forked from apple/swift
-
Notifications
You must be signed in to change notification settings - Fork 28
68 lines (66 loc) · 3.62 KB
/
manual-distribution.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
name: Manual distribution
on:
workflow_dispatch:
inputs:
channel:
description: 'Release channel'
required: true
toolchain_name:
description: 'Toolchain name'
required: true
branch:
description: 'Branch name used to fetch built artifacts. If empty, use default branch based on channel'
display_name:
description: 'Display name for Darwin toolchain'
display_name_short:
description: 'Short display name for Darwin toolchain'
jobs:
manual-distribution:
runs-on: macos-latest
steps:
- uses: actions/checkout@v2
- name: Setup keychain
run: |
security create-keychain -p "$KEYCHAIN_PASSWORD" swiftwasm-ci
KEYCHAIN=$HOME/Library/Keychains/swiftwasm-ci-db
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN
security set-keychain-settings -lut 7200 $KEYCHAIN
security default-keychain -s $KEYCHAIN
echo "$DARWIN_TOOLCHAIN_APPLICATION_CERT_BASE64" | base64 --decode -o developerID_application.p12
security import developerID_application.p12 -P "$DARWIN_TOOLCHAIN_APPLICATION_CERT_PASSWORD" -T /usr/bin/pkgbuild -T /usr/bin/codesign
echo "$DARWIN_TOOLCHAIN_INSTALLER_CERT_BASE64" | base64 --decode -o developerID_installer.p12
security import developerID_installer.p12 -P "$DARWIN_TOOLCHAIN_INSTALLER_CERT_PASSWORD" -T /usr/bin/pkgbuild -T /usr/bin/codesign
security set-key-partition-list -S "apple-tool:,apple:" -s -k "$KEYCHAIN_PASSWORD" $KEYCHAIN
env:
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
DARWIN_TOOLCHAIN_APPLICATION_CERT: ${{ secrets.DARWIN_TOOLCHAIN_APPLICATION_CERT }}
DARWIN_TOOLCHAIN_APPLICATION_CERT_BASE64: ${{ secrets.DARWIN_TOOLCHAIN_APPLICATION_CERT_BASE64 }}
DARWIN_TOOLCHAIN_APPLICATION_CERT_PASSWORD: ${{ secrets.DARWIN_TOOLCHAIN_APPLICATION_CERT_PASSWORD }}
DARWIN_TOOLCHAIN_INSTALLER_CERT: ${{ secrets.DARWIN_TOOLCHAIN_INSTALLER_CERT }}
DARWIN_TOOLCHAIN_INSTALLER_CERT_BASE64: ${{ secrets.DARWIN_TOOLCHAIN_INSTALLER_CERT_BASE64 }}
DARWIN_TOOLCHAIN_INSTALLER_CERT_PASSWORD: ${{ secrets.DARWIN_TOOLCHAIN_INSTALLER_CERT_PASSWORD }}
- run: |
BRANCH="${{ github.event.inputs.branch }}"
case "${{ github.event.inputs.channel }}" in
"DEVELOPMENT")
./utils/webassembly/distribute-latest-toolchain.sh ${BRANCH:-swiftwasm} DEVELOPMENT "${{ github.event.inputs.toolchain_name }}"
;;
"5.3")
./utils/webassembly/distribute-latest-toolchain.sh ${BRANCH:-swiftwasm-release/5.3} 5.3 "${{ github.event.inputs.toolchain_name }}"
;;
"5.4")
./utils/webassembly/distribute-latest-toolchain.sh ${BRANCH:-swiftwasm-release/5.4} 5.4 "${{ github.event.inputs.toolchain_name }}"
;;
*)
echo "Unrecognised release channel: ${{ github.event.inputs.channel }}"
exit 1
;;
esac
env:
GITHUB_TOKEN: ${{ secrets.SWIFTWASM_BUILDBOT_TOKEN }}
DARWIN_TOOLCHAIN_APPLICATION_CERT: ${{ secrets.DARWIN_TOOLCHAIN_APPLICATION_CERT }}
DARWIN_TOOLCHAIN_INSTALLER_CERT: ${{ secrets.DARWIN_TOOLCHAIN_INSTALLER_CERT }}
DARWIN_TOOLCHAIN_NOTARIZE_EMAIL: ${{ secrets.DARWIN_TOOLCHAIN_NOTARIZE_EMAIL }}
DARWIN_TOOLCHAIN_NOTARIZE_PASSWORD: ${{ secrets.DARWIN_TOOLCHAIN_NOTARIZE_PASSWORD }}
DARWIN_TOOLCHAIN_DISPLAY_NAME: ${{ github.event.inputs.display_name }}
DARWIN_TOOLCHAIN_DISPLAY_NAME_SHORT: ${{ github.event.inputs.display_name_short }}