ci(macOS): Publish daily build artifacts to the server

sqlitebrowser · Sep 20, 2023 · 4be026f · 4be026f · lucydodo · Sep 20, 2023
1 parent fd49001
commit 4be026f
Show file tree

Hide file tree

Showing 2 changed files with 85 additions and 25 deletions.
diff --git a/.github/actions/notarize-macos/action.yml b/.github/actions/notarize-macos/action.yml
@@ -1,10 +1,16 @@
+# if [ "${{ inputs.DAILY }}" = "false" ]; then
+# FIXME: When triggered by a push event, the DAILY value was not set, so I temporarily set the condition like in the code above.
+
 name: Notarize the app (macOS)
 
 inputs:
   APPLE_ID:
     required: true
   APPLE_PW:
     required: true
+  DAILY:
+    type: boolean
+    required: false
   DEV_ID:
     required: true
   KEYCHAIN_PATH:
@@ -89,12 +95,19 @@ runs:
         done
 
     - name: Copy the icon file to the app bundle
+      env:
+        DAILY: ${{ inputs.DAILY }}
       shell: bash
       run: |
         for TARGET in $(find build -name "DB Browser for SQL*.app" | sed -e 's/ /_/g'); do
           TARGET=$(echo $TARGET | sed -e 's/_/ /g')
-          cp installer/macos/macapp.icns "$TARGET/Contents/Resources/"
-          /usr/libexec/PlistBuddy -c "Set :CFBundleIconFile macapp.icns" "$TARGET/Contents/Info.plist"
+          if [ "${{ inputs.DAILY }}" = "" ] || [ "${{ inputs.DAILY }}" = "false" ]; then
+            cp installer/macos/macapp.icns "$TARGET/Contents/Resources/"
+            /usr/libexec/PlistBuddy -c "Set :CFBundleIconFile macapp.icns" "$TARGET/Contents/Info.plist"
+          else
+            cp installer/macos/macapp-nightly.icns "$TARGET/Contents/Resources/"
+            /usr/libexec/PlistBuddy -c "Set :CFBundleIconFile macapp-nightly.icns" "$TARGET/Contents/Info.plist"
+          fi
         done
 
     - name: Sign the manually added extensions.
@@ -114,23 +127,47 @@ runs:
       shell: bash
       run: mv build/*.app installer/macos
 
+    # TODO: I originally tried to break it into two steps to make it more readable,
+    # but Composite Actions do not support if statements for steps.
+    # For more information, see https://github.com/actions/runner/blob/main/docs/adrs/0549-composite-run-steps.md
     - name: Create the DMG
       env:
+        DAILY: ${{ inputs.DAILY }}
         DEV_ID: ${{ inputs.DEV_ID }}
       shell: bash
       run: |
+        export DATE=$(date +%Y%m%d)
+
         if [ "${{ inputs.SQLCIPHER }}" = "1" ]; then
-          sed -i "" 's/"DB Browser for SQLCipher Nightly.app"/"DB Browser for SQLCipher-dev-'$(git rev-parse --short --verify HEAD)'.app"/' installer/macos/sqlcipher-nightly.json
-          TARGET="DB Browser for SQLCipher-dev-$(git rev-parse --short --verify HEAD).dmg"
-          appdmg --quiet installer/macos/sqlcipher-nightly.json "$TARGET"
-          codesign --sign "$DEV_ID" --verbose --options=runtime --timestamp "$TARGET"
-          codesign -vvv --deep --strict --verbose=4 "$TARGET"
+          if [ "${{ inputs.DAILY }}" = "" ] || [ "${{ inputs.DAILY }}" = "false" ]; then
+            # Continuous with SQLCipher
+            sed -i "" 's/"DB Browser for SQLCipher Nightly.app"/"DB Browser for SQLCipher-dev-'$(git rev-parse --short --verify HEAD)'.app"/' installer/macos/sqlcipher-nightly.json
+            TARGET="DB.Browser.for.SQLCipher-dev-$(git rev-parse --short --verify HEAD).dmg"
+            appdmg --quiet installer/macos/sqlcipher-nightly.json "$TARGET"
+            codesign --sign "$DEV_ID" --verbose --options=runtime --timestamp "$TARGET"
+            codesign -vvv --deep --strict --verbose=4 "$TARGET"
+          else
+            # Daily with SQLCipher
+            TARGET="DB.Browser.for.SQLCipher-universal_$DATE.dmg"
+            appdmg --quiet installer/macos/sqlcipher-nightly.json "$TARGET"
+            codesign --sign "$DEV_ID" --verbose --options=runtime --timestamp "$TARGET"
+            codesign -vvv --deep --strict --verbose=4 "$TARGET"
+          fi
         else
-          sed -i "" 's/"DB Browser for SQLite Nightly.app"/"DB Browser for SQLite-dev-'$(git rev-parse --short --verify HEAD)'.app"/' installer/macos/nightly.json
-          TARGET="DB Browser for SQLite-dev-$(git rev-parse --short --verify HEAD).dmg"
-          appdmg --quiet installer/macos/nightly.json "$TARGET"
-          codesign --sign "$DEV_ID" --verbose --options=runtime --timestamp "$TARGET"
-          codesign -vvv --deep --strict --verbose=4 "$TARGET"
+          if [ "${{ inputs.DAILY }}" = "" ] || [ "${{ inputs.DAILY }}" = "false" ]; then
+            # Continuous without SQLCipher
+            sed -i "" 's/"DB Browser for SQLite Nightly.app"/"DB Browser for SQLite-dev-'$(git rev-parse --short --verify HEAD)'.app"/' installer/macos/nightly.json
+            TARGET="DB.Browser.for.SQLite-dev-$(git rev-parse --short --verify HEAD).dmg"
+            appdmg --quiet installer/macos/nightly.json "$TARGET"
+            codesign --sign "$DEV_ID" --verbose --options=runtime --timestamp "$TARGET"
+            codesign -vvv --deep --strict --verbose=4 "$TARGET"
+          else
+            # Daily without SQLCipher
+            TARGET="DB.Browser.for.SQLite-universal_$DATE.dmg"
+            appdmg --quiet installer/macos/nightly.json "$TARGET"
+            codesign --sign "$DEV_ID" --verbose --options=runtime --timestamp "$TARGET"
+            codesign -vvv --deep --strict --verbose=4 "$TARGET"
+          fi
         fi
 
     - name: Notarize the dmg
@@ -139,16 +176,8 @@ runs:
         APPLE_PW: ${{ inputs.APPLE_PW }}
         TEAM_ID: ${{ inputs.TEAM_ID }}
       shell: bash
-      run: |
-        for TARGET in $(find . -name "DB Browser for SQL*.dmg" | sed -e 's/ /_/g'); do
-          TARGET=$(echo $TARGET | sed -e 's/_/ /g')
-          xcrun notarytool submit "$TARGET" --apple-id "$APPLE_ID" --password "$APPLE_PW" --team-id "$TEAM_ID" --wait
-        done
+      run: xcrun notarytool submit *.dmg --apple-id "$APPLE_ID" --password "$APPLE_PW" --team-id "$TEAM_ID" --wait
 
     - name: Staple the notarization ticket
       shell: bash
-      run: |
-        for TARGET in $(find . -name "DB Browser for SQL*.dmg" | sed -e 's/ /_/g'); do
-          TARGET=$(echo $TARGET | sed -e 's/_/ /g')
-          xcrun stapler staple "$TARGET"
-        done
+      run: xcrun stapler staple *.dmg
diff --git a/.github/workflows/build-macos.yml b/.github/workflows/build-macos.yml
@@ -5,6 +5,11 @@ on:
         - cron: '0 0 * * *' # Every day at midnight (UTC)
     workflow_call:
     workflow_dispatch:
+      inputs:
+        assume-triggerd-by-schedule:
+          description: 'Assume this workflow was triggered by the schedule'
+          required: false
+          type: boolean
 
 permissions:
     contents: write
@@ -18,11 +23,14 @@ jobs:
             matrix:
                 os: [macos-13-runner]
                 sqlcipher: ["0", "1"]
+        env:
+          DAILY: ${{ github.event.name == 'schedule' || github.event.inputs.assume-triggerd-by-schedule }} 
         steps:
             - name: Checkout
               uses: actions/checkout@v3
 
-            - name: Configure build
+            - if: github.event_name != 'schedule' && env.DAILY != 'true'
+              name: Configure build (Continuous)
               run: |
                 if [ "${{ matrix.sqlcipher }}" = "1" ]; then
                     sed -i "" 's/"DB Browser for SQLite"/"DB Browser for SQLCipher-dev-'$(git rev-parse --short --verify HEAD)'"/' CMakeLists.txt
@@ -32,6 +40,17 @@ jobs:
                 mkdir build && cd build
                 cmake -G Ninja -DCMAKE_OSX_ARCHITECTURES="arm64;x86_64" -DcustomTap=1 -Dsqlcipher=${{ matrix.sqlcipher }} ..
 
+            - if: github.event_name == 'schedule' || env.DAILY == 'true'
+              name: Configure build (Daily)
+              run: |
+                if [ "${{ matrix.sqlcipher }}" = "1" ]; then
+                    sed -i "" 's/"DB Browser for SQLite"/"DB Browser for SQLCipher Nightly"/' CMakeLists.txt
+                else
+                    sed -i "" 's/"DB Browser for SQLite"/"DB Browser for SQLite Nightly"/' CMakeLists.txt
+                fi
+                mkdir build && cd build
+                cmake -G Ninja -DCMAKE_OSX_ARCHITECTURES="arm64;x86_64" -DcustomTap=1 -Dsqlcipher=${{ matrix.sqlcipher }} ..
+
             - name: Build
               working-directory: ./build
               run: ninja
@@ -51,18 +70,30 @@ jobs:
               with:
                 APPLE_ID: ${{ secrets.MACOS_CODESIGN_APPLE_ID }}
                 APPLE_PW: ${{ secrets.MACOS_CODESIGN_APPLE_PW }}
+                DAILY: ${{ env.DAILY }}
                 DEV_ID: ${{ secrets.MACOS_CODESIGN_DEV_ID }}
                 KEYCHAIN_PATH: ${{ secrets.MACOS_CODESIGN_KEYCHAIN_PATH }}
                 KEYCHAIN_PW: ${{ secrets.MACOS_CODESIGN_KEYCHAIN_PW }}
                 SQLCIPHER: ${{ matrix.sqlcipher }}
                 TEAM_ID: ${{ secrets.MACOS_CODESIGN_TEAM_ID }}
 
-            - if: github.event_name != 'pull_request' && github.event_name != 'schedule'
+            - if: github.event_name != 'pull_request' && github.event_name != 'schedule' && env.DAILY != 'true'
               name: Release (Continuous)
               uses: softprops/action-gh-release@v1
               with:
                 files: DB\ Browser\ for\ *.dmg
                 prerelease: true
                 tag_name: continuous
 
-            # TODO: - if: github.event_name == 'schedule'
+            - if: github.event_name == 'schedule' || env.DAILY == 'true'
+              name: Release (Daily)
+              run: |
+                export DATE=$(date +%Y%m%d)
+                rsync -aP *.dmg ${{ secrets.MACOS_BUILD_ARTIFACTS_UPLOAD_TARGET }}:/nightlies/macos-universal/
+                if [ "${{ matrix.sqlcipher }}" = "1" ]; then
+                  ssh -q ${{ secrets.MACOS_BUILD_ARTIFACTS_UPLOAD_TARGET }} "cd /nightlies/latest && rm -f *SQLC*-universal*dmg*"
+                  ssh -q ${{ secrets.MACOS_BUILD_ARTIFACTS_UPLOAD_TARGET }} "ln -s /nightlies/macos-universal/DB.Browser.for.SQLCipher-universal_$DATE.dmg /nightlies/latest/DB.Browser.for.SQLCipher-universal.dmg"
+                else
+                  ssh -q ${{ secrets.MACOS_BUILD_ARTIFACTS_UPLOAD_TARGET }} "cd /nightlies/latest && rm -f *SQLi*-universal*dmg*"
+                  ssh -q ${{ secrets.MACOS_BUILD_ARTIFACTS_UPLOAD_TARGET }} "ln -s /nightlies/macos-universal/DB.Browser.for.SQLite-universal_$DATE.dmg /nightlies/latest/DB.Browser.for.SQLite-universal.dmg"
+                fi