Nightly builds #844
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This workflow will build a Java project with Maven and publish nightly builds | |
# For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-maven | |
name: Nightly builds | |
on: | |
schedule: | |
- cron: "0 0 * * *" | |
jobs: | |
build: | |
runs-on: macos-latest | |
steps: | |
- uses: actions/checkout@v2 | |
- name: Set up JDK 17 | |
uses: actions/setup-java@v2 | |
with: | |
java-version: '17' | |
distribution: 'temurin' | |
- name: Build with Maven | |
run: | | |
export JARSIGNER_KEYSTORE_B64=${{secrets.JARSIGNER_REL_KEYSTORE_B64}} | |
export JARSIGNER_STOREPASS=${{secrets.JARSIGNER_REL_STOREPASS}} | |
export JARSIGNER_ALIAS=${{secrets.JARSIGNER_REL_ALIAS}} | |
KEYSTORE_FILE="${PWD}/{{secrets.JARSIGNER_KEYSTORE}}" | |
echo "${KEYSTORE_FILE}" | |
printf "%s" "${JARSIGNER_KEYSTORE_B64}" | base64 -d > "${KEYSTORE_FILE}" | |
mvn -e -X clean install -Djarsigner.keystore="${KEYSTORE_FILE}" -Djarsigner.alias="${JARSIGNER_ALIAS}" -Djarsigner.storepass="${JARSIGNER_STOREPASS}" -DskipTests=true | |
rm -v "${KEYSTORE_FILE}" | |
- name: Codesign Espressif-IDE | |
env: | |
MACOS_CERTIFICATE: ${{ secrets.MACOS_CERTIFICATE }} | |
MACOS_CERTIFICATE_PWD: ${{ secrets.MACOS_CERTIFICATE_PWD }} | |
run: | | |
echo $MACOS_CERTIFICATE | base64 --decode > certificate.p12 | |
/usr/bin/security create-keychain -p espressif build.keychain | |
/usr/bin/security default-keychain -s build.keychain | |
/usr/bin/security unlock-keychain -p espressif build.keychain | |
/usr/bin/security import certificate.p12 -k build.keychain -P $MACOS_CERTIFICATE_PWD -T /usr/bin/codesign | |
/usr/bin/security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k espressif build.keychain | |
echo "codesigning espressif-ide-macosx.cocoa.x86_64" | |
/usr/bin/codesign --entitlements $PWD/releng/com.espressif.idf.product/entitlements/espressif-ide.entitlement --options runtime --force -s "ESPRESSIF SYSTEMS (SHANGHAI) CO., LTD. (QWXF6GB4AV)" $PWD/releng/com.espressif.idf.product/target/products/com.espressif.idf.product/macosx/cocoa/x86_64/Espressif-IDE.app -v | |
/usr/bin/codesign -v -vvv --deep $PWD/releng/com.espressif.idf.product/target/products/com.espressif.idf.product/macosx/cocoa/x86_64/Espressif-IDE.app | |
echo "codesigning espressif-ide-macosx.cocoa.aarch64" | |
/usr/bin/codesign --entitlements $PWD/releng/com.espressif.idf.product/entitlements/espressif-ide.entitlement --options runtime --force -s "ESPRESSIF SYSTEMS (SHANGHAI) CO., LTD. (QWXF6GB4AV)" $PWD/releng/com.espressif.idf.product/target/products/com.espressif.idf.product/macosx/cocoa/aarch64/Espressif-IDE.app -v | |
/usr/bin/codesign -v -vvv --deep $PWD/releng/com.espressif.idf.product/target/products/com.espressif.idf.product/macosx/cocoa/aarch64/Espressif-IDE.app | |
echo "Creating dmg for espressif-ide-macosx.cocoa.x86_64" | |
$PWD/releng/ide-dmg-builder/ide-dmg-builder.sh | |
/usr/bin/codesign --entitlements $PWD/releng/com.espressif.idf.product/entitlements/espressif-ide.entitlement --options runtime --force -s "ESPRESSIF SYSTEMS (SHANGHAI) CO., LTD. (QWXF6GB4AV)" $PWD/releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-x86_64.dmg -v | |
/usr/bin/codesign -v -vvv --deep $PWD/releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-x86_64.dmg | |
echo "Creating dmg for espressif-ide-macosx.cocoa.aarch64" | |
$PWD/releng/ide-dmg-builder/ide-dmg-builder-aarch64.sh | |
/usr/bin/codesign --options runtime --force -s "ESPRESSIF SYSTEMS (SHANGHAI) CO., LTD. (QWXF6GB4AV)" $PWD/releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-aarch64.dmg -v | |
/usr/bin/codesign -v -vvv --deep $PWD/releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-aarch64.dmg | |
- name: Notarization of Espressif-IDE dmg files | |
env: | |
NOTARIZATION_USERNAME: ${{ secrets.NOTARIZATION_USERNAME }} | |
NOTARIZATION_PASSWORD: ${{ secrets.NOTARIZATION_PASSWORD }} | |
NOTARIZATION_TEAM_ID: ${{ secrets.NOTARIZATION_TEAM_ID }} | |
run: | | |
echo "Create notary keychain" | |
/usr/bin/security create-keychain -p espressif notary.keychain | |
/usr/bin/security default-keychain -s notary.keychain | |
/usr/bin/security unlock-keychain -p espressif notary.keychain | |
echo "Create keychain profile" | |
xcrun notarytool store-credentials "ide-notarytool-profile" --apple-id $NOTARIZATION_USERNAME --team-id $NOTARIZATION_TEAM_ID --password $NOTARIZATION_PASSWORD | |
xcrun notarytool submit $PWD/releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-x86_64.dmg --keychain-profile "ide-notarytool-profile" --wait | |
echo "Attach staple for x86_64.dmg" | |
xcrun stapler staple $PWD/releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-x86_64.dmg | |
echo "Unlock the notary keychain" | |
/usr/bin/security unlock-keychain -p espressif notary.keychain | |
xcrun notarytool submit $PWD/releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-aarch64.dmg --keychain-profile "ide-notarytool-profile" --wait | |
echo "Attach staple for aarch64.dmg" | |
xcrun stapler staple $PWD/releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-aarch64.dmg | |
- name: Upload Espressif-IDE-macosx-cocoa-x86_64.dmg | |
if: ${{ !cancelled() }} | |
uses: actions/upload-artifact@v4 | |
with: | |
name: espressif-ide-macosx-cocoa-x86_64 | |
path: releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-x86_64.dmg | |
- name: Upload Espressif-IDE-macosx-cocoa-aarch64.dmg | |
if: ${{ !cancelled() }} | |
uses: actions/upload-artifact@v4 | |
with: | |
name: espressif-ide-macosx.cocoa.aarch64 | |
path: releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-aarch64.dmg | |
- name: Upload build artifacts | |
if: ${{ !cancelled() }} | |
uses: actions/upload-artifact@v4 | |
with: | |
name: com.espressif.idf.update | |
path: releng/com.espressif.idf.update/target/repository | |
- name: Upload windows rcp | |
if: ${{ !cancelled() }} | |
uses: actions/upload-artifact@v4 | |
with: | |
name: espressif-ide-win32 | |
path: releng/com.espressif.idf.product/target/products/Espressif-IDE-*-win32.win32.x86_64.zip | |
- name: Upload linux rcp | |
if: ${{ !cancelled() }} | |
uses: actions/upload-artifact@v4 | |
with: | |
name: espressif-ide-linux | |
path: releng/com.espressif.idf.product/target/products/Espressif-IDE-*-linux.gtk.x86_64.tar.gz | |
- name: Upload build assets to dl.espressif.com | |
id: upload-release-asset-espressif | |
env: | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }} | |
run: | | |
ARCHIVE_DIR="/releng/com.espressif.idf.update/target/" | |
ARCHIVE_NAME="com.espressif.idf.update*.zip" | |
echo "${ARCHIVE_DIR}" | |
echo ${PWD}${ARCHIVE_DIR} | |
ARCHIVE_FILE_NAME="$(find ${PWD}${ARCHIVE_DIR}${ARCHIVE_NAME})" | |
echo "${ARCHIVE_FILE_NAME}" | |
ARCHIVE_PREFIX="com.espressif.idf.update-" | |
ARCHIVE_SUFFIX="-SNAPSHOT.zip"; | |
tmp=${ARCHIVE_FILE_NAME#*${ARCHIVE_PREFIX}} # remove prefix | |
ARCHIVE_VERSION=${tmp%${ARCHIVE_SUFFIX}*} # remove suffix | |
echo "${ARCHIVE_VERSION}" | |
FOLDER_NAME="v${ARCHIVE_VERSION}" | |
mkdir "${FOLDER_NAME}" && cd "${FOLDER_NAME}" && unzip -q ${ARCHIVE_FILE_NAME} && cd .. | |
echo ${PWD} | |
ARCHIVE_VERSION_NEW="${ARCHIVE_PREFIX}${ARCHIVE_VERSION}.zip" | |
echo ${ARCHIVE_VERSION_NEW} | |
mv ${ARCHIVE_FILE_NAME} ${ARCHIVE_VERSION_NEW} | |
mv releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-x86_64.dmg "releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-x86_64-${FOLDER_NAME}.dmg" | |
mv releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-aarch64.dmg "releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-aarch64-${FOLDER_NAME}.dmg" | |
aws s3 rm s3://${{ secrets.DL_BUCKET }}/dl/idf-eclipse-plugin/updates/nightly --recursive | |
aws s3 cp --acl=public-read --recursive "./${FOLDER_NAME}/" s3://${{ secrets.DL_BUCKET }}/dl/idf-eclipse-plugin/updates/nightly | |
aws s3 cp --acl=public-read "./releng/index.html" s3://${{ secrets.DL_BUCKET }}/dl/idf-eclipse-plugin/updates/nightly/ | |
aws cloudfront create-invalidation --distribution-id ${{ secrets.DL_DISTRIBUTION_ID }} --paths "/dl/idf-eclipse-plugin/updates/nightly/*" |