Skip to content

Commit

Permalink
Merge branch 'main' into fix-for-issue-10509
Browse files Browse the repository at this point in the history
  • Loading branch information
koppor authored Feb 6, 2024
2 parents f62fa7e + 7001cb3 commit 9c9760c
Show file tree
Hide file tree
Showing 285 changed files with 2,550 additions and 1,547 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/add-greeting-to-issue.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ jobs:
issues: write
steps:
- name: GreetingFirstTimeCodeContribution
uses: peter-evans/create-or-update-comment@v3
uses: peter-evans/create-or-update-comment@v4
with:
issue-number: ${{ github.event.issue.number || github.event.pull_request.number }}
body: |
Expand Down
3 changes: 2 additions & 1 deletion .github/workflows/automerge.yml
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,8 @@ jobs:
(
startsWith(github.event.pull_request.title, '[Bot] ') ||
startsWith(github.event.pull_request.title, 'Bump ') ||
startsWith(github.event.pull_request.title, 'New Crowdin updates')
startsWith(github.event.pull_request.title, 'New Crowdin updates') ||
startsWith(github.event.pull_request.title, 'Update Gradle Wrapper from')
)
)
steps:
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/check-links.yml
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ jobs:
restore-keys: cache-lychee-
- name: Link Checker
id: lychee
uses: lycheeverse/[email protected].1
uses: lycheeverse/[email protected].3
with:
fail: true
args: --accept '200,201,202,203,204,429,500' --max-concurrency 1 --cache --no-progress --exclude-all-private './**/*.md'
2 changes: 1 addition & 1 deletion .github/workflows/cleanup-pr.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Cancel deployment run
uses: styfle/[email protected].0
uses: styfle/[email protected].1
with:
ignore_sha: true
workflow_id: 9813 # workflow "Deployment"
Expand Down
138 changes: 102 additions & 36 deletions .github/workflows/deployment-arm64.yml
Original file line number Diff line number Diff line change
@@ -1,16 +1,23 @@
name: Deployment Release for ARM64 - Run manually!

name: Deployment for Arm64
on:
push:
branches:
- main
- main-release
paths-ignore:
- 'docs/**'
- 'src/test/**'
- 'README.md'
tags:
- '*'
pull_request:
merge_group:
workflow_dispatch:
inputs:
notarization:
type: boolean
required: true
default: true
push:
branches:
- arm64mac-release
- updateArm64Notarization
required: false
default: false

env:
SpringerNatureAPIKey: ${{ secrets.SpringerNatureAPIKey }}
Expand All @@ -30,19 +37,26 @@ jobs:
strategy:
fail-fast: false
matrix:
os: [self-hosted]
include:
- os: self-hosted
- os: macos-14
displayName: macOS (Arm64)
suffix: '_arm64'
runs-on: ${{ matrix.os }}
outputs:
major: ${{ steps.gitversion.outputs.Major }}
minor: ${{ steps.gitversion.outputs.Minor }}
branchname: ${{ steps.gitversion.outputs.branchName }}
name: Create installer and portable version for ${{ matrix.displayName }}
steps:
- name: Check secrets presence
id: checksecrets
shell: bash
run: |
[ -n "$BUILDJABREFPRIVATEKEY" ] || exit 1
if [ "$BUILDJABREFPRIVATEKEY" == "" ]; then
echo "secretspresent=NO" >> $GITHUB_OUTPUT
else
echo "secretspresent=YES" >> $GITHUB_OUTPUT
fi
env:
BUILDJABREFPRIVATEKEY: ${{ secrets.buildJabRefPrivateKey }}
- name: Fetch all history for all tags and branches
Expand All @@ -61,34 +75,32 @@ jobs:
- name: Setup JDK
uses: actions/setup-java@v4
with:
java-version: 21.0.1
java-version: 21.0.2
distribution: 'liberica'
- name: Clean up keychain
run: |
security delete-keychain signing_temp.keychain ${{runner.temp}}/keychain/notarization.keychain || true
- name: Setup OSX key chain on macOS
- name: Setup OSX key chain on macOS-arm
if: (steps.checksecrets.outputs.secretspresent == 'YES')
uses: apple-actions/import-codesign-certs@v2
with:
p12-file-base64: ${{ secrets.OSX_SIGNING_CERT }}
p12-password: ${{ secrets.OSX_CERT_PWD }}
keychain-password: jabref
- name: Setup OSX key chain on OSX for app id cert
if: (steps.checksecrets.outputs.secretspresent == 'YES')
uses: apple-actions/import-codesign-certs@v2
with:
p12-file-base64: ${{ secrets.OSX_SIGNING_CERT_APPLICATION }}
p12-password: ${{ secrets.OSX_CERT_PWD }}
create-keychain: false
keychain-password: jabref
- name: Create notarization keychain
run: |
mkdir ${{runner.temp}}/keychain
security create-keychain -p jabref ${{runner.temp}}/keychain/notarization.keychain
security set-keychain-settings ${{runner.temp}}/keychain/notarization.keychain
- name: Setup Gradle
uses: gradle/gradle-build-action@v2
uses: gradle/gradle-build-action@v3
- name: Prepare merged jars and modules dir (macOS)
run: ./gradlew -i -PprojVersion="${{ steps.gitversion.outputs.AssemblySemVer }}" -PprojVersionInfo="${{ steps.gitversion.outputs.InformationalVersion }}" prepareModulesDir
- name: Build dmg (macOS)
if: (steps.checksecrets.outputs.secretspresent == 'YES')
shell: bash
run: |
jpackage \
Expand All @@ -113,6 +125,7 @@ jobs:
--file-associations buildres/mac/bibtexAssociations.properties \
--jlink-options --bind-services
- name: Build pkg (macOS)
if: (steps.checksecrets.outputs.secretspresent == 'YES')
shell: bash
run: |
jpackage \
Expand All @@ -137,32 +150,85 @@ jobs:
--file-associations buildres/mac/bibtexAssociations.properties \
--jlink-options --bind-services
- name: Rename files with arm64 suffix as well
if: (steps.checksecrets.outputs.secretspresent == 'YES')
shell: bash
run: |
mv build/distribution/JabRef-${{ steps.gitversion.outputs.Major }}.${{ steps.gitversion.outputs.Minor }}.dmg build/distribution/JabRef-${{ steps.gitversion.outputs.Major }}.${{ steps.gitversion.outputs.Minor }}-arm64.dmg
mv build/distribution/JabRef-${{ steps.gitversion.outputs.Major }}.${{ steps.gitversion.outputs.Minor }}.pkg build/distribution/JabRef-${{ steps.gitversion.outputs.Major }}.${{ steps.gitversion.outputs.Minor }}-arm64.pkg
- name: Setup rsync (macOS)
if: ${{ (!startsWith(github.ref, 'refs/heads/gh-readonly-queue')) && (steps.checksecrets.outputs.secretspresent == 'YES') && ((matrix.os == 'macos-14') && !((startsWith(github.ref, 'refs/tags/') || inputs.notarization == true))) }}
run: brew install rsync
- name: Setup SSH key
if: ${{ (steps.checksecrets.outputs.secretspresent == 'YES') && (!startsWith(github.ref, 'refs/heads/gh-readonly-queue')) && ((matrix.os != 'macos-14') || !((startsWith(github.ref, 'refs/tags/') || (inputs.notarization == true)))) }}
run: |
echo "${{ secrets.buildJabRefPrivateKey }}" > sshkey
chmod 600 sshkey
- name: Upload to builds.jabref.org (linux, macOS)
# macOS: Negated condition of "Upload to GitHub workflow artifacts store (macOS)"
# Reason: We either upload the non-notarized files - or notarize the files later (and upload these later)
# needs to be on one line; multi line does not work
if: ${{ (!startsWith(github.ref, 'refs/heads/gh-readonly-queue')) && (steps.checksecrets.outputs.secretspresent == 'YES') && ((matrix.os == 'ubuntu-latest') || ((matrix.os == 'macos-14') && !((startsWith(github.ref, 'refs/tags/') || inputs.notarization == true)))) }}
shell: bash
run: |
rsync -rt --chmod=Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r --itemize-changes --stats --rsync-path="mkdir -p /var/www/builds.jabref.org/www/${{ steps.gitversion.outputs.branchName }} && rsync" -e 'ssh -p 9922 -i sshkey -o StrictHostKeyChecking=no' build/distribution/ [email protected]:/var/www/builds.jabref.org/www/${{ steps.gitversion.outputs.branchName }}/
- name: Upload to GitHub workflow artifacts store (macOS)
if: (matrix.os == 'macos-14') && (steps.checksecrets.outputs.secretspresent == 'YES') && (startsWith(github.ref, 'refs/tags/') || inputs.notarization == true)
uses: actions/upload-artifact@v4
with:
# tbn = to-be-notarized
name: JabRef-macOS-arm-tbn
path: build/distribution
compression-level: 0 # no compression
- name: Upload to GitHub workflow artifacts store
if: (steps.checksecrets.outputs.secretspresent != 'YES')
uses: actions/upload-artifact@v4
with:
# tbn = to-be-notarized
name: JabRef-${{ matrix.os }}
path: build/distribution
compression-level: 0 # no compression

notarize: # outsourced in a separate job to be able to rerun if this fails for timeouts
name: macOS notarization-arm
runs-on: macos-14
needs: [build]
if: ${{ startsWith(github.ref, 'refs/tags/') || inputs.notarization == true }}
steps:
- name: Check secrets presence
id: checksecrets
shell: bash
run: |
if [ "$BUILDJABREFPRIVATEKEY" == "" ]; then
echo "secretspresent=NO" >> $GITHUB_OUTPUT
else
echo "secretspresent=YES" >> $GITHUB_OUTPUT
fi
env:
BUILDJABREFPRIVATEKEY: ${{ secrets.buildJabRefPrivateKey }}
- name: Download from GitHub workflow artifacts store (macOS)
if: (steps.checksecrets.outputs.secretspresent == 'YES')
uses: actions/download-artifact@master
with:
name: JabRef-macOS-arm-tbn
path: build/distribution/
- name: Notarize dmg
if: (startsWith(github.ref, 'refs/tags/') || (${{ inputs.notarization }}))
if: (steps.checksecrets.outputs.secretspresent == 'YES')
shell: bash
run: |
xcrun notarytool store-credentials "notarytool-profile" --apple-id "[email protected]" --team-id "6792V39SK3" --password "${{ secrets.OSX_NOTARIZATION_APP_PWD }}" --keychain ${{runner.temp}}/keychain/notarization.keychain
xcrun notarytool submit build/distribution/JabRef-${{ steps.gitversion.outputs.Major }}.${{ steps.gitversion.outputs.Minor }}-arm64.dmg --keychain-profile "notarytool-profile" --keychain ${{runner.temp}}/keychain/notarization.keychain --wait
xcrun stapler staple build/distribution/JabRef-${{ steps.gitversion.outputs.Major }}.${{ steps.gitversion.outputs.Minor }}-arm64.dmg
xcrun notarytool store-credentials "notarytool-profile" --apple-id "[email protected]" --team-id "6792V39SK3" --password "${{ secrets.OSX_NOTARIZATION_APP_PWD }}"
xcrun notarytool submit build/distribution/JabRef-${{ needs.build.outputs.major }}.${{ needs.build.outputs.minor }}-arm64.dmg --keychain-profile "notarytool-profile" --wait
xcrun stapler staple build/distribution/JabRef-${{ needs.build.outputs.major }}.${{ needs.build.outputs.minor }}-arm64.dmg
- name: Notarize pkg
if: (startsWith(github.ref, 'refs/tags/') || (${{ inputs.notarization }}))
if: (steps.checksecrets.outputs.secretspresent == 'YES')
shell: bash
run: |
xcrun notarytool store-credentials "notarytool-profile" --apple-id "[email protected]" --team-id "6792V39SK3" --password "${{ secrets.OSX_NOTARIZATION_APP_PWD }}" --keychain ${{runner.temp}}/keychain/notarization.keychain
xcrun notarytool submit build/distribution/JabRef-${{ steps.gitversion.outputs.Major }}.${{ steps.gitversion.outputs.Minor }}-arm64.pkg --keychain-profile "notarytool-profile" --keychain ${{runner.temp}}/keychain/notarization.keychain --wait
xcrun stapler staple build/distribution/JabRef-${{ steps.gitversion.outputs.Major }}.${{ steps.gitversion.outputs.Minor }}-arm64.pkg
- name: Upload with rsync
if: ${{ !startsWith(github.ref, 'refs/heads/gh-readonly-queue') }}
xcrun notarytool store-credentials "notarytool-profile" --apple-id "[email protected]" --team-id "6792V39SK3" --password "${{ secrets.OSX_NOTARIZATION_APP_PWD }}"
xcrun notarytool submit build/distribution/JabRef-${{ needs.build.outputs.major }}.${{ needs.build.outputs.minor }}-arm64.pkg --keychain-profile "notarytool-profile" --wait
xcrun stapler staple build/distribution/JabRef-${{ needs.build.outputs.major }}.${{ needs.build.outputs.minor }}-arm64.pkg
- name: Upload to builds.jabref.org
if: (steps.checksecrets.outputs.secretspresent == 'YES')
shell: bash
run: |
rsync -Pavz --itemize-changes --stats --partial-dir=/tmp/partial --rsync-path="mkdir -p /var/www/builds.jabref.org/www/${{ steps.gitversion.outputs.branchName }} && rsync" -e 'ssh -p 9922 -i ~/.ssh/id_rsa' build/distribution/ [email protected]:/var/www/builds.jabref.org/www/${{ steps.gitversion.outputs.branchName }}/
- name: Upload to GitHub workflow artifacts store
if: ${{ !startsWith(github.ref, 'refs/heads/gh-readonly-queue') }}
uses: actions/upload-artifact@v4
with:
name: JabRef-${{ matrix.displayName }}
path: build/distribution
echo "${{ secrets.buildJabRefPrivateKey }}" > sshkey
chmod 600 sshkey
rsync -rt --chmod=Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r --itemize-changes --stats --rsync-path="mkdir -p /var/www/builds.jabref.org/www/${{ needs.build.outputs.branchname }} && rsync" -e 'ssh -p 9922 -i sshkey -o StrictHostKeyChecking=no' build/distribution/ [email protected]:/var/www/builds.jabref.org/www/${{ needs.build.outputs.branchname }}/
6 changes: 4 additions & 2 deletions .github/workflows/deployment.yml
Original file line number Diff line number Diff line change
Expand Up @@ -92,10 +92,10 @@ jobs:
- name: Setup JDK
uses: actions/setup-java@v4
with:
java-version: 21.0.1
java-version: 21.0.2
distribution: 'liberica'
- name: Setup Gradle
uses: gradle/gradle-build-action@v2
uses: gradle/gradle-build-action@v3
- name: Prepare merged jars and modules dir (macOS)
if: (matrix.os == 'macos-latest') || (steps.checksecrets.outputs.secretspresent == 'NO')
run: ./gradlew -i -PprojVersion="${{ steps.gitversion.outputs.AssemblySemVer }}" -PprojVersionInfo="${{ steps.gitversion.outputs.InformationalVersion }}" prepareModulesDir
Expand Down Expand Up @@ -225,13 +225,15 @@ jobs:
# tbn = to-be-notarized
name: JabRef-macOS-tbn
path: build/distribution
compression-level: 0 # no compression
- name: Upload to GitHub workflow artifacts store
if: (steps.checksecrets.outputs.secretspresent != 'YES')
uses: actions/upload-artifact@v4
with:
# tbn = to-be-notarized
name: JabRef-${{ matrix.os }}
path: build/distribution
compression-level: 0 # no compression
announce:
name: Comment on pull request
runs-on: ubuntu-latest
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/refresh-csl-subtrees.yml
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ jobs:
git add -f src/main/resources/csl-styles
git add -f src/main/resources/csl-locales
git diff-index --quiet HEAD || git commit -m 'Update CSL styles'
- uses: peter-evans/create-pull-request@v5
- uses: peter-evans/create-pull-request@v6
with:
token: ${{ secrets.GH_TOKEN_UPDATE_GRADLE_WRAPPER }}
branch: refresh-csl
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/refresh-journal-lists.yml
Original file line number Diff line number Diff line change
Expand Up @@ -30,18 +30,18 @@ jobs:
- name: Set up JDK
uses: actions/setup-java@v4
with:
java-version: 21.0.1
java-version: 21.0.2
distribution: 'liberica'
- name: Setup Gradle
uses: gradle/gradle-build-action@v2
uses: gradle/gradle-build-action@v3
- name: Check whether journal-list.mv can be generated (the "real" generation is done inside JabRef's build process)
run: |
./gradlew generateJournalListMV
- name: Persist changes
run: |
git add -f buildres/abbrv.jabref.org
git diff-index --quiet HEAD || git commit -m 'Update journal abbreviation lists'
- uses: peter-evans/create-pull-request@v5
- uses: peter-evans/create-pull-request@v6
with:
token: ${{ secrets.GH_TOKEN_UPDATE_GRADLE_WRAPPER }}
branch: update-journal-lists
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/tests-fetchers.yml
Original file line number Diff line number Diff line change
Expand Up @@ -48,10 +48,10 @@ jobs:
- name: Set up JDK
uses: actions/setup-java@v4
with:
java-version: 21.0.1
java-version: 21.0.2
distribution: 'liberica'
- name: Setup Gradle
uses: gradle/gradle-build-action@v2
uses: gradle/gradle-build-action@v3
- name: Run fetcher tests
run: ./gradlew fetcherTest
env:
Expand Down
Loading

0 comments on commit 9c9760c

Please sign in to comment.