Incorporate vcpkg into CI workflow #798
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # much of this inspired from: https://cristianadam.eu/20191222/using-github-actions-with-c-plus-plus-and-cmake/ | |
| # and also the excellent series from: | |
| # https://www.edwardthomson.com/blog/github_actions_advent_calendar.html | |
| name: CI action for CalChart | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - calchart-3.6 | |
| tags: | |
| - '*' | |
| pull_request: | |
| branches: | |
| - main | |
| - calchart-3.6 | |
| jobs: | |
| build: | |
| name: ${{ matrix.config.name }} | |
| runs-on: ${{ matrix.config.os }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| config: | |
| - { | |
| name: "Ubuntu Latest GCC", | |
| artifact: "CalChart.tar.xz", | |
| artifact_name: "CalChart-Linux", | |
| os: ubuntu-24.04, | |
| } | |
| - { | |
| name: "macOS 14 Clang", | |
| artifact: "CalChart-*.dmg", | |
| artifact_name: "CalChart-macOS", | |
| os: macos-14, | |
| } | |
| - { | |
| name: "Windows Latest MSVC", | |
| artifact: "CalChart-*.exe", | |
| artifact_name: "CalChart-Windows", | |
| os: windows-latest, | |
| } | |
| build_type: [Debug, Release] | |
| exclude: | |
| - config: { | |
| name: "Windows Latest MSVC", | |
| artifact: "CalChart-*.exe", | |
| artifact_name: "CalChart-Windows", | |
| os: windows-latest, | |
| } | |
| build_type: Debug | |
| steps: | |
| - name: checkout | |
| uses: actions/checkout@v3 | |
| - name: Checkout unshallow | |
| run: git fetch --unshallow | |
| - name: Checkout submodules | |
| run: git submodule update --init --recursive | |
| - name: Cache vcpkg | |
| id: cache-vcpkg | |
| uses: actions/cache@v4 | |
| with: | |
| path: ${{github.workspace}}/vcpkg | |
| key: vcpkg-install-${{ runner.os }}-365f6444ab40ee87c73c947b475b3a267b3cb77c | |
| - name: Setup vcpkg | |
| if: steps.cache-vcpkg.outputs.cache-hit != 'true' | |
| run: | | |
| git clone https://github.com/microsoft/vcpkg.git ${{github.workspace}}/vcpkg | |
| cd ${{github.workspace}}/vcpkg | |
| git checkout 365f6444ab40ee87c73c947b475b3a267b3cb77c | |
| if [ "$RUNNER_OS" == "Windows" ]; then | |
| ./bootstrap-vcpkg.bat | |
| else | |
| ./bootstrap-vcpkg.sh | |
| fi | |
| shell: bash | |
| - name: Cache vcpkg binary cache (Windows) | |
| if: runner.os == 'Windows' | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/AppData/Local/vcpkg/archives | |
| key: vcpkg-archives-${{ runner.os }}-${{ runner.arch }}-365f6444ab40ee87c73c947b475b3a267b3cb77c | |
| restore-keys: | | |
| vcpkg-archives-${{ runner.os }}-${{ runner.arch }}- | |
| - name: Cache vcpkg binary cache (Unix) | |
| if: runner.os != 'Windows' | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/.cache/vcpkg/archives | |
| key: vcpkg-archives-${{ runner.os }}-${{ runner.arch }}-365f6444ab40ee87c73c947b475b3a267b3cb77c | |
| restore-keys: | | |
| vcpkg-archives-${{ runner.os }}-${{ runner.arch }}- | |
| - name: Installing Xcode (MacOS) | |
| if: matrix.config.os == 'macos-14' | |
| uses: maxim-lobanov/setup-xcode@v1 | |
| with: | |
| xcode-version: '15.4' | |
| - name: Installing Dependencies (Windows) | |
| if: matrix.config.os == 'windows-latest' | |
| run: | | |
| # Install required build helpers and tools via choco | |
| choco install -y winflexbison nsis curl openssl.light pkgconfiglite git | |
| # Add NSIS to PATH for this session | |
| $env:PATH = "$env:PATH;C:\Program Files (x86)\NSIS" | |
| echo "C:\Program Files (x86)\NSIS" >> $env:GITHUB_PATH | |
| - name: Installing Dependencies (Linux) | |
| if: matrix.config.os == 'ubuntu-24.04' | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y autoconf autoconf-archive automake libltdl-dev | |
| sudo apt-get install -y build-essential libgtk-3-dev libcurl4-openssl-dev pkg-config ninja-build | |
| - name: Updating to gcc 14 (Linux) | |
| if: matrix.config.os == 'ubuntu-24.04' | |
| run: | | |
| sudo apt update | |
| sudo apt install gcc-14 g++-14 | |
| sudo update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-14 100 --slave /usr/bin/g++ g++ /usr/bin/g++-14 --slave /usr/bin/gcov gcov /usr/bin/gcov-14 | |
| sudo update-alternatives --set gcc /usr/bin/gcc-14 | |
| - name: Configure CMake (Windows) | |
| if: matrix.config.os == 'windows-latest' | |
| # Use vcpkg toolchain file with static triplet; force static runtime for CalChart too | |
| run: cmake -B ${{github.workspace}}/build -DCMAKE_BUILD_TYPE=${{matrix.build_type}} -DCMAKE_TOOLCHAIN_FILE="${{github.workspace}}/vcpkg/scripts/buildsystems/vcpkg.cmake" -DVCPKG_TARGET_TRIPLET=x64-windows-static -DCMAKE_MSVC_RUNTIME_LIBRARY="MultiThreaded$<$<CONFIG:Debug>:Debug>" | |
| env: | |
| VCPKG_BINARY_SOURCES: 'clear;files,%LOCALAPPDATA%/vcpkg/archives,readwrite' | |
| - name: Configure CMake (non-Windows) | |
| if: matrix.config.os != 'windows-latest' | |
| # Use vcpkg toolchain on macOS/Linux; triplet auto-selected (x64-osx / x64-linux) | |
| run: cmake -B ${{github.workspace}}/build -DCMAKE_BUILD_TYPE=${{matrix.build_type}} -DCMAKE_TOOLCHAIN_FILE="${{github.workspace}}/vcpkg/scripts/buildsystems/vcpkg.cmake" | |
| env: | |
| VCPKG_BINARY_SOURCES: 'clear;files,~/.cache/vcpkg/archives,readwrite' | |
| - name: Build | |
| # Build your program with the given configuration | |
| run: cmake --build ${{github.workspace}}/build --config ${{matrix.build_type}} | |
| - name: Run tests | |
| run: ctest --verbose --test-dir ${{github.workspace}}/build | |
| # Codesigning and Notorizing for Mac: | |
| # These are the steps you need to do before we run CI to Codesign and Notorize | |
| # prerequisites: You need an Apple Developer Account (Apple ID) | |
| # ✅ Step 1: Generate a Certificate Signing Request (CSR) | |
| # On your Mac, open Keychain Access | |
| # In the menu bar, select: | |
| # Keychain Access → Certificate Assistant → Request a Certificate From a Certificate Authority… | |
| # Fill in: | |
| # User Email Address: your Apple ID | |
| # Common Name: something like Developer ID for CalChart | |
| # CA Email: leave blank | |
| # Request is: ✔ Save to disk | |
| # Click Continue, and save the .certSigningRequest file | |
| # ✅ Step 2: Create a Developer ID Application Certificate | |
| # Go to https://developer.apple.com/account/ | |
| # Navigate to Certificates, Identifiers & Profiles | |
| # Under Certificates, click the ➕ button | |
| # Choose: | |
| # Type: Developer ID Application | |
| # Click Continue | |
| # Upload your .certSigningRequest | |
| # Click Continue, then Download the .cer file | |
| # ✅ Step 3: Import the Certificate to Keychain | |
| # Double-click the downloaded .cer file | |
| # It will appear in your login keychain | |
| # Make sure the certificate appears with a private key (expand the triangle in Keychain) | |
| # 🔒 If there's no private key: Something went wrong during CSR generation. Try again from Step 1. | |
| # ✅ Step 4: Export as .p12 for GitHub Use | |
| # In Keychain Access, right-click the certificate → Export | |
| # Choose .p12 format | |
| # Set a strong password (you’ll store this in GitHub Secrets as MACOS_CERTIFICATE_PASSWORD) | |
| # Save the file as DeveloperID.p12 | |
| # ✅ Step 5: App-Specific Password for notarytool | |
| # notarytool is going to access the server as you, so create an app-specific password | |
| # If you haven’t already, create an App-Specific Password for your Apple ID . | |
| # https://account.apple.com/account/manage | |
| # Create a password for notarytool (you’ll store this in GitHub Secrets as APP_SPECIFIC_PASSWORD) | |
| # ✅ Step 5: Base64 Encode and Store in GitHub | |
| # Run: | |
| # base64 DeveloperID.p12 | pbcopy | |
| # Then in GitHub, Go to Settings → Secrets and variables → Actions | |
| # Add these secrets: | |
| # MACOS_CERTIFICATE (Paste base64 contents) | |
| # MACOS_CERTIFICATE_PASSWORD (The password you set for export) | |
| # DEVELOPER_ID_APP "Developer ID Application: Your Name (TEAMID)" | |
| # APPLE_ID (Your developer Apple ID) | |
| # APPLE_TEAM_ID (Your developer team (usually 10 alphanumeric digits)) | |
| # APP_SPECIFIC_PASSWORD (The notarytool password) | |
| # To get the full identity name, run: | |
| # security find-identity -p codesigning -v | |
| # You'll see: | |
| # | |
| # 1) XXXXXXXX "Developer ID Application: Richard Powell (ABCDE12345)" | |
| # Use that full quoted string in DEVELOPER_ID_APP. | |
| - name: Setup keychain with cert p12 (macOS) | |
| if: matrix.config.os == 'macos-14' | |
| env: | |
| MACOS_CERTIFICATE: ${{ secrets.MACOS_CERTIFICATE }} | |
| MACOS_CERTIFICATE_PASSWORD: ${{ secrets.MACOS_CERTIFICATE_PASSWORD }} | |
| run: | | |
| echo $MACOS_CERTIFICATE | base64 --decode > ${{github.workspace}}/certificate.p12 | |
| security create-keychain -p "CalChart" build.keychain | |
| security default-keychain -s build.keychain | |
| security unlock-keychain -p "CalChart" build.keychain | |
| security import certificate.p12 -k build.keychain -P "$MACOS_CERTIFICATE_PASSWORD" -T /usr/bin/codesign | |
| security set-key-partition-list -S apple-tool:,apple: -s -k "CalChart" build.keychain | |
| - name: Code sign the app | |
| if: matrix.config.os == 'macos-14' | |
| env: | |
| DEVELOPER_ID_APP: ${{ secrets.DEVELOPER_ID_APP }} | |
| run: | | |
| codesign --deep --force --verify --verbose --timestamp --options runtime \ | |
| --sign "$DEVELOPER_ID_APP" \ | |
| ${{github.workspace}}/build/src/CalChart.app | |
| # Notarizing involves | |
| # 1. Zip the file up | |
| # 2. Notarize using the password and IDs for notarytool | |
| - name: Zip for notarization (macOS) | |
| if: matrix.config.os == 'macos-14' | |
| run: ditto -c -k --keepParent ${{github.workspace}}/build/src/CalChart.app ${{github.workspace}}/build/src/CalChart.zip | |
| - name: Notarize (macOS) | |
| if: matrix.config.os == 'macos-14' | |
| run: | | |
| xcrun notarytool submit ${{github.workspace}}/build/src/CalChart.zip \ | |
| --apple-id "$APPLE_ID" \ | |
| --team-id "$APPLE_TEAM_ID" \ | |
| --password "$APP_SPECIFIC_PASSWORD" \ | |
| --wait | |
| env: | |
| APPLE_ID: ${{ secrets.APPLE_ID }} | |
| APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} | |
| APP_SPECIFIC_PASSWORD: ${{ secrets.APP_SPECIFIC_PASSWORD }} | |
| - name: Staple notarization ticket | |
| if: matrix.config.os == 'macos-14' | |
| run: xcrun stapler staple ${{github.workspace}}/build/src/CalChart.app | |
| - name: Pack (macOS) | |
| if: matrix.config.os == 'macos-14' | |
| run: pushd ${{github.workspace}}/build && cpack -G DragNDrop | |
| - name: Pack (Windows) | |
| if: matrix.config.os == 'windows-latest' | |
| # it seems that the cmake command provided by chocolatey conflicts with cmake. | |
| # explicitly running cpack from the cmake directory. | |
| run: | | |
| $cmdpath = split-path -parent (get-command cmake).Path | |
| $cpack_cmd = Join-Path -Path $cmdpath -ChildPath cpack | |
| pushd ${{github.workspace}}/build | |
| & $cpack_cmd | |
| - name: Strip (Linux) | |
| if: matrix.config.os == 'ubuntu-24.04' | |
| run: cmake --install build --prefix instdir --strip | |
| - name: Pack (Linux) | |
| if: matrix.config.os == 'ubuntu-24.04' | |
| working-directory: instdir | |
| run: cmake -E tar cJfv ${{github.workspace}}/build/CalChart.tar.xz . | |
| - name: Upload | |
| if: matrix.build_type == 'Release' | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| path: ${{github.workspace}}/build/${{ matrix.config.artifact }} | |
| name: ${{ matrix.config.artifact_name }} | |
| release: | |
| if: contains(github.ref, 'tags/v') | |
| name: Release | |
| runs-on: ubuntu-24.04 | |
| needs: build | |
| steps: | |
| - name: checkout | |
| uses: actions/checkout@v3 | |
| - name: Download artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| path: ./ | |
| - name: Display structure of downloaded files | |
| run: ls -R | |
| # using https://github.com/ncipollo/release-action | |
| - name: Release | |
| uses: ncipollo/release-action@v1 | |
| with: | |
| artifacts: CalChart-*/* | |
| bodyFile: ./LATEST_RELEASE_NOTES.md | |
| draft: true | |
| token: ${{ secrets.GITHUB_TOKEN }} | |