coolbeer
/
cryptomator
şunun yansıması https://github.com/cryptomator/cryptomator.git


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457
							name: Build

on:
  [push]

env:
  JAVA_VERSION: 16

defaults:
  run:
    shell: bash

jobs: 
  test:
    name: Compile and Test
    runs-on: ubuntu-latest
    if: "!contains(github.event.head_commit.message, '[ci skip]') && !contains(github.event.head_commit.message, '[skip ci]')"
    steps:
      - uses: actions/checkout@v2
      - uses: actions/setup-java@v1
        with:
          java-version: ${{ env.JAVA_VERSION }}
      - uses: actions/cache@v2
        with:
          path: ~/.m2/repository
          key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
          restore-keys: |
            ${{ runner.os }}-maven-
      - name: Ensure to use tagged version
        run: mvn versions:set -DnewVersion=${GITHUB_REF##*/} # use shell parameter expansion to strip of 'refs/tags'
        if: startsWith(github.ref, 'refs/tags/')
      - name: Build and Test
        run: mvn -B clean install jacoco:report -Pcoverage,dependency-check
      - name: Upload code coverage report
        id: codacyCoverageReporter
        run: bash <(curl -Ls https://coverage.codacy.com/get.sh)
        env:
          CODACY_PROJECT_TOKEN: ${{ secrets.CODACY_PROJECT_TOKEN }}
        continue-on-error: true

#
# Buildkit
#

  buildkit:
    name: Build buildkit-${{ matrix.profile }}
    needs: test
    runs-on: ${{ matrix.os }}
    strategy:
      fail-fast: true
      matrix:
        include:
        - os: ubuntu-latest
          profile: linux
        - os: windows-latest
          profile: win
        - os: macos-latest
          profile: mac
    steps:
      - uses: actions/checkout@v2
      - uses: actions/setup-java@v1
        with:
          java-version: ${{ env.JAVA_VERSION }}
      - uses: actions/cache@v2
        with:
          path: ~/.m2/repository
          key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
          restore-keys: |
            ${{ runner.os }}-maven-
      - name: Copy .jar files
        run: mvn -B clean package -DskipTests -P${{ matrix.profile }}
      - name: Archive buildkit-${{ matrix.profile }}.tar.gz
        run: |
          cp LICENSE.txt target
          cp dist/${{ matrix.profile }}/launcher* target
          cp target/cryptomator-*.jar target/mods
      - name: Upload buildkit-${{ matrix.profile }}
        uses: actions/upload-artifact@v2
        with:
          name: buildkit-${{ matrix.profile }}
          path: |
            target/libs
            target/mods
            target/LICENSE.txt
            target/${{ matrix.launcher }}
          if-no-files-found: error
#
# Release Metadata
#

  metadata:
    name: Determine Version Metadata
    runs-on: ubuntu-latest
    needs: test
    outputs:
      versionStr: ${{ steps.versions.outputs.versionStr }}
      versionNum: ${{ steps.versions.outputs.versionNum }}
      revNum: ${{ steps.versions.outputs.revNum }}
    steps:
      - uses: actions/checkout@v2
        with:
          fetch-depth: 0
      - id: versions
        run: |
          if [[ $GITHUB_REF == refs/tags/* ]]; then
            echo "::set-output name=versionStr::${GITHUB_REF##*/}"
            echo "::set-output name=versionNum::${GITHUB_REF##*/}"
          else
            echo "::set-output name=versionStr::SNAPSHOT"
            echo "::set-output name=versionNum::99.0.0"
          fi
          echo "::set-output name=revNum::`git rev-list --count HEAD`"

#
# Application Directory
#

  appdir:
    name: Create appdir-${{ matrix.profile }}
    needs: [buildkit, metadata]
    runs-on: ${{ matrix.os }}
    strategy:
      fail-fast: true
      matrix:
        include:
        - os: ubuntu-latest
          profile: linux
          jpackageoptions: >
            --app-version "${{ needs.metadata.outputs.versionNum }}.${{ needs.metadata.outputs.revNum }}"
            --java-options "-Dfile.encoding=\"utf-8\""
            --java-options "-Dcryptomator.logDir=\"~/.local/share/Cryptomator/logs\""
            --java-options "-Dcryptomator.settingsPath=\"~/.config/Cryptomator/settings.json:~/.Cryptomator/settings.json\""
            --java-options "-Dcryptomator.ipcSocketPath=\"~/.config/Cryptomator/ipc.socket\""
            --java-options "-Dcryptomator.mountPointsDir=\"~/.local/share/Cryptomator/mnt\""
            --java-options "-Dcryptomator.showTrayIcon=false"
            --java-options "-Dcryptomator.buildNumber=\"appimage-${{ needs.metadata.outputs.revNum }}\""
            --resource-dir dist/linux/resources
        - os: windows-latest
          profile: win
          jpackageoptions: >
            --app-version "${{ needs.metadata.outputs.versionNum }}.${{ needs.metadata.outputs.revNum }}"
            --java-options "-Dfile.encoding=\"utf-8\""
            --java-options "-Dcryptomator.logDir=\"~/AppData/Roaming/Cryptomator\""
            --java-options "-Dcryptomator.settingsPath=\"~/AppData/Roaming/Cryptomator/settings.json\""
            --java-options "-Dcryptomator.ipcSocketPath=\"~/AppData/Roaming/Cryptomator/ipc.socket\""
            --java-options "-Dcryptomator.keychainPath=\"~/AppData/Roaming/Cryptomator/keychain.json\""
            --java-options "-Dcryptomator.mountPointsDir=\"~/Cryptomator\""
            --java-options "-Dcryptomator.showTrayIcon=true"
            --java-options "-Dcryptomator.buildNumber=\"msi-${{ needs.metadata.outputs.revNum }}\""
            --resource-dir dist/win/resources
            --icon dist/win/resources/Cryptomator.ico
        - os: macos-latest
          profile: mac
          jpackageoptions: >
            --app-version "${{ needs.metadata.outputs.versionNum }}"
            --java-options "-Dfile.encoding=\"utf-8\""
            --java-options "-Dcryptomator.logDir=\"~/Library/Logs/Cryptomator\""
            --java-options "-Dcryptomator.settingsPath=\"~/Library/Application Support/Cryptomator/settings.json\""
            --java-options "-Dcryptomator.ipcSocketPath=\"~/Library/Application Support/Cryptomator/ipc.socket\""
            --java-options "-Dcryptomator.showTrayIcon=true"
            --java-options "-Dcryptomator.buildNumber=\"dmg-${{ needs.metadata.outputs.revNum }}\""
            --mac-package-identifier org.cryptomator
            --resource-dir dist/mac/resources
    steps:
      - uses: actions/checkout@v2
      - uses: actions/setup-java@v1
        with:
          java-version: ${{ env.JAVA_VERSION }}
      - name: Download buildkit-${{ matrix.profile }}
        uses: actions/download-artifact@v2
        with:
          name: buildkit-${{ matrix.profile }}
          path: buildkit
      - name: Create Runtime Image
        run: >
          ${JAVA_HOME}/bin/jlink
          --verbose
          --output runtime
          --module-path "${JAVA_HOME}/jmods"
          --add-modules java.base,java.desktop,java.logging,java.naming,java.net.http,java.scripting,java.sql,java.xml,jdk.unsupported,jdk.crypto.ec,jdk.accessibility
          --no-header-files
          --no-man-pages
          --strip-debug
          --compress=1
      - name: Create App Directory
        run: >
          ${JAVA_HOME}/bin/jpackage
          --verbose
          --type app-image
          --runtime-image runtime
          --input buildkit/libs
          --module-path buildkit/mods
          --module org.cryptomator.desktop/org.cryptomator.launcher.Cryptomator
          --dest appdir
          --name Cryptomator
          --vendor "Skymatic GmbH"
          --copyright "(C) 2016 - 2021 Skymatic GmbH"
          --java-options "-Xss5m"
          --java-options "-Xmx256m"
          ${{ matrix.jpackageoptions }}
      - name: Create appdir.tar
        run: tar -cvf appdir.tar appdir
      # TODO: patch in separate job
      # - name: Add Contrib Files
      #   run: |
      #     if [ -e dist/appdir/${{ matrix.profile }}/contrib/ ]; then
      #       cp dist/appdir/${{ matrix.profile }}/contrib/* appdir/
      #     fi
      - name: Upload appdir-${{ matrix.profile }}
        uses: actions/upload-artifact@v2
        with:
          name: appdir-${{ matrix.profile }}
          path: appdir.tar
          if-no-files-found: error


#
# Linux Cryptomator.AppImage
# 

  linux-appimage:
    name: Build Cryptomator.AppImage
    runs-on: ubuntu-latest
    needs: [appdir, metadata]
    steps:
      - uses: actions/checkout@v2
      - name: Download appdir-linux
        uses: actions/download-artifact@v2
        with:
          name: appdir-linux
      - name: Untar appdir.tar
        run: |
          tar -xvf appdir.tar
      - name: Patch Cryptomator.AppDir
        run: |
          mv appdir/Cryptomator Cryptomator.AppDir
          cp -r dist/linux/appimage/resources/AppDir/* Cryptomator.AppDir/
          envsubst '${REVISION_NO}' < dist/linux/appimage/resources/AppDir/bin/cryptomator.sh > Cryptomator.AppDir/bin/cryptomator.sh
          ln -s usr/share/icons/hicolor/scalable/apps/org.cryptomator.Cryptomator.svg Cryptomator.AppDir/org.cryptomator.Cryptomator.svg
          ln -s usr/share/icons/hicolor/scalable/apps/org.cryptomator.Cryptomator.svg Cryptomator.AppDir/Cryptomator.svg
          ln -s usr/share/icons/hicolor/scalable/apps/org.cryptomator.Cryptomator.svg Cryptomator.AppDir/.DirIcon
          ln -s usr/share/applications/org.cryptomator.Cryptomator.desktop Cryptomator.AppDir/Cryptomator.desktop
          ln -s bin/cryptomator.sh Cryptomator.AppDir/AppRun
        env:
          REVISION_NO: ${{ needs.metadata.outputs.revNum }}
      - name: Extract libjffi.so # workaround for https://github.com/cryptomator/cryptomator-linux/issues/27
        run: |
          JFFI_NATIVE_JAR=`ls lib/app/ | grep -e 'jffi-[1-9]\.[0-9]\{1,2\}.[0-9]\{1,2\}-native.jar'`
          ${JAVA_HOME}/bin/jar -xf lib/app/${JFFI_NATIVE_JAR} /jni/x86_64-Linux/
          mv jni/x86_64-Linux/* lib/app/libjffi.so
        working-directory: Cryptomator.AppDir
      - name: Download AppImageKit
        run: |
          curl -L https://github.com/AppImage/AppImageKit/releases/download/13/appimagetool-x86_64.AppImage -o appimagetool.AppImage
          chmod +x appimagetool.AppImage
          ./appimagetool.AppImage --appimage-extract
      - name: Prepare GPG-Agent for signing with key 615D449FE6E6A235
        run: |
          echo "${GPG_PRIVATE_KEY}" | gpg --batch --quiet --import
          echo "${GPG_PASSPHRASE}" | gpg --batch --quiet --passphrase-fd 0 --pinentry-mode loopback -u 615D449FE6E6A235 --dry-run --sign Cryptomator.AppDir/AppRun
        env:
          GPG_PRIVATE_KEY: ${{ secrets.RELEASES_GPG_PRIVATE_KEY }}
          GPG_PASSPHRASE: ${{ secrets.RELEASES_GPG_PASSPHRASE }}
      - name: Build AppImage
        run: >
          ./squashfs-root/AppRun Cryptomator.AppDir cryptomator-${{ needs.metadata.outputs.versionStr }}-x86_64.AppImage
          -u 'gh-releases-zsync|cryptomator|cryptomator|latest|cryptomator-*-x86_64.AppImage.zsync'
          --sign --sign-key=615D449FE6E6A235 --sign-args="--batch --pinentry-mode loopback"
      - name: Create Detached GPG Signature
        run: |
          gpg --batch --quiet --pinentry-mode loopback -u 615D449FE6E6A235 --detach-sign -a cryptomator-${{ needs.metadata.outputs.versionStr }}-x86_64.AppImage
          gpg --batch --quiet --pinentry-mode loopback -u 615D449FE6E6A235 --detach-sign -a cryptomator-${{ needs.metadata.outputs.versionStr }}-x86_64.AppImage.zsync
      - name: Upload AppImage
        uses: actions/upload-artifact@v2
        with:
          name: appimage
          path: |
            cryptomator-${{ needs.metadata.outputs.versionStr }}-x86_64.AppImage
            cryptomator-${{ needs.metadata.outputs.versionStr }}-x86_64.AppImage.asc
            cryptomator-${{ needs.metadata.outputs.versionStr }}-x86_64.AppImage.zsync
            cryptomator-${{ needs.metadata.outputs.versionStr }}-x86_64.AppImage.zsync.asc
          if-no-files-found: error

#
# macOS Cryptomator.app
# 

  mac-app:
    name: Build Cryptomator.app
    runs-on: macos-latest
    needs: [appdir, metadata]
    steps:
      - uses: actions/checkout@v2
      - name: Download appdir-mac
        uses: actions/download-artifact@v2
        with:
          name: appdir-mac
      - name: Untar appdir.tar
        run: tar -xvf appdir.tar
      - name: Patch Cryptomator.app
        run: |
          mv appdir/Cryptomator.app Cryptomator.app
          sed -i '' "s|###BUNDLE_SHORT_VERSION_STRING###|${VERSION_NO}|g" Cryptomator.app/Contents/Info.plist
          sed -i '' "s|###BUNDLE_VERSION###|${REVISION_NO}|g" Cryptomator.app/Contents/Info.plist
        env:
          VERSION_NO: ${{ needs.metadata.outputs.versionNum }}
          REVISION_NO: ${{ needs.metadata.outputs.revNum }}
      - name: Install codesign certificate
        env:
          CODESIGN_P12_BASE64: ${{ secrets.MACOS_CODESIGN_P12_BASE64 }}
          CODESIGN_P12_PW: ${{ secrets.MACOS_CODESIGN_P12_PW }}
          CODESIGN_TMP_KEYCHAIN_PW: ${{ secrets.MACOS_CODESIGN_TMP_KEYCHAIN_PW }}
        run: |
          # create variables
          CERTIFICATE_PATH=$RUNNER_TEMP/codesign.p12
          KEYCHAIN_PATH=$RUNNER_TEMP/codesign.keychain-db

          # import certificate and provisioning profile from secrets
          echo -n "$CODESIGN_P12_BASE64" | base64 --decode --output $CERTIFICATE_PATH

          # create temporary keychain
          security create-keychain -p "$CODESIGN_TMP_KEYCHAIN_PW" $KEYCHAIN_PATH
          security set-keychain-settings -lut 900 $KEYCHAIN_PATH
          security unlock-keychain -p "$CODESIGN_TMP_KEYCHAIN_PW" $KEYCHAIN_PATH

          # import certificate to keychain
          security import $CERTIFICATE_PATH -P "$CODESIGN_P12_PW" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
          security list-keychain -d user -s $KEYCHAIN_PATH
      - name: Codesign
        env:
          CODESIGN_IDENTITY: ${{ secrets.MACOS_CODESIGN_IDENTITY }}
        run: |
          find Cryptomator.app/Contents/runtime/Contents/MacOS -name '*.dylib' -exec codesign --force -s ${CODESIGN_IDENTITY} {} \;
          for JAR_PATH in Cryptomator.app/**/*.jar; do
            if [[ `unzip -l ${JAR_PATH} | grep '.dylib\|.jnilib'` ]]; then
              JAR_FILENAME=$(basename ${JAR_PATH})
              OUTPUT_PATH=${JAR_PATH%.*}
              echo "Codesigning libs in ${JAR_FILENAME}..."
              unzip -q ${JAR_PATH} -d ${OUTPUT_PATH}
              find ${OUTPUT_PATH} -name '*.dylib' -exec codesign -s ${CODESIGN_IDENTITY} {} \;
              find ${OUTPUT_PATH} -name '*.jnilib' -exec codesign -s ${CODESIGN_IDENTITY} {} \;
              rm ${JAR_PATH}
              pushd ${OUTPUT_PATH} > /dev/null
              zip -qr ../${JAR_FILENAME} *
              popd > /dev/null
              rm -r ${OUTPUT_PATH}
            fi
          done
          echo "Codesigning Cryptomator.app..."
          codesign --force --deep --entitlements dist/mac/Cryptomator.entitlements -o runtime -s ${CODESIGN_IDENTITY} Cryptomator.app
        shell: zsh {0}
      - name: Clean up codesign certificate
        if: ${{ always() }}
        run: security delete-keychain $RUNNER_TEMP/codesign.keychain-db
      - name: Create app.tar
        run: tar -cvf app.tar Cryptomator.app
      - name: Upload appdir-${{ matrix.profile }}
        uses: actions/upload-artifact@v2
        with:
          name: macOS-app
          path: app.tar
          if-no-files-found: error

  # release:
  #   name: Draft a Release on GitHub Releases
  #   runs-on: ubuntu-latest
  #   needs: test
  #   if: startsWith(github.ref, 'refs/tags/') && github.repository == 'cryptomator/cryptomator'
  #   steps:
  #     - uses: actions/checkout@v2
  #     - name: Download buildkit-linux.zip
  #       uses: actions/download-artifact@v1
  #       with:
  #         name: buildkit-linux.zip
  #         path: .
  #     - name: Download buildkit-mac.zip
  #       uses: actions/download-artifact@v1
  #       with:
  #         name: buildkit-mac.zip
  #         path: .
  #     - name: Download buildkit-win.zip
  #       uses: actions/download-artifact@v1
  #       with:
  #         name: buildkit-win.zip
  #         path: .
  #     - name: Create tarball
  #       run: git archive --prefix="cryptomator-${{ github.ref }}/" -o "cryptomator-${{ github.ref }}.tar.gz" ${{ github.ref }}
  #     - name: Sign tarball with key 615D449FE6E6A235
  #       run: |
  #         echo "${GPG_PRIVATE_KEY}" | gpg --batch --quiet --import
  #         echo "${GPG_PASSPHRASE}" | gpg --batch --quiet --passphrase-fd 0 --pinentry-mode loopback -u 615D449FE6E6A235 --detach-sign -a "cryptomator-${{ github.ref }}.tar.gz"
  #       env:
  #         GPG_PRIVATE_KEY: ${{ secrets.RELEASES_GPG_PRIVATE_KEY }}
  #         GPG_PASSPHRASE: ${{ secrets.RELEASES_GPG_PASSPHRASE }}
  #     - name: Create Release
  #       id: create_release
  #       uses: actions/create-release@v1
  #       env:
  #         GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  #       with:
  #         tag_name: ${{ github.ref }}
  #         release_name: ${{ github.ref }}
  #         body: |
  #           :construction: Work in Progress

  #           TODO:
  #           * [ ] add Linux appimage, zsync file and signature file
  #           * [ ] add Windows installer and signature file
  #           * [ ] add MacOs disk image and signature file

  #           ## What's new

  #           ## Bugfixes

  #           ## Misc

  #           ---

  #           :scroll: A complete list of closed issues is available [here](LINK)
  #         draft: true
  #         prerelease: false
  #     - name: Upload buildkit-linux.zip to GitHub Releases
  #       uses: actions/upload-release-asset@v1.0.1
  #       env:
  #         GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  #       with:
  #         upload_url: ${{ steps.create_release.outputs.upload_url }}
  #         asset_path: buildkit-linux.zip
  #         asset_name: buildkit-linux.zip
  #         asset_content_type: application/zip
  #     - name: Upload buildkit-mac.zip to GitHub Releases
  #       uses: actions/upload-release-asset@v1.0.1
  #       env:
  #         GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  #       with:
  #         upload_url: ${{ steps.create_release.outputs.upload_url }}
  #         asset_path: buildkit-mac.zip
  #         asset_name: buildkit-mac.zip
  #         asset_content_type: application/zip
  #     - name: Upload buildkit-win.zip to GitHub Releases
  #       uses: actions/upload-release-asset@v1.0.1
  #       env:
  #         GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  #       with:
  #         upload_url: ${{ steps.create_release.outputs.upload_url }}
  #         asset_path: buildkit-win.zip
  #         asset_name: buildkit-win.zip
  #         asset_content_type: application/zip
  #     - name: Upload tarball signature to GitHub Releases
  #       uses: actions/upload-release-asset@v1.0.1
  #       env:
  #         GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  #       with:
  #         upload_url: ${{ steps.create_release.outputs.upload_url }}
  #         asset_path: "cryptomator-${{ github.ref }}.tar.gz.asc"
  #         asset_name: "cryptomator-${{ github.ref }}.tar.gz.asc"
  #         asset_content_type: application/octet-stream