Skip to content

Commit 391d334

Browse files
lucydodolucydodo
committed
Revert "ci: Replace GitHub Actions Runner"
This reverts commit 510cfbc. We're reverting this commit because we've identified an issue with the nightly build for macOS.
1 parent 0b78a5f commit 391d334

File tree

9 files changed

+245
-203
lines changed

9 files changed

+245
-203
lines changed

.github/actions/notarize-macos/README.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
A workflow for notarizing macOS build artifacts during a CI workflow run.

.github/actions/notarize-macos/action.yml

Lines changed: 152 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,152 @@
1+
name: Notarize the app (macOS)
2+
3+
inputs:
4+
APPLE_ID:
5+
required: true
6+
APPLE_PW:
7+
required: true
8+
DEV_ID:
9+
required: true
10+
GH_TOKEN:
11+
required: true
12+
KEYCHAIN_PATH:
13+
required: true
14+
KEYCHAIN_PW:
15+
required: true
16+
NIGHTLY:
17+
required: true
18+
SQLCIPHER:
19+
required: true
20+
TEAM_ID:
21+
required: true
22+
23+
runs:
24+
using: "composite"
25+
26+
steps:
27+
- name: Unlock keychain
28+
shell: bash
29+
run: |
30+
security unlock-keychain -p "${{ inputs.KEYCHAIN_PW }}" "${{ inputs.KEYCHAIN_PATH}}"
31+
security list-keychain -d user -s "${{ inputs.KEYCHAIN_PATH }}"
32+
33+
- name: Include the dependencies in the app bundle
34+
shell: bash
35+
run: find build -name "DB Browser for SQL*.app" -exec /opt/homebrew/opt/db4subqt@5/bin/macdeployqt {} -sign-for-notarization="${{ inputs.DEV_ID }}" \;
36+
37+
- name: Add the 'nalgeon/sqlean' extension to the app bundle
38+
shell: bash
39+
run: |
40+
gh auth login --with-token <<< "${{ inputs.GH_TOKEN }}"
41+
gh release download --pattern "sqlean-macos-arm64.zip" --repo "nalgeon/sqlean"
42+
unzip sqlean-macos-arm64.zip
43+
for TARGET in $(find build -name "DB Browser for SQL*.app" | sed -e 's/ /_/g'); do
44+
TARGET=$(echo $TARGET | sed -e 's/_/ /g')
45+
mkdir "$TARGET/Contents/Extensions"
46+
47+
clang -I /opt/homebrew/opt/db4subsqlitefts@5/include -L /opt/homebrew/opt/db4subsqlitefts@5/lib -fno-common -dynamiclib src/extensions/extension-formats.c -o "$TARGET/Contents/Extensions/formats.dylib"
48+
if [ -f "$TARGET/Contents/Extensions/formats.dylib" ]; then
49+
install_name_tool -id "@executable_path/../Extensions/formats.dylib" "$TARGET/Contents/Extensions/formats.dylib"
50+
ln -s formats.dylib "$TARGET/Contents/Extensions/formats.dylib.dylib"
51+
fi
52+
53+
cp sqlean.dylib "$TARGET/Contents/Extensions/"
54+
if [ -f "$TARGET/Contents/Extensions/sqlean.dylib" ]; then
55+
install_name_tool -id "@executable_path/../Extensions/sqlean.dylib" "$TARGET/Contents/Extensions/sqlean.dylib"
56+
ln -s sqlean.dylib "$TARGET/Contents/Extensions/sqlean.dylib.dylib"
57+
fi
58+
done
59+
60+
- name: Copy the license file to the app bundle
61+
shell: bash
62+
run: |
63+
for TARGET in $(find build -name "DB Browser for SQL*.app" | sed -e 's/ /_/g'); do
64+
TARGET=$(echo $TARGET | sed -e 's/_/ /g')
65+
cp LICENSE "$TARGET/Contents/Resources/"
66+
cp LICENSE-EXTENSIONS "$TARGET/Contents/Resources/"
67+
cp LICENSE-PLUGINS "$TARGET/Contents/Resources/"
68+
done
69+
70+
- name: Copy the translation files to the app bundle
71+
shell: bash
72+
run: |
73+
for TARGET in $(find build -name "DB Browser for SQL*.app" | sed -e 's/ /_/g'); do
74+
TARGET=$(echo $TARGET | sed -e 's/_/ /g')
75+
mkdir "$TARGET/Contents/translations"
76+
for i in ar cs de en es fr it ko pl pt pt_BR ru uk zh_CN zh_TW; do
77+
find /opt/homebrew/opt/db4subqt@5/translations -name "qt_${i}.qm" 2> /dev/null -exec cp -v {} "$TARGET/Contents/translations/" \;
78+
find /opt/homebrew/opt/db4subqt@5/translations -name "qtbase_${i}.qm" 2> /dev/null -exec cp -v {} "$TARGET/Contents/translations/" \;
79+
find /opt/homebrew/opt/db4subqt@5/translations -name "qtmultimedia_${i}.qm" 2> /dev/null -exec cp -v {} "$TARGET/Contents/translations/" \;
80+
find /opt/homebrew/opt/db4subqt@5/translations -name "qtscript_${i}.qm" 2> /dev/null -exec cp -v {} "$TARGET/Contents/translations/" \;
81+
find /opt/homebrew/opt/db4subqt@5/translations -name "qtxmlpatterns_${i}.qm" 2> /dev/null -exec cp -v {} "$TARGET/Contents/translations/" \;
82+
done
83+
done
84+
85+
- name: Copy the icon file to the app bundle
86+
shell: bash
87+
run: |
88+
for TARGET in $(find build -name "DB Browser for SQL*.app" | sed -e 's/ /_/g'); do
89+
TARGET=$(echo $TARGET | sed -e 's/_/ /g')
90+
if [ "${{ inputs.NIGHTLY }}" = "false" ]; then
91+
cp installer/macos/macapp.icns "$TARGET/Contents/Resources/"
92+
/usr/libexec/PlistBuddy -c "Set :CFBundleIconFile macapp.icns" "$TARGET/Contents/Info.plist"
93+
else
94+
cp installer/macos/macapp-nightly.icns "$TARGET/Contents/Resources/"
95+
/usr/libexec/PlistBuddy -c "Set :CFBundleIconFile macapp-nightly.icns" "$TARGET/Contents/Info.plist"
96+
fi
97+
done
98+
99+
- name: Sign the manually added extensions.
100+
shell: bash
101+
run: |
102+
for TARGET in $(find build -name "DB Browser for SQL*.app" | sed -e 's/ /_/g'); do
103+
TARGET=$(echo $TARGET | sed -e 's/_/ /g')
104+
codesign --sign "${{ inputs.DEV_ID }}" --deep --force --options=runtime --strict --timestamp "$TARGET/Contents/Extensions/formats.dylib"
105+
codesign --sign "${{ inputs.DEV_ID }}" --deep --force --options=runtime --strict --timestamp "$TARGET/Contents/Extensions/sqlean.dylib"
106+
codesign --sign "${{ inputs.DEV_ID }}" --deep --force --options=runtime --strict --timestamp "$TARGET"
107+
done
108+
109+
- name: Move app bundle to installer folder for DMG creation
110+
shell: bash
111+
run: mv build/*.app installer/macos
112+
113+
# TODO: I originally tried to break it into two steps to make it more readable,
114+
# but Composite Actions do not support if statements for steps.
115+
# For more information, see https://github.com/actions/runner/blob/main/docs/adrs/0549-composite-run-steps.md
116+
- name: Create the DMG
117+
shell: bash
118+
run: |
119+
export DATE=$(date +%Y%m%d)
120+
121+
if [ "${{ inputs.SQLCIPHER }}" = "1" ]; then
122+
if [ "${{ inputs.NIGHTLY }}" = "false" ]; then
123+
# Continuous with SQLCipher
124+
sed -i "" 's/"DB Browser for SQLCipher Nightly.app"/"DB Browser for SQLCipher-dev-'$(git rev-parse --short --verify HEAD)'.app"/' installer/macos/sqlcipher-nightly.json
125+
TARGET="DB.Browser.for.SQLCipher-dev-$(git rev-parse --short --verify HEAD).dmg"
126+
else
127+
# Nightly with SQLCipher
128+
TARGET="DB.Browser.for.SQLCipher-universal_$DATE.dmg"
129+
fi
130+
appdmg --quiet installer/macos/sqlcipher-nightly.json "$TARGET"
131+
else
132+
if [ "${{ inputs.NIGHTLY }}" = "false" ]; then
133+
# Continuous without SQLCipher
134+
sed -i "" 's/"DB Browser for SQLite Nightly.app"/"DB Browser for SQLite-dev-'$(git rev-parse --short --verify HEAD)'.app"/' installer/macos/nightly.json
135+
TARGET="DB.Browser.for.SQLite-dev-$(git rev-parse --short --verify HEAD).dmg"
136+
else
137+
# Nightly without SQLCipher
138+
TARGET="DB.Browser.for.SQLite-universal_$DATE.dmg"
139+
fi
140+
appdmg --quiet installer/macos/nightly.json "$TARGET"
141+
fi
142+
143+
codesign --sign "${{ inputs.DEV_ID }}" --verbose --options=runtime --timestamp "$TARGET"
144+
codesign -vvv --deep --strict --verbose=4 "$TARGET"
145+
146+
- name: Notarize the dmg
147+
shell: bash
148+
run: xcrun notarytool submit *.dmg --apple-id "${{ inputs.APPLE_ID }}" --password "${{ inputs.APPLE_PW }}" --team-id "${{ inputs.TEAM_ID }}" --wait
149+
150+
- name: Staple the notarization ticket
151+
shell: bash
152+
run: xcrun stapler staple *.dmg

.github/patch/variables.wxi.patch

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@ index fbedf0c3..368888ef 100644
88

99
- <?define VCRedistPath="C:\Program Files (x86)\Microsoft Visual Studio\2017\Community\VC\Redist\MSVC\14.16.27012\MergeModules" ?>
1010
- <?define VCRedistFile="Microsoft_VC141_CRT_$(sys.BUILDARCH).msm" ?>
11-
+ <?define VCRedistPath="C:\Program Files (x86)\Microsoft Visual Studio\2019\Enterprise\VC\Redist\MSVC\14.29.30133\MergeModules" ?>
11+
+ <?define VCRedistPath="C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Redist\MSVC\14.29.30133\MergeModules" ?>
1212
+ <?define VCRedistFile="Microsoft_VC142_CRT_$(sys.BUILDARCH).msm" ?>
1313

1414
<!--
@@ -32,7 +32,7 @@ index fbedf0c3..368888ef 100644
3232
- <?define SQLiteExePath="C:\builds\release-sqlite-win32\Release" ?>
3333
- <?define SQLCipherExePath="C:\builds\release-sqlcipher-win32\Release" ?>
3434
- <?endif?>
35-
+ <?define QtPath="$(env.Qt5_Dir)" ?>
35+
+ <?define QtPath="$(env.Qt5Path)" ?>
3636
+ <?define SQLitePath="$(env.SQLitePath)" ?>
3737
+ <?define SQLCipherPath="$(env.SQLCipherPath)" ?>
3838
+ <?define OpenSSLPath="$(env.OpenSSLPath)" ?>

.github/workflows/build-appimage.yml

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -16,10 +16,10 @@ jobs:
1616
- name: Checkout
1717
uses: actions/checkout@v4
1818

19-
- name: Install dependencies
20-
run: |
21-
sudo apt update
22-
sudo apt install libqcustomplot-dev libqscintilla2-qt5-dev libqt5svg5 libsqlcipher-dev libsqlite3-dev qttools5-dev
19+
- name: Install and cache dependencies
20+
uses: awalsh128/cache-apt-pkgs-action@v1.4.2
21+
with:
22+
packages: libqcustomplot-dev libqscintilla2-qt5-dev libqt5svg5 libsqlcipher-dev libsqlite3-dev qttools5-dev
2323

2424
- if: matrix.sqlcipher == 0
2525
name: Build SQLite
@@ -37,7 +37,7 @@ jobs:
3737
- name: Configure build
3838
run: |
3939
mkdir appbuild && mkdir appdir && cd appbuild
40-
cmake -DCMAKE_BUILD_TYPE=Release -DCMAKE_INSTALL_PREFIX:PATH=../appdir/usr -Wno-dev -DFORCE_INTERNAL_QSCINTILLA=ON -Dsqlcipher=${{ matrix.sqlcipher }} ..
40+
cmake -DCMAKE_INSTALL_PREFIX:PATH=../appdir/usr -Wno-dev -DFORCE_INTERNAL_QSCINTILLA=ON -Dsqlcipher=${{ matrix.sqlcipher }} ..
4141
4242
- name: Build
4343
working-directory: ./appbuild

.github/workflows/build-macos.yml

Lines changed: 8 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -14,19 +14,12 @@ jobs:
1414
strategy:
1515
fail-fast: false
1616
matrix:
17-
os: [macos-14]
17+
os: [macos-13-runner]
1818
sqlcipher: ["0", "1"]
1919
steps:
2020
- name: Checkout
2121
uses: actions/checkout@v4
2222

23-
- name: Install dependencies
24-
run: |
25-
brew update
26-
brew tap sqlitebrowser/tap
27-
brew install db4subqt@5 db4subsqlcipher db4subsqlitefts@5 ninja
28-
npm install -g appdmg
29-
3023
- name: Configure build
3124
run: |
3225
if [ "${{ inputs.NIGHTLY }}" = "true" ]; then
@@ -44,7 +37,7 @@ jobs:
4437
fi
4538
4639
mkdir build && cd build
47-
cmake -G Ninja -DCMAKE_BUILD_TYPE=Release -DCMAKE_OSX_ARCHITECTURES="arm64;x86_64" -DcustomTap=1 -DENABLE_TESTING=ON -Dsqlcipher=${{ matrix.sqlcipher }} ..
40+
cmake -G Ninja -DCMAKE_OSX_ARCHITECTURES="arm64;x86_64" -DcustomTap=1 -DENABLE_TESTING=ON -Dsqlcipher=${{ matrix.sqlcipher }} ..
4841
4942
- name: Build
5043
working-directory: ./build
@@ -57,29 +50,24 @@ jobs:
5750
- name: Build Extension
5851
run: clang -I /opt/homebrew/opt/db4subsqlitefts@5/include -L /opt/homebrew/opt/db4subsqlitefts@5/lib -fno-common -dynamiclib src/extensions/extension-formats.c
5952

60-
- name: Notarization
61-
id: notarization
62-
run: chmod +x ./installer/macos/notarize.sh && ./installer/macos/notarize.sh
63-
env:
53+
- if: github.event_name != 'pull_request'
54+
name: Notarize the app
55+
uses: ./.github/actions/notarize-macos
56+
with:
6457
APPLE_ID: ${{ secrets.MACOS_CODESIGN_APPLE_ID }}
6558
APPLE_PW: ${{ secrets.MACOS_CODESIGN_APPLE_PW }}
6659
DEV_ID: ${{ secrets.MACOS_CODESIGN_DEV_ID }}
6760
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
61+
KEYCHAIN_PATH: ${{ secrets.MACOS_CODESIGN_KEYCHAIN_PATH }}
6862
KEYCHAIN_PW: ${{ secrets.MACOS_CODESIGN_KEYCHAIN_PW }}
69-
P12: ${{ secrets.MACOS_CODESIGN_P12 }}
70-
P12_PW: ${{ secrets.MACOS_CODESIGN_P12_PW }}
7163
NIGHTLY: ${{ inputs.NIGHTLY }}
7264
SQLCIPHER: ${{ matrix.sqlcipher }}
7365
TEAM_ID: ${{ secrets.MACOS_CODESIGN_TEAM_ID }}
7466

75-
- if: steps.notarization.conclusion != 'skipped'
76-
name: Clear Keychain
77-
run: security delete-keychain $RUNNER_TEMP/app-signing.keychain-db
78-
continue-on-error: true
79-
8067
- if: github.event_name != 'pull_request'
8168
name: Upload artifacts
8269
uses: actions/upload-artifact@v4
8370
with:
8471
name: build-artifacts-${{ matrix.os }}-${{ matrix.sqlcipher }}
8572
path: DB.Browser.for.*.dmg
73+
retention-days: 1

0 commit comments

Comments
 (0)