name: macos_build on: workflow_dispatch: schedule: - cron: '0 0 * * *' push: pull_request: branches: [ master ] jobs: build: runs-on: ${{ matrix.os }} strategy: fail-fast: false matrix: include: - vscode_arch: x64 os: macOS-10.15 # - vscode_arch: arm64 # os: macOS-11 env: OS_NAME: "osx" VSCODE_ARCH: ${{ matrix.vscode_arch }} steps: - uses: actions/checkout@v2 - name: Setup Node.js environment uses: actions/setup-node@v1 with: node-version: 14 - name: Check PR or cron run: | . check_cron_or_pr.sh - name: Clone VSCode repo run: | . get_repo.sh - name: Check existing VSCodium tags/releases env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | . check_tags.sh if: env.SHOULD_DEPLOY == 'yes' - name: Compute cache key id: yarnCacheKey run: echo "::set-output name=value::$(node build/azure-pipelines/computeYarnCacheKey.js)" if: env.SHOULD_BUILD == 'yes' - name: Get yarn cache directory path id: yarnCacheDirPath run: echo "::set-output name=dir::$(yarn cache dir)" if: env.SHOULD_BUILD == 'yes' - name: Cache yarn directory uses: actions/cache@v2 with: path: ${{ steps.yarnCacheDirPath.outputs.dir }} key: ${{ env.OS_NAME }}-${{ env.VSCODE_ARCH }}-yarnCacheDir-${{ steps.yarnCacheKey.outputs.value }} restore-keys: ${{ env.OS_NAME }}-${{ env.VSCODE_ARCH }}-yarnCacheDir- if: env.SHOULD_BUILD == 'yes' - name: Build env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: ./build.sh if: env.SHOULD_BUILD == 'yes' - name: Sign binary env: CERTIFICATE_OSX_P12: ${{ secrets.CERTIFICATE_OSX_P12 }} CERTIFICATE_OSX_PASSWORD: ${{ secrets.CERTIFICATE_OSX_PASSWORD }} CERTIFICATE_OSX_ID: ${{ secrets.CERTIFICATE_OSX_ID }} if: env.SHOULD_BUILD == 'yes' && env.SHOULD_DEPLOY == 'yes' run: | if [ -d "VSCode-darwin-${VSCODE_ARCH}" ]; then # just in case the build failed cd "VSCode-darwin-${VSCODE_ARCH}" export CERTIFICATE_P12=VSCodium.p12 echo $CERTIFICATE_OSX_P12 | base64 --decode > $CERTIFICATE_P12 export KEYCHAIN=build.keychain security create-keychain -p mysecretpassword $KEYCHAIN security default-keychain -s $KEYCHAIN security unlock-keychain -p mysecretpassword $KEYCHAIN security import $CERTIFICATE_P12 -k $KEYCHAIN -P $CERTIFICATE_OSX_PASSWORD -T /usr/bin/codesign security set-key-partition-list -S apple-tool:,apple: -s -k mysecretpassword $KEYCHAIN codesign --deep --force --verbose --sign "$CERTIFICATE_OSX_ID" VSCodium.app fi - name: Zip release run: | cd "VSCode-darwin-${VSCODE_ARCH}" zip -r -X -y ../VSCodium-darwin-${VSCODE_ARCH}-${MS_TAG}.zip ./*.app if: env.SHOULD_BUILD == 'yes' && env.SHOULD_DEPLOY == 'yes' - name: DMG the release run: | pushd "VSCode-darwin-${VSCODE_ARCH}" npx create-dmg VSCodium.app .. mv "../VSCodium ${MS_TAG}.dmg" "../VSCodium.${VSCODE_ARCH}.${MS_TAG}.dmg" popd if: env.SHOULD_BUILD == 'yes' && env.SHOULD_DEPLOY == 'yes' - name: Generate shasums run: ./sum.sh if: env.SHOULD_BUILD == 'yes' && env.SHOULD_DEPLOY == 'yes' - name: Release uses: softprops/action-gh-release@v1 if: env.SHOULD_BUILD == 'yes' && env.SHOULD_DEPLOY == 'yes' with: tag_name: ${{ env.MS_TAG }} files: | ./*.zip ./*.dmg ./*.sha256 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Update versions repo if: env.SHOULD_BUILD == 'yes' && env.SHOULD_DEPLOY == 'yes' run: ./update_version.sh env: GITHUB_TOKEN: ${{ secrets.STRONGER_GITHUB_TOKEN }} GITHUB_USERNAME: ${{ github.repository_owner }}