|
| 1 | +# ============================================================================= |
| 2 | +# EGIAmpServer Build Workflow |
| 3 | +# ============================================================================= |
| 4 | +# This workflow builds, tests, and packages EGIAmpServer for all |
| 5 | +# supported platforms. |
| 6 | +# |
| 7 | +# Features: |
| 8 | +# - Multi-platform builds (Linux, macOS, Windows) |
| 9 | +# - Qt6 integration |
| 10 | +# - Automatic liblsl fetch via FetchContent |
| 11 | +# - CPack packaging |
| 12 | +# - macOS code signing and notarization (on release) |
| 13 | +# ============================================================================= |
| 14 | + |
1 | 15 | name: Build |
2 | 16 |
|
3 | 17 | on: |
4 | 18 | push: |
5 | | - branches: [master, main] |
| 19 | + branches: [main, master] |
| 20 | + tags: ['v*'] |
6 | 21 | pull_request: |
7 | | - branches: [master, main] |
| 22 | + branches: [main, master] |
8 | 23 | release: |
9 | 24 | types: [published] |
| 25 | + workflow_dispatch: |
10 | 26 |
|
11 | 27 | env: |
12 | 28 | BUILD_TYPE: Release |
13 | 29 |
|
14 | 30 | jobs: |
| 31 | + # =========================================================================== |
| 32 | + # Build Job - Multi-platform builds |
| 33 | + # =========================================================================== |
15 | 34 | build: |
| 35 | + name: ${{ matrix.config.name }} |
| 36 | + runs-on: ${{ matrix.config.os }} |
16 | 37 | strategy: |
17 | 38 | fail-fast: false |
18 | 39 | matrix: |
19 | | - include: |
20 | | - - os: ubuntu-22.04 |
21 | | - name: Linux |
22 | | - - os: macos-14 |
23 | | - name: macOS-arm64 |
24 | | - - os: macos-13 |
25 | | - name: macOS-x64 |
26 | | - - os: windows-2022 |
27 | | - name: Windows |
28 | | - |
29 | | - runs-on: ${{ matrix.os }} |
30 | | - name: ${{ matrix.name }} |
| 40 | + config: |
| 41 | + - { name: "Ubuntu 22.04", os: ubuntu-22.04 } |
| 42 | + - { name: "Ubuntu 24.04", os: ubuntu-24.04 } |
| 43 | + - { name: "macOS", os: macos-14, cmake_extra: '-DCMAKE_OSX_ARCHITECTURES="x86_64;arm64"' } |
| 44 | + - { name: "Windows", os: windows-latest } |
31 | 45 |
|
32 | 46 | steps: |
33 | 47 | - name: Checkout |
34 | 48 | uses: actions/checkout@v4 |
35 | 49 |
|
36 | | - - name: Install Qt (Linux) |
| 50 | + # ----------------------------------------------------------------------- |
| 51 | + # Install CMake 3.28+ (Ubuntu 22.04 ships with 3.22) |
| 52 | + # ----------------------------------------------------------------------- |
| 53 | + - name: Install CMake |
| 54 | + if: runner.os == 'Linux' |
| 55 | + uses: lukka/get-cmake@latest |
| 56 | + |
| 57 | + # ----------------------------------------------------------------------- |
| 58 | + # Install Qt6 (6.8 LTS across all platforms) |
| 59 | + # ----------------------------------------------------------------------- |
| 60 | + - name: Install Linux dependencies |
37 | 61 | if: runner.os == 'Linux' |
38 | 62 | run: | |
39 | 63 | sudo apt-get update |
40 | | - sudo apt-get install -y qt6-base-dev libgl1-mesa-dev |
41 | | -
|
42 | | - - name: Install Qt (macOS) |
43 | | - if: runner.os == 'macOS' |
44 | | - uses: jurplel/install-qt-action@v4 |
45 | | - with: |
46 | | - version: '6.5.*' |
47 | | - cache: true |
| 64 | + sudo apt-get install -y libgl1-mesa-dev libxkbcommon-dev libxcb-cursor0 |
48 | 65 |
|
49 | | - - name: Install Qt (Windows) |
50 | | - if: runner.os == 'Windows' |
| 66 | + - name: Install Qt |
51 | 67 | uses: jurplel/install-qt-action@v4 |
52 | 68 | with: |
53 | | - version: '6.5.*' |
54 | | - arch: win64_msvc2019_64 |
| 69 | + version: '6.8.*' |
55 | 70 | cache: true |
56 | 71 |
|
| 72 | + # ----------------------------------------------------------------------- |
| 73 | + # Configure |
| 74 | + # ----------------------------------------------------------------------- |
57 | 75 | - name: Configure CMake |
58 | 76 | run: > |
59 | 77 | cmake -S . -B build |
60 | 78 | -DCMAKE_BUILD_TYPE=${{ env.BUILD_TYPE }} |
| 79 | + -DCMAKE_INSTALL_PREFIX=${{ github.workspace }}/install |
61 | 80 | -DLSL_FETCH_IF_MISSING=ON |
| 81 | + ${{ matrix.config.cmake_extra }} |
62 | 82 |
|
| 83 | + # ----------------------------------------------------------------------- |
| 84 | + # Build |
| 85 | + # ----------------------------------------------------------------------- |
63 | 86 | - name: Build |
64 | 87 | run: cmake --build build --config ${{ env.BUILD_TYPE }} --parallel |
65 | 88 |
|
66 | | - - name: Test CLI |
| 89 | + # ----------------------------------------------------------------------- |
| 90 | + # Test |
| 91 | + # ----------------------------------------------------------------------- |
| 92 | + - name: Test CLI (Unix) |
67 | 93 | if: runner.os != 'Windows' |
68 | | - run: ./build/cli/EGIAmpServerCLI --help |
| 94 | + run: ./build/src/cli/EGIAmpServerCLI --help |
69 | 95 |
|
70 | 96 | - name: Test CLI (Windows) |
71 | 97 | if: runner.os == 'Windows' |
72 | | - run: .\build\cli\Release\EGIAmpServerCLI.exe --help |
| 98 | + run: .\build\src\cli\Release\EGIAmpServerCLI.exe --help |
| 99 | + |
| 100 | + # ----------------------------------------------------------------------- |
| 101 | + # Install |
| 102 | + # ----------------------------------------------------------------------- |
| 103 | + - name: Install |
| 104 | + run: cmake --install build --config ${{ env.BUILD_TYPE }} |
73 | 105 |
|
| 106 | + # ----------------------------------------------------------------------- |
| 107 | + # Package |
| 108 | + # ----------------------------------------------------------------------- |
74 | 109 | - name: Package |
75 | 110 | run: cpack -C ${{ env.BUILD_TYPE }} |
76 | 111 | working-directory: build |
77 | 112 |
|
78 | | - - name: Upload artifacts |
| 113 | + # ----------------------------------------------------------------------- |
| 114 | + # Upload Artifacts |
| 115 | + # ----------------------------------------------------------------------- |
| 116 | + - name: Upload Artifacts |
79 | 117 | uses: actions/upload-artifact@v4 |
80 | 118 | with: |
81 | | - name: EGIAmpServer-${{ matrix.name }} |
| 119 | + name: package-${{ matrix.config.os }} |
82 | 120 | path: | |
83 | 121 | build/*.zip |
84 | 122 | build/*.tar.gz |
85 | 123 | build/*.deb |
| 124 | + if-no-files-found: ignore |
| 125 | + |
| 126 | + # =========================================================================== |
| 127 | + # macOS Signing and Notarization (Release only) |
| 128 | + # =========================================================================== |
| 129 | + sign-macos: |
| 130 | + name: Sign & Notarize (macOS) |
| 131 | + needs: build |
| 132 | + if: github.event_name == 'release' |
| 133 | + runs-on: macos-14 |
| 134 | + |
| 135 | + steps: |
| 136 | + - name: Checkout |
| 137 | + uses: actions/checkout@v4 |
| 138 | + |
| 139 | + - name: Download macOS Artifact |
| 140 | + uses: actions/download-artifact@v4 |
| 141 | + with: |
| 142 | + name: package-macos-14 |
| 143 | + path: packages |
| 144 | + |
| 145 | + - name: Extract Package |
| 146 | + run: | |
| 147 | + cd packages |
| 148 | + tar -xzf *.tar.gz |
| 149 | + # Move contents out of versioned subdirectory to packages/ |
| 150 | + SUBDIR=$(ls -d EGIAmpServer-*/ | head -1) |
| 151 | + mv "$SUBDIR"/* . |
| 152 | + rmdir "$SUBDIR" |
| 153 | + ls -la |
| 154 | +
|
| 155 | + # ----------------------------------------------------------------------- |
| 156 | + # Install Apple Certificates |
| 157 | + # ----------------------------------------------------------------------- |
| 158 | + - name: Install Apple Certificates |
| 159 | + env: |
| 160 | + MACOS_CERTIFICATE: ${{ secrets.PROD_MACOS_CERTIFICATE }} |
| 161 | + MACOS_CERTIFICATE_PWD: ${{ secrets.PROD_MACOS_CERTIFICATE_PWD }} |
| 162 | + MACOS_CI_KEYCHAIN_PWD: ${{ secrets.PROD_MACOS_CI_KEYCHAIN_PWD }} |
| 163 | + run: | |
| 164 | + # Create temporary keychain |
| 165 | + KEYCHAIN_PATH=$RUNNER_TEMP/build.keychain |
| 166 | + security create-keychain -p "$MACOS_CI_KEYCHAIN_PWD" $KEYCHAIN_PATH |
| 167 | + security default-keychain -s $KEYCHAIN_PATH |
| 168 | + security set-keychain-settings -lut 21600 $KEYCHAIN_PATH |
| 169 | + security unlock-keychain -p "$MACOS_CI_KEYCHAIN_PWD" $KEYCHAIN_PATH |
| 170 | +
|
| 171 | + # Import certificate |
| 172 | + CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12 |
| 173 | + echo -n "$MACOS_CERTIFICATE" | base64 --decode -o $CERTIFICATE_PATH |
| 174 | + security import $CERTIFICATE_PATH -P "$MACOS_CERTIFICATE_PWD" -k $KEYCHAIN_PATH -A -t cert -f pkcs12 |
| 175 | + rm $CERTIFICATE_PATH |
| 176 | +
|
| 177 | + # Allow codesign to access keychain |
| 178 | + security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k "$MACOS_CI_KEYCHAIN_PWD" $KEYCHAIN_PATH |
| 179 | + security list-keychain -d user -s $KEYCHAIN_PATH |
| 180 | +
|
| 181 | + # Extract identity name and export to environment |
| 182 | + IDENTITY=$(security find-identity -v -p codesigning $KEYCHAIN_PATH | grep "Developer ID Application" | head -1 | awk -F'"' '{print $2}') |
| 183 | + echo "APPLE_CODE_SIGN_IDENTITY_APP=$IDENTITY" >> $GITHUB_ENV |
| 184 | +
|
| 185 | + # ----------------------------------------------------------------------- |
| 186 | + # Setup Notarization Credentials |
| 187 | + # ----------------------------------------------------------------------- |
| 188 | + - name: Setup Notarization |
| 189 | + env: |
| 190 | + NOTARIZATION_APPLE_ID: ${{ secrets.PROD_MACOS_NOTARIZATION_APPLE_ID }} |
| 191 | + NOTARIZATION_PWD: ${{ secrets.PROD_MACOS_NOTARIZATION_PWD }} |
| 192 | + NOTARIZATION_TEAM_ID: ${{ secrets.PROD_MACOS_NOTARIZATION_TEAM_ID }} |
| 193 | + run: | |
| 194 | + xcrun notarytool store-credentials "notarize-profile" \ |
| 195 | + --apple-id "$NOTARIZATION_APPLE_ID" \ |
| 196 | + --password "$NOTARIZATION_PWD" \ |
| 197 | + --team-id "$NOTARIZATION_TEAM_ID" |
| 198 | + echo "APPLE_NOTARIZE_KEYCHAIN_PROFILE=notarize-profile" >> $GITHUB_ENV |
| 199 | +
|
| 200 | + # ----------------------------------------------------------------------- |
| 201 | + # Sign and Notarize |
| 202 | + # ----------------------------------------------------------------------- |
| 203 | + - name: Sign and Notarize |
| 204 | + env: |
| 205 | + ENTITLEMENTS_FILE: ${{ github.workspace }}/app.entitlements |
| 206 | + run: | |
| 207 | + APP_PATH=$(find packages -name "*.app" -type d | head -1) |
| 208 | + if [[ -n "$APP_PATH" ]]; then |
| 209 | + ./scripts/sign_and_notarize.sh "$APP_PATH" --notarize |
| 210 | + fi |
| 211 | +
|
| 212 | + # ----------------------------------------------------------------------- |
| 213 | + # Repackage |
| 214 | + # ----------------------------------------------------------------------- |
| 215 | + - name: Repackage |
| 216 | + run: | |
| 217 | + cd packages |
| 218 | +
|
| 219 | + echo "Contents of packages directory:" |
| 220 | + ls -la |
| 221 | +
|
| 222 | + rm -f *.tar.gz |
| 223 | +
|
| 224 | + VERSION=$(grep -A1 'project(EGIAmpServer' ../CMakeLists.txt | grep VERSION | sed 's/.*VERSION \([0-9.]*\).*/\1/') |
| 225 | + echo "Detected version: $VERSION" |
| 226 | +
|
| 227 | + tar -cvzf "EGIAmpServer-${VERSION}-macOS_universal-signed.tar.gz" \ |
| 228 | + EGIAmpServer.app ampserver_config.cfg |
| 229 | +
|
| 230 | + echo "Created package:" |
| 231 | + ls -la *.tar.gz |
| 232 | +
|
| 233 | + - name: Upload Signed Package |
| 234 | + uses: actions/upload-artifact@v4 |
| 235 | + with: |
| 236 | + name: package-macos-signed |
| 237 | + path: packages/*-signed.tar.gz |
86 | 238 |
|
87 | | - - name: Upload to release |
| 239 | + - name: Upload to Release |
88 | 240 | if: github.event_name == 'release' |
| 241 | + uses: softprops/action-gh-release@v2 |
| 242 | + with: |
| 243 | + files: packages/*-signed.tar.gz |
| 244 | + |
| 245 | + # =========================================================================== |
| 246 | + # Upload unsigned packages to release |
| 247 | + # =========================================================================== |
| 248 | + release: |
| 249 | + name: Upload to Release |
| 250 | + needs: build |
| 251 | + if: github.event_name == 'release' |
| 252 | + runs-on: ubuntu-latest |
| 253 | + |
| 254 | + steps: |
| 255 | + - name: Download All Artifacts |
| 256 | + uses: actions/download-artifact@v4 |
| 257 | + with: |
| 258 | + path: artifacts |
| 259 | + |
| 260 | + - name: Upload to Release |
89 | 261 | uses: softprops/action-gh-release@v2 |
90 | 262 | with: |
91 | 263 | files: | |
92 | | - build/*.zip |
93 | | - build/*.tar.gz |
94 | | - build/*.deb |
| 264 | + artifacts/**/*.zip |
| 265 | + artifacts/**/*.tar.gz |
| 266 | + artifacts/**/*.deb |
0 commit comments