Skip to content

Add Build Action #23

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
lukekim wants to merge 8 commits into from
Closed

Add Build Action #23

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
acd716a
Add Pull Request action
lukekim Apr 12, 2025
466a655
Use cloud machines
lukekim Apr 12, 2025
57d771a
Remove make
lukekim Apr 12, 2025
a0f03b7
Revert "Remove make"
lukekim Apr 12, 2025
eaa25c7
Remove make
lukekim Apr 12, 2025
e4bdb78
Build on merge to trunk
lukekim Apr 12, 2025
069a58c
Add code-signing release
lukekim Apr 12, 2025
519e8a5
Update path
lukekim Apr 12, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
26 changes: 26 additions & 0 deletions .github/workflows/build.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
name: build
on:
workflow_dispatch:
pull_request:
types: [opened, synchronize, reopened]
push:
branches:
- trunk

jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
submodules: recursive

- name: Install Python
uses: actions/setup-python@v4
with:
python-version: 3.13

- name: Make Package
run: |
make package
32 changes: 24 additions & 8 deletions .github/workflows/release.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,11 +1,19 @@
name: release
on:
workflow_dispatch:
inputs:
signed_binary_name:
description: 'Name of the signed binary'
required: false
default: 'spiceai.signed.taco'
type: string
release:
types: [created]

jobs:
build:
runs-on: macos-latest
runs-on: code-signing
if: github.event.action == 'created' && github.event.release.prerelease == true
steps:
- name: Checkout
uses: actions/checkout@v4
Expand All @@ -17,20 +25,28 @@ jobs:
with:
python-version: 3.13

- name: Install Make
- name: Make Package (unsigned)
run: |
brew install make
make package

- name: Package (unsigned)
- name: Set up Java for signing
uses: actions/setup-java@v4
with:
java-version: '11'
distribution: 'zulu'

- name: Sign ${{ inputs.signed_binary_name}}
env:
DIGICERT_KEY_ALIAS: ${{ secrets.DIGICERT_KEY_ALIAS }}
run: |
make package
mv spice.taco spice_unsigned.taco
jarsigner -tsa http://timestamp.digicert.com -verbose -keystore NONE -storetype PKCS11 -providerClass sun.security.pkcs11.SunPKCS11 -providerArg pkcs11properties.cfg -sigalg SHA256withRSA -signedjar ${{ inputs.signed_binary_name}} spice.taco $DIGICERT_KEY_ALIAS
shell: bash

- name: Upload
- name: Upload to release
uses: softprops/action-gh-release@v2
if: startsWith(github.ref, 'refs/tags/')
with:
draft: true
prerelease: true
fail_on_unmatched_files: true
files: spice_unsigned.taco
files: ${{ inputs.signed_binary_name }}