feat: SP-1571 Add capability to add comments when filtering a file/co… #95

Workflow file for this run

.github/workflows/release.yml at 8905267

	name: Publish

	on:
	workflow_dispatch:

	push:
	tags:
	- "v..*"

	env:
	# Necessary for most environments as build failure can occur due to OOM issues
	NODE_OPTIONS: "--max-old-space-size=4096"
	ARTIFACT_NAME_PREFIX: "scanoss-lui"
	GOLANG_VERSION: "1.21"
	NODE_VERSION: "16.x"

	jobs:

	build_mac:
	name: Build for MacOS
	runs-on: macos-latest

	steps:
	- name: Checkout
	uses: actions/checkout@v4
	with:
	submodules: recursive

	# Setup and configure GoLang
	- name: Setup GoLang
	uses: actions/setup-go@v5
	with:
	check-latest: true
	go-version: ${{ env.GOLANG_VERSION }}
	- run: go version
	shell: bash

	# Setup and configure NodeJS
	- name: Setup NodeJS
	uses: actions/setup-node@v4
	with:
	node-version: ${{ env.NODE_VERSION }}

	# Install Wails
	- name: Install Wails
	run: go install github.com/wailsapp/wails/v2/cmd/wails@latest
	shell: bash

	#TODO: Check if is used
	- name: Install macOS Wails deps
	run: brew install mitchellh/gon/gon
	shell: bash

	# Build
	- name: Build App
	run: \|
	mkdir build
	cp -r assets build/assets
	wails build -ldflags "-X main.version=$(git tag --sort=-version:refname \| head -n 1)" --platform "darwin/universal" --nopackage -webview2 download -o scanoss-lui-macos
	shell: bash


	# Set execution permissions
	- name: Add macOS perms
	run: chmod +x ./build/bin/scanoss-lui-macos
	shell: bash


	# macOS Signing
	- name: Import Code-Signing Certificates for macOS
	if: startsWith(github.ref, 'refs/tags/')
	uses: Apple-Actions/import-codesign-certs@v3
	with:
	keychain-password: ${{ secrets.APPLE_PASSWORD }}
	p12-file-base64: ${{ secrets.MACOS_DEVELOPER_CERT }}
	p12-password: ${{ secrets.MACOS_DEVELOPER_CERT_PASSWORD }}

	- name: Sign and Notarize
	env:
	APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
	APPLE_ID: [email protected]
	APP_CERTIFICATE: ${{ secrets.MACOS_DEVELOPER_CERT_FULL_ID }}
	APPLE_DEVELOPER_ID: ${{ secrets.MACOS_DEVELOPER_CERT_ID }}
	run: \|
	echo "Signing Package with App Certificate"
	codesign --timestamp --deep --options runtime -s "$APP_CERTIFICATE" --verbose ./build/bin/scanoss-lui-macos

	echo "Verifying Code Signature"
	codesign --verify --verbose=4 ./build/bin/scanoss-lui-macos

	echo "Detailed Signature Information"
	codesign -dvv ./build/bin/scanoss-lui-macos

	echo "Checking Gatekeeper Acceptance (Before Notarization)"
	spctl -a -vv ./build/bin/scanoss-lui-macos \|\| echo "Gatekeeper rejection expected before notarization"

	echo "Creating zip archive"
	ditto -c -k --sequesterRsrc --keepParent ./build/bin/scanoss-lui-macos ./build/bin/scanoss-lui-macos.zip

	echo "Submitting for Notarization"
	xcrun notarytool submit ./build/bin/scanoss-lui-macos.zip --apple-id "$APPLE_ID" --team-id "$APPLE_DEVELOPER_ID" --password "$APPLE_PASSWORD" --wait

	echo "Checking Notarization Status"
	xcrun notarytool history --apple-id "$APPLE_ID" --team-id "$APPLE_DEVELOPER_ID" --password "$APPLE_PASSWORD"

	chmod +x ./build/bin/scanoss-lui-macos

	echo "Signing and Notarization Complete"

	- name: Upload build assets
	uses: actions/upload-artifact@v4
	with:
	name: artifact_m
	path: ./build/bin/*.zip


	build_linux:
	name: Build for Linux
	runs-on: ubuntu-20.04

	steps:
	- name: Checkout
	uses: actions/checkout@v4
	with:
	submodules: recursive

	# Setup and configure GoLang
	- name: Setup GoLang
	uses: actions/setup-go@v5
	with:
	check-latest: true
	go-version: ${{ env.GOLANG_VERSION }}
	- run: go version
	shell: bash
	# Setup and configure NodeJS
	- name: Setup NodeJS
	uses: actions/setup-node@v4
	with:
	node-version: ${{ env.NODE_VERSION }}

	# Install Wails
	- name: Install Wails
	run: go install github.com/wailsapp/wails/v2/cmd/wails@latest
	shell: bash

	# Install Linux Wails deps
	- name: Install Linux Wails deps
	run: sudo apt-get update && sudo apt-get install libgtk-3-0 libwebkit2gtk-4.0-dev gcc-aarch64-linux-gnu
	shell: bash

	# Build
	- name: Build Linux App
	run: \|
	mkdir build
	cp -r assets build/assets
	wails build -ldflags "-X main.version=$(git tag --sort=-version:refname \| head -n 1)" --platform "linux/amd64" -webview2 download -o scanoss-lui-linux
	shell: bash

	- name: Add Linux perms
	run: chmod +x ./build/bin/scanoss-lui-linux
	shell: bash

	- name: Build Linux zip file
	shell: bash
	run: \|
	cd ./build/bin/ && zip scanoss-lui-linux.zip scanoss-lui-linux

	# Upload build assets
	- uses: actions/upload-artifact@v4
	with:
	name: artifact_l
	path: \|
	./build/bin/*.zip


	build_w:
	name: Build for Windows
	runs-on: windows-latest
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	with:
	submodules: recursive

	# Setup and configure GoLang
	- name: Setup GoLang
	uses: actions/setup-go@v5
	with:
	check-latest: true
	go-version: ${{ env.GOLANG_VERSION }}
	- run: go version
	shell: bash

	# Setup and configure Node JS
	- name: Setup NodeJS
	uses: actions/setup-node@v4
	with:
	node-version: ${{ env.NODE_VERSION }}

	# Install Wails
	- name: Install Wails
	run: go install github.com/wailsapp/wails/v2/cmd/wails@latest
	shell: bash

	# Build
	- name: Build Windows App
	run: \|
	mkdir build
	cp -r assets build/assets
	wails build -ldflags "-X main.version=$(git tag --sort=-version:refname \| head -n 1)" --platform "windows/amd64" -webview2 download -o ${{env.ARTIFACT_NAME_PREFIX}}-windows.exe
	shell: bash

	- uses: actions/upload-artifact@v4
	with:
	name: artifact_w_unsigned
	path: \|
	build/bin/${{ env.ARTIFACT_NAME_PREFIX }}*.exe



	build_w_sign:
	name: "Sign with CodeSignTool"
	needs: [build_w]
	runs-on: ubuntu-latest
	steps:

	- name: Download artifact W unsigned
	uses: actions/download-artifact@v4
	with:
	name: artifact_w_unsigned

	#This stage locates the unsigned .exe binary and move to win_unsigned folder.
	#CodeSignTool does not support reading and writting into the same filepath
	- name: Find Windows Artifact Path
	id: win-path-artifact
	run: \|
	export WIN_BINARY_FILEPATH=$(ls ${{ env.ARTIFACT_NAME_PREFIX }}*.exe)
	mkdir win_unsigned
	mv "$WIN_BINARY_FILEPATH" win_unsigned/
	echo "ARTIFACT_WIN_PATH=win_unsigned/$WIN_BINARY_FILEPATH" >> "$GITHUB_OUTPUT"

	- name: Sign Windows Artifact with CodeSignTool
	uses: sslcom/esigner-codesign@develop
	env:
	ARTIFACT_WIN_PATH: ${{ steps.win-path-artifact.outputs.ARTIFACT_WIN_PATH }}
	with:
	command: sign
	username: ${{secrets.WINDOWS_CODE_SIGNING_TOOL_ES_USERNAME}}
	password: ${{secrets.WINDOWS_CODE_SIGNING_TOOL_ES_PASSWORD}}
	credential_id: ${{secrets.WINDOWS_CODE_SIGNING_TOOL_CREDENTIAL_ID}}
	totp_secret: ${{secrets.WINDOWS_CODE_SIGNING_TOOL_ES_TOTP_SECRET}}
	file_path: ${GITHUB_WORKSPACE}/${{ env.ARTIFACT_WIN_PATH }}
	output_path: ${GITHUB_WORKSPACE}

	- name: zip file
	shell: bash
	run: \|
	mkdir -p build/bin
	export WIN_BINARY_FILEPATH=$(ls ${{ env.ARTIFACT_NAME_PREFIX }}*.exe)
	zip ./build/bin/scanoss-lui-win.zip $WIN_BINARY_FILEPATH

	- uses: actions/upload-artifact@v4
	with:
	name: artifact_w
	path: \|
	build/bin/*.zip


	create_release:
	needs: [ build_w_sign, build_mac, build_linux ]
	runs-on: ubuntu-latest

	steps:
	- name: Download artifact W
	uses: actions/download-artifact@v4
	with:
	name: artifact_w

	- name: Download artifact M
	uses: actions/download-artifact@v4
	with:
	name: artifact_m

	- name: Download artifact L
	uses: actions/download-artifact@v4
	with:
	name: artifact_l

	- name: Publish release draft
	env:
	GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	GH_PROMPT_DISABLED: "disable"
	run: \|
	gh release create ${{github.ref_name}} \
	--repo ${{ github.server_url }}/${{ github.repository }} \
	--generate-notes \
	--draft \
	$(ls *.zip)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat: SP-1571 Add capability to add comments when filtering a file/co… #95

Workflow file

feat: SP-1571 Add capability to add comments when filtering a file/co… #95

Jobs

Run details

Workflow file for this run