag_name)
	fi
	MESSAGES=$(git log --no-merges --pretty=format:"- [%h](https://github.com/${{ github.repository }}/commit/%H) %s" "$LAST_TAG"..HEAD \| grep -v "Bump version")
	echo "messages<<EOF" >> $GITHUB_OUTPUT
	echo "$MESSAGES" >> $GITHUB_OUTPUT
	echo "EOF" >> $GITHUB_OUTPUT
	echo "Commit messages since last release or initial commit:"
	echo "$MESSAGES"
	- name: Set up Python
	uses: actions/setup-python@v5
	with:
	python-version: '3.12.4'
	- name: Install Poetry
	run: \|
	curl -sSL https://install.python-poetry.org \| python3 -
	echo "$HOME/.poetry/bin" >> $GITHUB_PATH
	- name: Install dependencies
	run: \|
	poetry install --no-interaction
	- name: Install certificates
	run: \|
	KEYCHAIN_PATH=$(pwd)/build.keychain
	security create-keychain -p $KEYCHAIN_PASSWORD $KEYCHAIN_PATH
	security default-keychain -s $KEYCHAIN_PATH
	security unlock-keychain -p $KEYCHAIN_PASSWORD $KEYCHAIN_PATH
	# Import both certificates
	echo "${{ secrets.CERTIFICATE }}" \| base64 --decode > app_certificate.p12
	echo "${{ secrets.CERTIFICATE_INSTALLER }}" \| base64 --decode > installer_certificate.p12
	security import app_certificate.p12 -k $KEYCHAIN_PATH -P $CERTIFICATE_PASSWORD -A -T "/usr/bin/codesign" -T "/usr/bin/productsign"
	security import installer_certificate.p12 -k $KEYCHAIN_PATH -P $CERTIFICATE_PASSWORD -A -T "/usr/bin/codesign" -T "/usr/bin/productsign"
	security set-key-partition-list -S apple-tool:,apple:,codesign:,productsign: -s -k $KEYCHAIN_PATH
	- name: Store Notarization Credentials
	run: \|
	echo "${{ secrets.KEYCHAIN_PASSWORD }}" \| xcrun altool --store-password-in-keychain-item "${{ secrets.KEYCHAIN_NAME }}" -u "${{ secrets.APPLE_ID }}" -p -
	xcrun notarytool store-credentials "${{ secrets.KEYCHAIN_NAME }}" --apple-id "${{ secrets.APPLE_ID }}" --password "${{ secrets.KEYCHAIN_PASSWORD }}" --team-id "${{ secrets.TEAM_ID }}"
	- name: Extract version
	id: extract_version
	run: \|
	version=$(sed -n 's/^version = "$.*$"/\1/p' pyproject.toml \| head -n 1 \| tr -d '"' \| xargs)
	echo "Extracted version: '${version}'"
	echo "version=${version}" >> $GITHUB_OUTPUT
	- name: Package application for GitHub
	run: \|
	poetry run briefcase create
	poetry run briefcase build
	find . -name QtWebEngineCore.framework -type d \| while read dir; do
	find "$dir" -type f -execdir codesign --force --verify --verbose --sign "${{ secrets.DEV_ID }}" {} \;
	done
	find build/bd-to-avp/macos/app -name "*.dylib" -exec codesign --force --sign - {} \;
	poetry run briefcase package -i "${{ secrets.DEV_ID }}"
	- name: Upload log on failure
	if: failure()
	uses: actions/upload-artifact@v4
	with:
	name: briefcase-log
	path: /Users/runner/work/BD_to_AVP/BD_to_AVP/logs/briefcase.*.build.log
	- name: Set release name
	id: set_release_name
	run: \|
	echo "GITHUB_REF: ${{ github.ref }}"
	BRANCH_NAME=$(echo ${GITHUB_REF#refs/heads/} \| sed -r 's/(^\|-)(\w)/\U\2/g')
	echo "Release Name Set To: $BRANCH_NAME"
	echo "release_name=$BRANCH_NAME" >> $GITHUB_OUTPUT
	- name: Create Release
	id: create_release
	uses: softprops/action-gh-release@v2
	with:
	body: \|
	After entering your password it will take a few minutes (maybe ten). It will appear to be doing nothing. If it fails, it should pop up with an error. Otherwise it should install all the dependences in the background and eventually pop up the GUI. If you do not want to type your password in, you can use the installer.sh script in the 'Terminal install or update' section of the readme.

	You can use the terminal version with "/Applications/Blu-ray to AVP.app/Contents/MacOS/Blu-ray to AVP". If you run the binary with any arguments, it will work like the previous terminal app. No arguments will open the GUI.

	Commits:
	${{ steps.get_commit_messages.outputs.messages }}
	draft: false
	prerelease: ${{ github.ref == 'refs/heads/prerelease' }}
	tag_name: v${{ steps.extract_version.outputs.VERSION }}
	name: ${{ steps.set_release_name.outputs.release_name }} v${{ steps.extract_version.outputs.VERSION }}
	files: \|
	dist/*.zip
	dist/*.dmg
	dist/*.pkg

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump version after merge into release #176

Workflow file

Bump version after merge into release #176

Jobs

Run details

Workflow file for this run