Binaries (JDK and JavaFX early access builds) #41
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow is a clone of "binaries.yml" | |
| # The difference is that this workflow uses JDK early access builds (jdk-ea) to check the build of JabRef | |
| # We separated this from the main workflow as we do not want to check on each PR if the JDK build, but only on main | |
| name: Binaries (JDK and JavaFX early access builds) | |
| on: | |
| schedule: | |
| - cron: "0 18 * * *" | |
| pull_request: | |
| types: | |
| - opened | |
| - synchronize | |
| - reopened | |
| - labeled | |
| paths: | |
| - .github/workflows/binaries-ea.yml | |
| - build-logic/src/** | |
| - '**/build.gradle.kts' | |
| workflow_dispatch: | |
| inputs: | |
| notarization: | |
| type: boolean | |
| required: false | |
| default: false | |
| permissions: | |
| actions: write | |
| contents: read | |
| env: | |
| SpringerNatureAPIKey: ${{ secrets.SpringerNatureAPIKey }} | |
| AstrophysicsDataSystemAPIKey: ${{ secrets.AstrophysicsDataSystemAPIKey }} | |
| IEEEAPIKey: ${{ secrets.IEEEAPIKey }} | |
| BiodiversityHeritageApiKey: ${{ secrets.BiodiversityHeritageApiKey}} | |
| OSXCERT: ${{ secrets.OSX_SIGNING_CERT }} | |
| GRADLE_OPTS: -Xmx4g -Dorg.gradle.vfs.watch=false | |
| JAVA_OPTS: -Xmx4g | |
| concurrency: | |
| group: "${{ github.workflow }}-${{ github.head_ref || github.ref }}-${{ github.event_name }}" | |
| cancel-in-progress: true | |
| jobs: | |
| conditions: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| upload-to-builds-jabref-org: ${{ steps.binary.outputs.upload-to-builds-jabref-org }} | |
| secretspresent: ${{ steps.binary.outputs.secretspresent }} | |
| # requried to avoid obsolete builds in case of labels != "dev: binaries" | |
| should-build: ${{ steps.binary.outputs.should-build }} | |
| should-notarize: ${{ steps.binary.outputs.should-notarize }} | |
| steps: | |
| - name: Determine conditions | |
| id: binary | |
| shell: bash | |
| env: | |
| BUILDJABREFPRIVATEKEY: ${{ secrets.buildJabRefPrivateKey }} | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| EVENT_NAME: ${{ github.event_name }} | |
| LABEL_NAME: ${{ github.event.label.name }} | |
| REPO_OWNER: ${{ github.repository_owner }} | |
| run: | | |
| if [[ "$GITHUB_WORKFLOW" == *"early access"* && "$REPO_OWNER" != "JabRef" ]]; then | |
| echo "🚫 Early access workflow for JabRef disabled for non-JabRef owner" | |
| echo "should-build=false" >> "$GITHUB_OUTPUT" | |
| exit 0 | |
| fi | |
| if [[ "$EVENT_NAME" != "labeled" || "$LABEL_NAME" == "automerge" || "$LABEL_NAME" == "dev: binaries" ]]; then | |
| echo "📦 build enabled" | |
| echo "should-build=true" >> "$GITHUB_OUTPUT" | |
| else | |
| echo "🚫 build should be skipped" | |
| echo "should-build=false" >> "$GITHUB_OUTPUT" | |
| exit 0 | |
| fi | |
| if [ -z "$BUILDJABREFPRIVATEKEY" ]; then | |
| echo "upload-to-builds-jabref-org=false" >> "$GITHUB_OUTPUT" | |
| echo "secretspresent=false" >> "$GITHUB_OUTPUT" | |
| echo "🚫 Secret BUILDJABREFPRIVATEKEY not present – skipping upload" | |
| exit 0 | |
| fi | |
| echo "secretspresent=true" >> "$GITHUB_OUTPUT" | |
| if [[ "$GITHUB_REF" == refs/heads/gh-readonly-queue* ]]; then | |
| echo "upload-to-builds-jabref-org=false" >> "$GITHUB_OUTPUT" | |
| echo "🚫 merge queue – skipping upload" | |
| exit 0 | |
| fi | |
| if [[ "${{ inputs.notarization }}" == "true" ]]; then | |
| # This workflow runs on ubuntu-latest even for notarization for macOS; need to check later if really on macOS | |
| echo "🧾 macOS notarization" | |
| echo "should-notarize=true" >> "$GITHUB_OUTPUT" | |
| echo "☁️ will upload" | |
| echo "upload-to-builds-jabref-org=true" >> "$GITHUB_OUTPUT" | |
| exit 0; | |
| else | |
| echo "🚫 no macOS notarization" | |
| echo "should-notarize=false" >> "$GITHUB_OUTPUT" | |
| fi | |
| if [ "${{ github.event_name }}" != "pull_request" ]; then | |
| echo "upload-to-builds-jabref-org=true" >> "$GITHUB_OUTPUT" | |
| echo "☁️ Non-PR event – will upload" | |
| exit 0 | |
| fi | |
| LABELS=$(gh api repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/labels --jq '.[].name') | |
| if echo "$LABELS" | grep -q "^dev: binaries$"; then | |
| echo "upload-to-builds-jabref-org=true" >> "$GITHUB_OUTPUT" | |
| echo "☁️ Label 'dev: binaries' found – will upload" | |
| else | |
| echo "upload-to-builds-jabref-org=false" >> "$GITHUB_OUTPUT" | |
| echo "🚫 Label 'dev: binaries' not found – skipping upload" | |
| fi | |
| build: | |
| needs: [conditions] | |
| if: ${{ needs.conditions.outputs.should-build == 'true' }} | |
| env: | |
| javafx: '25' | |
| jdk_version: '25' | |
| jdk: 'openjdk-25.0.0-ea+21' | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| # if you change the os version rename all other occurrences | |
| - os: ubuntu-22.04 | |
| displayName: linux | |
| archivePortable: tar -c -C jabgui/build/distribution JabRef | pigz --rsyncable > jabgui/build/distribution/JabRef-portable_linux.tar.gz && rm -R jabgui/build/distribution/JabRef | |
| archivePortableJabKit: tar -c -C jabkit/build/distribution jabkit | pigz --rsyncable > jabkit/build/distribution/jabkit-portable_linux.tar.gz && rm -R jabkit/build/distribution/jabkit | |
| suffix: '-ea' | |
| - os: windows-latest | |
| displayName: windows | |
| archivePortable: 7z a -r jabgui/build/distribution/JabRef-portable_windows.zip ./jabgui/build/distribution/JabRef && rm -R jabgui/build/distribution/JabRef | |
| archivePortableJabKit: 7z a -r jabkit/build/distribution/jabkit-portable_windows.zip ./jabkit/build/distribution/jabkit && rm -R jabkit/build/distribution/jabkit | |
| suffix: '-ea' | |
| - os: macos-13 # intel image | |
| displayName: macOS | |
| suffix: '-ea' | |
| - os: macos-14 | |
| displayName: macOS (ARM64) | |
| suffix: '-ea_arm64' | |
| runs-on: ${{ matrix.os }} | |
| outputs: | |
| major: ${{ steps.gitversion.outputs.Major }} | |
| minor: ${{ steps.gitversion.outputs.Minor }} | |
| branchname: ${{ steps.gitversion.outputs.branchName }} | |
| name: (ea) ${{ matrix.displayName }} installer and portable version | |
| steps: | |
| - name: Fetch all history for all tags and branches | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| submodules: 'true' | |
| show-progress: 'false' | |
| - name: Install pigz and cache (linux) | |
| if: (matrix.os == 'ubuntu-22.04') | |
| uses: awalsh128/cache-apt-pkgs-action@latest | |
| with: | |
| packages: pigz | |
| version: 1.0 | |
| - name: Install GitVersion | |
| uses: gittools/actions/gitversion/[email protected] | |
| with: | |
| versionSpec: "5.x" | |
| - name: Run GitVersion | |
| id: gitversion | |
| uses: gittools/actions/gitversion/[email protected] | |
| - name: Tell gradle to use JDK ${{ env.jdk_version }} (linux, Windows) | |
| if: ${{ !startsWith(matrix.os, 'macos') }} | |
| run: | | |
| sed -i "s/JavaLanguageVersion.of(24)/JavaLanguageVersion.of(${{ env.jdk_version }})/" build-logic/src/main/kotlin/buildlogic.java-common-conventions.gradle.kts | |
| sed -i "s#vendor = JvmVendorSpec.AZUL##" build-logic/src/main/kotlin/buildlogic.java-common-conventions.gradle.kts | |
| cat build-logic/src/main/kotlin/buildlogic.java-common-conventions.gradle.kts | |
| - name: Tell gradle to use JDK ${{ env.jdk_version }} (macOS) | |
| if: ${{ startsWith(matrix.os, 'macos') }} | |
| run: | | |
| sed -i '.bak' "s/JavaLanguageVersion.of(24)/JavaLanguageVersion.of(${{ env.jdk_version }})/" build-logic/src/main/kotlin/buildlogic.java-common-conventions.gradle.kts | |
| sed -i '.bak' "s#vendor = JvmVendorSpec.AZUL##" build-logic/src/main/kotlin/buildlogic.java-common-conventions.gradle.kts | |
| cat build-logic/src/main/kotlin/buildlogic.java-common-conventions.gradle.kts | |
| # region setup-JDK | |
| - name: Setup JDK ${{ env.jdk_version }} (${{ env.jdk }}) for "java toolchain" of Gradle | |
| uses: jdx/mise-action@v2 | |
| with: | |
| mise_toml: | | |
| [tools] | |
| java = { version = "${{ env.jdk }}", release_type = "ea" } | |
| - name: Debug | |
| shell: bash | |
| run: | | |
| set -x | |
| set -e | |
| echo $JAVA_HOME | |
| java --version | |
| - name: Make JDK known to gradle (Linux, macOS) | |
| if: (matrix.os != 'windows-latest') | |
| shell: bash | |
| # Hint by https://github.com/gradle/gradle/issues/29355#issuecomment-2598556970 | |
| run: ln -s ~/.local/share/mise ~/.asdf | |
| - name: Make JDK known to gradle (Windows) | |
| if: (matrix.os == 'windows-latest') | |
| shell: bash | |
| run: mv ~/AppData/Local/mise ~/.asdf | |
| - name: Setup JDK for gradle itself | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: '21' | |
| distribution: 'temurin' | |
| # endregion | |
| # region JavaFX | |
| - name: Download and extract JavaFX ${{ env.javafx }} | |
| if: (matrix.os != 'buildjet-8vcpu-ubuntu-2204-arm') | |
| shell: bash | |
| run: | | |
| set -e | |
| set -x | |
| mkdir javafx | |
| cd javafx | |
| curl --no-progress-meter https://jdk.java.net/javafx${{ env.javafx }}/ > javafx.html | |
| case "${{ matrix.os }}" in | |
| "ubuntu-22.04") | |
| OS="linux-x64" | |
| EXTRACT="tar xzf *.tar.gz" | |
| EXT="tar.gz" | |
| ;; | |
| "windows-latest") | |
| OS="windows-x64" | |
| EXTRACT="unzip -qq *.zip" | |
| EXT="zip" | |
| ;; | |
| "macos-13") | |
| OS="macos-x64" | |
| EXTRACT="tar xzf *.tar.gz" | |
| EXT="tar.gz" | |
| ;; | |
| "macos-14") | |
| OS="macos-aarch64" | |
| EXTRACT="tar xzf *.tar.gz" | |
| EXT="tar.gz" | |
| ;; | |
| *) | |
| echo "Unsupported OS" | |
| exit 1 | |
| ;; | |
| esac | |
| echo "OS set to $OS" | |
| URL_SDK=$(grep -o "https://download.java.net/java/.*/javafx.*${OS}_bin-sdk.${EXT}" javafx.html | head -n 1) | |
| echo "Downloading $URL_SDK..." | |
| curl -OJ --no-progress-meter $URL_SDK | |
| $EXTRACT | |
| rm *.$EXT | |
| URL_JMODS=$(grep -o "https://download.java.net/java/.*/javafx.*${OS}_bin-jmods.${EXT}" javafx.html | head -n 1) | |
| echo "Downloading $URL_JMODS..." | |
| curl -OJ --no-progress-meter $URL_JMODS | |
| $EXTRACT | |
| rm *.$EXT | |
| ls -la | |
| - name: 'Set JavaFX ${{ env.javafx }} (linux, Windows)' | |
| if: ${{ !startsWith(matrix.os, 'macos') && (matrix.os != 'buildjet-8vcpu-ubuntu-2204-arm') }} | |
| shell: bash | |
| run: | | |
| set -e | |
| shopt -s globstar | |
| for buildgradle in **/build.gradle.kts; do | |
| sed -i '/javafx {/{n;s#version = ".*"#sdk = "../javafx/javafx-sdk-${{ env.javafx }}"#}' $buildgradle | |
| sed -i "s#jlink {#jlink { addExtraModulePath(\"../javafx/javafx-jmods-${{ env.javafx }}\")#" $buildgradle | |
| echo "==========" | |
| echo $buidgradle | |
| echo "==========" | |
| cat $buildgradle | |
| done | |
| - name: 'Set JavaFX ${{ env.javafx }} (macOS)' | |
| if: startsWith(matrix.os, 'macos') | |
| run: | | |
| set -e | |
| find . -name 'build.gradle.kts' | while read -r buildgradle; do | |
| sed -i '.bak' -e '/javafx {/{n' -e 's#version = ".*"#sdk = "../javafx/javafx-sdk-${{ env.javafx }}"#;}' $buildgradle | |
| sed -i '.bak' -e "s#jlink {#jlink { addExtraModulePath(\"../javafx/javafx-jmods-${{ env.javafx }}\")#" $buildgradle | |
| cat $buildgradle | |
| done | |
| - name: 'Set JavaFX ${{ env.javafx }} (linux-arm)' | |
| if: (matrix.os == 'buildjet-8vcpu-ubuntu-2204-arm') | |
| # No JavaFX EA build for ARM at https://jdk.java.net/javafx23/, therefore using Maven Central artifact | |
| run: | | |
| set -e | |
| curl -s "https://search.maven.org/solrsearch/select?q=g:org.openjfx+AND+a:javafx&rows=10&core=gav" > /tmp/versions.json | |
| jq '[.response.docs[] | select(.v | test(".*-ea\\+.*")) | select(.v | test("^17|^18|^19|^20|^21|^22") | not) | {version: .v}] | group_by(.version | capture("^(?<major>\\d+).*").major) | map(max_by(.version))' < /tmp/versions.json > /tmp/versions-latest.json | |
| JAVAFX=$(jq -r '.[-1].version' /tmp/versions-latest.json) | |
| echo "Using JavaFX ${JAVAFX}" | |
| shopt -s globstar | |
| for buildgradle in **/build.gradle.kts; do | |
| sed -i "/javafx {/{n;s#version = \".*\"#version = \"${JAVAFX}\"#}" $buildgradle | |
| cat $buildgradle | |
| done | |
| # endregion | |
| - name: Setup Gradle | |
| uses: gradle/actions/setup-gradle@v4 | |
| - name: Prepare merged jars and modules dir | |
| # prepareModulesDir is executing a build, which should run through even if no upload to builds.jabref.org is made | |
| if: (startsWith(matrix.os, 'macos')) || (needs.conditions.outputs.upload-to-builds-jabref-org == 'false') | |
| run: ./gradlew -i -PprojVersion="${{ steps.gitversion.outputs.AssemblySemVer }}" -PprojVersionInfo="${{ steps.gitversion.outputs.InformationalVersion }}" :jabgui:prepareModulesDir | |
| - name: Setup macOS key chain | |
| if: (startsWith(matrix.os, 'macos')) && (needs.conditions.outputs.secretspresent == 'true') | |
| uses: slidoapp/import-codesign-certs@1923310662e8682dd05b76b612b53301f431cd5d | |
| with: | |
| p12-file-base64: ${{ secrets.OSX_SIGNING_CERT }} | |
| p12-password: ${{ secrets.OSX_CERT_PWD }} | |
| keychain-password: jabref | |
| - name: Setup macOS key chain for app id cert | |
| if: (startsWith(matrix.os, 'macos')) && (needs.conditions.outputs.secretspresent == 'true') | |
| uses: slidoapp/import-codesign-certs@1923310662e8682dd05b76b612b53301f431cd5d | |
| with: | |
| p12-file-base64: ${{ secrets.OSX_SIGNING_CERT_APPLICATION }} | |
| p12-password: ${{ secrets.OSX_CERT_PWD }} | |
| create-keychain: false | |
| keychain-password: jabref | |
| - name: Build dmg (macOS) | |
| if: (startsWith(matrix.os, 'macos')) && (needs.conditions.outputs.secretspresent == 'true') | |
| shell: bash | |
| run: | | |
| set -e | |
| cd jabgui | |
| # see https://github.com/jdx/mise/discussions/4973 | |
| eval $(mise hook-env -f | grep 'export JAVA_HOME') | |
| eval $(mise hook-env -f | grep 'export PATH') | |
| echo $JAVA_HOME | |
| jpackage \ | |
| --module org.jabref/org.jabref.Launcher \ | |
| --module-path $JAVA_HOME/jmods/:build/jlinkbase/jlinkjars \ | |
| --add-modules org.jabref,org.jabref.merged.module \ | |
| --add-modules jdk.incubator.vector \ | |
| --dest build/distribution \ | |
| --app-content buildres/mac/Resources \ | |
| --name JabRef \ | |
| --app-version ${{ steps.gitversion.outputs.Major }}.${{ steps.gitversion.outputs.Minor }} \ | |
| --verbose \ | |
| --mac-sign \ | |
| --vendor "JabRef e.V." \ | |
| --mac-package-identifier JabRef \ | |
| --mac-package-name JabRef \ | |
| --type dmg --mac-signing-key-user-name "JabRef e.V. (6792V39SK3)" \ | |
| --mac-package-signing-prefix org.jabref \ | |
| --mac-entitlements buildres/mac/jabref.entitlements \ | |
| --icon src/main/resources/icons/jabref.icns \ | |
| --resource-dir buildres/mac \ | |
| --file-associations buildres/mac/bibtexAssociations.properties \ | |
| --jlink-options --bind-services \ | |
| --java-options -XX:+UnlockExperimentalVMOptions \ | |
| --java-options -XX:+UseCompactObjectHeaders \ | |
| --java-options -XX:+UseZGC --java-options -XX:+ZUncommit \ | |
| --java-options -XX:+UseStringDeduplication \ | |
| --java-options --add-exports=javafx.base/com.sun.javafx.event=org.jabref.merged.module \ | |
| --java-options --add-exports=javafx.controls/com.sun.javafx.scene.control=org.jabref.merged.module \ | |
| --java-options --add-opens=javafx.graphics/javafx.scene=org.jabref.merged.module \ | |
| --java-options --add-opens=javafx.controls/javafx.scene.control=org.jabref.merged.module \ | |
| --java-options --add-opens=javafx.controls/javafx.scene.control.skin=org.jabref.merged.module \ | |
| --java-options --add-opens=javafx.controls/com.sun.javafx.scene.control=org.jabref.merged.module \ | |
| --java-options --add-opens=javafx.controls/javafx.scene.control=org.jabref \ | |
| --java-options --add-exports=javafx.base/com.sun.javafx.event=org.jabref \ | |
| --java-options --add-exports=javafx.controls/com.sun.javafx.scene.control=org.jabref \ | |
| --java-options --add-opens=javafx.graphics/javafx.scene=org.jabref \ | |
| --java-options --add-opens=javafx.controls/javafx.scene.control=org.jabref \ | |
| --java-options --add-opens=javafx.controls/com.sun.javafx.scene.control=org.jabref \ | |
| --java-options --add-opens=javafx.base/javafx.collections=org.jabref \ | |
| --java-options --add-opens=javafx.base/javafx.collections.transformation=org.jabref \ | |
| --java-options --add-modules=jdk.incubator.vector | |
| - name: Build pkg (macOS) | |
| if: (startsWith(matrix.os, 'macos')) && (needs.conditions.outputs.secretspresent == 'true') | |
| shell: bash | |
| run: | | |
| set -e | |
| cd jabgui | |
| # see https://github.com/jdx/mise/discussions/4973 | |
| eval $(mise hook-env -f | grep 'export JAVA_HOME') | |
| eval $(mise hook-env -f | grep 'export PATH') | |
| echo $JAVA_HOME | |
| jpackage \ | |
| --module org.jabref/org.jabref.Launcher \ | |
| --module-path $JAVA_HOME/jmods/:build/jlinkbase/jlinkjars \ | |
| --add-modules org.jabref,org.jabref.merged.module \ | |
| --add-modules jdk.incubator.vector \ | |
| --dest build/distribution \ | |
| --app-content buildres/mac/Resources \ | |
| --name JabRef \ | |
| --app-version ${{ steps.gitversion.outputs.Major }}.${{ steps.gitversion.outputs.Minor }} \ | |
| --verbose \ | |
| --mac-sign \ | |
| --vendor "JabRef e.V." \ | |
| --mac-package-identifier JabRef \ | |
| --mac-package-name JabRef \ | |
| --type pkg --mac-signing-key-user-name "JabRef e.V. (6792V39SK3)" \ | |
| --mac-package-signing-prefix org.jabref \ | |
| --mac-entitlements buildres/mac/jabref.entitlements \ | |
| --icon src/main/resources/icons/jabref.icns \ | |
| --resource-dir buildres/mac \ | |
| --file-associations buildres/mac/bibtexAssociations.properties \ | |
| --jlink-options --bind-services \ | |
| --java-options --add-exports=javafx.base/com.sun.javafx.event=org.jabref.merged.module \ | |
| --java-options --add-exports=javafx.controls/com.sun.javafx.scene.control=org.jabref.merged.module \ | |
| --java-options --add-opens=javafx.graphics/javafx.scene=org.jabref.merged.module \ | |
| --java-options --add-opens=javafx.controls/javafx.scene.control=org.jabref.merged.module \ | |
| --java-options --add-opens=javafx.controls/com.sun.javafx.scene.control=org.jabref.merged.module \ | |
| --java-options --add-opens=javafx.controls/javafx.scene.control=org.jabref \ | |
| --java-options --add-exports=javafx.base/com.sun.javafx.event=org.jabref \ | |
| --java-options --add-exports=javafx.controls/com.sun.javafx.scene.control=org.jabref \ | |
| --java-options --add-opens=javafx.graphics/javafx.scene=org.jabref \ | |
| --java-options --add-opens=javafx.controls/javafx.scene.control=org.jabref \ | |
| --java-options --add-opens=javafx.controls/com.sun.javafx.scene.control=org.jabref \ | |
| --java-options --add-opens=javafx.base/javafx.collections=org.jabref \ | |
| --java-options --add-opens=javafx.base/javafx.collections.transformation=org.jabref \ | |
| --java-options --add-modules=jdk.incubator.vector | |
| - name: Rename files for mac | |
| if: (startsWith(matrix.os, 'macos')) && (needs.conditions.outputs.secretspresent == 'true') | |
| shell: bash | |
| run: | | |
| cd jabgui | |
| mv build/distribution/JabRef-${{ steps.gitversion.outputs.Major }}.${{ steps.gitversion.outputs.Minor }}.dmg build/distribution/JabRef-${{ steps.gitversion.outputs.Major }}.${{ steps.gitversion.outputs.Minor }}${{ matrix.suffix }}.dmg | |
| mv build/distribution/JabRef-${{ steps.gitversion.outputs.Major }}.${{ steps.gitversion.outputs.Minor }}.pkg build/distribution/JabRef-${{ steps.gitversion.outputs.Major }}.${{ steps.gitversion.outputs.Minor }}${{ matrix.suffix }}.pkg | |
| - name: Build runtime image and installer (linux, Windows) | |
| if: ${{ !startsWith(matrix.os, 'macos') }} | |
| shell: bash | |
| run: ./gradlew -i -PprojVersion="${{ steps.gitversion.outputs.AssemblySemVer }}" -PprojVersionInfo="${{ steps.gitversion.outputs.InformationalVersion }}" :jabgui:jpackage | |
| - name: Package JabGui application image (linux, Windows) | |
| if: ${{ !startsWith(matrix.os, 'macos') }} | |
| shell: bash | |
| run: | | |
| set -e | |
| ${{ matrix.archivePortable }} | |
| - name: Rename files | |
| if: ${{ !startsWith(matrix.os, 'macos') }} | |
| shell: pwsh | |
| run: | | |
| get-childitem -Path jabgui/build/distribution/* | rename-item -NewName {$_.name -replace "${{ steps.gitversion.outputs.AssemblySemVer }}","${{ steps.gitversion.outputs.Major }}.${{ steps.gitversion.outputs.Minor }}${{ matrix.suffix }}"} | |
| get-childitem -Path jabgui/build/distribution/* | rename-item -NewName {$_.name -replace "portable","${{ steps.gitversion.outputs.Major }}.${{ steps.gitversion.outputs.Minor }}${{ matrix.suffix }}-portable"} | |
| - name: Repack deb file for Debian | |
| if: (matrix.os == 'ubuntu-22.04') | |
| shell: bash | |
| run: | | |
| cd jabgui/build/distribution | |
| ar x jabref_${{ steps.gitversion.outputs.Major }}.${{ steps.gitversion.outputs.Minor }}${{ matrix.suffix }}_amd64.deb | |
| zstd -d < control.tar.zst | xz > control.tar.xz | |
| zstd -d < data.tar.zst | xz > data.tar.xz | |
| ar -m -c -a sdsd jabref_${{ steps.gitversion.outputs.Major }}.${{ steps.gitversion.outputs.Minor }}${{ matrix.suffix }}_amd64_repackaged.deb debian-binary control.tar.xz data.tar.xz | |
| rm debian-binary control.tar.* data.tar.* | |
| mv -f jabref_${{ steps.gitversion.outputs.Major }}.${{ steps.gitversion.outputs.Minor }}${{ matrix.suffix }}_amd64_repackaged.deb jabref_${{ steps.gitversion.outputs.Major }}.${{ steps.gitversion.outputs.Minor }}${{ matrix.suffix }}_amd64.deb | |
| - name: Build JabKit | |
| shell: bash | |
| run: ./gradlew -i -PprojVersion="${{ steps.gitversion.outputs.AssemblySemVer }}" -PprojVersionInfo="${{ steps.gitversion.outputs.InformationalVersion }}" :jabkit:jpackage | |
| - name: Remove JabKit app build (macOS) | |
| if: ${{ startsWith(matrix.os, 'macos') }} | |
| run: rm -rf jabkit/build/distribution/jabkit.app | |
| - name: Package JabKit application image (linux, Windows) | |
| if: ${{ !startsWith(matrix.os, 'macos') && (needs.conditions.outputs.secretspresent == 'true') }} | |
| shell: bash | |
| run: | | |
| set -e | |
| ${{ matrix.archivePortableJabKit }} | |
| - name: Setup SSH key | |
| if: (needs.conditions.outputs.upload-to-builds-jabref-org == 'true') | |
| run: | | |
| echo "${{ secrets.buildJabRefPrivateKey }}" > sshkey | |
| chmod 600 sshkey | |
| - name: Check disk space on builds.jabref.org | |
| if: (needs.conditions.outputs.upload-to-builds-jabref-org == 'true') | |
| id: diskspace | |
| shell: bash | |
| run: | | |
| USAGE=$(ssh -p 9922 -i sshkey -o StrictHostKeyChecking=no [email protected] \ | |
| "df --output=pcent /var/www/builds.jabref.org | tail -n1 | tr -dc '0-9'") | |
| echo "Remote usage: $USAGE%" | |
| if [ "$USAGE" -lt 90 ]; then | |
| echo "available=true" >> "$GITHUB_OUTPUT" | |
| else | |
| echo "available=false" >> "$GITHUB_OUTPUT" | |
| fi | |
| - name: Setup rsync (macOS) | |
| if: ${{ (steps.diskspace.outputs.available == 'true') && (startsWith(matrix.os, 'macos') && (needs.conditions.outputs.upload-to-builds-jabref-org == 'true')) }} | |
| run: brew install rsync | |
| - name: Setup rsync (Windows) | |
| if: ${{ (steps.diskspace.outputs.available == 'true') && (matrix.os == 'windows-latest') }} | |
| # We want to have rsync available at this place to avoid uploading and downloading from GitHub artifact store (taking > 5 minutes in total) | |
| # We cannot use "action-rsyncer", because that requires Docker which is unavailable on Windows | |
| # We cannot use "setup-rsync", because that does not work on Windows | |
| # We do not use egor-tensin/setup-cygwin@v4, because it replaces the default shell | |
| run: choco install --no-progress rsync | |
| - name: Upload jabgui to builds.jabref.org (Windows) | |
| if: ${{ (steps.diskspace.outputs.available == 'true') && (matrix.os == 'windows-latest') }} | |
| shell: cmd | |
| # for rsync installed by chocolatey, we need the ssh.exe delivered with that installation | |
| run: | | |
| rsync -rt --chmod=Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r --itemize-changes --stats --rsync-path="mkdir -p /var/www/builds.jabref.org/www/${{ steps.gitversion.outputs.branchName }} && rsync" -e 'C:\ProgramData\chocolatey\lib\rsync\tools\bin\ssh.exe -p 9922 -i sshkey -o StrictHostKeyChecking=no' jabgui/build/distribution/ [email protected]:/var/www/builds.jabref.org/www/${{ steps.gitversion.outputs.branchName }}/ || true | |
| - name: Upload jabkkit to builds.jabref.org (Windows) | |
| if: ${{ (steps.diskspace.outputs.available == 'true') && (matrix.os == 'windows-latest') }} | |
| shell: cmd | |
| # for rsync installed by chocolatey, we need the ssh.exe delivered with that installation | |
| run: | | |
| rsync -rt --chmod=Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r --itemize-changes --stats --rsync-path="mkdir -p /var/www/builds.jabref.org/www/${{ steps.gitversion.outputs.branchName }} && rsync" -e 'C:\ProgramData\chocolatey\lib\rsync\tools\bin\ssh.exe -p 9922 -i sshkey -o StrictHostKeyChecking=no' jabkit/build/distribution/ [email protected]:/var/www/builds.jabref.org/www/${{ steps.gitversion.outputs.branchName }}/ || true | |
| - name: Upload jabgui to builds.jabref.org (linux, macOS) | |
| if: ${{ (steps.diskspace.outputs.available == 'true') && (startsWith(matrix.os, 'macos') || startsWith(matrix.os, 'ubuntu')) }} | |
| shell: bash | |
| run: | | |
| rsync -rt --chmod=Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r --itemize-changes --stats --rsync-path="mkdir -p /var/www/builds.jabref.org/www/${{ steps.gitversion.outputs.branchName }} && rsync" -e 'ssh -p 9922 -i sshkey -o StrictHostKeyChecking=no' jabgui/build/distribution/ [email protected]:/var/www/builds.jabref.org/www/${{ steps.gitversion.outputs.branchName }}/ || true | |
| - name: Upload jabkit to builds.jabref.org (linux, macOS) | |
| if: ${{ (steps.diskspace.outputs.available == 'true') && (startsWith(matrix.os, 'macos') || startsWith(matrix.os, 'ubuntu')) }} | |
| shell: bash | |
| run: | | |
| rsync -rt --chmod=Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r --itemize-changes --stats --rsync-path="mkdir -p /var/www/builds.jabref.org/www/${{ steps.gitversion.outputs.branchName }} && rsync" -e 'ssh -p 9922 -i sshkey -o StrictHostKeyChecking=no' jabkit/build/distribution/ [email protected]:/var/www/builds.jabref.org/www/${{ steps.gitversion.outputs.branchName }}/ || true | |
| - name: Upload to GitHub workflow artifacts store (macOS) | |
| if: ${{ (startsWith(matrix.os, 'macos')) && (needs.conditions.outputs.should-notarize == 'true') }} | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| # tbn = to-be-notarized | |
| name: JabRef-${{ matrix.os }}-tbn | |
| path: | | |
| jabgui/build/distribution | |
| jabkit/build/distribution | |
| compression-level: 0 # no compression | |
| - name: Upload to GitHub workflow artifacts store | |
| if: ${{ (needs.conditions.outputs.upload-to-builds-jabref-org == 'false') }} | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: JabRef-${{ matrix.os }} | |
| path: | | |
| jabgui/build/distribution | |
| jabkit/build/distribution | |
| compression-level: 0 # no compression | |
| notarize: | |
| # Outsourced in a separate job to be able to rerun if this fails for timeouts | |
| name: macOS notarization | |
| needs: [conditions, build] | |
| if: ${{ needs.conditions.outputs.should-notarize == 'true' }} | |
| strategy: | |
| # Ensure that calls to Apple are sequentially made | |
| max-parallel: 1 | |
| matrix: | |
| include: | |
| - os: macos-14 | |
| displayName: macOS (ARM64) | |
| suffix: '-ea_arm64' | |
| - os: macos-13 # intel image | |
| displayName: macOS | |
| suffix: '-ea' | |
| runs-on: ${{ matrix.os }} | |
| steps: | |
| - name: Download from GitHub workflow artifacts store (macOS) | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: JabRef-${{ matrix.os }}-tbn | |
| - name: Notarize dmg | |
| shell: bash | |
| run: | | |
| cd jabgui | |
| find . -type f | |
| xcrun notarytool store-credentials "notarytool-profile" --apple-id "[email protected]" --team-id "6792V39SK3" --password "${{ secrets.OSX_NOTARIZATION_APP_PWD }}" | |
| xcrun notarytool submit build/distribution/JabRef-${{ needs.build.outputs.major }}.${{ needs.build.outputs.minor }}${{ matrix.suffix}}.dmg --keychain-profile "notarytool-profile" --wait | |
| xcrun stapler staple build/distribution/JabRef-${{ needs.build.outputs.major }}.${{ needs.build.outputs.minor }}${{ matrix.suffix}}.dmg | |
| - name: Notarize pkg | |
| shell: bash | |
| run: | | |
| cd jabgui | |
| xcrun notarytool store-credentials "notarytool-profile" --apple-id "[email protected]" --team-id "6792V39SK3" --password "${{ secrets.OSX_NOTARIZATION_APP_PWD }}" | |
| xcrun notarytool submit build/distribution/JabRef-${{ needs.build.outputs.major }}.${{ needs.build.outputs.minor }}${{ matrix.suffix}}.pkg --keychain-profile "notarytool-profile" --wait | |
| xcrun stapler staple build/distribution/JabRef-${{ needs.build.outputs.major }}.${{ needs.build.outputs.minor }}${{ matrix.suffix}}.pkg | |
| - name: Upload to builds.jabref.org | |
| shell: bash | |
| run: | | |
| echo "${{ secrets.buildJabRefPrivateKey }}" > sshkey | |
| chmod 600 sshkey | |
| rsync -rt --chmod=Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r --itemize-changes --stats --rsync-path="mkdir -p /var/www/builds.jabref.org/www/${{ needs.build.outputs.branchname }} && rsync" -e 'ssh -p 9922 -i sshkey -o StrictHostKeyChecking=no' jabgui/build/distribution/ [email protected]:/var/www/builds.jabref.org/www/${{ needs.build.outputs.branchname }}/ |