|
6 | 6 | - '**.md' |
7 | 7 | branches: |
8 | 8 | - master |
| 9 | + tags: |
| 10 | + - '*' |
9 | 11 | pull_request: |
10 | 12 | paths-ignore: |
11 | 13 | - '**.md' |
@@ -251,13 +253,108 @@ jobs: |
251 | 253 | dmgbuild "OBS-Studio ${{ env.OBS_GIT_TAG }}" "${FILE_NAME}" -s ./settings.json |
252 | 254 | mkdir ../nightly |
253 | 255 | sudo mv ./${FILE_NAME} ../nightly/${FILE_NAME} |
254 | | -
|
255 | 256 | - name: 'Publish' |
256 | 257 | if: success() && (github.event_name != 'pull_request' || env.SEEKING_TESTERS == '1') |
257 | 258 | uses: actions/upload-artifact@v2-preview |
258 | 259 | with: |
259 | 260 | name: '${{ env.FILE_NAME }}' |
260 | 261 | path: ./nightly/*.dmg |
| 262 | + - name: 'Package Release' |
| 263 | + if: success() && startsWith(github.ref, 'refs/tags/') && github.event_name != 'pull_request' |
| 264 | + working-directory: ${{ github.workspace }}/build |
| 265 | + shell: bash |
| 266 | + run: | |
| 267 | + FILE_DATE=$(date +%Y-%m-%d) |
| 268 | + FILE_NAME=$FILE_DATE-${{ env.OBS_GIT_HASH }}-${{ env.OBS_GIT_TAG }}-rel-macOS.dmg |
| 269 | +
|
| 270 | + KEYCHAIN=tempkeychain |
| 271 | + echo "${{ secrets.MACOS_SIGNING_CERT }}" | base64 --decode > ./certificate.p12 |
| 272 | + security create-keychain -p "" "$KEYCHAIN" |
| 273 | + security list-keychains -s "$KEYCHAIN" |
| 274 | + security default-keychain -s "$KEYCHAIN" |
| 275 | + security unlock-keychain -p "" "$KEYCHAIN" |
| 276 | + security set-keychain-settings |
| 277 | + security import ./certificate.p12 -k "$KEYCHAIN" -P "${{ secrets.MACOS_SIGNING_CERT_PASSWORD }}" -T /usr/bin/codesign -T /usr/bin/security |
| 278 | + security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k "" $KEYCHAIN |
| 279 | +
|
| 280 | + codesign --verbose --force --options runtime --sign "${{ secrets.MACOS_SIGNING_IDENTITY }}" ./OBS.app/Contents/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/MacOS/fileop |
| 281 | + codesign --verbose --force --options runtime --sign "${{ secrets.MACOS_SIGNING_IDENTITY }}" ./OBS.app/Contents/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/MacOS/Autoupdate |
| 282 | + codesign --verbose --force --options runtime --sign "${{ secrets.MACOS_SIGNING_IDENTITY }}" --deep ./OBS.app/Contents/Frameworks/Sparkle.framework |
| 283 | +
|
| 284 | + codesign --verbose --force --options runtime --sign "${{ secrets.MACOS_SIGNING_IDENTITY }}" "./OBS.app/Contents/Frameworks/Chromium Embedded Framework.framework/Libraries/libEGL.dylib" |
| 285 | + codesign --verbose --force --options runtime --sign "${{ secrets.MACOS_SIGNING_IDENTITY }}" "./OBS.app/Contents/Frameworks/Chromium Embedded Framework.framework/Libraries/libswiftshader_libEGL.dylib" |
| 286 | + codesign --verbose --force --options runtime --sign "${{ secrets.MACOS_SIGNING_IDENTITY }}" "./OBS.app/Contents/Frameworks/Chromium Embedded Framework.framework/Libraries/libGLESv2.dylib" |
| 287 | + codesign --verbose --force --options runtime --sign "${{ secrets.MACOS_SIGNING_IDENTITY }}" "./OBS.app/Contents/Frameworks/Chromium Embedded Framework.framework/Libraries/libswiftshader_libGLESv2.dylib" |
| 288 | + codesign --verbose --force --options runtime --sign "${{ secrets.MACOS_SIGNING_IDENTITY }}" --deep "./OBS.app/Contents/Frameworks/Chromium Embedded Framework.framework" |
| 289 | +
|
| 290 | + cp ../CI/scripts/macos/app/entitlements.plist ./entitlements.plist |
| 291 | +
|
| 292 | + codesign --verbose --force --options runtime --entitlements ./entitlements.plist --sign "${{ secrets.MACOS_SIGNING_IDENTITY }}" --deep ./OBS.app |
| 293 | +
|
| 294 | + /usr/bin/ditto -c -k --keepParent ./OBS.app ./OBS.zip |
| 295 | +
|
| 296 | + UPLOAD_RESULT=$(xcrun altool \ |
| 297 | + --notarize-app \ |
| 298 | + --primary-bundle-id "com.obsproject.obs-studio" \ |
| 299 | + --username "${{ secrets.MACOS_NOTARIZATION_USERNAME }}" \ |
| 300 | + --password "${{ secrets.MACOS_NOTARIZATION_PASSWORD }}" \ |
| 301 | + --asc-provider "${{ secrets.ASC_PROVIDER_SHORTNAME }}" \ |
| 302 | + --file OBS.zip) |
| 303 | +
|
| 304 | + REQUEST_UUID=$(echo $UPLOAD_RESULT | awk -F ' = ' '/RequestUUID/ {print $2}') |
| 305 | + echo "Request UUID: $REQUEST_UUID" |
| 306 | +
|
| 307 | + while sleep 30 && date; do |
| 308 | + CHECK_RESULT=$(xcrun altool \ |
| 309 | + --notarization-info "$REQUEST_UUID" \ |
| 310 | + --username "${{ secrets.MACOS_NOTARIZATION_USERNAME }}" \ |
| 311 | + --password "${{ secrets.MACOS_NOTARIZATION_PASSWORD }}" \ |
| 312 | + --asc-provider "${{ secrets.ASC_PROVIDER_SHORTNAME }}") |
| 313 | + echo $CHECK_RESULT |
| 314 | +
|
| 315 | + if ! grep -q "Status: in progress" <<< "$CHECK_RESULT"; then |
| 316 | + echo "Staple ticket to app" |
| 317 | + xcrun stapler staple -v OBS.app |
| 318 | + break |
| 319 | + fi |
| 320 | + done |
| 321 | +
|
| 322 | + dmgbuild "OBS-Studio ${{ env.OBS_GIT_TAG }}" "$FILE_NAME" -s ./settings.json |
| 323 | +
|
| 324 | + UPLOAD_RESULT=$(xcrun altool \ |
| 325 | + --notarize-app \ |
| 326 | + --primary-bundle-id "com.obsproject.obs-studio" \ |
| 327 | + --username "${{ secrets.MACOS_NOTARIZATION_USERNAME }}" \ |
| 328 | + --password "${{ secrets.MACOS_NOTARIZATION_PASSWORD }}" \ |
| 329 | + --asc-provider "${{ secrets.ASC_PROVIDER_SHORTNAME }}" \ |
| 330 | + --file $FILE_NAME) |
| 331 | +
|
| 332 | + REQUEST_UUID=$(echo $UPLOAD_RESULT | awk -F ' = ' '/RequestUUID/ {print $2}') |
| 333 | + echo "Request UUID: $REQUEST_UUID" |
| 334 | +
|
| 335 | + while sleep 30 && date; do |
| 336 | + CHECK_RESULT=$(xcrun altool \ |
| 337 | + --notarization-info "$REQUEST_UUID" \ |
| 338 | + --username "${{ secrets.MACOS_NOTARIZATION_USERNAME }}" \ |
| 339 | + --password "${{ secrets.MACOS_NOTARIZATION_PASSWORD }}" \ |
| 340 | + --asc-provider "${{ secrets.ASC_PROVIDER_SHORTNAME }}") |
| 341 | + echo $CHECK_RESULT |
| 342 | +
|
| 343 | + if ! grep -q "Status: in progress" <<< "$CHECK_RESULT"; then |
| 344 | + echo "Staple ticket to dmg" |
| 345 | + xcrun stapler staple -v $FILE_NAME |
| 346 | + break |
| 347 | + fi |
| 348 | + done |
| 349 | +
|
| 350 | + mkdir ../release |
| 351 | + sudo mv ./$FILE_NAME ../release/$FILE_NAME |
| 352 | + - name: 'Publish Release' |
| 353 | + if: success() && startsWith(github.ref, 'refs/tags/') && github.event_name != 'pull_request' |
| 354 | + uses: actions/upload-artifact@v2-preview |
| 355 | + with: |
| 356 | + name: '${{ env.FILE_NAME }}' |
| 357 | + path: ./release/*.dmg |
261 | 358 | ubuntu64: |
262 | 359 | name: 'Linux/Ubuntu 64-bit' |
263 | 360 | runs-on: [ubuntu-latest] |
|
0 commit comments