diff --git a/.github/workflows/build_multiplatform.yml b/.github/workflows/build_multiplatform.yml index 5493aad5..ff00e89a 100644 --- a/.github/workflows/build_multiplatform.yml +++ b/.github/workflows/build_multiplatform.yml @@ -100,9 +100,6 @@ jobs: name: libcodec2_${{ matrix.os }}_${{ matrix.platform.name }}_${{ matrix.architecture }}.${{ matrix.platform.file }} path: codec2/tempfiles/* - - - BUILD_ARM: # The host should always be linux runs-on: ubuntu-latest @@ -199,6 +196,7 @@ jobs: name: Build FreeDATA packages runs-on: ${{ matrix.os }} strategy: + fail-fast: false matrix: os: [ubuntu-20.04, macos-11, windows-latest] include: @@ -236,7 +234,7 @@ jobs: - name: Install Node.js, NPM and Yarn uses: actions/setup-node@v3 with: - node-version: 16 + node-version: 18 - name: Create tnc/dist working-directory: tnc @@ -282,27 +280,25 @@ jobs: python -m pip install --upgrade pip pip install -r requirements.txt + - name: Add MacOS certs + if: ${{startsWith(matrix.os, 'macos')}} + run: chmod +x add-osx-cert.sh && ./add-osx-cert.sh + env: + CERTIFICATE_OSX_APPLICATION: ${{ secrets.CERTIFICATE_OSX_APPLICATION }} + CERTIFICATE_PASSWORD: ${{ secrets.CERTIFICATE_PASSWORD }} - # - name: Install Pyaudio Windows - # if: ${{startsWith(matrix.os, 'windows')}} - # working-directory: tnc/lib/pyaudio/windows - # run: | - # pip install PyAudio-0.2.11-cp39-cp39-win_amd64.whl + - name: Build binaries macOS + if: ${{startsWith(matrix.os, 'macos')}} + working-directory: tnc + run: | + # now build tnc binaries + pyinstaller -y freedata.spec + # and to some final cleanup + cp -r -f dist/tnc/* dist/ + rm -r dist/tnc - # - name: Display structure of downloaded files - # run: ls -R - - # - name: cleanup codec2 - # working-directory: tnc/lib/ - # run: | - # mkdir codec2 - # cd codec2 - - # - uses: actions/download-artifact@v3 - # with: - # path: tnc/lib/codec2 - - - name: Build binaries + - name: Build binaries Linux and Windows + if: ${{!startsWith(matrix.os, 'macos')}} working-directory: tnc run: | # pyinstaller freedata.spec @@ -311,8 +307,8 @@ jobs: python3 -m nuitka --enable-plugin=numpy --assume-yes-for-downloads --standalone daemon.py python3 -m nuitka --enable-plugin=numpy --assume-yes-for-downloads --standalone main.py - - name: Copy binaries - Linux and MacOS - if: ${{!startsWith(matrix.os, 'windows')}} + - name: Copy binaries - Linux + if: ${{startsWith(matrix.os, 'ubuntu')}} working-directory: tnc run: | cp -r -f daemon.dist/* dist/tnc @@ -327,6 +323,8 @@ jobs: cp -r -Force main.dist/* dist/tnc - name: Rename tnc binaries + # we don't need renaming for pyinstaller builds as output name is defined + if: ${{!startsWith(matrix.os, 'macos')}} working-directory: tnc run: | mv dist/tnc/daemon* dist/tnc/${{ matrix.daemon_binary_name }} @@ -336,6 +334,7 @@ jobs: with: path: tnc/dist/tnc + - name: LIST ALL FILES run: ls -R @@ -347,51 +346,18 @@ jobs: - name: LIST ALL FILES run: ls -R - #- name: Compress TNC - # # if: ${{!startsWith(matrix.os, 'windows') }} - # shell: bash - # run: | - # cd ./tnc/dist - # zip -r ./${{ matrix.zip_name }}.zip * - - ##- name: Copy TNC to GUI - ## run: | - ## # cp -R ./tnc/dist/tnc ./gui/tnc - ## cp -R ./tnc/dist ./gui/tnc - - ##- name: LIST ALL FILES - ## run: ls -R - - ##- name: Compress TNC - ## uses: thedoctor0/zip-release@master - ## with: - ## type: 'zip' - ## filename: '${{ matrix.zip_name }}' - ## # directory: ./tnc/dist/tnc - ## directory: ./tnc/dist/tnc - ## path: . - ## # exclusions: '*.git* /*node_modules/* .editorconfig' - - ##- name: LIST ALL FILES - ## run: ls -R - - ##- name: Upload TNC artifacts - ## uses: actions/upload-artifact@v3 - ## with: - ## name: ${{ matrix.zip_name }}.zip - ## # path: ./tnc/dist/tnc/${{ matrix.zip_name }}.zip - ## path: ./tnc/dist/${{ matrix.zip_name }}.zip - - - ##- name: Release TNC - ## uses: softprops/action-gh-release@v1 - ## if: startsWith(github.ref, 'refs/tags/v') - ## with: - ## files: ./tnc/dist/tnc/${{ matrix.zip_name }}.zip - ## #files: ./tnc/dist/${{ matrix.zip_name }}.zip + - name: cleanup on macos before code signing + if: ${{startsWith(matrix.os, 'macos')}} + run: | + ls -l + # find . -type d -name .git -exec rm -r {} \; + find . -type d -o -name ".git" -delete - name: Build/release Electron app uses: samuelmeuli/action-electron-builder@v1 + env: + APPLE_ID: ${{ secrets.APPLE_ID }} + APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} with: package_root: "./gui/" github_token: ${{ secrets.github_token }} @@ -399,6 +365,7 @@ jobs: # release the app after building release: ${{ startsWith(github.ref, 'refs/tags/v') }} args: ${{ matrix.electron_parameters }} + max_attempts: 3 - name: Compress TNC uses: thedoctor0/zip-release@master diff --git a/.github/workflows/ctest.yml b/.github/workflows/ctest.yml index 77c916b8..9512c91f 100644 --- a/.github/workflows/ctest.yml +++ b/.github/workflows/ctest.yml @@ -21,6 +21,7 @@ jobs: - python-version: "3.9" - python-version: "3.10" - python-version: "3.11" + - python-version: "3.12-dev" steps: - uses: actions/checkout@v3 diff --git a/add-osx-cert.sh b/add-osx-cert.sh new file mode 100644 index 00000000..6da80041 --- /dev/null +++ b/add-osx-cert.sh @@ -0,0 +1,23 @@ +#!/usr/bin/env sh + +KEY_CHAIN=build.keychain +CERTIFICATE_P12=certificate.p12 + +# Recreate the certificate from the secure environment variable +echo $CERTIFICATE_OSX_APPLICATION | base64 --decode > $CERTIFICATE_P12 + +#create a keychain +security create-keychain -p actions $KEY_CHAIN + +# Make the keychain the default so identities are found +security default-keychain -s $KEY_CHAIN + +# Unlock the keychain +security unlock-keychain -p actions $KEY_CHAIN + +security import $CERTIFICATE_P12 -k $KEY_CHAIN -P $CERTIFICATE_PASSWORD -T /usr/bin/codesign; + +security set-key-partition-list -S apple-tool:,apple: -s -k actions $KEY_CHAIN + +# remove certs +rm -fr *.p12 \ No newline at end of file diff --git a/gui/build/entitlements.plist b/gui/build/entitlements.plist new file mode 100644 index 00000000..983f1099 --- /dev/null +++ b/gui/build/entitlements.plist @@ -0,0 +1,16 @@ + + + + + com.apple.security.cs.allow-jit + + com.apple.security.cs.allow-unsigned-executable-memory + + com.apple.security.cs.disable-library-validation + + com.apple.security.cs.disable-executable-page-protection + + com.apple.security.automation.apple-events + + + \ No newline at end of file diff --git a/gui/package.json b/gui/package.json index 7f120be1..05d95f2a 100644 --- a/gui/package.json +++ b/gui/package.json @@ -1,6 +1,6 @@ { "name": "FreeDATA", - "version": "0.6.11-alpha.2", + "version": "0.6.11-alpha.5", "description": "FreeDATA ", "main": "main.js", "scripts": { @@ -28,6 +28,9 @@ }, "homepage": "https://freedata.app", "dependencies": { + "@electron/asar": "^3.2.3", + "@electron/osx-sign": "^1.0.4", + "@popperjs/core": "^2.11.6", "blob-util": "^2.0.2", "bootstrap": "^5.2.3", "bootstrap-icons": "^1.10.3", @@ -50,31 +53,30 @@ "uuid": "^9.0.0" }, "devDependencies": { + "electron": "^22.0.2", "electron-builder": "^23.6.0" + "@electron/notarize": "^1.2.3", + "electron-builder-notarize": "^1.5.0" }, "build": { "productName": "FreeDATA", "appId": "app.freedata", + "afterSign": "electron-builder-notarize", "npmRebuild": "false", "directories": { "buildResources": "build", "output": "dist" }, - "dmg": { + "mac": { + "target": [ + "default" + ], "icon": "build/icon.png", - "contents": [ - { - "x": 130, - "y": 220 - }, - { - "x": 410, - "y": 220, - "type": "link", - "path": "/Applications" - } - ] + "hardenedRuntime": true, + "entitlements": "build/entitlements.plist", + "entitlementsInherit": "build/entitlements.plist", + "gatekeeperAssess": false }, "win": { "icon": "build/icon.png", @@ -98,7 +100,8 @@ "from": "../tnc/dist/tnc/", "to": "tnc", "filter": [ - "**/*" + "**/*", + "!**/.git" ] } ] diff --git a/tnc/freedata.spec b/tnc/freedata.spec index 743f7f48..feb115de 100644 --- a/tnc/freedata.spec +++ b/tnc/freedata.spec @@ -25,6 +25,7 @@ daemon_exe = EXE(daemon_pyz, [], exclude_binaries=True, name='freedata-daemon', + bundle_identifier='com.dj2ls.freedata-daemon', debug=False, bootloader_ignore_signals=False, strip=False, @@ -62,6 +63,7 @@ tnc_exe = EXE(tnc_pyz, [], exclude_binaries=True, name='freedata-tnc', + bundle_identifier='com.dj2ls.freedata-tnc', debug=False, bootloader_ignore_signals=False, strip=False, diff --git a/tnc/static.py b/tnc/static.py index e156658d..45b8e76e 100644 --- a/tnc/static.py +++ b/tnc/static.py @@ -11,7 +11,7 @@ Not nice, suggestions are appreciated :-) import subprocess from enum import Enum -VERSION = "0.6.11-alpha.2" +VERSION = "0.6.11-alpha.5" ENABLE_EXPLORER = False