team id fix #8
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and Release | |
| on: | |
| push: | |
| tags: | |
| - 'v*.*.*' # Triggers on version tags like v0.2.0 | |
| workflow_dispatch: # Allows manual triggering | |
| jobs: | |
| build: | |
| strategy: | |
| matrix: | |
| include: | |
| - os: ubuntu-latest | |
| os_name: linux | |
| arch: x64 | |
| arch_name: amd64 | |
| extension: tar.gz | |
| - os: ubuntu-latest | |
| os_name: linux | |
| arch: arm64 | |
| arch_name: arm64 | |
| extension: tar.gz | |
| - os: windows-latest | |
| os_name: windows | |
| arch: x64 | |
| arch_name: amd64 | |
| extension: zip | |
| - os: macos-latest | |
| os_name: darwin | |
| arch: x64 | |
| arch_name: amd64 | |
| extension: tar.gz | |
| - os: macos-12-arm64 | |
| os_name: darwin | |
| arch: arm64 | |
| arch_name: arm64 | |
| extension: tar.gz | |
| runs-on: ${{ matrix.os }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| # Step to extract the version number | |
| - name: Set Version | |
| id: get_version | |
| shell: bash | |
| run: | | |
| VERSION="${GITHUB_REF#refs/tags/}" | |
| VERSION="${VERSION#v}" | |
| echo "VERSION=$VERSION" >> $GITHUB_ENV | |
| echo "VERSION=$VERSION" >> $GITHUB_OUTPUT | |
| # Setup QEMU and Docker Buildx for Linux builds | |
| - name: Setup QEMU | |
| if: matrix.os_name == 'linux' | |
| uses: docker/setup-qemu-action@v2 | |
| - name: Setup Docker Buildx | |
| if: matrix.os_name == 'linux' | |
| uses: docker/setup-buildx-action@v2 | |
| # Build Linux binaries using Docker | |
| - name: Build Linux Binary with Docker | |
| if: matrix.os_name == 'linux' | |
| run: | | |
| docker buildx build --platform linux/${{ matrix.arch_name }} \ | |
| --output type=local,dest=./output \ | |
| --build-arg ARCH=${{ matrix.arch_name }} \ | |
| --build-arg VERSION=${{ env.VERSION }} \ | |
| -t hf_to_cb_dataset_migrator:linux-${{ matrix.arch_name }} -f Dockerfile.linux . | |
| # Build Windows binary on Windows runner | |
| - name: Set up Python on Windows | |
| if: runner.os == 'Windows' | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.11' | |
| architecture: ${{ matrix.arch }} | |
| - name: Install dependencies on Windows | |
| if: runner.os == 'Windows' | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install -r requirements.txt | |
| pip install pyinstaller | |
| - name: Build with PyInstaller on Windows | |
| if: runner.os == 'Windows' | |
| run: | | |
| pyinstaller hf_to_cb_dataset_migrator/cli.py --name hf_to_cb_dataset_migrator | |
| - name: Compress Windows Binary | |
| if: runner.os == 'Windows' | |
| shell: powershell | |
| run: | | |
| $APP_NAME = "hf_to_cb_dataset_migrator_${{ env.VERSION }}_${{ matrix.os_name }}_${{ matrix.arch_name }}" | |
| Compress-Archive -Path dist\hf_to_cb_dataset_migrator\* -DestinationPath "$APP_NAME.${{ matrix.extension }}" | |
| # Build macOS binaries using macOS runners | |
| - name: Set up Python on macOS | |
| if: matrix.os_name == 'darwin' | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.11' | |
| architecture: ${{ matrix.arch }} | |
| - name: Install dependencies on macOS | |
| if: matrix.os_name == 'darwin' | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install -r requirements.txt | |
| pip install pyinstaller | |
| - name: Build with PyInstaller on macOS | |
| if: matrix.os_name == 'darwin' | |
| env: | |
| ARCHFLAGS: ${{ matrix.arch == 'arm64' && '-arch arm64' || '' }} | |
| run: | | |
| pyinstaller hf_to_cb_dataset_migrator/cli.py --name hf_to_cb_dataset_migrator | |
| # Code-signing and notarization steps for macOS | |
| - name: Code-sign on macOS | |
| if: matrix.os_name == 'darwin' | |
| env: | |
| CERTIFICATE: ${{ secrets.APPLE_DEV_CERT }} | |
| CERT_PASSWORD: ${{ secrets.APPLE_DEV_CERT_PASSPHRASE }} | |
| KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }} | |
| APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} | |
| run: | | |
| echo "$CERTIFICATE" | base64 --decode > certificate.p12 | |
| security create-keychain -p "$KEYCHAIN_PASSWORD" build.keychain | |
| security import certificate.p12 -k build.keychain -P "$CERT_PASSWORD" -T /usr/bin/codesign | |
| security set-keychain-settings -lut 21600 build.keychain | |
| security list-keychains -s build.keychain | |
| security unlock-keychain -p "$KEYCHAIN_PASSWORD" build.keychain | |
| # Sign the main executable | |
| codesign --force --options runtime --sign "Developer ID Application: Couchbase, Inc. ($APPLE_TEAM_ID)" dist/hf_to_cb_dataset_migrator/hf_to_cb_dataset_migrator | |
| # Sign all dynamic libraries and executables | |
| find dist/hf_to_cb_dataset_migrator -type f \( -name "*.so" -or -name "*.dylib" -or -perm -u=x \) -exec codesign --force --options runtime --sign "Developer ID Application: Your Name (Team ID)" {} \; | |
| # Verify the code-signing | |
| codesign --verify --deep --strict --verbose=2 dist/hf_to_cb_dataset_migrator/hf_to_cb_dataset_migrator | |
| # Compress macOS Binary | |
| - name: Compress macOS Binary | |
| if: matrix.os_name == 'darwin' | |
| shell: bash | |
| run: | | |
| APP_NAME="hf_to_cb_dataset_migrator_${{ env.VERSION }}_${{ matrix.os_name }}_${{ matrix.arch_name }}" | |
| cd dist | |
| zip -r "../$APP_NAME.zip" hf_to_cb_dataset_migrator | |
| # Notarize the macOS binary | |
| - name: Notarize the macOS binary | |
| if: matrix.os_name == 'darwin' | |
| env: | |
| APPLE_ID: ${{ secrets.APPLE_ID }} | |
| APPLE_APP_PASSWORD: ${{ secrets.APPLE_APP_PASSWORD }} | |
| APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} | |
| run: | | |
| APP_NAME="hf_to_cb_dataset_migrator_${{ env.VERSION }}_${{ matrix.os_name }}_${{ matrix.arch_name }}" | |
| xcrun notarytool submit "$APP_NAME.zip" --apple-id "$APPLE_ID" --password "$APPLE_APP_PASSWORD" --team-id "$APPLE_TEAM_ID" --wait | |
| # Staple the notarization ticket | |
| xcrun stapler staple "$APP_NAME.zip" | |
| # Compress Linux Binary | |
| - name: Compress Linux Binary | |
| if: matrix.os_name == 'linux' | |
| run: | | |
| APP_NAME="hf_to_cb_dataset_migrator_${{ env.VERSION }}_${{ matrix.os_name }}_${{ matrix.arch_name }}" | |
| tar -czvf "$APP_NAME.${{ matrix.extension }}" -C output/dist hf_to_cb_dataset_migrator | |
| # Upload artifact | |
| - name: Upload artifact | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: ${{ matrix.os_name }}_${{ matrix.arch_name }} | |
| path: | | |
| hf_to_cb_dataset_migrator_*_${{ matrix.os_name }}_${{ matrix.arch_name }}.* | |
| # Create Release | |
| - name: Create Release | |
| if: ${{ github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v') }} | |
| id: create_release | |
| uses: actions/create-release@v1 | |
| with: | |
| tag_name: ${{ github.ref }} | |
| release_name: Release ${{ env.VERSION }} | |
| draft: false | |
| prerelease: false | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| # Upload Release Asset | |
| - name: Upload Release Asset | |
| if: ${{ github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v') }} | |
| uses: actions/upload-release-asset@v1 | |
| with: | |
| upload_url: ${{ steps.create_release.outputs.upload_url }} | |
| asset_path: | | |
| hf_to_cb_dataset_migrator_*_${{ matrix.os_name }}_${{ matrix.arch_name }}.* | |
| asset_name: hf_to_cb_dataset_migrator_${{ env.VERSION }}_${{ matrix.os_name }}_${{ matrix.arch_name }}.${{ matrix.extension }} | |
| asset_content_type: application/octet-stream | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |