-
Notifications
You must be signed in to change notification settings - Fork 0
172 lines (144 loc) · 6.26 KB
/
build_rust.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
name: Rust
on:
push:
tags:
- 'v*'
branches:
- master
pull_request:
branches:
- master
jobs:
build:
name: Build for multiple platforms
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ubuntu-latest, windows-latest, macos-latest, macos-12]
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Set up Rust
uses: actions-rs/toolchain@v1
with:
toolchain: stable
override: true
- name: Install OpenSSL (Windows)
if: runner.os == 'Windows'
shell: powershell
run: |
echo "VCPKG_ROOT=$env:VCPKG_INSTALLATION_ROOT" | Out-File -FilePath $env:GITHUB_ENV -Append
vcpkg install openssl:x64-windows-static-md
- name: Install OpenSSL (Macos)
if: matrix.os == 'macos-latest'
run: brew install openssl
- name: Cache cargo registry
uses: actions/cache@v4
with:
path: ~/.cargo/registry
key: ${{ runner.os }}-cargo-registry
restore-keys: |
${{ runner.os }}-cargo-registry
- name: Cache cargo index
uses: actions/cache@v4
with:
path: ~/.cargo/git
key: ${{ runner.os }}-cargo-index
restore-keys: |
${{ runner.os }}-cargo-index
- name: Build
run: cargo build --release
# - name: Run tests
# run: cargo test --release
- name: Create release directory
run: mkdir -p release
- name: Create release system directory
run: mkdir -p release/${{ matrix.os }}
- name: Copy binary to release directory Windows
if: matrix.os == 'windows-latest'
run: cp target/release/idf-im-cli.exe release/${{ matrix.os }}/eim.exe
- name: Copy binary to release directory POSIX
if: matrix.os != 'windows-latest'
run: cp target/release/idf-im-cli release/${{ matrix.os }}/eim
- name: Codesign macOS eim executables
if: startsWith(matrix.os, 'macos')
env:
MACOS_CERTIFICATE: ${{ secrets.MACOS_CERTIFICATE }}
MACOS_CERTIFICATE_PWD: ${{ secrets.MACOS_CERTIFICATE_PWD }}
run: |
echo $MACOS_CERTIFICATE | base64 --decode > certificate.p12
/usr/bin/security create-keychain -p espressif build.keychain
/usr/bin/security default-keychain -s build.keychain
/usr/bin/security unlock-keychain -p espressif build.keychain
/usr/bin/security import certificate.p12 -k build.keychain -P $MACOS_CERTIFICATE_PWD -T /usr/bin/codesign
/usr/bin/security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k espressif build.keychain
/usr/bin/codesign --options runtime --force -s "ESPRESSIF SYSTEMS (SHANGHAI) CO., LTD. (QWXF6GB4AV)" release/${{ matrix.os }}/eim -v
/usr/bin/codesign -v -vvv --deep release/${{ matrix.os }}/eim
- name: Zip eim executable for notarization
if: startsWith(matrix.os, 'macos')
run: |
cd release/${{ matrix.os }}
zip eim.zip eim
- name: Notarization of macOS eim executables
# && github.ref == 'refs/heads/master'
if: startsWith(matrix.os, 'macos')
env:
NOTARIZATION_USERNAME: ${{ secrets.NOTARIZATION_USERNAME }}
NOTARIZATION_PASSWORD: ${{ secrets.NOTARIZATION_PASSWORD }}
NOTARIZATION_TEAM_ID: ${{ secrets.NOTARIZATION_TEAM_ID }}
run: |
echo "Create notary keychain"
/usr/bin/security create-keychain -p espressif notary.keychain
/usr/bin/security default-keychain -s notary.keychain
/usr/bin/security unlock-keychain -p espressif notary.keychain
echo "Create keychain profile"
xcrun notarytool store-credentials "eim-notarytool-profile" --apple-id $NOTARIZATION_USERNAME --team-id $NOTARIZATION_TEAM_ID --password $NOTARIZATION_PASSWORD
xcrun notarytool submit release/${{ matrix.os }}/eim.zip --keychain-profile "eim-notarytool-profile" --wait
echo "Unzipping the executable"
unzip -o release/${{ matrix.os }}/eim.zip -d release/${{ matrix.os }}
# echo "Attach staple for eim executable"
# xcrun stapler staple release/${{ matrix.os }}/eim
- name: Upload build artifacts for POSIX
uses: actions/upload-artifact@v4
if: matrix.os != 'windows-latest'
with:
name: eim-${{ matrix.os }}
path: release/${{ matrix.os }}/eim
- name: Upload artifact for tag on POSIX
if: startsWith(github.ref, 'refs/tags/') && matrix.os != 'windows-latest'
uses: actions/upload-artifact@v4
with:
name: eim-${{ github.ref_name }}-${{ runner.os }}
path: release/${{ matrix.os }}/eim
- name: Upload build artifacts for Windows
uses: actions/upload-artifact@v4
if: matrix.os == 'windows-latest'
with:
name: eim-${{ matrix.os }}
path: release/${{ matrix.os }}/eim.exe
- name: Upload artifact for tag on Windows
if: startsWith(github.ref, 'refs/tags/') && runner.os == 'Windows'
uses: actions/upload-artifact@v4
with:
name: eim-${{ github.ref_name }}-${{ runner.os }}
path: release/${{ matrix.os }}/eim.exe
- name: Create aarch64-linux build
if: matrix.os == 'ubuntu-latest'
run: |
rustup target add aarch64-unknown-linux-gnu
cargo install cross
cross build --target aarch64-unknown-linux-gnu --release
mkdir -p release/aarch64-unknown-linux-gnu
cp target/aarch64-unknown-linux-gnu/release/idf-im-cli release/aarch64-unknown-linux-gnu/eim
- name: Upload build artifacts for aarch64-linux
uses: actions/upload-artifact@v4
if: matrix.os == 'ubuntu-latest'
with:
name: eim-linux-arm64
path: release/aarch64-unknown-linux-gnu/eim
- name: Upload artifact for tag on aarch64-linux
if: startsWith(github.ref, 'refs/tags/') && runner.os == 'Linux'
uses: actions/upload-artifact@v4
with:
name: eim-${{ github.ref_name }}-linux-arm64
path: release/aarch64-unknown-linux-gnu/eim