Weekly conda-based installers #99
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
on: | |
schedule: | |
- cron: '30 6 * * *' | |
pull_request: | |
paths: | |
- 'installers-conda/**' | |
- '.github/workflows/installers-conda.yml' | |
- 'requirements/*.yml' | |
- 'MANIFEST.in' | |
release: | |
types: | |
- created | |
workflow_dispatch: | |
inputs: | |
pre: | |
description: 'Build as release candidate' | |
required: false | |
default: true | |
type: boolean | |
ssh: | |
description: 'Enable ssh debugging' | |
required: false | |
default: false | |
type: boolean | |
mac: | |
description: 'Build macOS installer' | |
required: false | |
default: true | |
type: boolean | |
linux: | |
description: 'Build Linux installer' | |
required: false | |
default: true | |
type: boolean | |
win: | |
description: 'Build Windows installer' | |
required: false | |
default: true | |
type: boolean | |
concurrency: | |
group: installers-conda-${{ github.ref }} | |
cancel-in-progress: true | |
name: Nightly conda-based installers | |
env: | |
IS_RELEASE: ${{ github.event_name == 'release' }} | |
ENABLE_SSH: ${{ github.event_name == 'workflow_dispatch' && inputs.ssh }} | |
BUILD_MAC: ${{ github.event_name != 'workflow_dispatch' || inputs.mac }} | |
BUILD_LNX: ${{ github.event_name != 'workflow_dispatch' || inputs.linux }} | |
BUILD_WIN: ${{ github.event_name != 'workflow_dispatch' || inputs.win }} | |
USE_SUBREPOS: ${{ github.event_name == 'schedule' || github.event_name == 'pull_request' || (github.event_name == 'workflow_dispatch' && ! inputs.pre) }} | |
NOTARIZE: ${{ github.event_name == 'schedule' || github.event_name == 'release' || (github.event_name == 'workflow_dispatch' && inputs.pre) }} | |
jobs: | |
build-matrix: | |
name: Determine Build Matrix | |
runs-on: ubuntu-latest | |
outputs: | |
target_platform: ${{ steps.build-matrix.outputs.target_platform }} | |
include: ${{ steps.build-matrix.outputs.include }} | |
python_version: ${{ steps.build-matrix.outputs.python_version }} | |
steps: | |
- name: Determine Build Matrix | |
id: build-matrix | |
run: | | |
if [[ $BUILD_MAC == "true" ]]; then | |
target_platform="'osx-64'" | |
include="{'os': 'macos-11', 'target-platform': 'osx-64', 'spyk-arch': 'unix'}" | |
fi | |
if [[ $BUILD_LNX == "true" ]]; then | |
target_platform=${target_platform:+"$target_platform, "}"'linux-64'" | |
include=${include:+"$include, "}"{'os': 'ubuntu-latest', 'target-platform': 'linux-64', 'spyk-arch': 'unix'}" | |
fi | |
if [[ $BUILD_WIN == "true" ]]; then | |
target_platform=${target_platform:+"$target_platform, "}"'win-64'" | |
include=${include:+"$include, "}"{'os': 'windows-latest', 'target-platform': 'win-64', 'spyk-arch': 'win-64'}" | |
fi | |
echo "target_platform=[$target_platform]" >> $GITHUB_OUTPUT | |
echo "include=[$include]" >> $GITHUB_OUTPUT | |
build-subrepos: | |
name: Build Subrepos | |
# env.USE_SUBREPOS is not available at job level; must copy-paste here | |
if: github.event_name == 'schedule' || github.event_name == 'pull_request' || (github.event_name == 'workflow_dispatch' && ! inputs.pre) | |
uses: ./.github/workflows/build-subrepos.yml | |
build-installers: | |
name: Build installer for ${{ matrix.target-platform }} Python-${{ matrix.python-version }} | |
if: ${{ ! failure() && ! cancelled() }} | |
runs-on: ${{ matrix.os }} | |
needs: | |
- build-matrix | |
- build-subrepos | |
strategy: | |
fail-fast: false | |
matrix: | |
target-platform: ${{fromJson(needs.build-matrix.outputs.target_platform)}} | |
python-version: ['3.10'] | |
include: ${{fromJson(needs.build-matrix.outputs.include)}} | |
defaults: | |
run: | |
shell: bash -le {0} | |
working-directory: ${{ github.workspace }}/installers-conda | |
env: | |
DISTDIR: ${{ github.workspace }}/installers-conda/dist | |
MACOS_CERTIFICATE_PWD: ${{ secrets.MACOS_CERTIFICATE_PWD }} | |
MACOS_CERTIFICATE: ${{ secrets.MACOS_CERTIFICATE }} | |
MACOS_INSTALLER_CERTIFICATE: ${{ secrets.MACOS_INSTALLER_CERTIFICATE }} | |
APPLICATION_PWD: ${{ secrets.APPLICATION_PWD }} | |
CONSTRUCTOR_TARGET_PLATFORM: ${{ matrix.target-platform }} | |
steps: | |
- name: Checkout Code | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Setup Remote SSH Connection | |
if: env.ENABLE_SSH == 'true' | |
uses: mxschmitt/action-tmate@v3 | |
timeout-minutes: 10 | |
with: | |
detached: true | |
- name: Restore python-lsp-server Cache | |
if: env.USE_SUBREPOS == 'true' | |
uses: actions/cache/restore@v3 | |
with: | |
path: installers-conda/build/conda-bld/**/*.tar.bz2 | |
key: python-lsp-server_noarch_${{ matrix.python-version }}_${{ hashFiles('external-deps/python-lsp-server/.gitrepo') }} | |
enableCrossOsArchive: true | |
fail-on-cache-miss: true | |
- name: Restore qtconsole Cache | |
if: env.USE_SUBREPOS == 'true' | |
uses: actions/cache/restore@v3 | |
with: | |
path: installers-conda/build/conda-bld/**/*.tar.bz2 | |
key: qtconsole_noarch_${{ matrix.python-version }}_${{ hashFiles('external-deps/qtconsole/.gitrepo') }} | |
enableCrossOsArchive: true | |
fail-on-cache-miss: true | |
- name: Restore ${{ matrix.spyk-arch }} spyder-kernels Cache | |
if: env.USE_SUBREPOS == 'true' | |
uses: actions/cache/restore@v3 | |
with: | |
path: installers-conda/build/conda-bld/**/*.tar.bz2 | |
key: spyder-kernels_${{ matrix.spyk-arch }}_${{ matrix.python-version }}_${{ hashFiles('external-deps/spyder-kernels/.gitrepo') }} | |
enableCrossOsArchive: true | |
fail-on-cache-miss: true | |
- name: Setup Build Environment | |
uses: mamba-org/setup-micromamba@v1 | |
with: | |
environment-file: installers-conda/build-environment.yml | |
environment-name: spy-inst | |
create-args: >- | |
--channel-priority=strict | |
python=${{ matrix.python-version }} | |
cache-downloads: true | |
cache-environment: true | |
- name: Env Variables | |
run: env | sort | |
- name: Build ${{ matrix.target-platform }} spyder Conda Package | |
env: | |
CONDA_BLD_PATH: ${{ runner.temp }}/conda-bld | |
run: | | |
# Copy built packages to new build location because spyder cannot be | |
# built in workspace | |
[[ -d build/conda-bld ]] && cp -Rv build/conda-bld $CONDA_BLD_PATH | |
python build_conda_pkgs.py --build spyder | |
- name: Create Local Conda Channel | |
env: | |
CONDA_BLD_PATH: ${{ runner.temp }}/conda-bld | |
run: | | |
conda config --set bld_path $CONDA_BLD_PATH | |
mamba index $CONDA_BLD_PATH | |
mamba search -c local --override-channels || true | |
- name: Create Keychain | |
if: runner.os == 'macOS' && env.NOTARIZE == 'true' | |
run: | | |
_codesign=$(which codesign) | |
if [[ $_codesign =~ ${CONDA_PREFIX}.* ]]; then | |
# Find correct codesign | |
echo "Moving $_codesign..." | |
mv $_codesign ${_codesign}.bak | |
fi | |
./certkeychain.sh "${MACOS_CERTIFICATE_PWD}" "${MACOS_CERTIFICATE}" "${MACOS_INSTALLER_CERTIFICATE}" | |
CNAME=$(security find-identity -p codesigning -v | pcre2grep -o1 "\(([0-9A-Z]+)\)") | |
echo "CNAME=$CNAME" >> $GITHUB_ENV | |
- name: Load signing certificate (Windows) | |
if: runner.os == 'Windows' && env.NOTARIZE == 'true' | |
run: | | |
echo "${MACOS_CERTIFICATE}" > "${{ runner.temp }}/certificate.b64.txt" | |
certutil.exe -decode "${{ runner.temp }}/certificate.b64.txt" "${{ runner.temp }}/certificate.pfx" | |
echo "CONSTRUCTOR_SIGNING_CERTIFICATE=${{ runner.temp }}/certificate.pfx" >> $GITHUB_ENV | |
echo "CONSTRUCTOR_PFX_CERTIFICATE_PASSWORD=${MACOS_CERTIFICATE_PWD}" >> $GITHUB_ENV | |
echo "CONSTRUCTOR_SIGNTOOL_PATH=C:/Program Files (x86)/Windows Kits/10/bin/10.0.17763.0/x86/signtool.exe" >> $GITHUB_ENV | |
- name: Build Package Installer | |
run: | | |
[[ -n $CNAME ]] && args=("--cert-id" "$CNAME") || args=() | |
python build_installers.py ${args[@]} | |
PKG_PATH=$(python build_installers.py --artifact-name) | |
PKG_NAME=$(basename $PKG_PATH) | |
PKG_GLOB=${PKG_PATH%.*} | |
PKG_BASE_NAME=${PKG_NAME%.*} | |
echo "PKG_PATH=$PKG_PATH" >> $GITHUB_ENV | |
echo "PKG_NAME=$PKG_NAME" >> $GITHUB_ENV | |
echo "PKG_GLOB=$PKG_GLOB" >> $GITHUB_ENV | |
echo "PKG_BASE_NAME=$PKG_BASE_NAME" >> $GITHUB_ENV | |
- name: Test macOS Installer | |
if: runner.os == 'macOS' | |
run: | | |
# Stream install.log to stdout to view all log messages. | |
tail -F /var/log/install.log & tail_id=$! | |
trap "kill -s TERM $tail_id" EXIT | |
installer -pkg $PKG_PATH -target CurrentUserHomeDirectory >/dev/null | |
root_prefix=$(compgen -G $HOME/Library/spyder-*) | |
echo "Install info:" | |
echo "Contents of ${root_prefix}:" | |
ls -al $root_prefix | |
echo -e "\nContents of ${root_prefix}/uninstall-spyder.sh:" | |
cat $root_prefix/uninstall-spyder.sh | |
app_path=/Applications/Spyder.app | |
[[ -e ${root_prefix}/.nonadmin ]] && app_path=${HOME}${app_path} | |
if [[ -e "$app_path" ]]; then | |
echo "Contents of $app_path/Contents/MacOS:" | |
ls -al $app_path/Contents/MacOS | |
echo -e "\nContents of $app_path/Contents/Info.plist:" | |
cat $app_path/Contents/Info.plist | |
echo -e "\nContents of $app_path/Contents/MacOS/spyder-script:" | |
cat $app_path/Contents/MacOS/spyder-script | |
else | |
echo "$app_path does not exist" | |
exit 1 | |
fi | |
- name: Test Linux Installer | |
if: runner.os == 'Linux' | |
run: | | |
$PKG_PATH -b | |
root_prefix=$(compgen -G $HOME/.local/spyder-*) | |
echo "Install info:" | |
echo "Contents of ${root_prefix}:" | |
ls -al $root_prefix | |
echo -e "\nContents of ${root_prefix}/uninstall-spyder.sh:" | |
cat ${root_prefix}/uninstall-spyder.sh | |
shortcut_path=/share/applications/spyder_spyder.desktop | |
[[ -e ${root_prefix}/.nonadmin ]] && shortcut_path=${HOME}/.local${shortcut_path} || shortcut_path=/usr${shortcut_path} | |
if [[ -e $shortcut_path ]]; then | |
echo -e "\nContents of ${shortcut_path}:" | |
cat $shortcut_path | |
else | |
echo "$shortcut_path does not exist" | |
exit 1 | |
fi | |
- name: Test Windows Installer | |
if: runner.os == 'Windows' | |
shell: cmd | |
run: | | |
start /wait %PKG_PATH% /InstallationType=JustMe /NoRegistry=1 /S | |
set "shortcut_path=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\spyder\Spyder.lnk" | |
if exist "%shortcut_path%" ( | |
echo "Spyder installed successfully" | |
) else ( | |
echo "Spyder NOT installed successfully" | |
EXIT /B 1 | |
) | |
EXIT /B %ERRORLEVEL% | |
- name: Notarize or Compute Checksum | |
if: env.NOTARIZE == 'true' | |
run: | | |
if [[ $RUNNER_OS == "macOS" ]]; then | |
./notarize.sh -p $APPLICATION_PWD $PKG_PATH | |
else | |
cd $(dirname $PKG_PATH) | |
echo $(sha256sum $PKG_NAME) > "${PKG_GLOB}-sha256sum.txt" | |
fi | |
- name: Upload Artifact | |
if: env.IS_RELEASE == 'false' | |
uses: actions/upload-artifact@v3 | |
with: | |
path: ${{ env.PKG_GLOB }}* | |
name: ${{ env.PKG_BASE_NAME }} | |
- name: Get Release | |
if: env.IS_RELEASE == 'true' | |
uses: bruceadams/[email protected] | |
id: get_release | |
env: | |
GITHUB_TOKEN: ${{ github.token }} | |
- name: Upload Release Asset | |
if: env.IS_RELEASE == 'true' | |
uses: shogo82148/actions-upload-release-asset@v1 | |
env: | |
GITHUB_TOKEN: ${{ github.token }} | |
with: | |
upload_url: ${{ steps.get_release.outputs.upload_url }} | |
asset_path: ${{ env.PKG_GLOB }}* |