Last active
April 17, 2021 14:39
-
-
Save mossheim/27aba00cf6ccc46690208f01f1b790b8 to your computer and use it in GitHub Desktop.
SC release automation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # 1. Download artifact from given URL | |
| # 2. Sign | |
| # 3. Upload to my website | |
| set -eoux pipefail | |
| echo "you'll have to put the other scripts in an 'aux' subdir | |
| exit 1 | |
| ART_NAME=$(./aux/download-artifact.sh $@ | tail -1) | |
| ART_STEM=${ART_NAME%".zip"} | |
| DATE_ID=$(date '+%b%d-%H-%M-%S') | |
| FINAL_ZIP_NAME=${ART_STEM}-Signed-${DATE_ID}.zip | |
| # Unzip and sign | |
| ./aux/unzip-and-sign-artifact.sh ${ART_STEM} ${DATE_ID} ${FINAL_ZIP_NAME} | |
| # Upload | |
| ./aux/upload-artifact.sh ${FINAL_ZIP_NAME} | |
| # Cleanup | |
| rm ${ART_NAME} | |
| rm ${FINAL_ZIP_NAME} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| set -eoux pipefail | |
| RUN_URL=$1 | |
| RUN_NUM=${2:-1} # default to run 1 if not passed | |
| RUN_ID=$(echo ${RUN_URL} | grep -Eo '\d+$') | |
| ART_JSON=$(hub api repos/supercollider/supercollider/actions/runs/${RUN_ID}/artifacts) | |
| ART_URL=$(echo ${ART_JSON} | jq -r '.["artifacts"]'[${RUN_NUM}]'["archive_download_url"]') | |
| while [[ "$ART_URL" = 'null' ]]; do | |
| sleep 60 | |
| ART_JSON=$(hub api repos/supercollider/supercollider/actions/runs/${RUN_ID}/artifacts || true) | |
| ART_URL=$(echo ${ART_JSON} | jq -r '.["artifacts"]'[${RUN_NUM}]'["archive_download_url"]') | |
| done | |
| ART_NAME=$(echo ${ART_JSON} | jq -r '.["artifacts"]'[${RUN_NUM}]'["name"]') | |
| # Download | |
| hub api ${ART_URL#"https://api.github.com/"} | pv >${ART_NAME} | |
| echo ${ART_NAME} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8"?> | |
| <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> | |
| <plist version="1.0"> | |
| <dict> | |
| <key>com.apple.security.cs.allow-unsigned-executable-memory</key> | |
| <true/> | |
| <key>com.apple.security.device.audio-input</key> | |
| <true/> | |
| <key>com.apple.security.cs.disable-library-validation</key> | |
| <true/> | |
| <key>com.apple.security.device.microphone</key> | |
| <true/> | |
| </dict> | |
| </plist> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8"?> | |
| <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> | |
| <plist version="1.0"> | |
| <dict> | |
| <key>com.apple.security.cs.disable-executable-page-protection</key> | |
| <true/> | |
| </dict> | |
| </plist> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| set -eoux pipefail | |
| FINAL_ZIP_NAME=${1} | |
| xattr -rc SuperCollider.app | |
| cp ../../aux/QtWebEngineProcess.entitlements SuperCollider.app/Contents | |
| cp ../../aux/entitlements.plist SuperCollider.app/Contents | |
| NAME=# your name here | |
| APP_DEV_ID=# usually email address | |
| APP_DEV_PWD=# put yours here | |
| do_codesign() { | |
| codesign --deep --force --verify --verbose --timestamp --options runtime --sign "Developer ID Application: ${NAME}" "$@" | |
| } | |
| WEBENGINE_APP=SuperCollider.app/Contents/Frameworks/QtWebEngineCore.framework/Helpers/QtWebEngineProcess.app | |
| BASE_ENTITLEMENTS="--entitlements SuperCollider.app/Contents/entitlements.plist" | |
| do_codesign $BASE_ENTITLEMENTS SuperCollider.app | |
| do_codesign $WEBENGINE_APP/Contents/MacOS/QtWebEngineProcess | |
| do_codesign $BASE_ENTITLEMENTS SuperCollider.app/Contents/Resources/{scsynth,supernova} | |
| do_codesign $BASE_ENTITLEMENTS SuperCollider.app/Contents/Resources/plugins/* | |
| do_codesign $BASE_ENTITLEMENTS SuperCollider.app/Contents/MacOS/SuperCollider | |
| do_codesign --entitlements SuperCollider.app/Contents/QtWebEngineProcess.entitlements $WEBENGINE_APP | |
| ditto -c -k --rsrc --keepParent SuperCollider.app SuperCollider.app.zip | |
| REQUEST_UUID=null | |
| while [[ "${REQUEST_UUID}" = "null" ]]; do | |
| ALTOOL_OUT=$(xcrun altool --notarize-app -t osx -f SuperCollider.app.zip --primary-bundle-id net.sourceforge.supercollider -u $APP_DEV_ID -p $APP_DEV_PWD || true) | |
| if echo "$ALTOOL_OUT" | grep "RequestUUID = "; then | |
| REQUEST_UUID=$(echo "$ALTOOL_OUT" | grep -o "RequestUUID = .*" | sed "s/RequestUUID = //g") | |
| else | |
| sleep 60 | |
| fi | |
| done | |
| while ! xcrun altool --notarization-info $REQUEST_UUID -u $APP_DEV_ID -p $APP_DEV_PWD | grep "Status Message: Package Approved"; do | |
| sleep 15 | |
| done | |
| xcrun stapler staple SuperCollider.app | |
| rm SuperCollider.app.zip | |
| cd .. | |
| open . | |
| echo "Zip folder manually now." | |
| read DISCARD | |
| mv SuperCollider.zip ${FINAL_ZIP_NAME} | |
| codesign --deep --force --verify --verbose --timestamp --sign "Developer ID Application: $NAME" ${FINAL_ZIP_NAME} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| set -eoux pipefail | |
| ART_STEM=$1 # "SC-hash-macOS" | |
| ART_ID=$2 # usually date string | |
| FINAL_ZIP_NAME=$3 | |
| WORKING_DIR=${ART_STEM}__${ART_ID} | |
| ART_ZIP=${ART_STEM}.zip | |
| unzip -q ${ART_ZIP} -d ${WORKING_DIR} | |
| cd ${WORKING_DIR} | |
| # it's double zipped | |
| unzip -q ${ART_ZIP} | |
| cd SuperCollider | |
| ../../aux/sign-artifact.sh ${FINAL_ZIP_NAME} | |
| cd .. | |
| mv ${FINAL_ZIP_NAME} .. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| set -eoux pipefail | |
| echo "this script won't work for you!" | |
| exit 1 | |
| FINAL_ZIP_NAME=$1 | |
| DATAPATH=# removed | |
| scp ${FINAL_ZIP_NAME} # removed | |
| UPLOADED_URL=https://brianlheim.com/${DATAPATH}/${FINAL_ZIP_NAME} | |
| echo =================================================================================================== | |
| echo | |
| echo $UPLOADED_URL | |
| echo | |
| echo =================================================================================================== | |
| hub api repos/brianlheim/supercollider/issues/13/comments -F "body=$UPLOADED_URL" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment