Skip to content

Commit

Permalink
Release build squashed
Browse files Browse the repository at this point in the history
  • Loading branch information
NQNStudios committed Nov 18, 2024
1 parent 4c5e378 commit ee14ad8
Show file tree
Hide file tree
Showing 9 changed files with 429 additions and 23 deletions.
73 changes: 73 additions & 0 deletions .github/workflows/mac-universal.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,73 @@
name: Mac universal build
on:
push:
branches:
- universal
release:
types: [published]
jobs:
build:
runs-on: macos-14
env:
CONFIGURATION: ${{ matrix.configuration }}
BUTLER_API_KEY: ${{ secrets.BUTLER_API_KEY }}
PROD_MACOS_CERTIFICATE: '${{ secrets.PROD_MACOS_CERTIFICATE }}'
PROD_MACOS_CERTIFICATE_PWD: '${{ secrets.PROD_MACOS_CERTIFICATE_PWD }}'
PROD_MACOS_CERTIFICATE_NAME: '${{ secrets.PROD_MACOS_CERTIFICATE_NAME }}'
PROD_MACOS_CI_KEYCHAIN_PWD: '${{ secrets.PROD_MACOS_CI_KEYCHAIN_PWD }}'
PROD_MACOS_NOTARIZATION_APPLE_ID: '${{ secrets.PROD_MACOS_NOTARIZATION_APPLE_ID }}'
PROD_MACOS_NOTARIZATION_TEAM_ID: '${{ secrets.PROD_MACOS_NOTARIZATION_TEAM_ID }}'
PROD_MACOS_NOTARIZATION_PWD: '${{ secrets.PROD_MACOS_NOTARIZATION_PWD }}'
BUILD_OS: macos
strategy:
fail-fast: false
matrix:
configuration:
- Release
- Debug
steps:
- uses: actions/checkout@v4

# Download macos-intel
- uses: robinraju/release-downloader@v1
id: download
with:
latest: true
fileName: 'cboe-macos-intel-${{ matrix.configuration }}.tar'
extract: true
out-file-path: 'cboe-macos-intel-${{ matrix.configuration }}'

# Download macos-silicon
- uses: robinraju/release-downloader@v1
with:
latest: true
fileName: 'cboe-macos-silicon-${{ matrix.configuration }}.tar'
extract: true
out-file-path: 'cboe-macos-silicon-${{ matrix.configuration }}'

- run: .github/workflows/scripts/mac/make-universal.sh

# Skipping this for now because of issue nqnstudios#13
- name: Codesign and notarize
run: 'SIGN="no" NOTARIZE="no" .github/workflows/scripts/mac/sign-apps.sh'

- name: 'Tar files'
run: 'tar -cvf cboe-macos-universal-${{matrix.configuration}}.tar "build/Blades of Exile"'

# Upload everything as artifact
- uses: actions/upload-artifact@v4
with:
name: mac-universal-dependencies-${{matrix.configuration}}
path: cboe-macos-universal-${{matrix.configuration}}.tar

# upload a release
- name: Github release
uses: softprops/action-gh-release@v2
with:
files: cboe-macos-universal-${{ matrix.configuration }}.tar
tag_name: ${{ steps.download.outputs.tag_name }}

- name: 'Itch.io release'
run: './.github/workflows/scripts/butler_push.sh'
shell: bash
if: ${{ matrix.configuration == 'Release' }}
131 changes: 131 additions & 0 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,131 @@
on:
push:
branches:
- 'itch-edition'
tags:
- "v*.*.*"
pull_request:
branches:
- itch-edition
jobs:
release:
env:
ARCH: ${{ matrix.os.flag }}
MACOSX_DEPLOYMENT_TARGET: 10.15
BUTLER_API_KEY: ${{ secrets.BUTLER_API_KEY }}
PROD_MACOS_CERTIFICATE: '${{ secrets.PROD_MACOS_CERTIFICATE }}'
PROD_MACOS_CERTIFICATE_PWD: '${{ secrets.PROD_MACOS_CERTIFICATE_PWD }}'
PROD_MACOS_CERTIFICATE_NAME: '${{ secrets.PROD_MACOS_CERTIFICATE_NAME }}'
PROD_MACOS_CI_KEYCHAIN_PWD: '${{ secrets.PROD_MACOS_CI_KEYCHAIN_PWD }}'
PROD_MACOS_NOTARIZATION_APPLE_ID: '${{ secrets.PROD_MACOS_NOTARIZATION_APPLE_ID }}'
PROD_MACOS_NOTARIZATION_TEAM_ID: '${{ secrets.PROD_MACOS_NOTARIZATION_TEAM_ID }}'
PROD_MACOS_NOTARIZATION_PWD: '${{ secrets.PROD_MACOS_NOTARIZATION_PWD }}'
VCPKG_BINARY_SOURCES: "clear;x-gha,readwrite"
DEBUG_FLAG: ${{ matrix.configuration == 'Debug' && 'true' || 'false' }}
BUILD_OS: ${{ matrix.os.name }}
strategy:
fail-fast: false
matrix:
os:
- name: macos
suffix: '-intel'
flag: x86_64
deps: macos-universal
version: 13
scons-script: './.github/workflows/scripts/mac/scons-build.sh'
- name: macos
flag: arm64
suffix: '-silicon'
deps: macos-universal
version: 14
scons-script: './.github/workflows/scripts/mac/scons-build.sh'
# - name: ubuntu
# suffix: ''
# version: 22.04
# scons-script: scons
- name: windows
suffix: ''
version: 2019
scons-script: './.github/workflows/scripts/win/scons-build.bat'
configuration:
- Release
- Debug
runs-on: '${{ matrix.os.name }}-${{ matrix.os.version }}'
steps:
- name: Export GitHub Actions cache environment variables
uses: actions/github-script@v7
with:
script: "core.exportVariable('ACTIONS_CACHE_URL', process.env.ACTIONS_CACHE_URL || ''); core.exportVariable('ACTIONS_RUNTIME_TOKEN', process.env.ACTIONS_RUNTIME_TOKEN || '');"
- name: checkout
uses: actions/checkout@v4
with:
submodules: true
- name: Download dependency build
uses: robinraju/release-downloader@v1
with:
repository: NQNStudios/cboe-dependencies
latest: true
fileName: 'dependencies-${{ matrix.os.deps || matrix.os.name }}-${{ matrix.configuration }}.tar'
extract: true
out-file-path: 'deps'
- name: Windows build dependencies
run: 'vcpkg install libxml2 && pip install scons'
if: ${{ matrix.os.name == 'windows' }}
- name: Mac build dependencies
run: brew install scons
if: ${{ matrix.os.name == 'macos' }}
- name: Linux build dependencies
run: sudo apt-get update && sudo apt-get install scons libxml2-utils libgl-dev libopenal-dev
if: ${{ matrix.os.name == 'ubuntu' }}
- name: Install TGUI
run: 'sudo ./.github/workflows/scripts/linux/install-tgui.sh'
if: ${{ matrix.os.name == 'ubuntu' }}
- name: Build
run: '${{ matrix.os.scons-script }} test=false debug=$DEBUG_FLAG'
shell: bash

- name: Download fix-rpaths.py script
run: git clone https://gist.github.com/NQNStudios/7145bcf6621891f5176c8caa165d6b93
if: ${{ matrix.os.name == 'macos' }}
- name: Fix rpaths game
run: 'python 7145bcf6621891f5176c8caa165d6b93/fix-rpaths.py "build/Blades of Exile/Blades of Exile.app"'
if: ${{ matrix.os.name == 'macos' }}
- name: Fix rpaths scenario editor
run: 'python 7145bcf6621891f5176c8caa165d6b93/fix-rpaths.py "build/Blades of Exile/BoE Scenario Editor.app"'
if: ${{ matrix.os.name == 'macos' }}
- name: Fix rpaths character editor
run: 'python 7145bcf6621891f5176c8caa165d6b93/fix-rpaths.py "build/Blades of Exile/BoE Character Editor.app"'
if: ${{ matrix.os.name == 'macos' }}

- run: cp .itch.toml "build/Blades of Exile/"
shell: bash

- name: 'Tar unsigned files'
run: 'tar -cvf cboe-${{ matrix.os.name }}${{ matrix.os.suffix }}-${{ matrix.configuration }}-unsigned.tar "Blades of Exile"'
working-directory: '${{ github.workspace }}/build'
- name: upload pre-signing artifact
uses: actions/upload-artifact@v4
with:
name: cboe-${{ matrix.os.name }}${{ matrix.os.suffix }}-${{ matrix.configuration }}-unsigned
path: '${{ github.workspace }}/build/cboe-${{ matrix.os.name }}${{ matrix.os.suffix }}-${{ matrix.configuration }}-unsigned.tar'
# Skipping this for now because of issue nqnstudios#13
- name: Codesign and notarize
run: 'SIGN="no" NOTARIZE="no" ./.github/workflows/scripts/mac/sign-apps.sh'
if: ${{ matrix.os.name == 'macos' }}
- name: 'Tar files'
run: 'tar -cvf cboe-${{ matrix.os.name }}${{ matrix.os.suffix }}-${{ matrix.configuration }}.tar "Blades of Exile"'
working-directory: '${{ github.workspace }}/build'
- name: 'Upload Artifact'
uses: actions/upload-artifact@v4
with:
name: cboe-${{ matrix.os.name }}${{ matrix.os.suffix }}-${{ matrix.configuration }}
path: '${{ github.workspace }}/build/cboe-${{ matrix.os.name }}${{ matrix.os.suffix }}-${{ matrix.configuration }}.tar'
- name: Github release
uses: softprops/action-gh-release@v2
with:
files: '${{ github.workspace }}/build/cboe-${{ matrix.os.name }}${{ matrix.os.suffix }}-${{ matrix.configuration }}.tar'
if: ${{ startsWith(github.ref, 'refs/tags/') }}
- name: 'Itch.io release'
run: './.github/workflows/scripts/butler_push.sh'
shell: bash
if: ${{ startsWith(github.ref, 'refs/tags/') && matrix.configuration == 'Release' && matrix.os.name != 'macos' }}
28 changes: 28 additions & 0 deletions .github/workflows/scripts/butler_push.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
#! /bin/bash

butler_channel=""
butler_exe=""
release_dir=""
if [ "$BUILD_OS" = "ubuntu" ]; then
butler_channel=linux-amd64
butler_exe=butler
release_dir="linux"
elif [ "$BUILD_OS" = "windows" ]; then
butler_channel=windows-amd64
butler_exe=butler.exe
release_dir="windows"
elif [ "$BUILD_OS" = "macos" ]; then
butler_channel=darwin-amd64
butler_exe=butler
release_dir="macos"
fi

# -L follows redirects
# -O specifies output name
curl -L -o butler.zip https://broth.itch.ovh/butler/${butler_channel}/LATEST/archive/default
unzip butler.zip
# GNU unzip tends to not set the executable bit even though it's set in the .zip
chmod +x ${butler_exe}
# just a sanity check run (and also helpful in case you're sharing CI logs)
./${butler_exe} -V
./${butler_exe} push "build/Blades of Exile/" nqn/blades-of-exile:${butler_channel}
2 changes: 1 addition & 1 deletion .github/workflows/scripts/linux/install-tgui.sh
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
git clone --depth 1 -b 0.9 https://github.com/texus/TGUI.git
cd TGUI
export CLICOLOR_FORCE=1
cmake -D TGUI_CXX_STANDARD=14 .
SFML_DIR=../deps/lib/cmake/SFML cmake -D TGUI_CXX_STANDARD=14 -D SFML_DIR=../deps/lib/cmake/SFML .
make
cmake --install .
cd .. # Probably not needed but...
27 changes: 27 additions & 0 deletions .github/workflows/scripts/mac/make-universal.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
#! /bin/bash

if [ -z "$CONFIGURATION" ]; then
CONFIGURATION=Release
fi

INTEL=cboe-macos-intel-$CONFIGURATION
SILICON=cboe-macos-silicon-$CONFIGURATION

combine() {
mkdir -p "build/Blades of Exile/$1.app/Contents/MacOS"
lipo -create "$SILICON/Blades of Exile/$1.app/Contents/MacOS/$1" "$INTEL/Blades of Exile/$1.app/Contents/MacOS/$1" -output "build/Blades of Exile/$1.app/Contents/MacOS/$1"
cp -r "$SILICON/Blades of Exile/$1.app/Contents/Frameworks" "build/Blades of Exile/$1.app/Contents/"
cp -r "$SILICON/Blades of Exile/$1.app/Contents/Resources" "build/Blades of Exile/$1.app/Contents/"
cp "$SILICON/Blades of Exile/$1.app/Contents/Info.plist" "build/Blades of Exile/$1.app/Contents/"
cp "$SILICON/Blades of Exile/$1.app/Contents/PkgInfo" "build/Blades of Exile/$1.app/Contents/"
}

combine "Blades of Exile"
combine "BoE Scenario Editor"
combine "BoE Character Editor"

cp -r "$SILICON/Blades of Exile/Blades of Exile Base" "build/Blades of Exile/"
cp -r "$SILICON/Blades of Exile/Blades of Exile Scenarios" "build/Blades of Exile/"
cp -r "$SILICON/Blades of Exile/data" "build/Blades of Exile/"
cp -r "$SILICON/Blades of Exile/docs" "build/Blades of Exile/"
cp "$SILICON/Blades of Exile/.itch.toml" "build/Blades of Exile/"
2 changes: 1 addition & 1 deletion .github/workflows/scripts/mac/scons-build.sh
Original file line number Diff line number Diff line change
Expand Up @@ -4,4 +4,4 @@ export CC="$(brew --prefix llvm)/bin/clang"
export CXX="$(brew --prefix llvm)/bin/clang++"
export SDKROOT="$(xcrun --show-sdk-path)"

scons CXXFLAGS="-I/usr/local/opt/zlib/include" LINKFLAGS="-L/usr/local/opt/zlib/lib" $@
scons CXXFLAGS="-I/usr/local/opt/zlib/include -arch $ARCH" LINKFLAGS="-L/usr/local/opt/zlib/lib" $@
79 changes: 79 additions & 0 deletions .github/workflows/scripts/mac/sign-apps.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,79 @@
#! /bin/bash

# CODE-SIGNING STEP
# Original Source: https://federicoterzi.com/blog/automatic-code-signing-and-notarization-for-macos-apps-using-github-actions/
# Modified by NQNStudios

# Turn our base64-encoded certificate back to a regular .p12 file

echo $PROD_MACOS_CERTIFICATE | base64 --decode > certificate.p12

# We need to create a new keychain, otherwise using the certificate will prompt
# with a UI dialog asking for the certificate password, which we can't
# use in a headless CI environment

security create-keychain -p "$PROD_MACOS_CI_KEYCHAIN_PWD" build.keychain
security default-keychain -s build.keychain
security unlock-keychain -p "$PROD_MACOS_CI_KEYCHAIN_PWD" build.keychain
security import certificate.p12 -k build.keychain -P "$PROD_MACOS_CERTIFICATE_PWD" -T /usr/bin/codesign
security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k "$PROD_MACOS_CI_KEYCHAIN_PWD" build.keychain

sign() {
if [ "$SIGN" = "no" ];
then
return
fi
APP_PATH="build/Blades of Exile/$1.app"

# We finally codesign our app bundle, specifying the Hardened runtime option

/usr/bin/codesign --force -s "$PROD_MACOS_CERTIFICATE_NAME" --options runtime "$APP_PATH"/Contents/Frameworks/*.dylib -v
(cd "$APP_PATH" && frameworks=Contents/Frameworks/*.framework/Versions/A/* && \
for framework in $frameworks; do
if [ -f "$framework" ]; then
/usr/bin/codesign --force -s "$PROD_MACOS_CERTIFICATE_NAME" --options runtime "$framework" -v
fi
done)
/usr/bin/codesign --force -s "$PROD_MACOS_CERTIFICATE_NAME" --options runtime "$APP_PATH"/Contents/Frameworks/*.framework/Versions/A/Resources/Info.plist -v
/usr/bin/codesign --force -s "$PROD_MACOS_CERTIFICATE_NAME" --options runtime "$APP_PATH/Contents/Info.plist" -v

/usr/bin/codesign --force -s "$PROD_MACOS_CERTIFICATE_NAME" --options runtime "$APP_PATH" -v

# NOTARIZATION STEP
if [ "$NOTARIZE" = "no" ];
then
return
fi

# (same source)

# Store the notarization credentials so that we can prevent a UI password dialog
# from blocking the CI

echo "Create keychain profile"
xcrun notarytool store-credentials "notarytool-profile" --apple-id "$PROD_MACOS_NOTARIZATION_APPLE_ID" --team-id "$PROD_MACOS_NOTARIZATION_TEAM_ID" --password "$PROD_MACOS_NOTARIZATION_PWD"

# We can't notarize an app bundle directly, but we need to compress it as an archive.
# Therefore, we create a zip file containing our app bundle, so that we can send it to the
# notarization service

echo "Creating temp notarization archive"
ditto -c -k --keepParent "$APP_PATH" "notarization.zip"

# Here we send the notarization request to the Apple's Notarization service, waiting for the result.
# This typically takes a few seconds inside a CI environment, but it might take more depending on the App
# characteristics. Visit the Notarization docs for more information and strategies on how to optimize it if
# you're curious

echo "Notarize app"
xcrun notarytool submit "notarization.zip" --keychain-profile "notarytool-profile" --wait

# Finally, we need to "attach the staple" to our executable, which will allow our app to be
# validated by macOS even when an internet connection is not available.
echo "Attach staple"
xcrun stapler staple "$APP_PATH" || exit 1
}

sign "Blades of Exile"
sign "BoE Scenario Editor"
sign "BoE Character Editor"
21 changes: 21 additions & 0 deletions .itch.toml
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
[[actions]]
name = "Play"
path = "Blades of Exile.exe"
platform = "windows"

[[actions]]
name = "Play, Logging Everything To Help The Devs Fix Bugs"
path = "Blades of Exile.exe"
platform = "windows"
args = ["--record", "log"]

[[actions]]
name = "Play"
path = "Blades of Exile.app"
platform = "osx"

[[actions]]
name = "Play, Logging Everything To Help The Devs Fix Bugs"
path = "Blades of Exile.app"
platform = "osx"
args = ["--record", "log"]
Loading

0 comments on commit ee14ad8

Please sign in to comment.