From beea0c55dd68a1584300a02333f8be9ffcac0476 Mon Sep 17 00:00:00 2001 From: Nat Goodspeed Date: Tue, 5 Mar 2024 13:36:18 -0500 Subject: Make signing and symbol posting jobs conditional on secrets. Specifically, when secrets aren't available (e.g. for external PRs), skip the affected steps. --- .github/workflows/build.yaml | 4 ++++ 1 file changed, 4 insertions(+) (limited to '.github/workflows/build.yaml') diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 1dd2c1d5df..edb180a2d1 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -250,6 +250,7 @@ jobs: ${{ steps.build.outputs.physicstpv }} sign-and-package-windows: + if: secrets.AZURE_KEY_VAULT_URI && secrets.AZURE_CERT_NAME && secrets.AZURE_CLIENT_ID && secrets.AZURE_CLIENT_SECRET && secrets.AZURE_TENANT_ID needs: build runs-on: windows steps: @@ -263,6 +264,7 @@ jobs: tenant_id: "${{ secrets.AZURE_TENANT_ID }}" sign-and-package-mac: + if: secrets.NOTARIZE_CREDS_MACOS && secrets.SIGNING_CERT_MACOS && secrets.SIGNING_CERT_MACOS_IDENTITY && secrets.SIGNING_CERT_MACOS_PASSWORD needs: build runs-on: macos-latest steps: @@ -298,6 +300,7 @@ jobs: note_team: ${{ steps.note-creds.outputs.note_team }} post-windows-symbols: + if: secrets.BUGSPLAT_USER && secrets.BUGSPLAT_PASS needs: build runs-on: ubuntu-latest steps: @@ -311,6 +314,7 @@ jobs: version: ${{ needs.build.outputs.viewer_version }} post-mac-symbols: + if: secrets.BUGSPLAT_USER && secrets.BUGSPLAT_PASS needs: build runs-on: ubuntu-latest steps: -- cgit v1.2.3 From f738df6c147a84c17f28b8326c5bc1eb54e4519f Mon Sep 17 00:00:00 2001 From: Nat Goodspeed Date: Tue, 5 Mar 2024 13:50:38 -0500 Subject: Enclose 'if:' expressions in ${{ ... }}. The previous construct produced: Unrecognized named-value: 'secrets'. Located at position 1 within expression: secrets.AZURE_KEY_VAULT_URI && ... --- .github/workflows/build.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to '.github/workflows/build.yaml') diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index edb180a2d1..5fad232203 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -250,7 +250,7 @@ jobs: ${{ steps.build.outputs.physicstpv }} sign-and-package-windows: - if: secrets.AZURE_KEY_VAULT_URI && secrets.AZURE_CERT_NAME && secrets.AZURE_CLIENT_ID && secrets.AZURE_CLIENT_SECRET && secrets.AZURE_TENANT_ID + if: ${{ secrets.AZURE_KEY_VAULT_URI && secrets.AZURE_CERT_NAME && secrets.AZURE_CLIENT_ID && secrets.AZURE_CLIENT_SECRET && secrets.AZURE_TENANT_ID }} needs: build runs-on: windows steps: @@ -264,7 +264,7 @@ jobs: tenant_id: "${{ secrets.AZURE_TENANT_ID }}" sign-and-package-mac: - if: secrets.NOTARIZE_CREDS_MACOS && secrets.SIGNING_CERT_MACOS && secrets.SIGNING_CERT_MACOS_IDENTITY && secrets.SIGNING_CERT_MACOS_PASSWORD + if: ${{ secrets.NOTARIZE_CREDS_MACOS && secrets.SIGNING_CERT_MACOS && secrets.SIGNING_CERT_MACOS_IDENTITY && secrets.SIGNING_CERT_MACOS_PASSWORD }} needs: build runs-on: macos-latest steps: @@ -300,7 +300,7 @@ jobs: note_team: ${{ steps.note-creds.outputs.note_team }} post-windows-symbols: - if: secrets.BUGSPLAT_USER && secrets.BUGSPLAT_PASS + if: ${{ secrets.BUGSPLAT_USER && secrets.BUGSPLAT_PASS }} needs: build runs-on: ubuntu-latest steps: @@ -314,7 +314,7 @@ jobs: version: ${{ needs.build.outputs.viewer_version }} post-mac-symbols: - if: secrets.BUGSPLAT_USER && secrets.BUGSPLAT_PASS + if: ${{ secrets.BUGSPLAT_USER && secrets.BUGSPLAT_PASS }} needs: build runs-on: ubuntu-latest steps: -- cgit v1.2.3 From c83d93becdee899736a121cbb8eae5c0c9d37c09 Mon Sep 17 00:00:00 2001 From: Nat Goodspeed Date: Tue, 5 Mar 2024 14:23:32 -0500 Subject: To test for presence of secrets, set environment variables. From https://docs.github.com/en/actions/security-guides/using-secrets-in-github-actions#using-secrets-in-a-workflow : "Secrets cannot be directly referenced in if: conditionals. Instead, consider setting secrets as job-level environment variables, then referencing the environment variables to conditionally run steps in the job." --- .github/workflows/build.yaml | 54 ++++++++++++++++++++++++++++---------------- 1 file changed, 35 insertions(+), 19 deletions(-) (limited to '.github/workflows/build.yaml') diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 5fad232203..13798fc607 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -37,8 +37,6 @@ jobs: DEVELOPER_DIR: ${{ matrix.developer_dir }} # Ensure that Linden viewer builds engage Bugsplat. BUGSPLAT_DB: ${{ matrix.configuration != 'ReleaseOS' && 'SecondLife_Viewer_2018' || '' }} - BUGSPLAT_PASS: ${{ secrets.BUGSPLAT_PASS }} - BUGSPLAT_USER: ${{ secrets.BUGSPLAT_USER }} build_coverity: false build_log_dir: ${{ github.workspace }}/.logs build_viewer: true @@ -250,25 +248,36 @@ jobs: ${{ steps.build.outputs.physicstpv }} sign-and-package-windows: - if: ${{ secrets.AZURE_KEY_VAULT_URI && secrets.AZURE_CERT_NAME && secrets.AZURE_CLIENT_ID && secrets.AZURE_CLIENT_SECRET && secrets.AZURE_TENANT_ID }} + env: + AZURE_KEY_VAULT_URI: ${{ secrets.AZURE_KEY_VAULT_URI }} + AZURE_CERT_NAME: ${{ secrets.AZURE_CERT_NAME }} + AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} + AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} + AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} needs: build runs-on: windows steps: - name: Sign and package Windows viewer + if: env.AZURE_KEY_VAULT_URI && env.AZURE_CERT_NAME && env.AZURE_CLIENT_ID && env.AZURE_CLIENT_SECRET && env.AZURE_TENANT_ID uses: secondlife/viewer-build-util/sign-pkg-windows@v1 with: - vault_uri: "${{ secrets.AZURE_KEY_VAULT_URI }}" - cert_name: "${{ secrets.AZURE_CERT_NAME }}" - client_id: "${{ secrets.AZURE_CLIENT_ID }}" - client_secret: "${{ secrets.AZURE_CLIENT_SECRET }}" - tenant_id: "${{ secrets.AZURE_TENANT_ID }}" + vault_uri: "${{ env.AZURE_KEY_VAULT_URI }}" + cert_name: "${{ env.AZURE_CERT_NAME }}" + client_id: "${{ env.AZURE_CLIENT_ID }}" + client_secret: "${{ env.AZURE_CLIENT_SECRET }}" + tenant_id: "${{ env.AZURE_TENANT_ID }}" sign-and-package-mac: - if: ${{ secrets.NOTARIZE_CREDS_MACOS && secrets.SIGNING_CERT_MACOS && secrets.SIGNING_CERT_MACOS_IDENTITY && secrets.SIGNING_CERT_MACOS_PASSWORD }} + env: + NOTARIZE_CREDS_MACOS: ${{ secrets.NOTARIZE_CREDS_MACOS }} + SIGNING_CERT_MACOS: ${{ secrets.SIGNING_CERT_MACOS }} + SIGNING_CERT_MACOS_IDENTITY: ${{ secrets.SIGNING_CERT_MACOS_IDENTITY }} + SIGNING_CERT_MACOS_PASSWORD: ${{ secrets.SIGNING_CERT_MACOS_PASSWORD }} needs: build runs-on: macos-latest steps: - name: Unpack Mac notarization credentials + if: env.NOTARIZE_CREDS_MACOS id: note-creds shell: bash run: | @@ -276,7 +285,7 @@ jobs: # USERNAME="..." # PASSWORD="..." # TEAM_ID="..." - eval "${{ secrets.NOTARIZE_CREDS_MACOS }}" + eval "${{ env.NOTARIZE_CREDS_MACOS }}" echo "::add-mask::$USERNAME" echo "::add-mask::$PASSWORD" echo "::add-mask::$TEAM_ID" @@ -288,41 +297,48 @@ jobs: [[ -n "$USERNAME" && -n "$PASSWORD" && -n "$TEAM_ID" ]] - name: Sign and package Mac viewer + if: env.SIGNING_CERT_MACOS && env.SIGNING_CERT_MACOS_IDENTITY && env.SIGNING_CERT_MACOS_PASSWORD && steps.note-creds.outputs.note_user && steps.note-creds.outputs.note_pass && steps.note-creds.outputs.note_team uses: secondlife/viewer-build-util/sign-pkg-mac@v1 with: channel: ${{ needs.build.outputs.viewer_channel }} imagename: ${{ needs.build.outputs.imagename }} - cert_base64: ${{ secrets.SIGNING_CERT_MACOS }} - cert_name: ${{ secrets.SIGNING_CERT_MACOS_IDENTITY }} - cert_pass: ${{ secrets.SIGNING_CERT_MACOS_PASSWORD }} + cert_base64: ${{ env.SIGNING_CERT_MACOS }} + cert_name: ${{ env.SIGNING_CERT_MACOS_IDENTITY }} + cert_pass: ${{ env.SIGNING_CERT_MACOS_PASSWORD }} note_user: ${{ steps.note-creds.outputs.note_user }} note_pass: ${{ steps.note-creds.outputs.note_pass }} note_team: ${{ steps.note-creds.outputs.note_team }} post-windows-symbols: - if: ${{ secrets.BUGSPLAT_USER && secrets.BUGSPLAT_PASS }} + env: + BUGSPLAT_USER: ${{ secrets.BUGSPLAT_USER }} + BUGSPLAT_PASS: ${{ secrets.BUGSPLAT_PASS }} needs: build runs-on: ubuntu-latest steps: - name: Post Windows symbols + if: env.BUGSPLAT_USER && env.BUGSPLAT_PASS uses: secondlife/viewer-build-util/post-bugsplat-windows@v1 with: - username: ${{ secrets.BUGSPLAT_USER }} - password: ${{ secrets.BUGSPLAT_PASS }} + username: ${{ env.BUGSPLAT_USER }} + password: ${{ env.BUGSPLAT_PASS }} database: "SecondLife_Viewer_2018" channel: ${{ needs.build.outputs.viewer_channel }} version: ${{ needs.build.outputs.viewer_version }} post-mac-symbols: - if: ${{ secrets.BUGSPLAT_USER && secrets.BUGSPLAT_PASS }} + env: + BUGSPLAT_USER: ${{ secrets.BUGSPLAT_USER }} + BUGSPLAT_PASS: ${{ secrets.BUGSPLAT_PASS }} needs: build runs-on: ubuntu-latest steps: - name: Post Mac symbols + if: env.BUGSPLAT_USER && env.BUGSPLAT_PASS uses: secondlife/viewer-build-util/post-bugsplat-mac@v1 with: - username: ${{ secrets.BUGSPLAT_USER }} - password: ${{ secrets.BUGSPLAT_PASS }} + username: ${{ env.BUGSPLAT_USER }} + password: ${{ env.BUGSPLAT_PASS }} database: "SecondLife_Viewer_2018" channel: ${{ needs.build.outputs.viewer_channel }} version: ${{ needs.build.outputs.viewer_version }} -- cgit v1.2.3 From d3170e0033af174534e841e474f4155450343cc2 Mon Sep 17 00:00:00 2001 From: Andrey Lihatskiy Date: Sat, 9 Mar 2024 19:19:49 +0200 Subject: Revert "To test for presence of secrets, set environment variables." This reverts commit c83d93becdee899736a121cbb8eae5c0c9d37c09. --- .github/workflows/build.yaml | 54 ++++++++++++++++---------------------------- 1 file changed, 19 insertions(+), 35 deletions(-) (limited to '.github/workflows/build.yaml') diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index c7a758bd0f..6431b59366 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -42,6 +42,8 @@ jobs: DEVELOPER_DIR: ${{ matrix.developer_dir }} # Ensure that Linden viewer builds engage Bugsplat. BUGSPLAT_DB: ${{ matrix.configuration != 'ReleaseOS' && 'SecondLife_Viewer_2018' || '' }} + BUGSPLAT_PASS: ${{ secrets.BUGSPLAT_PASS }} + BUGSPLAT_USER: ${{ secrets.BUGSPLAT_USER }} build_coverity: false build_log_dir: ${{ github.workspace }}/.logs build_viewer: true @@ -260,36 +262,25 @@ jobs: ${{ steps.build.outputs.physicstpv }} sign-and-package-windows: - env: - AZURE_KEY_VAULT_URI: ${{ secrets.AZURE_KEY_VAULT_URI }} - AZURE_CERT_NAME: ${{ secrets.AZURE_CERT_NAME }} - AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} - AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} - AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} + if: ${{ secrets.AZURE_KEY_VAULT_URI && secrets.AZURE_CERT_NAME && secrets.AZURE_CLIENT_ID && secrets.AZURE_CLIENT_SECRET && secrets.AZURE_TENANT_ID }} needs: build runs-on: windows steps: - name: Sign and package Windows viewer - if: env.AZURE_KEY_VAULT_URI && env.AZURE_CERT_NAME && env.AZURE_CLIENT_ID && env.AZURE_CLIENT_SECRET && env.AZURE_TENANT_ID uses: secondlife/viewer-build-util/sign-pkg-windows@v1 with: - vault_uri: "${{ env.AZURE_KEY_VAULT_URI }}" - cert_name: "${{ env.AZURE_CERT_NAME }}" - client_id: "${{ env.AZURE_CLIENT_ID }}" - client_secret: "${{ env.AZURE_CLIENT_SECRET }}" - tenant_id: "${{ env.AZURE_TENANT_ID }}" + vault_uri: "${{ secrets.AZURE_KEY_VAULT_URI }}" + cert_name: "${{ secrets.AZURE_CERT_NAME }}" + client_id: "${{ secrets.AZURE_CLIENT_ID }}" + client_secret: "${{ secrets.AZURE_CLIENT_SECRET }}" + tenant_id: "${{ secrets.AZURE_TENANT_ID }}" sign-and-package-mac: - env: - NOTARIZE_CREDS_MACOS: ${{ secrets.NOTARIZE_CREDS_MACOS }} - SIGNING_CERT_MACOS: ${{ secrets.SIGNING_CERT_MACOS }} - SIGNING_CERT_MACOS_IDENTITY: ${{ secrets.SIGNING_CERT_MACOS_IDENTITY }} - SIGNING_CERT_MACOS_PASSWORD: ${{ secrets.SIGNING_CERT_MACOS_PASSWORD }} + if: ${{ secrets.NOTARIZE_CREDS_MACOS && secrets.SIGNING_CERT_MACOS && secrets.SIGNING_CERT_MACOS_IDENTITY && secrets.SIGNING_CERT_MACOS_PASSWORD }} needs: build runs-on: macos-latest steps: - name: Unpack Mac notarization credentials - if: env.NOTARIZE_CREDS_MACOS id: note-creds shell: bash run: | @@ -297,7 +288,7 @@ jobs: # USERNAME="..." # PASSWORD="..." # TEAM_ID="..." - eval "${{ env.NOTARIZE_CREDS_MACOS }}" + eval "${{ secrets.NOTARIZE_CREDS_MACOS }}" echo "::add-mask::$USERNAME" echo "::add-mask::$PASSWORD" echo "::add-mask::$TEAM_ID" @@ -309,48 +300,41 @@ jobs: [[ -n "$USERNAME" && -n "$PASSWORD" && -n "$TEAM_ID" ]] - name: Sign and package Mac viewer - if: env.SIGNING_CERT_MACOS && env.SIGNING_CERT_MACOS_IDENTITY && env.SIGNING_CERT_MACOS_PASSWORD && steps.note-creds.outputs.note_user && steps.note-creds.outputs.note_pass && steps.note-creds.outputs.note_team uses: secondlife/viewer-build-util/sign-pkg-mac@v1 with: channel: ${{ needs.build.outputs.viewer_channel }} imagename: ${{ needs.build.outputs.imagename }} - cert_base64: ${{ env.SIGNING_CERT_MACOS }} - cert_name: ${{ env.SIGNING_CERT_MACOS_IDENTITY }} - cert_pass: ${{ env.SIGNING_CERT_MACOS_PASSWORD }} + cert_base64: ${{ secrets.SIGNING_CERT_MACOS }} + cert_name: ${{ secrets.SIGNING_CERT_MACOS_IDENTITY }} + cert_pass: ${{ secrets.SIGNING_CERT_MACOS_PASSWORD }} note_user: ${{ steps.note-creds.outputs.note_user }} note_pass: ${{ steps.note-creds.outputs.note_pass }} note_team: ${{ steps.note-creds.outputs.note_team }} post-windows-symbols: - env: - BUGSPLAT_USER: ${{ secrets.BUGSPLAT_USER }} - BUGSPLAT_PASS: ${{ secrets.BUGSPLAT_PASS }} + if: ${{ secrets.BUGSPLAT_USER && secrets.BUGSPLAT_PASS }} needs: build runs-on: ubuntu-latest steps: - name: Post Windows symbols - if: env.BUGSPLAT_USER && env.BUGSPLAT_PASS uses: secondlife/viewer-build-util/post-bugsplat-windows@v1 with: - username: ${{ env.BUGSPLAT_USER }} - password: ${{ env.BUGSPLAT_PASS }} + username: ${{ secrets.BUGSPLAT_USER }} + password: ${{ secrets.BUGSPLAT_PASS }} database: "SecondLife_Viewer_2018" channel: ${{ needs.build.outputs.viewer_channel }} version: ${{ needs.build.outputs.viewer_version }} post-mac-symbols: - env: - BUGSPLAT_USER: ${{ secrets.BUGSPLAT_USER }} - BUGSPLAT_PASS: ${{ secrets.BUGSPLAT_PASS }} + if: ${{ secrets.BUGSPLAT_USER && secrets.BUGSPLAT_PASS }} needs: build runs-on: ubuntu-latest steps: - name: Post Mac symbols - if: env.BUGSPLAT_USER && env.BUGSPLAT_PASS uses: secondlife/viewer-build-util/post-bugsplat-mac@v1 with: - username: ${{ env.BUGSPLAT_USER }} - password: ${{ env.BUGSPLAT_PASS }} + username: ${{ secrets.BUGSPLAT_USER }} + password: ${{ secrets.BUGSPLAT_PASS }} database: "SecondLife_Viewer_2018" channel: ${{ needs.build.outputs.viewer_channel }} version: ${{ needs.build.outputs.viewer_version }} -- cgit v1.2.3 From 2e17fc6ac79638c765c0147485f7727744385763 Mon Sep 17 00:00:00 2001 From: Andrey Lihatskiy Date: Sat, 9 Mar 2024 19:19:49 +0200 Subject: Revert "Enclose 'if:' expressions in ${{ ... }}." This reverts commit f738df6c147a84c17f28b8326c5bc1eb54e4519f. --- .github/workflows/build.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to '.github/workflows/build.yaml') diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 6431b59366..43b17edf17 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -262,7 +262,7 @@ jobs: ${{ steps.build.outputs.physicstpv }} sign-and-package-windows: - if: ${{ secrets.AZURE_KEY_VAULT_URI && secrets.AZURE_CERT_NAME && secrets.AZURE_CLIENT_ID && secrets.AZURE_CLIENT_SECRET && secrets.AZURE_TENANT_ID }} + if: secrets.AZURE_KEY_VAULT_URI && secrets.AZURE_CERT_NAME && secrets.AZURE_CLIENT_ID && secrets.AZURE_CLIENT_SECRET && secrets.AZURE_TENANT_ID needs: build runs-on: windows steps: @@ -276,7 +276,7 @@ jobs: tenant_id: "${{ secrets.AZURE_TENANT_ID }}" sign-and-package-mac: - if: ${{ secrets.NOTARIZE_CREDS_MACOS && secrets.SIGNING_CERT_MACOS && secrets.SIGNING_CERT_MACOS_IDENTITY && secrets.SIGNING_CERT_MACOS_PASSWORD }} + if: secrets.NOTARIZE_CREDS_MACOS && secrets.SIGNING_CERT_MACOS && secrets.SIGNING_CERT_MACOS_IDENTITY && secrets.SIGNING_CERT_MACOS_PASSWORD needs: build runs-on: macos-latest steps: @@ -312,7 +312,7 @@ jobs: note_team: ${{ steps.note-creds.outputs.note_team }} post-windows-symbols: - if: ${{ secrets.BUGSPLAT_USER && secrets.BUGSPLAT_PASS }} + if: secrets.BUGSPLAT_USER && secrets.BUGSPLAT_PASS needs: build runs-on: ubuntu-latest steps: @@ -326,7 +326,7 @@ jobs: version: ${{ needs.build.outputs.viewer_version }} post-mac-symbols: - if: ${{ secrets.BUGSPLAT_USER && secrets.BUGSPLAT_PASS }} + if: secrets.BUGSPLAT_USER && secrets.BUGSPLAT_PASS needs: build runs-on: ubuntu-latest steps: -- cgit v1.2.3 From 90b27241f01a3e2e098f5d81ce554b842209b9e7 Mon Sep 17 00:00:00 2001 From: Andrey Lihatskiy Date: Sat, 9 Mar 2024 19:19:49 +0200 Subject: Revert "Make signing and symbol posting jobs conditional on secrets." This reverts commit beea0c55dd68a1584300a02333f8be9ffcac0476. --- .github/workflows/build.yaml | 4 ---- 1 file changed, 4 deletions(-) (limited to '.github/workflows/build.yaml') diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 43b17edf17..8a066e7c79 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -262,7 +262,6 @@ jobs: ${{ steps.build.outputs.physicstpv }} sign-and-package-windows: - if: secrets.AZURE_KEY_VAULT_URI && secrets.AZURE_CERT_NAME && secrets.AZURE_CLIENT_ID && secrets.AZURE_CLIENT_SECRET && secrets.AZURE_TENANT_ID needs: build runs-on: windows steps: @@ -276,7 +275,6 @@ jobs: tenant_id: "${{ secrets.AZURE_TENANT_ID }}" sign-and-package-mac: - if: secrets.NOTARIZE_CREDS_MACOS && secrets.SIGNING_CERT_MACOS && secrets.SIGNING_CERT_MACOS_IDENTITY && secrets.SIGNING_CERT_MACOS_PASSWORD needs: build runs-on: macos-latest steps: @@ -312,7 +310,6 @@ jobs: note_team: ${{ steps.note-creds.outputs.note_team }} post-windows-symbols: - if: secrets.BUGSPLAT_USER && secrets.BUGSPLAT_PASS needs: build runs-on: ubuntu-latest steps: @@ -326,7 +323,6 @@ jobs: version: ${{ needs.build.outputs.viewer_version }} post-mac-symbols: - if: secrets.BUGSPLAT_USER && secrets.BUGSPLAT_PASS needs: build runs-on: ubuntu-latest steps: -- cgit v1.2.3 From 5d28e1b7e53f485a50410519faef8edd9c655bbf Mon Sep 17 00:00:00 2001 From: Andrey Lihatskiy Date: Tue, 2 Apr 2024 16:46:53 +0300 Subject: Fix wrong reverts from #958 --- .github/workflows/build.yaml | 50 +++++++++++++++++++++++++++++++------------- 1 file changed, 35 insertions(+), 15 deletions(-) (limited to '.github/workflows/build.yaml') diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 8a066e7c79..c7a758bd0f 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -42,8 +42,6 @@ jobs: DEVELOPER_DIR: ${{ matrix.developer_dir }} # Ensure that Linden viewer builds engage Bugsplat. BUGSPLAT_DB: ${{ matrix.configuration != 'ReleaseOS' && 'SecondLife_Viewer_2018' || '' }} - BUGSPLAT_PASS: ${{ secrets.BUGSPLAT_PASS }} - BUGSPLAT_USER: ${{ secrets.BUGSPLAT_USER }} build_coverity: false build_log_dir: ${{ github.workspace }}/.logs build_viewer: true @@ -262,23 +260,36 @@ jobs: ${{ steps.build.outputs.physicstpv }} sign-and-package-windows: + env: + AZURE_KEY_VAULT_URI: ${{ secrets.AZURE_KEY_VAULT_URI }} + AZURE_CERT_NAME: ${{ secrets.AZURE_CERT_NAME }} + AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} + AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} + AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} needs: build runs-on: windows steps: - name: Sign and package Windows viewer + if: env.AZURE_KEY_VAULT_URI && env.AZURE_CERT_NAME && env.AZURE_CLIENT_ID && env.AZURE_CLIENT_SECRET && env.AZURE_TENANT_ID uses: secondlife/viewer-build-util/sign-pkg-windows@v1 with: - vault_uri: "${{ secrets.AZURE_KEY_VAULT_URI }}" - cert_name: "${{ secrets.AZURE_CERT_NAME }}" - client_id: "${{ secrets.AZURE_CLIENT_ID }}" - client_secret: "${{ secrets.AZURE_CLIENT_SECRET }}" - tenant_id: "${{ secrets.AZURE_TENANT_ID }}" + vault_uri: "${{ env.AZURE_KEY_VAULT_URI }}" + cert_name: "${{ env.AZURE_CERT_NAME }}" + client_id: "${{ env.AZURE_CLIENT_ID }}" + client_secret: "${{ env.AZURE_CLIENT_SECRET }}" + tenant_id: "${{ env.AZURE_TENANT_ID }}" sign-and-package-mac: + env: + NOTARIZE_CREDS_MACOS: ${{ secrets.NOTARIZE_CREDS_MACOS }} + SIGNING_CERT_MACOS: ${{ secrets.SIGNING_CERT_MACOS }} + SIGNING_CERT_MACOS_IDENTITY: ${{ secrets.SIGNING_CERT_MACOS_IDENTITY }} + SIGNING_CERT_MACOS_PASSWORD: ${{ secrets.SIGNING_CERT_MACOS_PASSWORD }} needs: build runs-on: macos-latest steps: - name: Unpack Mac notarization credentials + if: env.NOTARIZE_CREDS_MACOS id: note-creds shell: bash run: | @@ -286,7 +297,7 @@ jobs: # USERNAME="..." # PASSWORD="..." # TEAM_ID="..." - eval "${{ secrets.NOTARIZE_CREDS_MACOS }}" + eval "${{ env.NOTARIZE_CREDS_MACOS }}" echo "::add-mask::$USERNAME" echo "::add-mask::$PASSWORD" echo "::add-mask::$TEAM_ID" @@ -298,39 +309,48 @@ jobs: [[ -n "$USERNAME" && -n "$PASSWORD" && -n "$TEAM_ID" ]] - name: Sign and package Mac viewer + if: env.SIGNING_CERT_MACOS && env.SIGNING_CERT_MACOS_IDENTITY && env.SIGNING_CERT_MACOS_PASSWORD && steps.note-creds.outputs.note_user && steps.note-creds.outputs.note_pass && steps.note-creds.outputs.note_team uses: secondlife/viewer-build-util/sign-pkg-mac@v1 with: channel: ${{ needs.build.outputs.viewer_channel }} imagename: ${{ needs.build.outputs.imagename }} - cert_base64: ${{ secrets.SIGNING_CERT_MACOS }} - cert_name: ${{ secrets.SIGNING_CERT_MACOS_IDENTITY }} - cert_pass: ${{ secrets.SIGNING_CERT_MACOS_PASSWORD }} + cert_base64: ${{ env.SIGNING_CERT_MACOS }} + cert_name: ${{ env.SIGNING_CERT_MACOS_IDENTITY }} + cert_pass: ${{ env.SIGNING_CERT_MACOS_PASSWORD }} note_user: ${{ steps.note-creds.outputs.note_user }} note_pass: ${{ steps.note-creds.outputs.note_pass }} note_team: ${{ steps.note-creds.outputs.note_team }} post-windows-symbols: + env: + BUGSPLAT_USER: ${{ secrets.BUGSPLAT_USER }} + BUGSPLAT_PASS: ${{ secrets.BUGSPLAT_PASS }} needs: build runs-on: ubuntu-latest steps: - name: Post Windows symbols + if: env.BUGSPLAT_USER && env.BUGSPLAT_PASS uses: secondlife/viewer-build-util/post-bugsplat-windows@v1 with: - username: ${{ secrets.BUGSPLAT_USER }} - password: ${{ secrets.BUGSPLAT_PASS }} + username: ${{ env.BUGSPLAT_USER }} + password: ${{ env.BUGSPLAT_PASS }} database: "SecondLife_Viewer_2018" channel: ${{ needs.build.outputs.viewer_channel }} version: ${{ needs.build.outputs.viewer_version }} post-mac-symbols: + env: + BUGSPLAT_USER: ${{ secrets.BUGSPLAT_USER }} + BUGSPLAT_PASS: ${{ secrets.BUGSPLAT_PASS }} needs: build runs-on: ubuntu-latest steps: - name: Post Mac symbols + if: env.BUGSPLAT_USER && env.BUGSPLAT_PASS uses: secondlife/viewer-build-util/post-bugsplat-mac@v1 with: - username: ${{ secrets.BUGSPLAT_USER }} - password: ${{ secrets.BUGSPLAT_PASS }} + username: ${{ env.BUGSPLAT_USER }} + password: ${{ env.BUGSPLAT_PASS }} database: "SecondLife_Viewer_2018" channel: ${{ needs.build.outputs.viewer_channel }} version: ${{ needs.build.outputs.viewer_version }} -- cgit v1.2.3 From 6b4b33cc129e9482342c9280ae79c9c5ce427ef1 Mon Sep 17 00:00:00 2001 From: Nicky Dasmijn Date: Mon, 8 Apr 2024 22:39:20 +0200 Subject: Linux GHA builds (#1147) * Linux GHA builds Add Ubuntu 22.04 runner and Linux dependencies Do not even try to touch ReleaseFS for Linux yet (this needs KDU, Havok, FMOD) * Lets play a game of 'guess the havok source url' * Move to linux-large runner. * ReleaseOS used OpenAL, not fmod studio (which otherwise is the default) * - Correction for Linux build dir - HAVOK / CrashReporting wrestling. HAVOK is always turned on, even for OS builds Turn this off for Linux-ReleaseOS Same with crashreporting, we need it off for now * Add missing brace * When doing a GHA build pack right into RUNNER_TEMP and then signal the created archive as our "viewer_app" * Upload Linux-ReleaseOS after build * - Need to use os.path.join and not hyst join - set_github_output_path can be called unconditionally * Remove Linux GHA build example. --- .github/workflows/build.yaml | 24 ++++++++++++++++++++---- 1 file changed, 20 insertions(+), 4 deletions(-) (limited to '.github/workflows/build.yaml') diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index c7a758bd0f..3ac470b5ed 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -11,7 +11,7 @@ jobs: build: strategy: matrix: - runner: [windows-large, macos-12-xl] + runner: [windows-large, macos-12-xl, linux-large] configuration: [Release, ReleaseOS] python-version: ["3.11"] include: @@ -20,6 +20,8 @@ jobs: exclude: - runner: macos-12-xl configuration: ReleaseOS + - runner: linux-large + configuration: Release runs-on: ${{ matrix.runner }} outputs: viewer_channel: ${{ steps.build.outputs.viewer_channel }} @@ -95,6 +97,10 @@ jobs: ${{ runner.os }}-64-${{ matrix.configuration }}- ${{ runner.os }}-64- + - name: Install Linux dependencies + if: runner.os == 'linux' + run: sudo apt update && sudo apt install -y libfltk1.3-dev libunwind-dev libgl1-mesa-dev libglu1-mesa-dev libx11-dev libxrandr-dev libxinerama-dev libxcursor-dev libxi-dev libxext-dev libxrender-dev libxfixes-dev libxxf86vm-dev libxss-dev libdbus-1-dev libudev-dev libssl-dev libgstreamer1.0-dev libgstreamer-plugins-base1.0-dev libfreetype6-dev ninja-build libxft-dev + - name: Install windows dependencies if: runner.os == 'Windows' run: choco install nsis-unicode @@ -230,6 +236,16 @@ jobs: path: | ${{ steps.build.outputs.viewer_app }} + # ND: We only have ReleaseOS builds for Linux so far, thus upload what we have + # This steps can be deleted once "Release" is in place and makes "ReleaseOS" obsolete (for upload) + - name: Upload Linux ReleaseOS archive + if: matrix.configuration == 'ReleaseOS' && steps.build.outputs.viewer_app && matrix.os == 'linux' + uses: actions/upload-artifact@v3 + with: + name: "${{ steps.build.outputs.artifact }}-app" + path: | + ${{ steps.build.outputs.viewer_app }} + # The other upload of nontrivial size is the symbol file. Use a distinct # artifact for that too. - name: Upload symbol file @@ -372,7 +388,7 @@ jobs: with: name: Windows-metadata - - name: Rename windows metadata + - name: Rename windows metadata run: | mv autobuild-package.xml Windows-autobuild-package.xml mv newview/viewer_version.txt Windows-viewer_version.txt @@ -381,7 +397,7 @@ jobs: with: name: macOS-metadata - - name: Rename macOS metadata + - name: Rename macOS metadata run: | mv autobuild-package.xml macOS-autobuild-package.xml mv newview/viewer_version.txt macOS-viewer_version.txt @@ -407,7 +423,7 @@ jobs: append_body: true fail_on_unmatched_files: true files: | - *.dmg + *.dmg *.exe *-autobuild-package.xml *-viewer_version.txt -- cgit v1.2.3 From 37392be4171303db08a4842b7882b4cb758a8f8d Mon Sep 17 00:00:00 2001 From: Nicky Dasmijn Date: Tue, 9 Apr 2024 20:26:06 +0200 Subject: Update Linux media handling (#1146) * Enable CEF browser for Linux * Disable the update for Linux, we don't have that one right now * Update build_linux.yaml We need libpulse-dev for volume_catcher Linux * Add linux_volum_catcher* files * Enable OpenAL for Linux-ReleaseOS * Linux: Update OpenAL * Update SDL2 * Add libsndio-dev to the dependencies. * Update CEF to an official LL version * Remove dupe of emoji_shortcodes * Reording autobuild does because it can and wants to * Linux: Disable NDOF for the time being. After updating the ndof 3P needs to be rebuilt and we do not have a fresh one from LL yet. Forcefully undefine LIB_NDOF, it gets defined in the build variables no matter if it is safe to define. * Remove wrestling with mutliarch and LIBGL_DRIVERS_PATH * Remove tcmalloc snippet, tcmalloc is a very faint bad dream of the past * Putting out a warning this viewer ran on a x64 arch and then suggesting to install 32 bit compat packages makes no sense at all * CEF resources need to be in lib * It;'s okay to warn about missing plugins * Linux: CEF keyboard handling * Remove old gstreamer 0.10 implementation * Linux DSO loading always had been very peculiar due to macro magic. At least now it is peculiar shared magic with only one implementation. * Remove -fPIC. We get that one from LL_BUILD * /proc/cpuinfo is not reliable to detrmine the max CPU clock. Try to determine this by reading "/sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq". Only if this fails go back to /proc/cpuinfo * Cleanup * Cleanup common linker and compiler flags, make it more obvious which flags are for which OS/compiler * Switch to correct plugin file * Install libpulse-dev for volume catcher. * And the runner needs libsndio-dev as well. * check for runner.os=='linux'. matrix.os is the full name of the image (limux-large). --- .github/workflows/build.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to '.github/workflows/build.yaml') diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 3ac470b5ed..5dce30705c 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -99,7 +99,7 @@ jobs: - name: Install Linux dependencies if: runner.os == 'linux' - run: sudo apt update && sudo apt install -y libfltk1.3-dev libunwind-dev libgl1-mesa-dev libglu1-mesa-dev libx11-dev libxrandr-dev libxinerama-dev libxcursor-dev libxi-dev libxext-dev libxrender-dev libxfixes-dev libxxf86vm-dev libxss-dev libdbus-1-dev libudev-dev libssl-dev libgstreamer1.0-dev libgstreamer-plugins-base1.0-dev libfreetype6-dev ninja-build libxft-dev + run: sudo apt update && sudo apt install -y libsndio-dev libpulse-dev libfltk1.3-dev libunwind-dev libgl1-mesa-dev libglu1-mesa-dev libx11-dev libxrandr-dev libxinerama-dev libxcursor-dev libxi-dev libxext-dev libxrender-dev libxfixes-dev libxxf86vm-dev libxss-dev libdbus-1-dev libudev-dev libssl-dev libgstreamer1.0-dev libgstreamer-plugins-base1.0-dev libfreetype6-dev ninja-build libxft-dev - name: Install windows dependencies if: runner.os == 'Windows' @@ -239,7 +239,7 @@ jobs: # ND: We only have ReleaseOS builds for Linux so far, thus upload what we have # This steps can be deleted once "Release" is in place and makes "ReleaseOS" obsolete (for upload) - name: Upload Linux ReleaseOS archive - if: matrix.configuration == 'ReleaseOS' && steps.build.outputs.viewer_app && matrix.os == 'linux' + if: matrix.configuration == 'ReleaseOS' && steps.build.outputs.viewer_app && runner.os == 'linux' uses: actions/upload-artifact@v3 with: name: "${{ steps.build.outputs.artifact }}-app" -- cgit v1.2.3 From 148f80f0779f42c1aa7d2f07c04a63507446662c Mon Sep 17 00:00:00 2001 From: Bennett Goble Date: Wed, 10 Apr 2024 19:54:10 -0700 Subject: Linux: build with clang, link with mold --- .github/workflows/build.yaml | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) (limited to '.github/workflows/build.yaml') diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 1f5d8ee47a..b5be5bb00c 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -98,8 +98,19 @@ jobs: ${{ runner.os }}-64- - name: Install Linux dependencies - if: runner.os == 'linux' - run: sudo apt update && sudo apt install -y libsndio-dev libpulse-dev libfltk1.3-dev libunwind-dev libgl1-mesa-dev libglu1-mesa-dev libx11-dev libxrandr-dev libxinerama-dev libxcursor-dev libxi-dev libxext-dev libxrender-dev libxfixes-dev libxxf86vm-dev libxss-dev libdbus-1-dev libudev-dev libssl-dev libgstreamer1.0-dev libgstreamer-plugins-base1.0-dev libfreetype6-dev ninja-build libxft-dev + if: runner.os == 'Linux' + run: | + sudo apt update + sudo apt install -y \ + libsndio-dev libpulse-dev libfltk1.3-dev \ + libunwind-dev libgl1-mesa-dev libglu1-mesa-dev \ + libx11-dev libxrandr-dev libxinerama-dev \ + libxcursor-dev libxi-dev libxext-dev \ + libxrender-dev libxfixes-dev libxxf86vm-dev \ + libxss-dev libdbus-1-dev libudev-dev \ + libssl-dev libgstreamer1.0-dev libgstreamer-plugins-base1.0-dev \ + libfreetype6-dev ninja-build libxft-dev \ + llvm mold - name: Install windows dependencies if: runner.os == 'Windows' @@ -208,6 +219,13 @@ jobs: fi export PYTHON_COMMAND_NATIVE="$(native_path "$PYTHON_COMMAND")" + # Compile with clang, link with mold on linux. + if [[ "$RUNNER_OS" == "Linux" ]]; then + export CC=clang + export CXX=clang++ + export CMAKE_OPTIONS='-DLINK_WITH_MOLD=ON' + fi + ./build.sh # Each artifact is downloaded as a distinct .zip file. Multiple jobs -- cgit v1.2.3 From 4bd4e08834289f567d453427c565a95b5f75d995 Mon Sep 17 00:00:00 2001 From: Bennett Goble Date: Fri, 12 Apr 2024 07:59:19 -0700 Subject: Fix syntax in build.yaml, merge fallout --- .github/workflows/build.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to '.github/workflows/build.yaml') diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index c61e969a02..7d0496793a 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -19,8 +19,8 @@ jobs: exclude: - runner: macos-12-xl configuration: ReleaseOS - - runner: windows-large - configuration: ReleaseOS + - runner: windows-large + configuration: ReleaseOS runs-on: ${{ matrix.runner }} outputs: viewer_channel: ${{ steps.build.outputs.viewer_channel }} -- cgit v1.2.3 From 286ef130349d45b13f613fd11eeb40f5fffdf259 Mon Sep 17 00:00:00 2001 From: Bennett Goble Date: Fri, 12 Apr 2024 08:04:11 -0700 Subject: Fix excludes following merge of build.yaml --- .github/workflows/build.yaml | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) (limited to '.github/workflows/build.yaml') diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 7d0496793a..e2d84d29af 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -17,10 +17,12 @@ jobs: - runner: macos-12-xl developer_dir: "/Applications/Xcode_14.0.1.app/Contents/Developer" exclude: - - runner: macos-12-xl - configuration: ReleaseOS - runner: windows-large configuration: ReleaseOS + - runner: macos-12-xl + configuration: ReleaseOS + - runner: linux-large + configuration: Release runs-on: ${{ matrix.runner }} outputs: viewer_channel: ${{ steps.build.outputs.viewer_channel }} @@ -391,6 +393,10 @@ jobs: - uses: actions/download-artifact@v4 with: pattern: "*-metadata" + + - uses: actions/download-artifact@v4 + with: + pattern: "LinuxOS-app" - name: Rename metadata run: | -- cgit v1.2.3 From 7d2608947ccfa2215fa66d162134bf67bf27b383 Mon Sep 17 00:00:00 2001 From: AiraYumi Date: Tue, 16 Apr 2024 22:20:44 -0400 Subject: Cleanup Install Linux dependencies --- .github/workflows/build.yaml | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) (limited to '.github/workflows/build.yaml') diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index e2d84d29af..3f1ff1d8a6 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -103,14 +103,10 @@ jobs: run: | sudo apt update sudo apt install -y \ - libsndio-dev libpulse-dev libfltk1.3-dev \ - libunwind-dev libgl1-mesa-dev libglu1-mesa-dev \ - libx11-dev libxrandr-dev libxinerama-dev \ - libxcursor-dev libxi-dev libxext-dev \ - libxrender-dev libxfixes-dev libxxf86vm-dev \ - libxss-dev libdbus-1-dev libudev-dev \ - libssl-dev libgstreamer1.0-dev libgstreamer-plugins-base1.0-dev \ - libfreetype6-dev ninja-build libxft-dev \ + libsndio-dev libpulse-dev libunwind-dev \ + libgl1-mesa-dev libglu1-mesa-dev libxinerama-dev \ + libxcursor-dev libxfixes-dev libgstreamer1.0-dev \ + libgstreamer-plugins-base1.0-dev ninja-build libxft-dev \ llvm mold - name: Install windows dependencies -- cgit v1.2.3 From 169519c3020c9259a06a302e1cefdd5584d83f17 Mon Sep 17 00:00:00 2001 From: Maki Date: Thu, 18 Apr 2024 01:39:28 -0400 Subject: Add libpipewire-0.3-dev to GitHub workflow --- .github/workflows/build.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to '.github/workflows/build.yaml') diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 3f1ff1d8a6..05e28b1dd1 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -107,7 +107,7 @@ jobs: libgl1-mesa-dev libglu1-mesa-dev libxinerama-dev \ libxcursor-dev libxfixes-dev libgstreamer1.0-dev \ libgstreamer-plugins-base1.0-dev ninja-build libxft-dev \ - llvm mold + llvm mold libpipewire-0.3-dev - name: Install windows dependencies if: runner.os == 'Windows' -- cgit v1.2.3 From 2ab17fa3f991a71cdb83d6dba8e345e14f11514c Mon Sep 17 00:00:00 2001 From: Nicky Date: Thu, 18 Apr 2024 17:59:56 +0200 Subject: Update open_libndofdev and openal to latest versions. - With the updated openal the dependency on sndio can be dropped - The updated libndofdev is compiled against the correct version of SDL2 and thus NDOF can be enabled again --- .github/workflows/build.yaml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to '.github/workflows/build.yaml') diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 3f1ff1d8a6..42dc364ed3 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -19,10 +19,10 @@ jobs: exclude: - runner: windows-large configuration: ReleaseOS - - runner: macos-12-xl + - runner: macos-12-xl configuration: ReleaseOS - runner: linux-large - configuration: Release + configuration: Release runs-on: ${{ matrix.runner }} outputs: viewer_channel: ${{ steps.build.outputs.viewer_channel }} @@ -103,7 +103,7 @@ jobs: run: | sudo apt update sudo apt install -y \ - libsndio-dev libpulse-dev libunwind-dev \ + libpulse-dev libunwind-dev \ libgl1-mesa-dev libglu1-mesa-dev libxinerama-dev \ libxcursor-dev libxfixes-dev libgstreamer1.0-dev \ libgstreamer-plugins-base1.0-dev ninja-build libxft-dev \ @@ -221,7 +221,7 @@ jobs: export CC=clang export CXX=clang++ export CMAKE_OPTIONS='-DLINK_WITH_MOLD=ON' - fi + fi ./build.sh @@ -393,7 +393,7 @@ jobs: - uses: actions/download-artifact@v4 with: pattern: "LinuxOS-app" - + - name: Rename metadata run: | cp Windows-metadata/autobuild-package.xml Windows-autobuild-package.xml @@ -422,7 +422,7 @@ jobs: append_body: true fail_on_unmatched_files: true files: | - macOS-installer/*.dmg + macOS-installer/*.dmg Windows-installer/*.exe *-autobuild-package.xml *-viewer_version.txt -- cgit v1.2.3 From 3c0710172e03329004a2962e0313d883b143d3ad Mon Sep 17 00:00:00 2001 From: Nat Goodspeed Date: Thu, 16 May 2024 16:05:43 -0400 Subject: Try to fix release_run logic in build.yaml. --- .github/workflows/build.yaml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to '.github/workflows/build.yaml') diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index b60f787a9c..b301e88f48 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -27,7 +27,7 @@ jobs: # When you want to use a string variable as a workflow YAML boolean, it's # important to ensure it's the empty string when false. If you omit || '', # its value when false is "false", which is interpreted as true. - RELEASE_RUN: ${{ (github.event.inputs.release_run || github.ref_type == 'tag' && startsWith(github.ref_name, 'Second_Life')) && 'Y' || '' }} + RELEASE_RUN: ${{ (github.event.inputs.release_run || (github.ref_type == 'tag' && startsWith(github.ref_name, 'Second_Life'))) && 'Y' || '' }} steps: - name: Set Variable id: setvar @@ -403,7 +403,11 @@ jobs: release: needs: [setvar, build, sign-and-package-windows, sign-and-package-mac] runs-on: ubuntu-latest - if: needs.setvar.outputs.release_run + # action-gh-release requires a tag (presumably for automatic generation of + # release notes). Possible TODO: if we arrive here but do not have a + # suitable tag for github.sha, create one? If we do that, of course remove + # this == 'tag' condition. + if: needs.setvar.outputs.release_run && github.ref_type == 'tag' steps: - uses: actions/download-artifact@v4 with: -- cgit v1.2.3 From 7e381d62a8e7f64f1bae96a8ef6b38316427381b Mon Sep 17 00:00:00 2001 From: Nat Goodspeed Date: Thu, 16 May 2024 16:12:23 -0400 Subject: Try determining which-branch once for all platforms. --- .github/workflows/build.yaml | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) (limited to '.github/workflows/build.yaml') diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index b301e88f48..a33b4a88c7 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -21,6 +21,8 @@ jobs: runs-on: ubuntu-latest outputs: release_run: ${{ steps.setvar.outputs.release_run }} + branch: ${{ steps.which-branch.outputs.branch }} + relnotes: ${{ steps.which-branch.outputs.relnotes }} env: # Build with a tag like "Second_Life#abcdef0" to generate a release page # (used for builds we are planning to deploy). @@ -35,6 +37,13 @@ jobs: run: | echo "release_run=$RELEASE_RUN" >> "$GITHUB_OUTPUT" + - name: Determine source branch + id: which-branch + if: env.BUILD + uses: secondlife/viewer-build-util/which-branch@v2 + with: + token: ${{ github.token }} + build: needs: setvar strategy: @@ -52,8 +61,6 @@ jobs: outputs: viewer_channel: ${{ steps.build.outputs.viewer_channel }} viewer_version: ${{ steps.build.outputs.viewer_version }} - viewer_branch: ${{ steps.which-branch.outputs.branch }} - relnotes: ${{ steps.which-branch.outputs.relnotes }} imagename: ${{ steps.build.outputs.imagename }} env: AUTOBUILD_ADDRSIZE: 64 @@ -136,19 +143,12 @@ jobs: if: env.BUILD && runner.os == 'Windows' run: choco install nsis-unicode - - name: Determine source branch - id: which-branch - if: env.BUILD - uses: secondlife/viewer-build-util/which-branch@v2 - with: - token: ${{ github.token }} - - name: Build id: build if: env.BUILD shell: bash env: - AUTOBUILD_VCS_BRANCH: ${{ steps.which-branch.outputs.branch }} + AUTOBUILD_VCS_BRANCH: ${{ needs.setvar.outputs.branch }} RUNNER_OS: ${{ runner.os }} run: | # set up things the viewer's build.sh script expects @@ -437,7 +437,7 @@ jobs: Build ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} ${{ needs.build.outputs.viewer_channel }} ${{ needs.build.outputs.viewer_version }} - ${{ needs.build.outputs.relnotes }} + ${{ needs.setvar.outputs.relnotes }} prerelease: true generate_release_notes: true target_commitish: ${{ github.sha }} -- cgit v1.2.3 From 006b00b47d8fc0ea89ca799c191b91d49d8f6bb6 Mon Sep 17 00:00:00 2001 From: Nat Goodspeed Date: Thu, 16 May 2024 16:23:35 -0400 Subject: Add diagnostic output to setvar build step. --- .github/workflows/build.yaml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to '.github/workflows/build.yaml') diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index a33b4a88c7..5854a512d1 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -35,11 +35,14 @@ jobs: id: setvar shell: bash run: | + echo "release_run = ${{ github.event.inputs.release_run }}" + echo "ref_type = ${{ github.ref_type }}" + echo "RELEASE_RUN = $RELEASE_RUN" echo "release_run=$RELEASE_RUN" >> "$GITHUB_OUTPUT" + exit 1 - name: Determine source branch id: which-branch - if: env.BUILD uses: secondlife/viewer-build-util/which-branch@v2 with: token: ${{ github.token }} -- cgit v1.2.3 From 189711f41cb262a958ccdabfe9687caa4eb17e79 Mon Sep 17 00:00:00 2001 From: Nat Goodspeed Date: Thu, 16 May 2024 16:27:35 -0400 Subject: Try harder to interpret github.event.inputs.release_run checkbox. --- .github/workflows/build.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to '.github/workflows/build.yaml') diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 5854a512d1..27516aacf0 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -29,7 +29,7 @@ jobs: # When you want to use a string variable as a workflow YAML boolean, it's # important to ensure it's the empty string when false. If you omit || '', # its value when false is "false", which is interpreted as true. - RELEASE_RUN: ${{ (github.event.inputs.release_run || (github.ref_type == 'tag' && startsWith(github.ref_name, 'Second_Life'))) && 'Y' || '' }} + RELEASE_RUN: ${{ (github.event.inputs.release_run != 'false' || (github.ref_type == 'tag' && startsWith(github.ref_name, 'Second_Life'))) && 'Y' || '' }} steps: - name: Set Variable id: setvar -- cgit v1.2.3 From fe14534c57b97c2ab3bfd9eade681f6a404f72a2 Mon Sep 17 00:00:00 2001 From: Nat Goodspeed Date: Thu, 16 May 2024 16:37:33 -0400 Subject: Fix test for github.event.inputs.release_run. --- .github/workflows/build.yaml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to '.github/workflows/build.yaml') diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 27516aacf0..4f35b2c813 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -26,20 +26,20 @@ jobs: env: # Build with a tag like "Second_Life#abcdef0" to generate a release page # (used for builds we are planning to deploy). + # Even though inputs.release_run is specified with type boolean, which + # correctly presents a checkbox, its *value* is a GH workflow string + # 'true' or 'false'. If you simply test github.event.inputs.release_run, + # it always evaluates as true because it's a non-empty string either way. # When you want to use a string variable as a workflow YAML boolean, it's # important to ensure it's the empty string when false. If you omit || '', - # its value when false is "false", which is interpreted as true. + # its value when false is "false", which (again) is interpreted as true. RELEASE_RUN: ${{ (github.event.inputs.release_run != 'false' || (github.ref_type == 'tag' && startsWith(github.ref_name, 'Second_Life'))) && 'Y' || '' }} steps: - name: Set Variable id: setvar shell: bash run: | - echo "release_run = ${{ github.event.inputs.release_run }}" - echo "ref_type = ${{ github.ref_type }}" - echo "RELEASE_RUN = $RELEASE_RUN" echo "release_run=$RELEASE_RUN" >> "$GITHUB_OUTPUT" - exit 1 - name: Determine source branch id: which-branch -- cgit v1.2.3