Provenance-Emu · JoeMatt · Dec 3, 2021
@@ -0,0 +1,312 @@
+name: Build
+on:
+  push:
+    branches:
+      - 'master'
+      - 'develop'
+    tags-ignore:
+      - '**'
+    paths-ignore:
+      - 'LICENSE'
+      - '**.md'
+  pull_request:
+  release:
+    types: [created]
+  workflow_dispatch:
+    inputs:
+      test_release:
+        description: 'Test release?'
+        required: true
+        default: 'false'
+
+jobs:
+  build:
+    name: Build Provenance
+    runs-on: macos-11
+    strategy:
+      matrix:
+        arch: [arm64, x86_64]
+        platform: [ios, ios_simulator, ios-tci, macos]
+        exclude:
+          - arch: x86_64
+            platform: ios
+          - arch: x86_64
+            platform: ios-tci
+          - arch: arm64
+            platform: ios_simulator # FIXME: enable when ANGLE supports it
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+        with:
+          submodules: recursive
+      - name: Setup Xcode
+        shell: bash
+        run: sudo xcode-select -switch /Applications/Xcode_13.1.app
+      - name: Cache Sysroot
+        id: cache-sysroot
+        uses: actions/cache@v2
+        with:
+          path: sysroot-${{ matrix.platform }}-${{ matrix.arch }}
+          key: ${{ matrix.platform }}-${{ matrix.arch }}-${{ hashFiles('scripts/build_dependencies.sh') }}-${{ hashFiles('patches/**') }}
+      - name: Setup Path
+        shell: bash
+        run: |
+          echo "/usr/local/opt/gettext/bin" >> $GITHUB_PATH
+          echo "/usr/local/opt/bison/bin" >> $GITHUB_PATH
+      - name: Build Sysroot
+        if: steps.cache-sysroot.outputs.cache-hit != 'true'
+        run: |
+          brew uninstall cmake
+          brew install bison pkg-config nasm make meson
+          rm -f /usr/local/lib/pkgconfig/*.pc
+          ./scripts/build_dependencies.sh -p ${{ matrix.platform }} -a ${{ matrix.arch }}
+      - name: Compress Sysroot
+        if: steps.cache-sysroot.outputs.cache-hit != 'true' || github.event_name == 'release' || github.event.inputs.test_release == 'true'
+        run: tar cf sysroot.tgz sysroot*
+      - name: Upload Sysroot
+        if: steps.cache-sysroot.outputs.cache-hit != 'true' || github.event_name == 'release' || github.event.inputs.test_release == 'true'
+        uses: actions/upload-artifact@v2
+        with:
+          name: Sysroot-${{ matrix.platform }}-${{ matrix.arch }}
+          path: sysroot.tgz
+      - name: Build UTM
+        run: |
+          ./scripts/build_utm.sh -p ${{ matrix.platform }} -a ${{ matrix.arch }} -o UTM
+          tar cf UTM.xcarchive.tgz UTM.xcarchive
+      - name: Upload UTM
+        uses: actions/upload-artifact@v2
+        with:
+          name: UTM-${{ matrix.platform }}-${{ matrix.arch }}
+          path: UTM.xcarchive.tgz
+  build-universal:
+    name: Build Provenance (macOS Universal)
+    runs-on: macos-11
+    needs: build
+    if: github.event_name == 'release' || github.event.inputs.test_release == 'true'
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+        with:
+          submodules: recursive
+      - name: Download Sysroot (arm64)
+        uses: actions/download-artifact@v2
+        with:
+          name: Sysroot-macos-arm64
+          path: Sysroot-1
+      - name: Download Sysroot (x86_64)
+        uses: actions/download-artifact@v2
+        with:
+          name: Sysroot-macos-x86_64
+          path: Sysroot-2
+      - name: Pack Universal Sysroot
+        run: |
+          tar xf Sysroot-1/sysroot.tgz
+          tar xf Sysroot-2/sysroot.tgz
+          ./scripts/pack_dependencies.sh . macos arm64 x86_64
+      - name: Compress Sysroot
+        run: tar cf sysroot.tgz sysroot-macOS-arm64_x86_64
+      - name: Upload Sysroot
+        uses: actions/upload-artifact@v2
+        with:
+          name: Sysroot-macos-universal
+          path: sysroot.tgz
+      - name: Setup Xcode
+        shell: bash
+        run: sudo xcode-select -switch /Applications/Xcode_13.1.app
+      - name: Build UTM
+        run: |
+          ./scripts/build_utm.sh -t "$SIGNING_TEAM_ID" -p macos -a "arm64 x86_64" -o UTM
+          tar cf UTM.xcarchive.tgz UTM.xcarchive
+        env:
+          SIGNING_TEAM_ID: ${{ secrets.SIGNING_TEAM_ID }}
+      - name: Upload UTM
+        uses: actions/upload-artifact@v2
+        with:
+          name: UTM-macos-universal
+          path: UTM.xcarchive.tgz
+  package-ipa:
+    name: Package (iOS IPA)
+    runs-on: macos-11
+    needs: build
+    if: github.event_name == 'release' || github.event.inputs.test_release == 'true'
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+      - name: Download Artifact
+        uses: actions/download-artifact@v2
+        with:
+          name: UTM-ios-arm64
+      - name: Install ldid
+        run: brew install ldid
+      - name: Fakesign IPA
+        run: |
+          tar xf UTM.xcarchive.tgz
+          ./scripts/package.sh ipa UTM.xcarchive .
+      - name: Upload Artifact
+        if: github.event_name != 'release'
+        uses: actions/upload-artifact@v2
+        with:
+          name: UTM-ipa
+          path: UTM.ipa
+      - name: Upload Release Asset
+        if: github.event_name == 'release'
+        uses: actions/[email protected]
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ github.event.release.upload_url }}
+          asset_path: UTM.ipa
+          asset_name: UTM.ipa
+          asset_content_type: application/octet-stream
+      - name: Send Dispatch Event
+        if: github.event_name == 'release'
+        continue-on-error: true
+        uses: peter-evans/repository-dispatch@v1
+        with:
+          token: ${{ secrets.PERSONAL_ACCESS_TOKEN }}
+          repository: ${{ secrets.DISPATCH_ALTSTORE_REPO_NAME }}
+          event-type: new-release
+  package-ipa-se:
+    name: Package (iOS-TCI IPA)
+    runs-on: macos-11
+    needs: build
+    if: github.event_name == 'release' || github.event.inputs.test_release == 'true'
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+      - name: Download Artifact
+        uses: actions/download-artifact@v2
+        with:
+          name: UTM-ios-tci-arm64
+      - name: Install ldid
+        run: brew install ldid
+      - name: Fakesign IPA
+        run: |
+          tar xf UTM.xcarchive.tgz
+          ./scripts/package.sh ipa-se UTM.xcarchive .
+      - name: Upload Artifact
+        if: github.event_name != 'release'
+        uses: actions/upload-artifact@v2
+        with:
+          name: UTM-SE-ipa
+          path: UTM SE.ipa
+      - name: Upload Release Asset
+        if: github.event_name == 'release'
+        uses: actions/[email protected]
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ github.event.release.upload_url }}
+          asset_path: UTM SE.ipa
+          asset_name: UTM SE.ipa
+          asset_content_type: application/octet-stream
+      - name: Send Dispatch Event
+        if: github.event_name == 'release'
+        continue-on-error: true
+        uses: peter-evans/repository-dispatch@v1
+        with:
+          token: ${{ secrets.PERSONAL_ACCESS_TOKEN }}
+          repository: ${{ secrets.DISPATCH_ALTSTORE_REPO_NAME }}
+          event-type: new-release
+  package-deb:
+    name: Package (iOS DEB)
+    runs-on: macos-11
+    needs: build
+    if: github.event_name == 'release' || github.event.inputs.test_release == 'true'
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+      - name: Download Artifact
+        uses: actions/download-artifact@v2
+        with:
+          name: UTM-ios-arm64
+      - name: Install ldid + dpkg
+        run: brew install ldid dpkg
+      - name: Fakesign IPA
+        run: |
+          tar xf UTM.xcarchive.tgz
+          ./scripts/package.sh deb UTM.xcarchive .
+      - name: Upload Artifact
+        if: github.event_name != 'release'
+        uses: actions/upload-artifact@v2
+        with:
+          name: UTM-deb
+          path: UTM.deb
+      - name: Upload Release Asset
+        if: github.event_name == 'release'
+        uses: actions/[email protected]
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ github.event.release.upload_url }}
+          asset_path: UTM.deb
+          asset_name: UTM.deb
+          asset_content_type: application/octet-stream
+      - name: Send Dispatch Event
+        if: github.event_name == 'release'
+        continue-on-error: true
+        uses: peter-evans/repository-dispatch@v1
+        with:
+          token: ${{ secrets.PERSONAL_ACCESS_TOKEN }}
+          repository: ${{ secrets.DISPATCH_CYDIA_REPO_NAME }}
+          event-type: new-release
+  package-mac:
+    name: Package (macOS)
+    runs-on: macos-11
+    needs: build-universal
+    if: github.event_name == 'release' || github.event.inputs.test_release == 'true'
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+      - name: Import signing certificate into keychain
+        uses: apple-actions/import-codesign-certs@v1
+        with:
+          p12-file-base64: ${{ secrets.SIGNING_CERTIFICATE_P12_DATA }}
+          p12-password: ${{ secrets.SIGNING_CERTIFICATE_PASSWORD }}
+      - name: Install Provisioning Profiles
+        run: |
+          mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles
+          echo $PROFILE_DATA | base64 --decode -o ~/Library/MobileDevice/Provisioning\ Profiles/$PROFILE_UUID.provisionprofile
+          echo $HELPER_PROFILE_DATA | base64 --decode -o ~/Library/MobileDevice/Provisioning\ Profiles/$HELPER_PROFILE_UUID.provisionprofile
+          echo $LAUNCHER_PROFILE_DATA | base64 --decode -o ~/Library/MobileDevice/Provisioning\ Profiles/$LAUNCHER_PROFILE_UUID.provisionprofile
+        env:
+          PROFILE_DATA: ${{ secrets.PROFILE_DATA }}
+          PROFILE_UUID: ${{ secrets.PROFILE_UUID }}
+          HELPER_PROFILE_DATA: ${{ secrets.HELPER_PROFILE_DATA }}
+          HELPER_PROFILE_UUID: ${{ secrets.HELPER_PROFILE_UUID }}
+          LAUNCHER_PROFILE_DATA: ${{ secrets.LAUNCHER_PROFILE_DATA }}
+          LAUNCHER_PROFILE_UUID: ${{ secrets.LAUNCHER_PROFILE_UUID }}
+      - name: Download Artifact
+        uses: actions/download-artifact@v2
+        with:
+          name: UTM-macos-universal
+      - name: Package for Release
+        run: |
+          tar xf UTM.xcarchive.tgz
+          ./scripts/package_mac.sh developer-id UTM.xcarchive . "$SIGNING_TEAM_ID" "$PROFILE_UUID" "$HELPER_PROFILE_UUID" "$LAUNCHER_PROFILE_UUID"
+        env:
+          SIGNING_TEAM_ID: ${{ secrets.SIGNING_TEAM_ID }}
+          PROFILE_UUID: ${{ secrets.PROFILE_UUID }}
+          HELPER_PROFILE_UUID: ${{ secrets.HELPER_PROFILE_UUID }}
+          LAUNCHER_PROFILE_UUID: ${{ secrets.LAUNCHER_PROFILE_UUID }}
+      - name: Notarize app
+        run: npx notarize-cli --file "UTM.dmg" --bundle-id "com.utmapp.UTM"
+        env:
+          NOTARIZE_USERNAME: ${{ secrets.SIGNING_USERNAME }}
+          NOTARIZE_PASSWORD: ${{ secrets.SIGNING_PASSWORD }}
+      - name: Upload Artifact
+        if: github.event_name != 'release'
+        uses: actions/upload-artifact@v2
+        with:
+          name: UTM-dmg
+          path: UTM.dmg
+      - name: Upload Release Asset
+        if: github.event_name == 'release'
+        uses: actions/[email protected]
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ github.event.release.upload_url }}
+          asset_path: UTM.dmg
+          asset_name: UTM.dmg
+          asset_content_type: application/octet-stream