Build Packages #20

Workflow file for this run

	name: Build Packages

	on:
	push:
	tags:
	- "v." # Triggers on tags like v1.0.0, v0.1.0, etc.

	jobs:
	build:
	strategy:
	matrix:
	# os: [windows-latest, macos-13, macos-latest]
	os: [macos-latest]

	runs-on: ${{ matrix.os }}

	defaults:
	run:
	shell: bash

	steps:
	- uses: actions/checkout@v4

	- name: Set required env vars
	env:
	ARTIFACT_PATH: ${{ runner.os == 'macOS' && 'OSXBuild/' \|\| 'WindowsBuild/' }}
	run: \|
	OS=$(echo "$RUNNER_OS" \| tr '[:upper:]' '[:lower:]')
	ARCH=$(echo "$RUNNER_ARCH" \| tr '[:upper:]' '[:lower:]')
	VERSION="${GITHUB_REF_NAME#v}"
	ARTIFACT_NAME="bdrc_ocr_${OS}_${ARCH}_${VERSION}"
	{
	echo "VERSION=$VERSION"
	echo "ARTIFACT_NAME=$ARTIFACT_NAME"
	echo "ARTIFACT_PATH=$ARTIFACT_PATH"
	} >>"$GITHUB_ENV"

	- name: ccache
	uses: hendrikmuhs/[email protected]

	- name: Cache Nuitka
	uses: actions/cache@v4
	with:
	path: ${{ github.workspace }}/.nuitka_cache
	key: ${{ runner.os }}-nuitka

	- name: Set up Python
	uses: actions/setup-python@v5
	with:
	python-version: "3.10"

	- name: Install dependencies
	run: \|
	python -m pip install --upgrade pip
	pip install nuitka
	pip install pyside6
	pip install -r requirements.txt
	pyside6-rcc resources.qrc -o resources.py

	- name: Build with Nuitka (macOS)
	if: ${{ runner.os == 'macOS' }}
	env:
	APPLE_DEVELOPER_ID: ${{ secrets.APPLE_DEVELOPER_ID }}
	APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
	run: \|
	python -m nuitka --standalone \
	--output-dir=OSXBuild \
	--plugin-enable=pyside6 \
	--verbose \
	--company-name="Buddhist Digital Resource Center" \
	--product-name="Tibetan OCR App" \
	--file-version='${{ env.VERSION }}' \
	--product-version='${{ env.VERSION }}' \
	--macos-app-name="BDRC Tibetan OCR App" \
	--macos-create-app-bundle \
	--macos-app-icon=logo.icns \
	--include-data-dir=./Assets=Assets \
	--include-data-dir=./Models=Models \
	main.py

	- name: Sign macOS App
	if: ${{ runner.os == 'macOS' }}
	env:
	APPLE_DEVELOPER_ID: ${{ secrets.APPLE_DEVELOPER_ID }}
	run: \|
	echo "Setting bundle identifier..."
	/usr/libexec/PlistBuddy -c "Print :CFBundleIdentifier" "OSXBuild/main.app/Contents/Info.plist" \|\| echo "CFBundleIdentifier not found"
	/usr/libexec/PlistBuddy -c "Set :CFBundleIdentifier io.bdrc.ocrapp" "OSXBuild/main.app/Contents/Info.plist"
	/usr/libexec/PlistBuddy -c "Print :CFBundleIdentifier" "OSXBuild/main.app/Contents/Info.plist"

	echo "Verifying app bundle structure..."
	ls -la "OSXBuild/main.app/Contents"

	echo "Signing app with verbose output..."
	codesign --force --options runtime --sign "Developer ID Application: $APPLE_DEVELOPER_ID" --verbose --deep "OSXBuild/main.app"

	echo "Verifying signature..."
	codesign --verify --verbose "OSXBuild/main.app"

	echo "Checking app requirements..."
	codesign --display --requirements - "OSXBuild/main.app"

	- name: Import and Setup Certificate
	if: ${{ runner.os == 'macOS' }}
	env:
	CERTIFICATE_BASE64: ${{ secrets.MACOS_CERTIFICATE }}
	CERTIFICATE_PASSWORD: ${{ secrets.MACOS_CERTIFICATE_PWD }}
	run: \|
	echo "Creating temporary certificate file..."
	CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
	echo -n "$CERTIFICATE_BASE64" \| base64 --decode --output $CERTIFICATE_PATH

	echo "Setting up new keychain..."
	security create-keychain -p "" build.keychain
	security default-keychain -s build.keychain
	security unlock-keychain -p "" build.keychain

	echo "Importing certificate..."
	security import $CERTIFICATE_PATH -k build.keychain -P "$CERTIFICATE_PASSWORD" -T /usr/bin/codesign
	security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k "" build.keychain

	echo "Listing available certificates..."
	security find-identity -v -p codesigning

	rm -f $CERTIFICATE_PATH
	echo "Certificate setup complete"

	- name: Notarize macOS App
	if: ${{ runner.os == 'macOS' }}
	env:
	APPLE_ID: ${{ secrets.APPLE_JF_ID }}
	APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
	APPLE_PASSWORD: ${{ secrets.APPLE_JF_PASSWORD }}
	run: \|
	echo "Creating zip for notarization..."
	ditto -c -k --keepParent "OSXBuild/main.app" "OSXBuild/main.app.zip"

	echo "Submitting for notarization..."
	xcrun notarytool submit "OSXBuild/main.app.zip" \
	--apple-id "$APPLE_ID" \
	--password "$APPLE_PASSWORD" \
	--team-id "$APPLE_TEAM_ID" \
	--wait \
	--verbose

	echo "Checking notarization history..."
	xcrun notarytool history \
	--apple-id "$APPLE_ID" \
	--password "$APPLE_PASSWORD" \
	--team-id "$APPLE_TEAM_ID"

	echo "Stapling notarization ticket..."
	xcrun stapler staple -v "OSXBuild/main.app"

	echo "Verifying stapled app..."
	xcrun stapler validate -v "OSXBuild/main.app"

	- name: Build with Nuitka (Windows)
	if: ${{ runner.os == 'Windows' }}
	run: \|
	python -m nuitka --standalone \
	--windows-console-mode=disable \
	--assume-yes-for-downloads \
	--output-dir=WindowsBuild \
	--plugin-enable=pyside6 \
	--follow-imports \
	--windows-icon-from-ico=logo.ico \
	--company-name="Buddhist Digital Resource Center" \
	--product-name="Tibetan OCR App" \
	--file-version='${{ env.VERSION }}' \
	--product-version='${{ env.VERSION }}' \
	--include-data-dir=./Assets=Assets \
	--include-data-dir=./Models=Models \
	main.py

	- name: Upload artifact
	uses: actions/upload-artifact@v4
	with:
	name: ${{ env.ARTIFACT_NAME }}
	path: ${{ env.ARTIFACT_PATH }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Build Packages #20

Workflow file

Build Packages #20

Jobs

Run details

Workflow file for this run