Skip to content

CI-CONNECT-RELEASE #371

CI-CONNECT-RELEASE

CI-CONNECT-RELEASE #371

Workflow file for this run

# On release creation:
# - Build and release connect for all platforms
name: CI-CONNECT-RELEASE
on:
release:
types: [created]
jobs:
# This job checks the tag pattern and decides whether to proceed or halt the workflow
check-tag:
runs-on: ubuntu-latest
steps:
- name: Check tag pattern
run: |
TAG_NAME=$(echo ${{ github.ref }} | sed 's|refs/tags/||')
echo "TAG_NAME=${TAG_NAME}"
# Check if the tag name starts with "connect/"
if [[ "${TAG_NAME}" != connect/* ]]; then
echo "Not supported by this CI"
exit 1
fi
# Set the environment variables for the rest of release workflow
set-variables:
needs: check-tag
runs-on: ubuntu-latest
outputs:
folder: ${{ env.FOLDER }}
package: ${{ env.PACKAGE }}
package_version: ${{ env.PACKAGE_VERSION }}
tag: ${{ env.TAG }}
steps:
- uses: actions/checkout@v3
- name: set environments on full release
shell: bash
run: |
echo "PACKAGE=$(echo ${{ github.ref }} | cut -d/ -f 3-3)" >> $GITHUB_ENV
echo "PACKAGE_VERSION=$(echo ${{ github.ref }} | cut -d/ -f 4-4)" >> $GITHUB_ENV
echo "TAG=$(echo ${{ github.ref }} | cut -d/ -f 3-4)" >> $GITHUB_ENV
- name: set apps folder
if: ${{ env.PACKAGE == 'connect' }}
shell: bash
run: |
echo "FOLDER=apps/${{ env.PACKAGE }}" >> $GITHUB_ENV
- name: debug
shell: bash
run: |
echo 'FOLDER: ${{ env.FOLDER }}'
echo 'PACKAGE: ${{ env.PACKAGE }}'
echo 'PACKAGE_VERSION: ${{ env.PACKAGE_VERSION }}'
echo 'TAG: ${{ env.TAG }}'
connect-build:
name: Build Connect
needs: set-variables
runs-on: macos-13 # Temporary setting macos-12 as OS instead of UBUNTU because python 6.6 onward has problems building resources on linux. (6.5 works but increases connect file size to double)
outputs:
connect_version: ${{ steps.get_version.outputs.connect_version }}
steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v5
with:
python-version: '3.10'
- name: install poetry
shell: bash
run: |
pip install poetry==1.5.1
- name: Build Qt resources
shell: bash
run: |
pip install --no-cache-dir -r tools/requirements-connect.txt
python tools/build.py --style_path resource --output_path source/ftrack_connect/ui/resource.py --pyside_version 6 build_qt_resources apps/connect
- name: poetry build and export dependencies
shell: bash
run: |
cd ${{ needs.set-variables.outputs.folder }}
poetry build
- name: Get Connect version
id: get_version # This ID is used to reference the output of the step
shell: bash
run: |
cd ${{ needs.set-variables.outputs.folder }}
CONNECT_VERSION=$(poetry version -s)
echo "Connect version: $CONNECT_VERSION"
echo "connect_version=$CONNECT_VERSION" >> $GITHUB_OUTPUT
- name: Prepare upload Connect wheel to GitHub Release
uses: actions/upload-artifact@v4
with:
name: ftrack-connect-whl
path: ${{ needs.set-variables.outputs.folder }}/dist/ftrack_connect-${{ steps.get_version.outputs.connect_version }}-py3-none-any.whl
- name: Upload Connect wheel to GitHub Release
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
shell: bash
run: |
echo "Uploading ftrack_connect-${{ needs.connect-build.outputs.connect_version }}-py3-none-any.whl"
gh release upload ${{ needs.set-variables.outputs.tag }} ${{ needs.set-variables.outputs.folder }}/dist/ftrack_connect-${{ steps.get_version.outputs.connect_version }}-py3-none-any.whl --clobber
installer-windows:
name: Build Connect Installer on Windows
needs: [ set-variables, connect-build ]
runs-on: windows-latest
env:
CODESIGN: 'True' # Set this to 'True' or 'False' as needed
steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v5
with:
python-version: '3.10'
- name: install poetry
shell: bash
run: |
pip install poetry==1.5.1
- name: Build Qt resources
shell: bash
run: |
pip install -r tools/requirements-connect.txt
python tools/build.py --style_path resource --output_path source/ftrack_connect/ui/resource.py --pyside_version 6 build_qt_resources apps/connect
- uses: google-github-actions/auth@v2
if: env.CODESIGN == 'True'
with:
credentials_json: ${{ secrets.GOOGLE_CREDENTIALS }}
- uses: google-github-actions/setup-gcloud@v2
- name: Setup Java JDK
uses: actions/setup-java@v4
with:
java-version: '21'
distribution: 'oracle'
- name: Install Inno Setup, needed to create the installer
run: |
choco install innosetup
- name: poetry build installer
shell: bash
run: |
cd ${{ needs.set-variables.outputs.folder }}
poetry install --with installer --sync
poetry run ftrack-connect-installer --codesign ${CODESIGN}
- name: Upload EXE installer to GitHub Release
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
shell: bash
run: |
echo "Listing contents of apps/connect/dist:"
ls -l apps/connect/dist
echo "Listing contents of apps/connect/build:"
ls -l apps/connect/build
cd apps/connect/dist
version="${{ needs.set-variables.outputs.package_version }}"
clean_package_version="${version#v}" # Remove leading 'v' from version
echo "Uploading ftrack_connect-${clean_package_version}-win64.exe"
gh release upload ${{ needs.set-variables.outputs.tag }} "ftrack_connect-${clean_package_version}-win64.exe" --clobber
installer-macos:
name: Build Connect Installer on MacOs
needs: [ set-variables, connect-build ]
runs-on: macos-13
env:
CODESIGN: 'True' # A not codesigned dmg will always show damaged app. Please build locally if don't want to codesign and generate a ZIP instead of a dmg.
steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v5
with:
python-version: '3.10'
- name: Install npm dependencies
run: npm install -g appdmg
- name: Set CPPFLAGS LDFLAGS
shell: bash
run: |
export CPPFLAGS=-I/usr/local/opt/openssl/include
export LDFLAGS=-L/usr/local/opt/openssl/lib
- name: Checkout code
uses: actions/checkout@v2
- name: install poetry
shell: bash
run: |
pip install poetry==1.5.1
- name: Build Qt resources
shell: bash
run: |
pip install -r tools/requirements-connect.txt
python tools/build.py --style_path resource --output_path source/ftrack_connect/ui/resource.py --pyside_version 6 build_qt_resources apps/connect
- name: Codesign app bundle
if: env.CODESIGN == 'True'
# Guidance pick from https://federicoterzi.com/blog/automatic-code-signing-and-notarization-for-macos-apps-using-github-actions/
# Extract the secrets we defined earlier as environment variables
env:
MACOS_CERTIFICATE: ${{ secrets.PROD_MACOS_CERTIFICATE }}
MACOS_CERTIFICATE_PWD: ${{ secrets.PROD_MACOS_CERTIFICATE_PWD }}
MACOS_CERTIFICATE_NAME: ${{ secrets.PROD_MACOS_CERTIFICATE_NAME }}
MACOS_CI_KEYCHAIN_PWD: ${{ secrets.PROD_MACOS_CI_KEYCHAIN_PWD }}
PROD_MACOS_NOTARIZATION_APPLE_ID: ${{ secrets.PROD_MACOS_NOTARIZATION_APPLE_ID }}
PROD_MACOS_NOTARIZATION_TEAM_ID: ${{ secrets.PROD_MACOS_NOTARIZATION_TEAM_ID }}
PROD_MACOS_NOTARIZATION_PWD: ${{ secrets.PROD_MACOS_NOTARIZATION_PWD }}
run: |
# Turn our base64-encoded certificate back to a regular .p12 file
echo $MACOS_CERTIFICATE | base64 --decode > certificate.p12
# We need to create a new keychain, otherwise using the certificate will prompt
# with a UI dialog asking for the certificate password, which we can't
# use in a headless CI environment
security create-keychain -p "$MACOS_CI_KEYCHAIN_PWD" build.keychain
security default-keychain -s build.keychain
security unlock-keychain -p "$MACOS_CI_KEYCHAIN_PWD" build.keychain
security import certificate.p12 -k build.keychain -P "$MACOS_CERTIFICATE_PWD" -T /usr/bin/codesign
security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k "$MACOS_CI_KEYCHAIN_PWD" build.keychain
# Verify certificate
echo "Verify certificate: "
security find-identity -v
# Create keychain credentials
echo "Create keychain profile to notarize"
xcrun notarytool store-credentials "notarytool-profile" --apple-id "$PROD_MACOS_NOTARIZATION_APPLE_ID" --team-id "$PROD_MACOS_NOTARIZATION_TEAM_ID" --password "$PROD_MACOS_NOTARIZATION_PWD"
# Build the installer and codesign
cd ${{ needs.set-variables.outputs.folder }}
poetry install --with installer --sync
poetry run ftrack-connect-installer --codesign ${CODESIGN}
- name: Upload Connect DMG to GitHub Release
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
shell: bash
run: |
echo "Listing contents of apps/connect/dist:"
ls -l apps/connect/dist
echo "Listing contents of apps/connect/build:"
ls -l apps/connect/build
cd apps/connect/dist
version="${{ needs.set-variables.outputs.package_version }}"
clean_package_version="${version#v}" # Remove leading 'v' from version
echo "Uploading ftrack_connect-${clean_package_version}.dmg"
gh release upload ${{ needs.set-variables.outputs.tag }} "ftrack_connect-${clean_package_version}-macOS.dmg" --clobber
installer-rocky:
name: Build Connect Installer on Rocky linux
needs: [ set-variables, connect-build ]
runs-on: ubuntu-latest
strategy:
matrix:
rocky-version: [ '8', '9' ]
container:
image: rockylinux/rockylinux:${{ matrix.rocky-version }}
steps:
- uses: actions/checkout@v3
- name: Install dependencies and pyenv
run: |
dnf install -y epel-release
dnf -y update
dnf groupinstall -y "Development Tools"
dnf install -y libxcb xcb-util-cursor gcc zlib-devel bzip2 bzip2-devel readline-devel sqlite sqlite-devel openssl-devel tk-devel libffi-devel xz-devel git findutils patch wget tar make libuuid-devel mesa-libGL
curl https://pyenv.run | bash
echo 'export PATH="$HOME/.pyenv/bin:$PATH"' >> ~/.bashrc
echo 'eval "$(pyenv init --path)"' >> ~/.bashrc
echo 'eval "$(pyenv virtualenv-init -)"' >> ~/.bashrc
source ~/.bashrc
- name: Install GitHub CLI
run: |
dnf install -y dnf-plugins-core
dnf config-manager --add-repo https://cli.github.com/packages/rpm/gh-cli.repo
dnf install -y gh
# Configure Git to allow the current directory
git config --global --add safe.directory /__w/integrations/integrations
- name: Install Python 3.10 using pyenv
run: |
source ~/.bashrc
pyenv install 3.10
pyenv global 3.10
- name: Verify Python version
run: |
source ~/.bashrc
pyenv versions
python --version
pyenv exec python -m pip install --upgrade pip
- name: Install patchelf using pip
run: |
source ~/.bashrc
pyenv exec pip install patchelf
- name: Checkout code
uses: actions/checkout@v2
- name: install poetry
shell: bash
run: |
source ~/.bashrc
pyenv exec pip install poetry==1.5.1
- name: Build Qt resources
shell: bash
run: |
source ~/.bashrc
pyenv exec pip install -r tools/requirements-connect.txt
pyenv exec python tools/build.py --style_path resource --output_path source/ftrack_connect/ui/resource.py --pyside_version 6 build_qt_resources apps/connect
- name: poetry build installer
shell: bash
run: |
source ~/.bashrc
cd ${{ needs.set-variables.outputs.folder }}
pyenv exec poetry install --with installer --sync
pyenv exec poetry run ftrack-connect-installer --codesign ${CODESIGN}
- name: Upload Connect tar.gz and md5 to GitHub Release
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
shell: bash
run: |
source ~/.bashrc
echo "Listing contents of apps/connect/dist:"
ls -l apps/connect/dist
echo "Listing contents of apps/connect/build:"
ls -l apps/connect/build
cd apps/connect/dist
version="${{ needs.set-variables.outputs.package_version }}"
clean_package_version="${version#v}" # Remove leading 'v' from version
echo "Uploading ftrack_connect-${clean_package_version}-R${{ matrix.rocky-version }}.tar.gz"
gh release upload ${{ needs.set-variables.outputs.tag }} "ftrack_connect-${clean_package_version}-R${{ matrix.rocky-version }}.tar.gz" --clobber
gh release upload ${{ needs.set-variables.outputs.tag }} "ftrack_connect-${clean_package_version}-R${{ matrix.rocky-version }}.tar.gz.md5" --clobber