test release of updater #76
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Create Release (multi-platform) | |
| on: | |
| push: | |
| tags: | |
| - 'v*' # e.g. v1.7.0 | |
| jobs: | |
| build: | |
| name: Build ${{ matrix.os }} | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - os: windows-latest | |
| py: '3.12.10' | |
| sep: ';' | |
| icon_arg: '--icon src/assets/logo-icon.ico --windowed' | |
| asset_name: telemetry-windows.zip | |
| - os: macos-latest | |
| py: '3.12.10' | |
| sep: ':' | |
| icon_arg: '--windowed' # add --icon src/assets/app.icns if you have one | |
| asset_name: telemetry-macos.zip | |
| - os: ubuntu-latest | |
| py: '3.12.10' | |
| sep: ':' | |
| icon_arg: '' | |
| asset_name: telemetry-linux.zip | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ matrix.py }} | |
| - name: Install deps | |
| shell: bash | |
| run: | | |
| python -m pip install --upgrade pip | |
| if [ -f requirements.txt ]; then pip install -r requirements.txt; else pip install -r requirement.txt; fi | |
| pip install pyinstaller==6.16.0 tufup | |
| - name: Build (PyInstaller --onedir) | |
| shell: bash | |
| run: | | |
| set -euo pipefail | |
| COLLECT_FLAGS=( | |
| --collect-binaries sklearn | |
| --collect-binaries scipy | |
| --collect-binaries numpy | |
| --copy-metadata scikit-learn | |
| --copy-metadata scipy | |
| --copy-metadata numpy | |
| --exclude-module sklearn.externals.array_api_compat.torch | |
| --exclude-module pyqtgraph.opengl | |
| ) | |
| pyinstaller src/main_app.py \ | |
| --name telemetry \ | |
| --noconfirm \ | |
| --onedir --noupx \ | |
| --distpath dist \ | |
| ${{ matrix.icon_arg }} \ | |
| --additional-hooks-dir src/hooks \ | |
| --hidden-import pyqtgraph \ | |
| --add-data "src/gui_files${{ matrix.sep }}gui_files/" \ | |
| --add-data "src/learning_datasets${{ matrix.sep }}learning_datasets/" \ | |
| --add-data "src/updater${{ matrix.sep }}updater/" \ | |
| --add-data "src/updater/metadata${{ matrix.sep }}updater/metadata/" \ | |
| --add-data "src/__init__.py${{ matrix.sep }}." \ | |
| --add-data "src/buffer_data.py${{ matrix.sep }}." \ | |
| --add-data "src/central_logger.py${{ matrix.sep }}." \ | |
| --add-data "src/csv_handler.py${{ matrix.sep }}." \ | |
| --add-data "src/data_display.py${{ matrix.sep }}." \ | |
| --add-data "src/data_processor.py${{ matrix.sep }}." \ | |
| --add-data "src/extra_calculations.py${{ matrix.sep }}." \ | |
| --add-data "src/key_name_definitions.py${{ matrix.sep }}." \ | |
| --add-data "src/serial_reader.py${{ matrix.sep }}." \ | |
| --add-data "src/telemetry_application.py${{ matrix.sep }}." \ | |
| --add-data "src/unit_conversion.py${{ matrix.sep }}." \ | |
| --add-data "src/Version.py${{ matrix.sep }}." \ | |
| "${COLLECT_FLAGS[@]}" | |
| - name: Package (zip the onedir folder) | |
| shell: bash | |
| run: | | |
| set -euo pipefail | |
| mkdir -p out | |
| # dist/telemetry is a folder on all OSes with --onedir | |
| if [ "${{ matrix.os }}" = "windows-latest" ]; then | |
| 7z a -tzip "out/${{ matrix.asset_name }}" "./dist/telemetry/*" | |
| else | |
| (cd dist && zip -r "../out/${{ matrix.asset_name }}" telemetry) | |
| fi | |
| - name: Upload artifact (zipped app) | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: built-${{ matrix.os }} | |
| path: out/* | |
| if-no-files-found: error | |
| tuf_release: | |
| name: Sign & Release (TUF + assets) | |
| runs-on: ubuntu-latest | |
| needs: [build] | |
| steps: | |
| - name: Checkout (keys, scripts) | |
| uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.12.10' | |
| - name: Install tufup | |
| run: pip install tufup | |
| - name: Download artifacts | |
| uses: actions/download-artifact@v4 | |
| with: | |
| path: artifacts | |
| merge-multiple: true | |
| - name: Verify expected files | |
| shell: bash | |
| run: | | |
| set -euo pipefail | |
| ls -la artifacts | |
| test -f artifacts/telemetry-windows.zip | |
| test -f artifacts/telemetry-macos.zip | |
| test -f artifacts/telemetry-linux.zip | |
| - name: Write signing keys (secrets or fallback) | |
| env: | |
| TUF_KEY_TARGETS_JSON_B64: ${{ secrets.TUF_KEY_TARGETS_JSON_B64 }} | |
| TUF_KEY_SNAPSHOT_JSON_B64: ${{ secrets.TUF_KEY_SNAPSHOT_JSON_B64 }} | |
| TUF_KEY_TIMESTAMP_JSON_B64: ${{ secrets.TUF_KEY_TIMESTAMP_JSON_B64 }} | |
| TUF_KEY_TARGETS_JSON: ${{ secrets.TUF_KEY_TARGETS_JSON }} | |
| TUF_KEY_SNAPSHOT_JSON: ${{ secrets.TUF_KEY_SNAPSHOT_JSON }} | |
| TUF_KEY_TIMESTAMP_JSON: ${{ secrets.TUF_KEY_TIMESTAMP_JSON }} | |
| run: | | |
| set -euo pipefail | |
| python scripts/prepare_keys.py --from-dir scripts/exported_keys --keys-dir src/updater/keys | |
| - name: Validate key JSON | |
| shell: bash | |
| run: | | |
| set -euo pipefail | |
| python scripts/validate_keys_json.py \ | |
| src/updater/keys/targets \ | |
| src/updater/keys/snapshot \ | |
| src/updater/keys/timestamp | |
| - name: Stage TUF targets | |
| shell: bash | |
| run: | | |
| set -euo pipefail | |
| mkdir -p release/targets | |
| cp artifacts/telemetry-*.zip release/targets/ | |
| - name: Build TUF repo | |
| shell: bash | |
| env: | |
| TAG: ${{ github.ref_name }} # e.g., v1.7.0 | |
| run: | | |
| set -euo pipefail | |
| python scripts/build_tuf_repo.py | |
| - name: Show release payload | |
| shell: bash | |
| run: | | |
| echo "::group::Metadata"; ls -la release/metadata; echo "::endgroup::" | |
| echo "::group::Targets"; ls -la release/targets; echo "::endgroup::" | |
| - name: Create GitHub Release | |
| uses: softprops/action-gh-release@v2 | |
| with: | |
| files: | | |
| release/metadata/root.json | |
| release/metadata/targets.json | |
| release/metadata/snapshot.json | |
| release/metadata/timestamp.json | |
| release/targets/* | |
| make_latest: true | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |