Skip to content
.github/workflows/build.yml

Add more logging to notarize github actions #564

Sign in to view logs

Add more logging to notarize github actions

Add more logging to notarize github actions #564

Workflow file for this run

.github/workflows/build.yml at f116837
name: Specify 6 CI
on: [push]
jobs:
build:
name: Build and Package Specify 6
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Unbase64 code signing certs
run: |
echo $MAC_PKCS12 | base64 -d > packaging/expdevidapp.p12
echo $WIN_PKCS12 | base64 -d > packaging/certwithroot.pfx
env:
WIN_PKCS12: ${{ secrets.WIN_PKCS12 }}
MAC_PKCS12: ${{ secrets.MAC_PKCS12_V2 }}
- name: Set up JDK 1.8
uses: actions/setup-java@v1
with:
java-version: 1.8
- name: Compile Specify 6
run: ant -noinput -buildfile build.xml compile-nonmac
- name: Compile Specify 6 for Mac
run: ant -noinput -buildfile build.xml compile-mac
- name: Get Install4j from cache
id: cache-install4j
uses: actions/cache@v1
with:
path: install4j8.0.11
key: install4j8.0.11-cache
- name: Download Install4j
if: steps.cache-install4j.outputs.cache-hit != 'true'
run: |
wget https://download-gcdn.ej-technologies.com/install4j/install4j_unix_8_0_11.tar.gz
tar -zxvf install4j_unix_8_0_11.tar.gz
- name: Set Install4j license
run: install4j8.0.11/bin/install4jc --license=$INSTALL4J_LICENSE
env:
INSTALL4J_LICENSE: ${{ secrets.INSTALL4J8_LICENSE }}
- name: Package Specify 6
run: >
ant -noinput -buildfile build.xml -Dinstall4j.dir=./install4j8.0.11
-Dwin-keystore-password=$WIN_KEYSTORE_PASSWORD -Dmac-keystore-password=$MAC_KEYSTORE_PASSWORD
-Dwin.pkcs12=certwithroot.pfx -Dmac.pkcs12=expdevidapp.p12 -Dcode.signing=true
package-all
env:
WIN_KEYSTORE_PASSWORD: ${{ secrets.WIN_KEYSTORE_PASSWORD }}
MAC_KEYSTORE_PASSWORD: ${{ secrets.MAC_KEYSTORE_PASSWORD_V2 }}
- name: Upload Specify_windows_64.exe as artifact
uses: actions/upload-artifact@v1
with:
name: Specify_windows_64
path: packages/Specify_windows_64.exe
- name: Upload Specify_unix_64.sh as artifact
uses: actions/upload-artifact@v1
with:
name: Specify_unix_64
path: packages/Specify_unix_64.sh
- name: Upload Specify_macos.dmg as artifact
uses: actions/upload-artifact@v1
with:
name: Specify_macos
path: packages/Specify_macos.dmg
- name: Upload updates.xml as artifact
uses: actions/upload-artifact@v1
with:
name: updates.xml
path: packages/updates.xml
notarize:
name: Notarize the Specify 6 Mac package

Check failure on line 85 in .github/workflows/build.yml

View workflow run for this annotation

GitHub Actions / .github/workflows/build.yml

Invalid workflow file 

You have an error in your yaml syntax on line 85
needs: build
runs-on: macos-latest
steps:
- name: Download Specify_macos artifact
uses: actions/download-artifact@v1
with:
name: Specify_macos
- name: Check artifact contents
run: |
echo "Contents of Specify_macos directory:"
ls -R Specify_macos
- name: Upload the Mac package for notarization
run: |
echo "Uploading package for notarization..."
xcrun altool --notarize-app --primary-bundle-id org.specifysoftware \
--username [email protected] --password $AC_PASSWORD \
--file Specify_macos/Specify_macos.dmg | tee notarize-app-output.txt
if grep -q "RequestUUID = " notarize-app-output.txt; then
echo "Package uploaded successfully."
else
echo "Uploading package for notarization failed!"
cat notarize-app-output.txt
exit 1
fi
env:
AC_PASSWORD: ${{ secrets.AC_PASSWORD }}
- name: Get the request UUID
run: |
sed -En 's/RequestUUID = (.*)$/\1/p' notarize-app-output.txt | tee request-uuid.txt
echo "Request UUID: $(cat request-uuid.txt)"
- name: Check the notarization status
run: |
for i in {1..60}; do
echo "Checking notarization status (attempt $i)..."
sleep 120
xcrun altool --notarization-info $(cat request-uuid.txt) \
--username [email protected] --password $AC_PASSWORD \
| tee notarization-info.txt
if ! grep -q "Status: in progress" notarization-info.txt; then
echo "Notarization process completed."
break
fi
echo "Notarization still in progress..."
done
if grep -q "Status: success" notarization-info.txt; then
echo "Notarization succeeded!"
else
echo "Notarization failed or timed out. Full status:"
cat notarization-info.txt
exit 1
fi
env:
AC_PASSWORD: ${{ secrets.AC_PASSWORD }}
- name: Staple the notarization ticket to the installer
run: |
echo "Stapling notarization ticket..."
xcrun stapler staple Specify_macos/Specify_macos.dmg
if [ $? -eq 0 ]; then
echo "Stapling successful."
else
echo "Stapling failed!"
exit 1
fi
- name: Upload the stapled Specify_macos.dmg as artifact
uses: actions/upload-artifact@v1
with:
name: Specify_macos_with_ticket
path: Specify_macos/Specify_macos.dmg
- name: Upload log files as artifacts
if: always()
uses: actions/upload-artifact@v2
with:
name: notarization-logs
path: |
notarize-app-output.txt
request-uuid.txt
notarization-info.txt
release:
name: Create a Specify 6 release
needs: [build, notarize]
if: startsWith(github.ref, 'refs/tags/')
runs-on: ubuntu-latest
steps:
- name: Download Specify_windows_64 artifact
uses: actions/download-artifact@v1
with:
name: Specify_windows_64
- name: Download Specify_unix_64 artifact
uses: actions/download-artifact@v1
with:
name: Specify_unix_64
- name: Download Specify_macos_with_ticket artifact
uses: actions/download-artifact@v1
with:
name: Specify_macos_with_ticket
- name: Download updates.xml artifact
uses: actions/download-artifact@v1
with:
name: updates.xml
- name: Create release
uses: softprops/action-gh-release@v1
with:
draft: true
prerelease: true
files: |
Specify_windows_64/*
Specify_unix_64/*
Specify_macos_with_ticket/*
updates.xml/*
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}