From 413e58618862d0e47dde4d516b1730cd533f839d Mon Sep 17 00:00:00 2001 From: fleisch Date: Thu, 18 May 2023 13:55:04 +0200 Subject: [PATCH] signing spring boot build, disable cli build --- .github/workflows/distribute.yaml | 376 +++++++++++++++--------------- sirius_dist/build.gradle | 107 ++++----- 2 files changed, 238 insertions(+), 245 deletions(-) diff --git a/.github/workflows/distribute.yaml b/.github/workflows/distribute.yaml index fa1aafe8d6..82a4a1ff7f 100644 --- a/.github/workflows/distribute.yaml +++ b/.github/workflows/distribute.yaml @@ -4,193 +4,193 @@ on: branches: - stable - master - # - stable-service-api paths-ignore: - '**/README.md' - 'sirius_doc/**/*' jobs: - distCLI: - strategy: - matrix: - os: [ ubuntu-latest, windows-latest, macos-latest ] - runs-on: ${{ matrix.os }} - env: - GENERIC_INSTALLER_CERTIFICATE: ${{ secrets.GENERIC_INSTALLER_CERTIFICATE }} - MACOS_APP_IDENTITY_ID: ${{ secrets.MACOS_APP_IDENTITY_ID }} - MACOS_IDENTITY_ID: ${{ secrets.MACOS_IDENTITY_ID }} - MACOS_APPLE_ID: ${{ secrets.MACOS_APPLE_ID }} - MACOS_APPLE_ID_PW: ${{ secrets.MACOS_APPLE_ID_PW }} - SIRIUS_USER: ${{ secrets.SIRIUS_USER }} - SIRIUS_PW: ${{ secrets.SIRIUS_PW }} - # LINUX_INSTALLER_CERTIFICATE_FILE: ${{ steps.generic_codesign_cert.outputs.filePath }} - steps: - - uses: actions/checkout@v2 - - name: Set up Zulu JDK - uses: actions/setup-java@v1 - with: - java-version: '17' # The JDK version to make available on the path. - java-package: jdk # (jre, jdk, or jdk+fx) - defaults to jdk - architecture: x64 # (x64 or x86) - defaults to x64 - - name: Load Build properties - uses: Reedyuk/read-properties@v1.0.1 - id: sirius_version - with: - path: './sirius_cli/src/main/resources/sirius_frontend.build.properties' - property: 'de.unijena.bioinf.siriusFrontend.version' - - - if: ${{ (matrix.os == 'macos-latest') && (env.MACOS_APP_IDENTITY_ID != '') }} - name: Import Apple APP Code-signing ID and p12 - uses: apple-actions/import-codesign-certs@v1 - with: - keychain-password: ${{ secrets.MACOS_TMP_KEYCHAIN_PWD }} - p12-file-base64: ${{ secrets.MACOS_APP_CERTIFICATE }} - p12-password: ${{ secrets.MACOS_APP_CERTIFICATE_PWD }} - - - if: ${{ (matrix.os == 'macos-latest') && (env.MACOS_IDENTITY_ID != '') }} - name: Import Apple Installer Code-signing ID and p12 - uses: apple-actions/import-codesign-certs@v1 - with: - create-keychain: false - keychain-password: ${{ secrets.MACOS_TMP_KEYCHAIN_PWD }} - p12-file-base64: ${{ secrets.MACOS_CERTIFICATE }} - p12-password: ${{ secrets.MACOS_CERTIFICATE_PWD }} - - - if: matrix.os == 'macos-latest' - name: Check Identities - run: /usr/bin/security find-identity - - - if: ${{ (matrix.os == 'windows-latest' || matrix.os == 'ubuntu-latest') && (env.GENERIC_INSTALLER_CERTIFICATE != '') }} - name: Load generic installer codesign cert - id: generic_codesign_cert - uses: timheuer/base64-to-file@v1.1 - with: - fileName: 'generic_installer_cert.p12' - encodedString: ${{ env.GENERIC_INSTALLER_CERTIFICATE }} - - - name: Gradle Build - uses: eskatos/gradle-command-action@v1 - env: - WIN_INSTALLER_CERTIFICATE_FILE: ${{ steps.generic_codesign_cert.outputs.filePath }} - with: - gradle-version: 7.6 - build-root-directory: sirius_dist/sirius_cli_single_os - arguments: clean publishSiriusPublicationToMavenLocal -P "build.sirius.native.openjfx.exclude=true" -P "build.sirius.starter.jdk.include=true" -P "de.unijena.bioinf.build.MACOS_APP_IDENTITY_ID=${{ secrets.MACOS_APP_IDENTITY_ID }}" -P "de.unijena.bioinf.build.MACOS_IDENTITY_ID=${{ secrets.MACOS_IDENTITY_ID }}" -P "de.unijena.bioinf.build.MACOS_APPLE_ID=${{ secrets.MACOS_APPLE_ID }}" -P "de.unijena.bioinf.build.MACOS_APPLE_ID_PW=${{ secrets.MACOS_APPLE_ID_PW }}" -P "de.unijena.bioinf.build.WIN_INSTALLER_CERTIFICATE_FILE=${{ steps.generic_codesign_cert.outputs.filePath }}" -P "de.unijena.bioinf.build.WIN_INSTALLER_CERTIFICATE_PW=${{ secrets.GENERIC_INSTALLER_CERTIFICATE_PW }}" -P "de.unijena.bioinf.build.WIN_INSTALLER_CERTIFICATE_TIMESTAMP_URL=${{ secrets.GENERIC_INSTALLER_CERTIFICATE_TIMESTAMP_URL }}" - - - name: Sirius Run - run: | - TEMP_DIR="$(cd "$(dirname "sirius_cli/src/test/temp_results")"; pwd -P)/$(basename "sirius_cli/src/test/temp_results")" - mkdir "${TEMP_DIR}" "${TEMP_DIR}/mgf_temp_output" "${TEMP_DIR}/mgf_temp_summary" "${TEMP_DIR}/ms_temp_output" "${TEMP_DIR}/ms_temp_summary" "${TEMP_DIR}/txt_temp_output" "${TEMP_DIR}/txt_temp_summary" - DEMO_DIR="$(cd "$(dirname "sirius_doc/manual/demo-data")"; pwd -P)/$(basename "sirius_doc/manual/demo-data")" - MGF_DATA="${DEMO_DIR}/mgf/laudanosine.mgf" - MS_DATA="${DEMO_DIR}/ms/Bicuculline.ms" - TXT_DATA_1="${DEMO_DIR}/txt/chelidonine_ms.txt" - TXT_DATA_2="${DEMO_DIR}/txt/chelidonine_msms1.txt,${DEMO_DIR}/txt/chelidonine_msms2.txt" - MGF_OUTPUT="${TEMP_DIR}/mgf_temp_output" - MGF_SUMMARY="${TEMP_DIR}/mgf_temp_summary" - MS_OUTPUT="${TEMP_DIR}/ms_temp_output" - MS_SUMMARY="${TEMP_DIR}/ms_temp_summary" - TXT_OUTPUT="${TEMP_DIR}/txt_temp_output" - TXT_SUMMARY="${TEMP_DIR}/txt_temp_summary" - case "$OSTYPE" in - darwin*) SIRIUS="./sirius_dist/sirius_cli_single_os/build/distributions/sirius.app/Contents/MacOS/sirius" ;; - linux*) SIRIUS="./sirius_dist/sirius_cli_single_os/build/distributions/sirius/bin/sirius" ;; - msys*) SIRIUS="./sirius_dist/sirius_cli_single_os/build/distributions/sirius/sirius.exe" ;; - *) echo "Error: Could not find OS."; exit 1 ;; - esac - ${SIRIUS} login --user-env SIRIUS_USER --password-env SIRIUS_PW - ${SIRIUS} --input ${MGF_DATA} --output ${MGF_OUTPUT} formula -p orbitrap fingerprint structure compound-classes write-summaries --output ${MGF_SUMMARY} - ${SIRIUS} -1 ${TXT_DATA_1} -2 ${TXT_DATA_2} -z 354.134704589844 -o ${TXT_OUTPUT} formula -p orbitrap write-summaries --output ${TXT_SUMMARY} - ${SIRIUS} -o ${MS_OUTPUT} -i ${MS_DATA} --ignore-formula formula -p orbitrap -c 5 fingerprint structure compound-classes write-summaries --output ${MS_SUMMARY} - shell: bash - - - name: Sirius MGF Test - run: | - RESULTS="sirius_cli/src/test/temp_results/" - OUTPUT="${RESULTS}mgf_temp_output/1_laudanosine_FEATURE_1/" - SUMMARY="${RESULTS}mgf_temp_summary/1_laudanosine_FEATURE_1/" - CANOPUS="${OUTPUT}canopus/" - CANOPUS_NPC="${OUTPUT}canopus_npc/" - FINGERPRINTS="${OUTPUT}fingerprints/" - FINGER_ID="${OUTPUT}fingerid/" - DIRS=(${SUMMARY} ${OUTPUT} ${CANOPUS} ${CANOPUS_NPC} ${FINGERPRINTS} ${FINGER_ID}) - for DIR in "${DIRS[@]}" ; do - if [ -d "${DIR}" ]; then - echo "Found result directory ${DIR}..." - if [ "$(ls -A ${DIR})" ]; then - echo "${DIR} is not empty." - else - echo "Error: ${DIR} is empty." - exit 1 - fi - else - echo "Error: result directory ${DIR} not found." - exit 1 - fi - done - shell: bash - - - name: Sirius MS Test - run: | - RESULTS="sirius_cli/src/test/temp_results/" - OUTPUT="${RESULTS}ms_temp_output/1_Bicuculline_Bicuculline/" - SUMMARY="${RESULTS}ms_temp_summary/1_Bicuculline_Bicuculline/" - CANOPUS="${OUTPUT}canopus/" - CANOPUS_NPC="${OUTPUT}canopus_npc/" - FINGERPRINTS="${OUTPUT}fingerprints/" - FINGER_ID="${OUTPUT}fingerid/" - echo "${FINGER_ID}" - DIRS=(${SUMMARY} ${OUTPUT} ${CANOPUS} ${CANOPUS_NPC} ${FINGERPRINTS} ${FINGER_ID}) - echo "${DIRS}" - for DIR in "${DIRS[@]}" ; do - if [ -d "${DIR}" ]; then - echo "Found result directory ${DIR}..." - if [ "$(ls -A ${DIR})" ]; then - echo "${DIR} is not empty." - else - echo "Error: ${DIR} is empty." - exit 1 - fi - else - echo "Error: result directory ${DIR} not found." - exit 1 - fi - done - shell: bash - - - name: Sirius TXT Test - run: | - RESULTS="sirius_cli/src/test/temp_results/" - SUMMARY="${RESULTS}txt_temp_summary/1_unknown_/" - if [ -d "${SUMMARY}" ]; then - echo "Found result directory ${SUMMARY}..." - if [ "$(ls -A ${SUMMARY})" ]; then - echo "${SUMMARY} is not empty." - else - echo "Error: ${SUMMARY} is empty." - exit 1 - fi - else - echo "Error: result directory ${SUMMARY} not found." - exit 1 - fi - shell: bash - - - name: Sirius Run Cleanup - run: | - rm -r sirius_cli/src/test/temp_results - - - name: Upload Distributions - uses: actions/upload-artifact@v2 - with: - retention-days: 1 - name: "sirius-${{ steps.sirius_version.outputs.value }}-${{ runner.os }}-x86-64-headless" - path: | - ~/.m2/repository/de/unijena/bioinf/ms/sirius/${{ steps.sirius_version.outputs.value }}/*.zip - ~/.m2/repository/de/unijena/bioinf/ms/sirius/${{ steps.sirius_version.outputs.value }}/*.msi - ~/.m2/repository/de/unijena/bioinf/ms/sirius/${{ steps.sirius_version.outputs.value }}/*.pkg - ~/.m2/repository/de/unijena/bioinf/ms/sirius/${{ steps.sirius_version.outputs.value }}/*.deb - ~/.m2/repository/de/unijena/bioinf/ms/sirius/${{ steps.sirius_version.outputs.value }}/*.sha256 +# distCLI: +# strategy: +# matrix: +# os: [ ubuntu-latest, windows-latest, macos-latest ] +# runs-on: ${{ matrix.os }} +# env: +# GENERIC_INSTALLER_CERTIFICATE: ${{ secrets.GENERIC_INSTALLER_CERTIFICATE }} +# MACOS_APP_IDENTITY_ID: ${{ secrets.MACOS_APP_IDENTITY_ID }} +# MACOS_IDENTITY_ID: ${{ secrets.MACOS_IDENTITY_ID }} +# MACOS_APPLE_ID: ${{ secrets.MACOS_APPLE_ID }} +# MACOS_APPLE_ID_PW: ${{ secrets.MACOS_APPLE_ID_PW }} +# MACOS_TEAM_ID : ${{ secrets.MACOS_TEAM_ID }} +# SIRIUS_USER: ${{ secrets.SIRIUS_USER }} +# SIRIUS_PW: ${{ secrets.SIRIUS_PW }} +# # LINUX_INSTALLER_CERTIFICATE_FILE: ${{ steps.generic_codesign_cert.outputs.filePath }} +# steps: +# - uses: actions/checkout@v2 +# - name: Set up Zulu JDK +# uses: actions/setup-java@v1 +# with: +# java-version: '17' # The JDK version to make available on the path. +# java-package: jdk # (jre, jdk, or jdk+fx) - defaults to jdk +# architecture: x64 # (x64 or x86) - defaults to x64 +# - name: Load Build properties +# uses: Reedyuk/read-properties@v1.0.1 +# id: sirius_version +# with: +# path: './sirius_cli/src/main/resources/sirius_frontend.build.properties' +# property: 'de.unijena.bioinf.siriusFrontend.version' +# +# - if: ${{ (matrix.os == 'macos-latest') && (env.MACOS_APP_IDENTITY_ID != '') }} +# name: Import Apple APP Code-signing ID and p12 +# uses: apple-actions/import-codesign-certs@v1 +# with: +# keychain-password: ${{ secrets.MACOS_TMP_KEYCHAIN_PWD }} +# p12-file-base64: ${{ secrets.MACOS_APP_CERTIFICATE }} +# p12-password: ${{ secrets.MACOS_APP_CERTIFICATE_PWD }} +# +# - if: ${{ (matrix.os == 'macos-latest') && (env.MACOS_IDENTITY_ID != '') }} +# name: Import Apple Installer Code-signing ID and p12 +# uses: apple-actions/import-codesign-certs@v1 +# with: +# create-keychain: false +# keychain-password: ${{ secrets.MACOS_TMP_KEYCHAIN_PWD }} +# p12-file-base64: ${{ secrets.MACOS_CERTIFICATE }} +# p12-password: ${{ secrets.MACOS_CERTIFICATE_PWD }} +# +# - if: matrix.os == 'macos-latest' +# name: Check Identities +# run: /usr/bin/security find-identity +# +# - if: ${{ (matrix.os == 'windows-latest' || matrix.os == 'ubuntu-latest') && (env.GENERIC_INSTALLER_CERTIFICATE != '') }} +# name: Load generic installer codesign cert +# id: generic_codesign_cert +# uses: timheuer/base64-to-file@v1.1 +# with: +# fileName: 'generic_installer_cert.p12' +# encodedString: ${{ env.GENERIC_INSTALLER_CERTIFICATE }} +# +# - name: Gradle Build +# uses: eskatos/gradle-command-action@v1 +# env: +# WIN_INSTALLER_CERTIFICATE_FILE: ${{ steps.generic_codesign_cert.outputs.filePath }} +# with: +# gradle-version: 7.6 +# build-root-directory: sirius_dist/sirius_cli_single_os +# arguments: clean publishSiriusPublicationToMavenLocal -P "build.sirius.native.openjfx.exclude=true" -P "build.sirius.starter.jdk.include=true" -P "de.unijena.bioinf.build.MACOS_TEAM_ID=${{ secrets.MACOS_TEAM_ID }}" -P "de.unijena.bioinf.build.MACOS_APP_IDENTITY_ID=${{ secrets.MACOS_APP_IDENTITY_ID }}" -P "de.unijena.bioinf.build.MACOS_IDENTITY_ID=${{ secrets.MACOS_IDENTITY_ID }}" -P "de.unijena.bioinf.build.MACOS_APPLE_ID=${{ secrets.MACOS_APPLE_ID }}" -P "de.unijena.bioinf.build.MACOS_APPLE_ID_PW=${{ secrets.MACOS_APPLE_ID_PW }}" -P "de.unijena.bioinf.build.WIN_INSTALLER_CERTIFICATE_FILE=${{ steps.generic_codesign_cert.outputs.filePath }}" -P "de.unijena.bioinf.build.WIN_INSTALLER_CERTIFICATE_PW=${{ secrets.GENERIC_INSTALLER_CERTIFICATE_PW }}" -P "de.unijena.bioinf.build.WIN_INSTALLER_CERTIFICATE_TIMESTAMP_URL=${{ secrets.GENERIC_INSTALLER_CERTIFICATE_TIMESTAMP_URL }}" +# +# - name: Sirius Run +# run: | +# TEMP_DIR="$(cd "$(dirname "sirius_cli/src/test/temp_results")"; pwd -P)/$(basename "sirius_cli/src/test/temp_results")" +# mkdir "${TEMP_DIR}" "${TEMP_DIR}/mgf_temp_output" "${TEMP_DIR}/mgf_temp_summary" "${TEMP_DIR}/ms_temp_output" "${TEMP_DIR}/ms_temp_summary" "${TEMP_DIR}/txt_temp_output" "${TEMP_DIR}/txt_temp_summary" +# DEMO_DIR="$(cd "$(dirname "sirius_doc/manual/demo-data")"; pwd -P)/$(basename "sirius_doc/manual/demo-data")" +# MGF_DATA="${DEMO_DIR}/mgf/laudanosine.mgf" +# MS_DATA="${DEMO_DIR}/ms/Bicuculline.ms" +# TXT_DATA_1="${DEMO_DIR}/txt/chelidonine_ms.txt" +# TXT_DATA_2="${DEMO_DIR}/txt/chelidonine_msms1.txt,${DEMO_DIR}/txt/chelidonine_msms2.txt" +# MGF_OUTPUT="${TEMP_DIR}/mgf_temp_output" +# MGF_SUMMARY="${TEMP_DIR}/mgf_temp_summary" +# MS_OUTPUT="${TEMP_DIR}/ms_temp_output" +# MS_SUMMARY="${TEMP_DIR}/ms_temp_summary" +# TXT_OUTPUT="${TEMP_DIR}/txt_temp_output" +# TXT_SUMMARY="${TEMP_DIR}/txt_temp_summary" +# case "$OSTYPE" in +# darwin*) SIRIUS="./sirius_dist/sirius_cli_single_os/build/distributions/sirius.app/Contents/MacOS/sirius" ;; +# linux*) SIRIUS="./sirius_dist/sirius_cli_single_os/build/distributions/sirius/bin/sirius" ;; +# msys*) SIRIUS="./sirius_dist/sirius_cli_single_os/build/distributions/sirius/sirius.exe" ;; +# *) echo "Error: Could not find OS."; exit 1 ;; +# esac +# ${SIRIUS} login --user-env SIRIUS_USER --password-env SIRIUS_PW +# ${SIRIUS} --input ${MGF_DATA} --output ${MGF_OUTPUT} formula -p orbitrap fingerprint structure compound-classes write-summaries --output ${MGF_SUMMARY} +# ${SIRIUS} -1 ${TXT_DATA_1} -2 ${TXT_DATA_2} -z 354.134704589844 -o ${TXT_OUTPUT} formula -p orbitrap write-summaries --output ${TXT_SUMMARY} +# ${SIRIUS} -o ${MS_OUTPUT} -i ${MS_DATA} --ignore-formula formula -p orbitrap -c 5 fingerprint structure compound-classes write-summaries --output ${MS_SUMMARY} +# shell: bash +# +# - name: Sirius MGF Test +# run: | +# RESULTS="sirius_cli/src/test/temp_results/" +# OUTPUT="${RESULTS}mgf_temp_output/1_laudanosine_FEATURE_1/" +# SUMMARY="${RESULTS}mgf_temp_summary/1_laudanosine_FEATURE_1/" +# CANOPUS="${OUTPUT}canopus/" +# CANOPUS_NPC="${OUTPUT}canopus_npc/" +# FINGERPRINTS="${OUTPUT}fingerprints/" +# FINGER_ID="${OUTPUT}fingerid/" +# DIRS=(${SUMMARY} ${OUTPUT} ${CANOPUS} ${CANOPUS_NPC} ${FINGERPRINTS} ${FINGER_ID}) +# for DIR in "${DIRS[@]}" ; do +# if [ -d "${DIR}" ]; then +# echo "Found result directory ${DIR}..." +# if [ "$(ls -A ${DIR})" ]; then +# echo "${DIR} is not empty." +# else +# echo "Error: ${DIR} is empty." +# exit 1 +# fi +# else +# echo "Error: result directory ${DIR} not found." +# exit 1 +# fi +# done +# shell: bash +# +# - name: Sirius MS Test +# run: | +# RESULTS="sirius_cli/src/test/temp_results/" +# OUTPUT="${RESULTS}ms_temp_output/1_Bicuculline_Bicuculline/" +# SUMMARY="${RESULTS}ms_temp_summary/1_Bicuculline_Bicuculline/" +# CANOPUS="${OUTPUT}canopus/" +# CANOPUS_NPC="${OUTPUT}canopus_npc/" +# FINGERPRINTS="${OUTPUT}fingerprints/" +# FINGER_ID="${OUTPUT}fingerid/" +# echo "${FINGER_ID}" +# DIRS=(${SUMMARY} ${OUTPUT} ${CANOPUS} ${CANOPUS_NPC} ${FINGERPRINTS} ${FINGER_ID}) +# echo "${DIRS}" +# for DIR in "${DIRS[@]}" ; do +# if [ -d "${DIR}" ]; then +# echo "Found result directory ${DIR}..." +# if [ "$(ls -A ${DIR})" ]; then +# echo "${DIR} is not empty." +# else +# echo "Error: ${DIR} is empty." +# exit 1 +# fi +# else +# echo "Error: result directory ${DIR} not found." +# exit 1 +# fi +# done +# shell: bash +# +# - name: Sirius TXT Test +# run: | +# RESULTS="sirius_cli/src/test/temp_results/" +# SUMMARY="${RESULTS}txt_temp_summary/1_unknown_/" +# if [ -d "${SUMMARY}" ]; then +# echo "Found result directory ${SUMMARY}..." +# if [ "$(ls -A ${SUMMARY})" ]; then +# echo "${SUMMARY} is not empty." +# else +# echo "Error: ${SUMMARY} is empty." +# exit 1 +# fi +# else +# echo "Error: result directory ${SUMMARY} not found." +# exit 1 +# fi +# shell: bash +# +# - name: Sirius Run Cleanup +# run: | +# rm -r sirius_cli/src/test/temp_results +# +# - name: Upload Distributions +# uses: actions/upload-artifact@v2 +# with: +# retention-days: 1 +# name: "sirius-${{ steps.sirius_version.outputs.value }}-${{ runner.os }}-x86-64-headless" +# path: | +# ~/.m2/repository/de/unijena/bioinf/ms/sirius/${{ steps.sirius_version.outputs.value }}/*.zip +# ~/.m2/repository/de/unijena/bioinf/ms/sirius/${{ steps.sirius_version.outputs.value }}/*.msi +# ~/.m2/repository/de/unijena/bioinf/ms/sirius/${{ steps.sirius_version.outputs.value }}/*.pkg +# ~/.m2/repository/de/unijena/bioinf/ms/sirius/${{ steps.sirius_version.outputs.value }}/*.deb +# ~/.m2/repository/de/unijena/bioinf/ms/sirius/${{ steps.sirius_version.outputs.value }}/*.sha256 distGUI: @@ -204,6 +204,7 @@ jobs: MACOS_IDENTITY_ID: ${{ secrets.MACOS_IDENTITY_ID }} MACOS_APPLE_ID: ${{ secrets.MACOS_APPLE_ID }} MACOS_APPLE_ID_PW: ${{ secrets.MACOS_APPLE_ID_PW }} + MACOS_TEAM_ID : ${{ secrets.MACOS_TEAM_ID }} SIRIUS_USER: ${{ secrets.SIRIUS_USER }} SIRIUS_PW: ${{ secrets.SIRIUS_PW }} steps: @@ -257,7 +258,7 @@ jobs: with: gradle-version: 7.6 build-root-directory: sirius_dist/sirius_gui_dist - arguments: clean publishSiriusPublicationToMavenLocal -P "build.sirius.native.openjfx.exclude=true" -P "build.sirius.starter.jdk.include=true" -P "de.unijena.bioinf.build.MACOS_APP_IDENTITY_ID=${{ secrets.MACOS_APP_IDENTITY_ID }}" -P "de.unijena.bioinf.build.MACOS_IDENTITY_ID=${{ secrets.MACOS_IDENTITY_ID }}" -P "de.unijena.bioinf.build.MACOS_APPLE_ID=${{ secrets.MACOS_APPLE_ID }}" -P "de.unijena.bioinf.build.MACOS_APPLE_ID_PW=${{ secrets.MACOS_APPLE_ID_PW }}" -P "de.unijena.bioinf.build.WIN_INSTALLER_CERTIFICATE_FILE=${{ steps.generic_codesign_cert.outputs.filePath }}" -P "de.unijena.bioinf.build.WIN_INSTALLER_CERTIFICATE_PW=${{ secrets.GENERIC_INSTALLER_CERTIFICATE_PW }}" -P "de.unijena.bioinf.build.WIN_INSTALLER_CERTIFICATE_TIMESTAMP_URL=${{ secrets.GENERIC_INSTALLER_CERTIFICATE_TIMESTAMP_URL }}" + arguments: clean publishSiriusPublicationToMavenLocal -P "build.sirius.native.openjfx.exclude=true" -P "build.sirius.starter.jdk.include=true" -P "de.unijena.bioinf.build.MACOS_TEAM_ID=${{ secrets.MACOS_TEAM_ID }}" -P "de.unijena.bioinf.build.MACOS_APP_IDENTITY_ID=${{ secrets.MACOS_APP_IDENTITY_ID }}" -P "de.unijena.bioinf.build.MACOS_IDENTITY_ID=${{ secrets.MACOS_IDENTITY_ID }}" -P "de.unijena.bioinf.build.MACOS_APPLE_ID=${{ secrets.MACOS_APPLE_ID }}" -P "de.unijena.bioinf.build.MACOS_APPLE_ID_PW=${{ secrets.MACOS_APPLE_ID_PW }}" -P "de.unijena.bioinf.build.WIN_INSTALLER_CERTIFICATE_FILE=${{ steps.generic_codesign_cert.outputs.filePath }}" -P "de.unijena.bioinf.build.WIN_INSTALLER_CERTIFICATE_PW=${{ secrets.GENERIC_INSTALLER_CERTIFICATE_PW }}" -P "de.unijena.bioinf.build.WIN_INSTALLER_CERTIFICATE_TIMESTAMP_URL=${{ secrets.GENERIC_INSTALLER_CERTIFICATE_TIMESTAMP_URL }}" - name: Sirius Run run: | @@ -375,7 +376,8 @@ jobs: ~/.m2/repository/de/unijena/bioinf/ms/sirius/${{ steps.sirius_version.outputs.value }}/*.sha256 release: - needs: [ distCLI, distGUI] + needs: [distGUI] +# needs: [ distCLI, distGUI] runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 @@ -416,6 +418,10 @@ jobs: trigger-client-api-build: needs: [ release ] runs-on: ubuntu-latest + env: + CLIENT_API_REPO_URL: ${{ secrets.CLIENT_API_REPO_URL }} + CLIENT_API_REPO_TOKEN: ${{ secrets.CLIENT_API_REPO_TOKEN }} steps: - - name: Trigger Actions on sirius-client-openAPI + - if: ${{ (env.CLIENT_API_REPO_URL != '') && (env.CLIENT_API_REPO_TOKEN != '') }} + name: Trigger Actions on sirius-client-openAPI run: curl -X POST -H "Authorization:Bearer ${{ secrets.CLIENT_API_REPO_TOKEN }}" -H "Accept:application/vnd.github.v3+json" ${{ secrets.CLIENT_API_REPO_URL }} -d '{"ref":"master"}' diff --git a/sirius_dist/build.gradle b/sirius_dist/build.gradle index 801f153ee0..336b469b2d 100644 --- a/sirius_dist/build.gradle +++ b/sirius_dist/build.gradle @@ -14,8 +14,8 @@ dependencies { ext { // version for bundeled JRE - jre_version = '17.0.4.1'//'15.0.6' - zulu_jre_version = '17.36.17'//'15.38.17' + jre_version = '17.0.7'//'15.0.6' + zulu_jre_version = '17.42.19'//'15.38.17' jre_major = zulu_jre_version.split("[.]")[0] OS = DefaultNativePlatform.currentOperatingSystem @@ -238,7 +238,7 @@ subprojects { into(resourceTarget) } - if(!includeJreFX) + if (!includeJreFX) delete runtimeTarget if (siriusTargetPlatform.isWin()) { @@ -282,13 +282,13 @@ subprojects { templateBinding.cplexHome = "/bin/x86-64_osx" templateBinding.jvmOpts = "${Arrays.stream(jvmArgs).collect(Collectors.joining(' '))}" templateBinding.javaCommand = "\$APP_HOME/runtime/Contents/Home/bin/java" - templateBinding.jarHome = libDir == null ? "\$APP_HOME/app" : libDir + templateBinding.jarHome = libDir == null ? "\$APP_HOME/app" : libDir } else if (siriusTargetPlatform.isWin()) { f = file("$appRootTarget/sirius.bat") sf = file("${rootDir}/scripts/sirius.bat.templ") templateBinding.classPath = "%JAR_HOME%\\*" templateBinding.jvmOpts = "${Arrays.stream(jvmArgs).map({ s -> '"' + s + '"' }).collect(Collectors.joining(" "))}" - templateBinding.jarHome = libDir == null ? "%APP_HOME%\\app" : libDir + templateBinding.jarHome = libDir == null ? "%APP_HOME%\\app" : libDir templateBinding.gurobiJar = "%GUROBI_HOME%\\lib\\gurobi.jar" templateBinding.cplexJar = "%CPLEX_HOME%\\lib\\cplex.jar" } else { @@ -300,16 +300,16 @@ subprojects { f.setExecutable(true, false) println("----> DistImage") - appRootTarget.list().each {println it} + appRootTarget.list().each { println it } println() println("----> DistImage bin") - launcherTarget.list().each {println it} + launcherTarget.list().each { println it } println() println("----> DistImage lib") - new File(appRootTarget, 'lib').list().each {println it} + new File(appRootTarget, 'lib').list().each { println it } println() println("----> DistImage runtime") - runtimeTarget.list().each {println it} + runtimeTarget.list().each { println it } } } @@ -469,13 +469,13 @@ subprojects { def signID = project.findProperty("de.unijena.bioinf.build.MACOS_APP_IDENTITY_ID") if (signID != null && !signID.isBlank()) { def entitlementsFile = getRootProject().getProjectDir().toPath().resolve("dist").resolve("macos.entitlements").toFile() - def additionalLibs = [new File(distImage.getImageDir(), "Contents/runtime/Contents/MacOS/libjli.dylib")] + + Path bootJarLibs = FileSystems.newFileSystem(distImage.getImageDir().toPath().resolve("Contents").resolve("app").resolve("sirius_rest_service-$version-boot.jar")).getPath("/BOOT-INF/lib/") def jarNestedLibs = [ - FileSystems.newFileSystem(distImage.getImageDir().toPath().resolve("Contents").resolve("app").resolve("jna-inchi-darwin-x86-64-1.1.jar")) - .getPath("darwin-x86-64/libjnainchi.dylib") - ] + FileSystems.newFileSystem(bootJarLibs.resolve("jna-inchi-darwin-x86-64-1.1.jar")).getPath("/darwin-x86-64/libjnainchi.dylib") + ] + Files.list(FileSystems.newFileSystem(bootJarLibs.resolve("cbc-java-native-2.10.8.4-mac-x86-64.jar")).getPath("/mac-x86-64/")).toList() - getLogger().lifecycle("extract libs nested in the following jars ${Arrays.toString(jarNestedLibs)}") + getLogger().lifecycle("extract libs nested in the following jars ${jarNestedLibs}") def extractedLibs = getBuildDir().toPath().resolve("tmp").resolve("jarLibs") Files.createDirectories(extractedLibs) for (def inJar : jarNestedLibs) { @@ -484,8 +484,14 @@ subprojects { } getLogger().lifecycle("Signing native libs dir") - for (File f : distImage.getImageDir().toPath().resolve("Contents").resolve("native").toFile().listFiles() + additionalLibs + extractedLibs.toFile().listFiles()) { - getLogger().lifecycle("Signing native lib '$f'") + Path nativeLocation = distImage.getImageDir().toPath().resolve("Contents").resolve("native"); + def nativeList = Files.exists(nativeLocation) ? nativeLocation.toFile().listFiles() : new File[0] + for (File f : (nativeList + extractedLibs.toFile().listFiles())) { + getLogger().lifecycle("Remove (old) signatures from native lib '$f'") + project.exec { + commandLine(["codesign", "--remove-signature", "${f.getAbsolutePath()}"]) + } + getLogger().lifecycle("(Re-)Signing native lib '$f'") project.exec { commandLine(["codesign", "-s", "${signID}", "--options", "runtime", "--entitlements", "${entitlementsFile.getAbsolutePath()}", "-f", "-v", "${f.getAbsolutePath()}"]) @@ -496,8 +502,8 @@ subprojects { for (def inJar : jarNestedLibs) { getLogger().lifecycle("Reinserting into jar '${inJar}'") Files.copy(extractedLibs.resolve(inJar.getFileName().toString()), inJar, StandardCopyOption.REPLACE_EXISTING) - inJar.fileSystem.close() } + bootJarLibs.fileSystem.close() getLogger().lifecycle("Signing jars dir") for (File f : distImage.getImageDir().toPath().resolve("Contents").resolve("app").toFile().listFiles({ file -> file.getName().endsWith(".jar") } as FileFilter)) { @@ -624,6 +630,7 @@ subprojects { if (siriusTargetPlatform.isMac()) { def appleId = project.findProperty('de.unijena.bioinf.build.MACOS_APPLE_ID') def appleIdPw = project.findProperty('de.unijena.bioinf.build.MACOS_APPLE_ID_PW') + def appleTeamId = project.findProperty('de.unijena.bioinf.build.MACOS_TEAM_ID') if (appleId != null && appleIdPw != null && !appleId.isBlank() && !appleIdPw.isBlank()) { def pkg = Path.of(distImage.getImageDir().absolutePath.replace('.app', installerAppendix)) @@ -634,52 +641,23 @@ subprojects { "-p", "$appleIdPw"]) } - getLogger().lifecycle("Submit for notarization") - String uuid = null - new ByteArrayOutputStream().withStream { os -> - project.exec { - commandLine(["xcrun", "altool", "--notarize-app", "--primary-bundle-id", "app.${distImage.imageName}-$version", - "-u", "$appleId", - "-p", "$appleIdPw", - "--file", "$pkg"]) - standardOutput = os - } - uuid = (os.toString().split(System.lineSeparator()) as List).stream().filter({ s -> s.contains("RequestUUID = ") }).findFirst() map({ s -> s.split("RequestUUID = ")[1].strip() }).orElseThrow() - println("Submitted Notarization Job with RequestUUID: $uuid") + getLogger().lifecycle("Submit for notarization and wait...") + ExecResult execResult = exec { + commandLine(["xcrun", "notarytool", "submit", "--wait", "--apple-id", "${appleId}", + "--password", "${appleIdPw}", "--team-id", "${appleTeamId}", "$pkg"]) } - - Map states = ["Status": "in progress"] - getLogger().lifecycle("Waiting for notarization") - while ("in progress" == states.get("Status")) { - new ByteArrayOutputStream().withStream { os -> - def c = ["xcrun", "altool", "--notarization-info", "${uuid}", "-u", "$appleId", "-p", "$appleIdPw"] - println(Arrays.toString(c)) - project.exec { - commandLine(c) - standardOutput = os - } - - states = (os.toString().split(System.lineSeparator()) as List).stream().map({ s -> s.split("\\s*[:]\\s*") as List }) - .collect(Collectors.toMap({ k -> k.get(0).strip() }, { v -> v.size() > 1 ? String.join(':', v.subList(1, v.size())).strip() : "N/A" })) - println(states) - println("Waiting 30s before retry...") - } - sleep(30000) + int returnCode = execResult.getExitValue() + if (returnCode != 0) { + throw new GradleException("Error ${returnCode} during notarization.") } - if (states.get("Status Code") == "0" && states.get("Status") == "success") { - new ByteArrayOutputStream().withStream { os -> - project.exec { - commandLine(["xcrun", "stapler", "staple", "${pkg}"]) - standardOutput = os - }.assertNormalExitValue() - getLogger().lifecycle(os.toString()) - } - } else { - getLogger().lifecycle("Status Code: " + states.get("Status Code")) - getLogger().lifecycle("Status: " + states.get("Status")) - getLogger().lifecycle("Status Message: " + states.get("Status Message")) - throw new GradleException("Error during notarization") + getLogger().lifecycle("Verifying notarization by stapling .pkg...") + new ByteArrayOutputStream().withStream { os -> + project.exec { + commandLine(["xcrun", "stapler", "staple", "${pkg}"]) + standardOutput = os + }.assertNormalExitValue() + getLogger().lifecycle(os.toString()) } } else { getLogger().warn("Could not find apple id for notarization. Skipping notarization step") @@ -834,6 +812,15 @@ abstract class AppImage extends DefaultTask { paras += ["--icon", "${iconDir.resolve('sirius-icon.icns').toString()}"] if (macPackageName != null && !macPackageName.isBlank()) paras += ['--mac-package-name', "\"$macPackageName\""] + + def signID = project.findProperty("de.unijena.bioinf.build.MACOS_APP_IDENTITY_ID") + if (signID != null && !signID.isBlank()) { + paras += [ + "--mac-sign", + "--mac-package-signing-prefix", "$mainClass", + "--mac-signing-key-user-name", "\"$signID\"" + ] + } } else if (project.siriusTargetPlatform.isLinux()) { paras += ["--icon", "${iconDir.resolve('sirius-icon.png').toString()}"] } else {