New fix/new entry preferences #7824
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Binaries | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - main-release | |
| paths-ignore: | |
| - 'docs/**' | |
| - 'src/test/**' | |
| - 'README.md' | |
| tags: | |
| - '*' | |
| pull_request: | |
| types: | |
| - opened | |
| - synchronize | |
| - reopened | |
| - labeled | |
| merge_group: | |
| workflow_dispatch: | |
| inputs: | |
| notarization: | |
| type: boolean | |
| required: false | |
| default: false | |
| permissions: | |
| actions: write | |
| contents: read | |
| pull-requests: write | |
| env: | |
| SpringerNatureAPIKey: ${{ secrets.SpringerNatureAPIKey }} | |
| AstrophysicsDataSystemAPIKey: ${{ secrets.AstrophysicsDataSystemAPIKey }} | |
| IEEEAPIKey: ${{ secrets.IEEEAPIKey }} | |
| BiodiversityHeritageApiKey: ${{ secrets.BiodiversityHeritageApiKey}} | |
| OSXCERT: ${{ secrets.OSX_SIGNING_CERT }} | |
| GRADLE_OPTS: -Xmx4g -Dorg.gradle.vfs.watch=false | |
| JAVA_OPTS: -Xmx4g | |
| concurrency: | |
| group: "${{ github.workflow }}-${{ github.head_ref || github.ref }}-${{ github.event_name }}" | |
| cancel-in-progress: true | |
| jobs: | |
| conditions: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| upload-to-builds-jabref-org: ${{ steps.binary.outputs.upload-to-builds-jabref-org }} | |
| secretspresent: ${{ steps.binary.outputs.secretspresent }} | |
| tagbuild: ${{ steps.binary.outputs.tagbuild }} | |
| # required to avoid obsolete builds in case of labels != "dev: binaries" | |
| should-build: ${{ steps.binary.outputs.should-build }} | |
| should-notarize: ${{ steps.binary.outputs.should-notarize }} | |
| steps: | |
| - name: Determine conditions | |
| id: binary | |
| shell: bash | |
| env: | |
| BUILDJABREFPRIVATEKEY: ${{ secrets.buildJabRefPrivateKey }} | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| EVENT_NAME: ${{ github.event_name }} | |
| LABEL_NAME: ${{ github.event.label.name }} | |
| REPO_OWNER: ${{ github.repository_owner }} | |
| run: | | |
| if [[ "$GITHUB_WORKFLOW" == *"early access"* && "$REPO_OWNER" != "JabRef" ]]; then | |
| echo "⊘ Early access workflow for JabRef disabled for non-JabRef owner" | |
| echo "⊘ Early access workflow for JabRef disabled for non-JabRef owner" >> $GITHUB_STEP_SUMMARY | |
| echo "should-build=false" >> "$GITHUB_OUTPUT" | |
| exit 0 | |
| fi | |
| if [[ "$EVENT_NAME" != "labeled" || "$LABEL_NAME" == "automerge" || "$LABEL_NAME" == "dev: binaries" ]]; then | |
| echo "📦 build enabled" | |
| echo "📦 build enabled" >> $GITHUB_STEP_SUMMARY | |
| echo "should-build=true" >> "$GITHUB_OUTPUT" | |
| else | |
| echo "⊘ build should be skipped" | |
| echo "⊘ build should be skipped" >> $GITHUB_STEP_SUMMARY | |
| echo "should-build=false" >> "$GITHUB_OUTPUT" | |
| exit 0 | |
| fi | |
| if [ -z "$BUILDJABREFPRIVATEKEY" ]; then | |
| echo "⊘ Secret BUILDJABREFPRIVATEKEY not present – skipping upload" | |
| echo "⊘ Secret BUILDJABREFPRIVATEKEY not present – skipping upload" | |
| echo "upload-to-builds-jabref-org=false" >> "$GITHUB_OUTPUT" | |
| echo "secretspresent=false" >> "$GITHUB_OUTPUT" | |
| exit 0 | |
| fi | |
| echo "secretspresent=true" >> "$GITHUB_OUTPUT" | |
| if [[ "$GITHUB_REF" == refs/heads/gh-readonly-queue* ]]; then | |
| echo "⊘ merge queue – skipping upload" | |
| echo "⊘ merge queue – skipping upload" >> $GITHUB_STEP_SUMMARY | |
| echo "upload-to-builds-jabref-org=false" >> "$GITHUB_OUTPUT" | |
| exit 0 | |
| fi | |
| if [[ "${GITHUB_REF}" == refs/tags/* ]]; then | |
| echo "⊘ tag bulid" >> $GITHUB_STEP_SUMMARY | |
| echo "tagbuild=true" >> "$GITHUB_OUTPUT" | |
| else | |
| echo "⊘ no tag bulid" >> $GITHUB_STEP_SUMMARY | |
| echo "tagbuild=false" >> "$GITHUB_OUTPUT" | |
| fi | |
| if [[ "${GITHUB_REF}" == refs/tags/* ]] || [[ "${{ inputs.notarization }}" == "true" ]]; then | |
| # This workflow runs on ubuntu-latest even for notarization for macOS; need to check later if really on macOS | |
| echo "🧾 macOS notarization" | |
| echo "🧾 macOS notarization" >> $GITHUB_STEP_SUMMARY | |
| echo "should-notarize=true" >> "$GITHUB_OUTPUT" | |
| echo "☁️ will upload" | |
| echo "☁️ will upload" >> $GITHUB_STEP_SUMMARY | |
| echo "upload-to-builds-jabref-org=true" >> "$GITHUB_OUTPUT" | |
| exit 0; | |
| else | |
| echo "⊘ no macOS notarization" | |
| echo "⊘ no macOS notarization" >> $GITHUB_STEP_SUMMARY | |
| echo "should-notarize=false" >> "$GITHUB_OUTPUT" | |
| fi | |
| if [ "${{ github.event_name }}" != "pull_request" ]; then | |
| echo "☁️ Non-PR event – will upload" | |
| echo "☁️ Non-PR event – will upload" >> $GITHUB_STEP_SUMMARY | |
| echo "upload-to-builds-jabref-org=true" >> "$GITHUB_OUTPUT" | |
| exit 0 | |
| fi | |
| LABELS=$(gh api repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/labels --jq '.[].name') | |
| if echo "$LABELS" | grep -q "^dev: binaries$"; then | |
| echo "☁️ Label 'dev: binaries' found – will upload" | |
| echo "☁️ Label 'dev: binaries' found – will upload" >> $GITHUB_STEP_SUMMARY | |
| echo "upload-to-builds-jabref-org=true" >> "$GITHUB_OUTPUT" | |
| else | |
| echo "⊘ Label 'dev: binaries' not found – skipping upload" | |
| echo "⊘ Label 'dev: binaries' not found – skipping upload" >> $GITHUB_STEP_SUMMARY | |
| echo "upload-to-builds-jabref-org=false" >> "$GITHUB_OUTPUT" | |
| fi | |
| disk-space-check: | |
| needs: conditions | |
| runs-on: ubuntu-latest | |
| outputs: | |
| available: ${{ steps.diskspace.outputs.available }} | |
| steps: | |
| - name: No upload | |
| if: needs.conditions.outputs.upload-to-builds-jabref-org == 'false' | |
| shell: bash | |
| run: | | |
| echo "⊘ no upload – skipping upload" | |
| echo "⊘ no upload – skipping upload" >> $GITHUB_STEP_SUMMARY | |
| echo "available=false" >> "$GITHUB_OUTPUT" | |
| - name: Setup SSH key | |
| if: needs.conditions.outputs.upload-to-builds-jabref-org == 'true' | |
| run: | | |
| echo "${{ secrets.buildJabRefPrivateKey }}" > sshkey | |
| chmod 600 sshkey | |
| - name: Check disk space on builds.jabref.org | |
| if: needs.conditions.outputs.upload-to-builds-jabref-org == 'true' | |
| id: diskspace | |
| shell: bash | |
| run: | | |
| USAGE=$(ssh -p 9922 -i sshkey -o StrictHostKeyChecking=no [email protected] \ | |
| "df --output=pcent /var/www/builds.jabref.org | tail -n1 | tr -dc '0-9'") | |
| echo "Remote usage: ${USAGE}%" | |
| echo "Remote usage: ${USAGE}%" >> $GITHUB_STEP_SUMMARY | |
| if [ "$USAGE" -lt 80 ]; then | |
| echo "☁️ enough disk space available – will upload" | |
| echo "☁️ enough disk space available – will upload" >> $GITHUB_STEP_SUMMARY | |
| echo "available=true" >> "$GITHUB_OUTPUT" | |
| else | |
| echo "⛔ not enough disk space – skipping upload" | |
| echo "⛔ not enough disk space – skipping upload" >> $GITHUB_STEP_SUMMARY | |
| echo "available=false" >> "$GITHUB_OUTPUT" | |
| fi | |
| - name: Output URL | |
| if: steps.diskspace.outputs.available == 'true' | |
| shell: bash | |
| run: | | |
| echo "Link: https://builds.jabref.org/pull/${{ github.event.pull_request.number }}/merge" | |
| echo "Link: <https://builds.jabref.org/pull/${{ github.event.pull_request.number }}/merge>" >> $GITHUB_STEP_SUMMARY | |
| build: | |
| needs: [conditions, disk-space-check] | |
| if: ${{ needs.conditions.outputs.should-build == 'true' }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| # if you change the os version rename all other occurrences | |
| - os: ubuntu-22.04 | |
| displayName: linux | |
| archivePortable: tar -c -C jabgui/build/packages/ubuntu-22.04 JabRef | pigz --rsyncable > jabgui/build/packages/ubuntu-22.04/JabRef-portable_linux.tar.gz && rm -R jabgui/build/packages/ubuntu-22.04/JabRef | |
| archivePortableJabKit: tar -c -C jabkit/build/packages/ubuntu-22.04 jabkit | pigz --rsyncable > jabkit/build/packages/ubuntu-22.04/jabkit-portable_linux.tar.gz && rm -R jabkit/build/packages/ubuntu-22.04/jabkit | |
| archivePortableJabLS: tar -c -C jabls-cli/build/packages/ubuntu-22.04 jabls | pigz --rsyncable > jabls-cli/build/packages/ubuntu-22.04/jabls-portable_linux.tar.gz && rm -R jabls-cli/build/packages/ubuntu-22.04/jabls | |
| suffix: '' | |
| archForDebianRepack: '_amd64' | |
| - os: ubuntu-22.04-arm | |
| displayName: linux-arm | |
| archivePortable: tar -c -C jabgui/build/packages/ubuntu-22.04-arm JabRef | pigz --rsyncable > jabgui/build/packages/ubuntu-22.04-arm/JabRef-portable_linux_arm64.tar.gz && rm -R jabgui/build/packages/ubuntu-22.04-arm/JabRef | |
| archivePortableJabKit: tar -c -C jabkit/build/packages/ubuntu-22.04-arm jabkit | pigz --rsyncable > jabkit/build/packages/ubuntu-22.04-arm/jabkit-portable_linux_arm64.tar.gz && rm -R jabkit/build/packages/ubuntu-22.04-arm/jabkit | |
| archivePortableJabLS: tar -c -C jabls-cli/build/packages/ubuntu-22.04-arm jabls | pigz --rsyncable > jabls-cli/build/packages/ubuntu-22.04-arm/jabls-portable_linux_arm64.tar.gz && rm -R jabls-cli/build/packages/ubuntu-22.04-arm/jabls | |
| suffix: '_arm64' | |
| archForDebianRepack: '_arm64' | |
| - os: windows-latest | |
| displayName: windows | |
| archivePortable: 7z a -r jabgui/build/packages/windows-latest/JabRef-portable_windows.zip ./jabgui/build/packages/windows-latest/JabRef && rm -R jabgui/build/packages/windows-latest/JabRef | |
| archivePortableJabKit: 7z a -r jabkit/build/packages/windows-latest/jabkit-portable_windows.zip ./jabkit/build/packages/windows-latest/jabkit && rm -R jabkit/build/packages/windows-latest/jabkit | |
| archivePortableJabLS: 7z a -r jabls-cli/build/packages/windows-latest/jabls-portable_windows.zip ./jabls-cli/build/packages/windows-latest/jabls && rm -R jabls-cli/build/packages/windows-latest/jabls | |
| suffix: '' | |
| archForDebianRepack: '' | |
| - os: macos-15-intel # intel image | |
| displayName: macOS | |
| archivePortable: 7z a -r jabgui/build/packages/macos-15-intel/JabRef-portable_macos.zip ./jabgui/build/packages/macos-15-intel/JabRef.app && rm -R jabgui/build/packages/macos-15-intel/JabRef.app | |
| archivePortableJabKit: 7z a -r jabkit/build/packages/macos-15-intel/jabkit-portable_macos.zip ./jabkit/build/packages/macos-15-intel/jabkit.app && rm -R jabkit/build/packages/macos-15-intel/jabkit.app | |
| archivePortableJabLS: 7z a -r jabls-cli/build/packages/macos-15-intel/jabls-portable_macos.zip ./jabls-cli/build/packages/macos-15-intel/jabls.app && rm -R jabls-cli/build/packages/macos-15-intel/jabls.app | |
| suffix: '' | |
| archForDebianRepack: '' | |
| - os: macos-15 | |
| displayName: macOS-arm | |
| archivePortable: 7z a -r jabgui/build/packages/macos-15/JabRef-portable_macos-arm.zip ./jabgui/build/packages/macos-15/JabRef.app && rm -R jabgui/build/packages/macos-15/JabRef.app | |
| archivePortableJabKit: 7z a -r jabkit/build/packages/macos-15/jabkit-portable_macos-arm.zip ./jabkit/build/packages/macos-15/jabkit.app && rm -R jabkit/build/packages/macos-15/jabkit.app | |
| archivePortableJabLS: 7z a -r jabls-cli/build/packages/macos-15/jabls-portable_macos-arm.zip ./jabls-cli/build/packages/macos-15/jabls.app && rm -R jabls-cli/build/packages/macos-15/jabls.app | |
| suffix: '_arm64' | |
| archForDebianRepack: '' | |
| runs-on: ${{ matrix.os }} | |
| outputs: | |
| major: ${{ steps.gitversion.outputs.Major }} | |
| minor: ${{ steps.gitversion.outputs.Minor }} | |
| branchname: ${{ steps.gitversion.outputs.branchName }} | |
| name: ${{ matrix.displayName }} installer and portable version | |
| steps: | |
| - name: Fetch all history for all tags and branches | |
| uses: actions/checkout@v6 | |
| with: | |
| fetch-depth: 0 | |
| submodules: 'true' | |
| show-progress: 'false' | |
| - name: Install pigz and cache (linux) | |
| if: (startsWith(matrix.os, 'ubuntu')) | |
| uses: awalsh128/cache-apt-pkgs-action@latest | |
| with: | |
| packages: pigz | |
| version: 1.0 | |
| - name: Install GitVersion | |
| uses: gittools/actions/gitversion/[email protected] | |
| with: | |
| versionSpec: "5.x" | |
| - name: Run GitVersion | |
| id: gitversion | |
| uses: gittools/actions/gitversion/[email protected] | |
| - name: Setup JDK | |
| uses: actions/setup-java@v5 | |
| with: | |
| java-version: '24' | |
| distribution: 'corretto' | |
| check-latest: true | |
| - name: Setup Gradle | |
| uses: gradle/actions/setup-gradle@v5 | |
| - name: Generate JBang cache key | |
| id: cache-key | |
| shell: bash | |
| run: | | |
| echo "cache_key=jbang-$(date +%Y-%m)" >> $GITHUB_OUTPUT | |
| - name: Use cache | |
| uses: actions/cache/restore@v4 | |
| with: | |
| path: ~/.jbang | |
| key: ${{ steps.cache-key.outputs.cache_key }} | |
| restore-keys: | |
| jbang- | |
| - name: Setup JBang | |
| uses: jbangdev/setup-jbang@main | |
| - name: Setup macOS key chain | |
| if: (startsWith(matrix.os, 'macos')) && (needs.conditions.outputs.secretspresent == 'true') | |
| uses: slidoapp/import-codesign-certs@1923310662e8682dd05b76b612b53301f431cd5d | |
| with: | |
| p12-file-base64: ${{ secrets.OSX_SIGNING_CERT }} | |
| p12-password: ${{ secrets.OSX_CERT_PWD }} | |
| keychain-password: jabref | |
| - name: Setup macOS key chain for app id cert | |
| if: (startsWith(matrix.os, 'macos')) && (needs.conditions.outputs.secretspresent == 'true') | |
| uses: slidoapp/import-codesign-certs@1923310662e8682dd05b76b612b53301f431cd5d | |
| with: | |
| p12-file-base64: ${{ secrets.OSX_SIGNING_CERT_APPLICATION }} | |
| p12-password: ${{ secrets.OSX_CERT_PWD }} | |
| create-keychain: false | |
| keychain-password: jabref | |
| - name: Build runtime image and installer | |
| shell: bash | |
| run: ./gradlew -i -PprojVersion="${{ steps.gitversion.outputs.AssemblySemVer }}" -PprojVersionInfo="${{ steps.gitversion.outputs.InformationalVersion }}" :jabgui:jpackage | |
| - name: Smoke test JabGui | |
| shell: bash | |
| run: | | |
| ./gradlew :jabgui:run --args="--help" | |
| - name: Package JabGui application image | |
| shell: bash | |
| run: | | |
| set -e | |
| ${{ matrix.archivePortable }} | |
| - name: Rename files | |
| shell: pwsh | |
| run: | | |
| get-childitem -Path 'jabgui/build/packages/*/*' | rename-item -NewName {$_.name -replace "${{ steps.gitversion.outputs.AssemblySemVer }}","${{ steps.gitversion.outputs.Major }}.${{ steps.gitversion.outputs.Minor }}${{ matrix.suffix }}"} | |
| - name: Repack deb file for Debian | |
| if: (startsWith(matrix.os, 'ubuntu')) | |
| shell: bash | |
| run: | | |
| cd jabgui/build/packages/${{ matrix.os }} | |
| ls -l | |
| ar x jabref_${{ steps.gitversion.outputs.Major }}.${{ steps.gitversion.outputs.Minor }}${{ matrix.suffix }}${{ matrix.archForDebianRepack }}.deb | |
| rm jabref_${{ steps.gitversion.outputs.Major }}.${{ steps.gitversion.outputs.Minor }}${{ matrix.suffix }}${{ matrix.archForDebianRepack }}.deb | |
| zstd -d < control.tar.zst | xz > control.tar.xz | |
| zstd -d < data.tar.zst | xz > data.tar.xz | |
| ar -m -c -a sdsd jabref_${{ steps.gitversion.outputs.Major }}.${{ steps.gitversion.outputs.Minor }}${{ matrix.suffix }}${{ matrix.archForDebianRepack }}_repackaged.deb debian-binary control.tar.xz data.tar.xz | |
| rm debian-binary control.tar.* data.tar.* | |
| mv -f jabref_${{ steps.gitversion.outputs.Major }}.${{ steps.gitversion.outputs.Minor }}${{ matrix.suffix }}${{ matrix.archForDebianRepack }}_repackaged.deb jabref_${{ steps.gitversion.outputs.Major }}.${{ steps.gitversion.outputs.Minor }}${{ matrix.suffix }}.deb | |
| - name: Smoke test JabSrv-CLI | |
| shell: bash | |
| run: | | |
| ./gradlew :jabsrv-cli:run --args="--help" | |
| - name: Build JabKit | |
| shell: bash | |
| run: ./gradlew -i -PprojVersion="${{ steps.gitversion.outputs.AssemblySemVer }}" -PprojVersionInfo="${{ steps.gitversion.outputs.InformationalVersion }}" :jabkit:jpackage | |
| - name: Smoke test JabKit | |
| shell: bash | |
| run: | | |
| ./gradlew :jabkit:run --args="--help" | |
| - name: Package JabKit application image | |
| shell: bash | |
| run: | | |
| set -e | |
| ${{ matrix.archivePortableJabKit }} | |
| - name: Build JabLS-CLI | |
| shell: bash | |
| run: ./gradlew -i -PprojVersion="${{ steps.gitversion.outputs.AssemblySemVer }}" -PprojVersionInfo="${{ steps.gitversion.outputs.InformationalVersion }}" :jabls-cli:jpackage | |
| - name: Smoke test JabLs-CLI | |
| shell: bash | |
| run: | | |
| ./gradlew :jabls-cli:run --args="--help" | |
| - name: Package JabLS-CLI application image | |
| shell: bash | |
| run: | | |
| set -e | |
| ${{ matrix.archivePortableJabLS }} | |
| # region Upload to builds.jabref.org / GitHub artifacts store | |
| - name: Setup SSH key | |
| if: ${{ needs.disk-space-check.outputs.available == 'true' }} | |
| run: | | |
| echo "${{ secrets.buildJabRefPrivateKey }}" > sshkey | |
| chmod 600 sshkey | |
| - name: Setup rsync (macOS) | |
| if: ${{ (needs.disk-space-check.outputs.available == 'true') && (startsWith(matrix.os, 'macos') && (needs.conditions.outputs.upload-to-builds-jabref-org == 'true')) }} | |
| run: brew install rsync | |
| - name: Setup rsync (Windows) | |
| if: ${{ (needs.disk-space-check.outputs.available == 'true') && (matrix.os == 'windows-latest') }} | |
| # We want to have rsync available at this place to avoid uploading and downloading from GitHub artifact store (taking > 5 minutes in total) | |
| # We cannot use "action-rsyncer", because that requires Docker which is unavailable on Windows | |
| # We cannot use "setup-rsync", because that does not work on Windows | |
| # We do not use egor-tensin/setup-cygwin@v4, because it replaces the default shell | |
| # We need to use v6.4.4 as v6.4.5 misses "lib\rsync\tools\bin\ssh.exe" | |
| run: choco install rsync --version=6.4.4 | |
| - name: Upload jabgui to builds.jabref.org (Windows) | |
| if: ${{ (needs.disk-space-check.outputs.available == 'true') && (matrix.os == 'windows-latest') }} | |
| shell: cmd | |
| # for rsync installed by chocolatey, we need the ssh.exe delivered with that installation | |
| run: | | |
| rsync -rt --chmod=Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r --itemize-changes --stats --rsync-path="mkdir -p /var/www/builds.jabref.org/www/${{ steps.gitversion.outputs.branchName }} && rsync" -e 'C:\ProgramData\chocolatey\lib\rsync\tools\bin\ssh.exe -p 9922 -i sshkey -o StrictHostKeyChecking=no' jabgui/build/packages/${{ matrix.os }}/ [email protected]:/var/www/builds.jabref.org/www/${{ steps.gitversion.outputs.branchName }}/ || true | |
| - name: Upload jabkkit to builds.jabref.org (Windows) | |
| if: ${{ (needs.disk-space-check.outputs.available == 'true') && (matrix.os == 'windows-latest') }} | |
| shell: cmd | |
| run: | | |
| rsync -rt --chmod=Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r --itemize-changes --stats --rsync-path="mkdir -p /var/www/builds.jabref.org/www/${{ steps.gitversion.outputs.branchName }} && rsync" -e 'C:\ProgramData\chocolatey\lib\rsync\tools\bin\ssh.exe -p 9922 -i sshkey -o StrictHostKeyChecking=no' jabkit/build/packages/${{ matrix.os }}/ [email protected]:/var/www/builds.jabref.org/www/${{ steps.gitversion.outputs.branchName }}/ || true | |
| - name: Upload jabls-cli to builds.jabref.org (Windows) | |
| if: ${{ (needs.disk-space-check.outputs.available == 'true') && (matrix.os == 'windows-latest') }} | |
| shell: cmd | |
| run: | | |
| rsync -rt --chmod=Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r --itemize-changes --stats --rsync-path="mkdir -p /var/www/builds.jabref.org/www/${{ steps.gitversion.outputs.branchName }} && rsync" -e 'C:\ProgramData\chocolatey\lib\rsync\tools\bin\ssh.exe -p 9922 -i sshkey -o StrictHostKeyChecking=no' jabls-cli/build/packages/${{ matrix.os }}/ [email protected]:/var/www/builds.jabref.org/www/${{ steps.gitversion.outputs.branchName }}/ || true | |
| - name: Upload jabgui to builds.jabref.org (linux, macOS) | |
| if: ${{ (needs.disk-space-check.outputs.available == 'true') && ((startsWith(matrix.os, 'macos') && (needs.conditions.outputs.should-notarize != 'true')) || startsWith(matrix.os, 'ubuntu')) }} | |
| shell: bash | |
| run: | | |
| rsync -rt --chmod=Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r --itemize-changes --stats --rsync-path="mkdir -p /var/www/builds.jabref.org/www/${{ steps.gitversion.outputs.branchName }} && rsync" -e 'ssh -p 9922 -i sshkey -o StrictHostKeyChecking=no' jabgui/build/packages/${{ matrix.os }}/ [email protected]:/var/www/builds.jabref.org/www/${{ steps.gitversion.outputs.branchName }}/ || true | |
| - name: Upload jabkit to builds.jabref.org (linux, macOS) | |
| if: ${{ (needs.disk-space-check.outputs.available == 'true') && (startsWith(matrix.os, 'macos') || startsWith(matrix.os, 'ubuntu')) }} | |
| shell: bash | |
| run: | | |
| rsync -rt --chmod=Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r --itemize-changes --stats --rsync-path="mkdir -p /var/www/builds.jabref.org/www/${{ steps.gitversion.outputs.branchName }} && rsync" -e 'ssh -p 9922 -i sshkey -o StrictHostKeyChecking=no' jabkit/build/packages/${{ matrix.os }}/ [email protected]:/var/www/builds.jabref.org/www/${{ steps.gitversion.outputs.branchName }}/ || true | |
| - name: Upload jabls-cli to builds.jabref.org (linux, macOS) | |
| if: ${{ (needs.disk-space-check.outputs.available == 'true') && (startsWith(matrix.os, 'macos') || startsWith(matrix.os, 'ubuntu')) }} | |
| shell: bash | |
| run: | | |
| rsync -rt --chmod=Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r --itemize-changes --stats --rsync-path="mkdir -p /var/www/builds.jabref.org/www/${{ steps.gitversion.outputs.branchName }} && rsync" -e 'ssh -p 9922 -i sshkey -o StrictHostKeyChecking=no' jabls-cli/build/packages/${{ matrix.os }}/ [email protected]:/var/www/builds.jabref.org/www/${{ steps.gitversion.outputs.branchName }}/ || true | |
| - name: Upload to GitHub workflow artifacts store (macOS) | |
| if: ${{ (startsWith(matrix.os, 'macos')) && (needs.conditions.outputs.should-notarize == 'true') }} | |
| uses: actions/upload-artifact@v5 | |
| with: | |
| # tbn = to-be-notarized | |
| name: JabRef-${{ matrix.os }}-tbn | |
| path: | | |
| jabgui/build/packages/${{ matrix.os }} | |
| jabkit/build/packages/${{ matrix.os }} | |
| compression-level: 0 # no compression | |
| # endregion | |
| comment-on-pr: | |
| name: Comment on PR | |
| # separate job, because it should wait until all binaries are available | |
| needs: [conditions, build] | |
| if: ${{ (github.event_name == 'pull_request') && (needs.conditions.outputs.upload-to-builds-jabref-org == 'true') }} | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Comment PR | |
| uses: thollander/actions-comment-pull-request@v3 | |
| with: | |
| message: | | |
| The build of this PR is available at <https://builds.jabref.org/pull/${{ github.event.pull_request.number }}/merge>. | |
| comment-tag: download-link | |
| mode: recreate | |
| comment-on-issue: | |
| name: Comment on issue | |
| # separate job, because it should wait until all binaries are available | |
| needs: [conditions, build] | |
| if: ${{ (github.event_name == 'pull_request') && (needs.conditions.outputs.upload-to-builds-jabref-org == 'true') }} | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: echo PR data | |
| env: | |
| PR_NUMBER: ${{ github.event.pull_request.number }} | |
| PR_URL: ${{ github.event.pull_request.html_url }} | |
| PR_BODY: ${{ github.event.pull_request.body }} | |
| run: | | |
| echo "PR Number: $PR_NUMBER" | |
| echo "PR URL: $PR_URL" | |
| cat <<EOF | |
| PR Body: | |
| $PR_BODY | |
| EOF | |
| - name: Determine issue number | |
| id: get_issue_number | |
| uses: koppor/ticket-check-action@add-output | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| ticketLink: 'https://github.com/JabRef/jabref/issues/%ticketNumber%' | |
| ticketPrefix: '#' | |
| titleRegex: '^#(?<ticketNumber>\d+)' | |
| branchRegex: '^(?<ticketNumber>\d+)' | |
| # Matches GitHub's closes/fixes/resolves #{number}, but does not match our example `Closes #13109` in PULL_REQUEST_TEMPLATE | |
| bodyRegex: '(?<action>fixes|closes|resolves)\s+(?:https?:\/\/github\.com\/JabRef\/jabref\/issues\/)?#?(?<ticketNumber>(?!13109\b)\d+)' | |
| bodyRegexFlags: 'i' | |
| outputOnly: true | |
| - name: Comment on issue | |
| if: ${{ steps.get_issue_number.outputs.ticketNumber != '-1' }} | |
| uses: thollander/actions-comment-pull-request@v3 | |
| with: | |
| pr-number: ${{ steps.get_issue_number.outputs.ticketNumber }} | |
| message: > | |
| A pull request addressing the issue has been created. | |
| The build of this PR is available at <https://builds.jabref.org/pull/${{ github.event.pull_request.number }}/merge>. | |
| For any feedback, add a comment to the pull request at ${{ github.event.pull_request.html_url }}. | |
| comment-tag: download-link | |
| mode: recreate | |
| notarize: | |
| # Outsourced in a separate job to be able to rerun if this fails for timeouts | |
| name: macOS notarization | |
| needs: [conditions, build] | |
| if: ${{ needs.conditions.outputs.should-notarize == 'true' }} | |
| strategy: | |
| # Ensure that calls to Apple are sequentially made | |
| max-parallel: 1 | |
| matrix: | |
| include: | |
| - os: macos-15 | |
| displayName: macOS (ARM64) | |
| runs-on: ${{ matrix.os }} | |
| steps: | |
| - name: Download from GitHub workflow artifacts store (macOS) | |
| uses: actions/download-artifact@v6 | |
| with: | |
| name: JabRef-${{ matrix.os }}-tbn | |
| - name: Notarize dmg | |
| shell: bash | |
| run: | | |
| cd jabgui | |
| find . -type f | |
| xcrun notarytool store-credentials "notarytool-profile" --apple-id "[email protected]" --team-id "6792V39SK3" --password "${{ secrets.OSX_NOTARIZATION_APP_PWD }}" | |
| xcrun notarytool submit build/packages/${{ matrix.os }}/JabRef-${{ needs.build.outputs.major }}.${{ needs.build.outputs.minor }}${{ matrix.suffix}}.dmg --keychain-profile "notarytool-profile" --wait | |
| xcrun stapler staple build/packages/${{ matrix.os }}/JabRef-${{ needs.build.outputs.major }}.${{ needs.build.outputs.minor }}${{ matrix.suffix}}.dmg | |
| - name: Notarize pkg | |
| shell: bash | |
| run: | | |
| cd jabgui | |
| xcrun notarytool store-credentials "notarytool-profile" --apple-id "[email protected]" --team-id "6792V39SK3" --password "${{ secrets.OSX_NOTARIZATION_APP_PWD }}" | |
| xcrun notarytool submit build/packages/${{ matrix.os }}/JabRef-${{ needs.build.outputs.major }}.${{ needs.build.outputs.minor }}${{ matrix.suffix}}.pkg --keychain-profile "notarytool-profile" --wait | |
| xcrun stapler staple build/packages/${{ matrix.os }}/JabRef-${{ needs.build.outputs.major }}.${{ needs.build.outputs.minor }}${{ matrix.suffix}}.pkg | |
| - name: Upload to builds.jabref.org | |
| shell: bash | |
| run: | | |
| echo "${{ secrets.buildJabRefPrivateKey }}" > sshkey | |
| chmod 600 sshkey | |
| rsync -rt --chmod=Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r --itemize-changes --stats --rsync-path="mkdir -p /var/www/builds.jabref.org/www/${{ needs.build.outputs.branchname }} && rsync" -e 'ssh -p 9922 -i sshkey -o StrictHostKeyChecking=no' jabgui/build/packages/${{ matrix.os }}/ [email protected]:/var/www/builds.jabref.org/www/${{ needs.build.outputs.branchname }}/ |