CI_MacOS #467
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI_MacOS | |
on: | |
pull_request: | |
branches: | |
- master | |
schedule: | |
- cron: '0 3 */1 */1 *' # At 03:00 on every day-of-month for master | |
- cron: '0 5 */1 */1 *' # At 05:00 on every day-of-month for current release branch | |
workflow_dispatch: | |
inputs: | |
build_mode: | |
description: 'Build mode: devel_build, nightly_build, testing_build, stable_build' | |
required: true | |
default: 'devel_build' | |
publish: | |
description: 'Publish to FTP: on - publish' | |
required: false | |
default: 'off' | |
sentry_project: | |
description: 'Upload symbols and dumps to Sentry (choose a project): mu4(default for stable build), sandbox' | |
required: false | |
default: '' | |
env: | |
CURRENT_RELEASE_BRANCH: 4.3.1 | |
DEVELOPER_DIR: /Applications/Xcode_15.2.app/Contents/Developer | |
jobs: | |
build_mu4: | |
runs-on: macos-13 | |
steps: | |
- name: Cancel Previous Runs | |
uses: styfle/cancel-workflow-action@0.12.1 | |
with: | |
access_token: ${{ github.token }} | |
- name: Clone repository (default) | |
uses: actions/checkout@v4 | |
if: ${{ github.event_name != 'schedule' || github.event.schedule == '0 3 */1 */1 *' }} | |
- name: Clone repository (${{ env.CURRENT_RELEASE_BRANCH }}) | |
uses: actions/checkout@v4 | |
if: ${{ github.event_name == 'schedule' && github.event.schedule == '0 5 */1 */1 *' }} | |
with: | |
ref: ${{ env.CURRENT_RELEASE_BRANCH }} | |
- name: Ccache cache files | |
uses: actions/cache@v4 | |
with: | |
path: ~/.ccache | |
key: ${{github.workflow}}-ccache-$(date -u +"%F-%T") | |
restore-keys: ${{github.workflow}}-ccache- # restore ccache from either previous build on this branch or on master | |
- name: Setup ccache | |
run: | | |
bash ./buildscripts/ci/tools/setup_ccache.sh | |
- name: "Configure workflow" | |
env: | |
pull_request_title: ${{ github.event.pull_request.title }} | |
SENTRY_SERVER_MU4_KEY: ${{ secrets.SENTRY_SERVER_MU4_KEY }} | |
SENTRY_SERVER_SANDBOX_KEY: ${{ secrets.SENTRY_SERVER_SANDBOX_KEY }} | |
SENTRY_PROJECT: ${{ github.event.inputs.sentry_project }} | |
run: | | |
bash ./buildscripts/ci/tools/make_build_mode_env.sh -e ${{ github.event_name }} -m ${{ github.event.inputs.build_mode }} | |
BUILD_MODE=$(cat ./build.artifacts/env/build_mode.env) | |
bash ./buildscripts/ci/tools/make_build_number.sh | |
BUILD_NUMBER=$(cat ./build.artifacts/env/build_number.env) | |
DO_PUBLISH='false' | |
if [[ "${{ github.event.inputs.publish }}" == "on" || "$BUILD_MODE" == "nightly_build" ]]; then | |
DO_PUBLISH='true' | |
if [ -z "${{ secrets.OSUOSL_SSH_ENCRYPT_SECRET }}" ]; then | |
echo "warning: not set OSUOSL_SSH_ENCRYPT_SECRET, publish disabled" | |
DO_PUBLISH='false' | |
fi | |
fi | |
DO_NOTARIZE='false' | |
if [ "$BUILD_MODE" != "devel_build" ]; then | |
DO_NOTARIZE='true' | |
if [ -z "${{ secrets.APPLE_USERNAME }}" ]; then | |
echo "warning: not set APPLE_USERNAME, notarize disabled" | |
DO_NOTARIZE='false' | |
fi | |
if [ -z "${{ secrets.APPLE_PASSWORD }}" ]; then | |
echo "warning: not set APPLE_PASSWORD, notarize disabled" | |
DO_NOTARIZE='false' | |
fi | |
fi | |
DO_BUILD='true' | |
if [ "$BUILD_MODE" == "nightly_build" ]; then | |
if [ "${{ github.repository }}" != "musescore/MuseScore" ]; then | |
DO_BUILD='false' | |
fi | |
fi | |
DO_UPDATE_TS='false' | |
if [[ "$BUILD_MODE" == "testing_build" || "$BUILD_MODE" == "stable_build" ]]; then | |
DO_UPDATE_TS='true' | |
if [ -z "${{ secrets.TRANSIFEX_API_TOKEN }}" ]; then | |
echo "warning: not set TRANSIFEX_API_TOKEN, update .ts disabled" | |
DO_UPDATE_TS='false' | |
fi | |
fi | |
DO_PLACEHOLDER_TRANSLATIONS='false' | |
if [[ "$DO_BUILD" == "true" ]]; then | |
if [[ "$BUILD_MODE" == "nightly_build" || "$BUILD_MODE" == "devel_build" ]]; then | |
DO_PLACEHOLDER_TRANSLATIONS='true' | |
fi | |
fi | |
DO_UPLOAD_SYMBOLS='false' | |
SENTRY_URL="" | |
if [ "$SENTRY_SERVER_MU4_KEY" != "" ]; then | |
if [ -z "$SENTRY_PROJECT" ] && [ "$BUILD_MODE" == "stable_build" ]; then | |
SENTRY_PROJECT="mu4" | |
fi | |
if [ "$SENTRY_PROJECT" == "mu4" ]; then | |
DO_UPLOAD_SYMBOLS='true' | |
SENTRY_URL=https://sentry.musescore.org/api/4/minidump/?sentry_key=$SENTRY_SERVER_MU4_KEY | |
fi | |
fi | |
if [ "$SENTRY_PROJECT" == "sandbox" ] && [ "$SENTRY_SERVER_SANDBOX_KEY" != "" ]; then | |
DO_UPLOAD_SYMBOLS='true' | |
SENTRY_URL=https://sentry.musescore.org/api/3/minidump/?sentry_key=$SENTRY_SERVER_SANDBOX_KEY | |
fi | |
if [ $DO_BUILD == 'false' ]; then | |
DO_NOTARIZE='false' | |
DO_UPLOAD_SYMBOLS='false' | |
DO_PUBLISH='false' | |
fi | |
ADD_INFO="_${GITHUB_REF#refs/heads/}" | |
if [ "${{ github.event_name }}" == "schedule" ] && [ "${{ github.event.schedule }}" == "0 5 */1 */1 *" ]; then ADD_INFO="_${CURRENT_RELEASE_BRANCH}"; fi | |
if [ "${{ github.event_name }}" == "pull_request" ]; then ADD_INFO="_${{ github.event.pull_request.number }}_${pull_request_title}"; fi | |
UPLOAD_ARTIFACT_NAME="$(tr '":<>|*?/\\’' '_' <<<"MU4_${BUILD_NUMBER}_Mac${ADD_INFO}")" | |
echo "github.repository: ${{ github.repository }}" | |
echo "BUILD_MODE=$BUILD_MODE" >> $GITHUB_ENV | |
echo "BUILD_MODE: $BUILD_MODE" | |
echo "BUILD_NUMBER=$BUILD_NUMBER" >> $GITHUB_ENV | |
echo "BUILD_NUMBER: $BUILD_NUMBER" | |
echo "DO_BUILD=$DO_BUILD" >> $GITHUB_ENV | |
echo "DO_BUILD: $DO_BUILD" | |
echo "DO_UPDATE_TS=$DO_UPDATE_TS" >> $GITHUB_ENV | |
echo "DO_UPDATE_TS: $DO_UPDATE_TS" | |
echo "DO_PLACEHOLDER_TRANSLATIONS=$DO_PLACEHOLDER_TRANSLATIONS" >> $GITHUB_ENV | |
echo "DO_PLACEHOLDER_TRANSLATIONS: $DO_PLACEHOLDER_TRANSLATIONS" | |
echo "DO_NOTARIZE=$DO_NOTARIZE" >> $GITHUB_ENV | |
echo "DO_NOTARIZE: $DO_NOTARIZE" | |
echo "DO_PUBLISH=$DO_PUBLISH" >> $GITHUB_ENV | |
echo "DO_PUBLISH: $DO_PUBLISH" | |
echo "DO_UPLOAD_SYMBOLS=$DO_UPLOAD_SYMBOLS" >> $GITHUB_ENV | |
echo "DO_UPLOAD_SYMBOLS: $DO_UPLOAD_SYMBOLS" | |
echo "SENTRY_PROJECT=$SENTRY_PROJECT" >> $GITHUB_ENV | |
echo "SENTRY_PROJECT: $SENTRY_PROJECT" | |
echo "SENTRY_URL=$SENTRY_URL" >> $GITHUB_ENV | |
echo "SENTRY_URL: $SENTRY_URL" | |
echo "UPLOAD_ARTIFACT_NAME=$UPLOAD_ARTIFACT_NAME" >> $GITHUB_ENV | |
echo "UPLOAD_ARTIFACT_NAME: $UPLOAD_ARTIFACT_NAME" | |
- name: Setup environment | |
if: env.DO_BUILD == 'true' | |
run: | | |
bash ./buildscripts/ci/macos/setup.sh | |
- name: Generate _en.ts files | |
if: env.DO_BUILD == 'true' | |
env: | |
LUPDATE_ARGS: "" | |
POSTPROCESS_ARGS: "--warn-only ${{ env.DO_PLACEHOLDER_TRANSLATIONS == 'true' && '--generate-placeholder-translations' || '' }}" | |
run: | | |
bash ./buildscripts/ci/translation/run_lupdate.sh | |
- name: Update .ts files | |
if: env.DO_UPDATE_TS == 'true' | |
run: | | |
bash ./buildscripts/ci/translation/tx_install.sh -t ${{ secrets.TRANSIFEX_API_TOKEN }} -s macos | |
bash ./buildscripts/ci/translation/tx_pull.sh | |
- name: Build | |
if: env.DO_BUILD == 'true' | |
run: | | |
C_URL=${SENTRY_URL}; if [ -z "$C_URL" ]; then C_URL="''"; fi | |
bash ./buildscripts/ci/macos/build.sh -n ${{ env.BUILD_NUMBER }} --crash_log_url $C_URL | |
echo "============== ccache ===============" | |
ccache -s | |
- name: Generate dump symbols | |
if: env.DO_BUILD == 'true' | |
run: | | |
bash ./buildscripts/ci/macos/dumpsyms.sh | |
- name: Package | |
if: env.DO_BUILD == 'true' | |
run: | | |
S_S="${{ secrets.MAC_SIGN_CERTIFICATE_ENCRYPT_SECRET }}"; if [ -z "$S_S" ]; then S_S="''"; fi | |
S_P="${{ secrets.MAC_SIGN_CERTIFICATE_PASSWORD }}"; if [ -z "$S_P" ]; then S_P="''"; fi | |
bash ./buildscripts/ci/macos/package.sh --signpass "$S_P" --signsecret "$S_S" | |
- name: Notarize | |
if: env.DO_NOTARIZE == 'true' | |
run: | | |
USER=${{ secrets.APPLE_USERNAME }}; if [ -z "$USER" ]; then USER=""; fi | |
PW=${{ secrets.APPLE_PASSWORD }}; if [ -z "$PW" ]; then PW=""; fi | |
bash ./buildscripts/ci/macos/notarize.sh -u $USER -p $PW | |
- name: Checksum | |
if: env.DO_BUILD == 'true' | |
run: | | |
bash ./buildscripts/ci/tools/checksum.sh | |
- name: Upload dump symbols | |
if: env.DO_UPLOAD_SYMBOLS == 'true' | |
run: | | |
bash ./buildscripts/ci/tools/sentry_syms_upload.sh -t ${{ secrets.SENTRY_AUTH_TOKEN }} -p ${SENTRY_PROJECT} | |
- name: Publish package | |
if: env.DO_PUBLISH == 'true' | |
run: | | |
bash ./buildscripts/ci/tools/osuosl/publish.sh -s ${{ secrets.OSUOSL_SSH_ENCRYPT_SECRET }} --os macos -v 4 | |
- name: AppCast | |
if: env.DO_BUILD == 'true' | |
run: | | |
bash ./buildscripts/ci/tools/sparkle_appcast_gen.sh -p macos | |
- name: Upload artifacts on GitHub | |
if: env.DO_BUILD == 'true' | |
uses: actions/upload-artifact@v4 | |
with: | |
name: ${{ env.UPLOAD_ARTIFACT_NAME }} | |
path: ./build.artifacts/ |