Skip to content

Create PRIVACY.md #3746

Create PRIVACY.md

Create PRIVACY.md #3746

Workflow file for this run

name: CMake Build Matrix
# Many thanks to Cristian Adam for examples
# e.g. https://github.com/cristianadam/HelloWorld/blob/master/.github/workflows/build_cmake.yml
# https://cristianadam.eu/20191222/using-github-actions-with-c-plus-plus-and-cmake/
on: [push, pull_request, workflow_dispatch]
env:
QT_VERSION: 5.15.2
# this is different from MACOSX_DEPLOYMENT_TARGET to prevent build problems
# we set MACOSX_DEPLOYMENT_TARGET later
MACOS_TARGET: 10.12
FEATURES: -DBUILD_GPL_PLUGINS=ON -DWITH_COORDGEN=OFF -DUSE_VTK=ON -DUSE_3DCONNEXION=ON
CACHE: -DCMAKE_C_COMPILER_LAUNCHER=sccache -DCMAKE_CXX_COMPILER_LAUNCHER=sccache
SCCACHE_GHA_ENABLED: "true"
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
build:
name: ${{ matrix.config.name }}
runs-on: ${{ matrix.config.os }}
strategy:
fail-fast: false
matrix:
config:
- {
name: "Ubuntu GCC", artifact: "Ubuntu-Latest.tar.gz",
os: ubuntu-latest,
cc: "gcc", cxx: "g++",
build_type: "Release",
cmake_flags: "-G Ninja -DENABLE_TESTING=ON -DTEST_QTGL=OFF -USE_SYSTEM_ZLIB=ON",
cpack: "",
}
- {
name: "Ubuntu AppImage", artifact: "Avogadro2.AppImage",
os: ubuntu-22.04,
cc: "gcc", cxx: "g++",
build_type: "Release",
cmake_flags: "-G Ninja -DBUILD_MOLEQUEUE=OFF -DINSTALL_BUNDLE_FILES=ON -USE_SYSTEM_ZLIB=ON",
cpack: "",
}
- {
name: "macOS Clang", artifact: "macOS.dmg",
os: macos-13,
cc: "clang", cxx: "clang++",
build_type: "Release",
cmake_flags: "-G Ninja -DBUILD_MOLEQUEUE=OFF",
cpack_flags: "-G DragNDrop",
}
- {
name: "Windows Latest MSVC", artifact: "Win64.exe",
os: windows-2019,
cc: "cl", cxx: "cl",
build_type: "Release",
cmake_flags: "-DBUILD_MOLEQUEUE=OFF",
build_flags: "-j 2",
cpack_flags: "-G NSIS",
}
- {
name: "Ubuntu Address Sanitizer", artifact: "",
os: ubuntu-20.04,
cc: "gcc", cxx: "g++",
build_type: "asan",
cmake_flags: "-G Ninja -DENABLE_TESTING=ON -DTEST_QTGL=OFF -USE_SYSTEM_ZLIB=ON",
cpack: "",
}
- {
name: "Ubuntu Undefined Behavior Sanitizer", artifact: "",
os: ubuntu-20.04,
cc: "gcc", cxx: "g++",
build_type: "ubsan",
cmake_flags: "-G Ninja -DENABLE_TESTING=ON -DTEST_QTGL=OFF -USE_SYSTEM_ZLIB=ON",
cpack: "",
}
steps:
- name: Install Dependencies (Linux)
if: runner.os == 'Linux'
run: |
sudo add-apt-repository -y universe
sudo apt-get -qq update
sudo apt-get -qq install ninja-build libeigen3-dev libboost-all-dev libglew-dev libxml2-dev
sudo apt-get -qq install qtbase5-dev qtchooser qt5-qmake qtbase5-dev-tools libqt5x11extras5-dev libqt5svg5-dev
sudo apt-get -qq install libgcc-10-dev libgcc-9-dev
sudo apt install libfuse2
- name: Install Dependencies (macOS)
if: runner.os == 'macOS'
run: |
if uname -p | grep -q "arm" ; then
export PATH=/opt/homebrew/bin:$PATH
else # not self-hosted runner
brew install ninja eigen glew
fi
- name: Install Dependencies (Windows)
if: runner.os == 'Windows'
run: choco install ninja
- name: Checkout openchemistry
uses: actions/checkout@v4
with:
repository: openchemistry/openchemistry
submodules: recursive
- name: Checkout molecules
uses: actions/checkout@v4
with:
repository: openchemistry/molecules
path: molecules
- name: Checkout fragments
uses: actions/checkout@v4
with:
repository: openchemistry/fragments
path: fragments
- name: Checkout crystals
uses: actions/checkout@v4
with:
repository: openchemistry/crystals
path: crystals
- name: Checkout i18n
uses: actions/checkout@v4
with:
repository: openchemistry/avogadro-i18n
path: avogadro-i18n
- name: Checkout avogadroapp
uses: actions/checkout@v4
with:
repository: openchemistry/avogadroapp
path: avogadroapp
fetch-depth: 0
- name: Checkout avogadrolibs
uses: actions/checkout@v4
with:
path: avogadrolibs
fetch-depth: 0
- name: Install Qt
uses: jurplel/install-qt-action@v3
with:
aqtversion: '==3.1.*'
cache: true
version: ${{ env.QT_VERSION }}
- name: Configure MSVC Command Prompt
if: runner.os == 'Windows'
uses: ilammy/msvc-dev-cmd@v1
with:
arch: x64
- name: Grab cache files
uses: actions/cache@v4
if: runner.os != 'Windows'
with:
path: |
${{ runner.workspace }}/build/Downloads
key: ${{ matrix.config.name }}-downloads
- name: Run sccache-cache
uses: mozilla-actions/sccache-action@main
- name: Configure
run: |
if [ ! -d "${{ runner.workspace }}/build" ]; then mkdir "${{ runner.workspace }}/build"; fi
cd "${{ runner.workspace }}/build"
# won't have any effect except on Mac
echo "MACOSX_DEPLOYMENT_TARGET=${{ env.MACOS_TARGET }}" >> $GITHUB_ENV
CC=${{matrix.config.cc}} CXX=${{matrix.config.cxx}} cmake $GITHUB_WORKSPACE ${{env.FEATURES}} ${{env.CACHE}} -DCMAKE_BUILD_TYPE=${{matrix.config.build_type}} ${{matrix.config.cmake_flags}}
shell: bash
- name: Build
run: |
CC=${{matrix.config.cc}} CXX=${{matrix.config.cxx}} CMAKE_C_COMPILER_LAUNCHER=sccache CMAKE_CXX_COMPILER_LAUNCHER=sccache cmake --build . --config ${{matrix.config.build_type}} ${{matrix.config.build_flags}}
shell: bash
working-directory: ${{ runner.workspace }}/build
- name: Fix Mac plugins
if: runner.os == 'macOS'
working-directory: ${{ runner.workspace }}/build/prefix/lib/openbabel
run: |
for plugin in *.so; do
for libpath in `otool -L ${plugin} | grep '/Users/runner/work' | awk '{print $1}'`; do
export lib=`echo $libpath | cut -d '/' -f 9`;
echo "Fixing $plugin $lib $libpath"
install_name_tool -change $libpath @executable_path/../Frameworks/$lib $plugin
done
done
cd .. # build/prefix/lib
for plugin in libinchi.?.?.?.dylib libopenbabel.?.?.?.dylib; do
for libpath in `otool -L ${plugin} | grep '/Users/runner/work' | awk '{print $1}'`; do
export lib=`echo $libpath | cut -d '/' -f 9`;
echo "Fixing $plugin $lib $libpath"
install_name_tool -change $libpath @executable_path/../Frameworks/$lib $plugin
done
done
otool -L libinchi.?.?.?.dylib
otool -L libopenbabel.?.?.?.dylib
cp -p libinchi* ../Avogadro2.app/Contents/Frameworks/
cp -p libopenbabel* ../Avogadro2.app/Contents/Frameworks/
# finally, fixup the binaries
cd ../bin
for exe in obabel obmm eht_bind genXrdPattern; do
for libpath in `otool -L ${exe} | grep '/Users/runner/work' | awk '{print $1}'`; do
export lib=`echo $libpath | cut -d '/' -f 9`;
echo "Fixing $exe $lib $libpath"
install_name_tool -change $libpath @executable_path/../Frameworks/$lib $exe
done
done
- name: Run tests
if: matrix.config.os == 'ubuntu-20.04'
shell: cmake -P {0}
run: |
include(ProcessorCount)
ProcessorCount(N)
set(ENV{CTEST_OUTPUT_ON_FAILURE} "ON")
set(ENV{ASAN_OPTIONS} "new_delete_type_mismatch=0")
execute_process(
COMMAND ctest -j ${N}
WORKING_DIRECTORY ${{ runner.workspace }}/build/avogadrolibs
RESULT_VARIABLE result
)
if (NOT result EQUAL 0)
message(FATAL_ERROR "Running tests failed!")
endif()
- name: Install the Apple certificate
# From GitHub docs: https://docs.github.com/en/actions/guides/installing-an-apple-certificate-on-macos-runners-for-xcode-development
if: runner.os == 'macOS'
working-directory: ${{ runner.workspace }}/build
env:
BUILD_CERTIFICATE_BASE64: ${{ secrets.BUILD_CERTIFICATE_BASE64 }}
P12_PASSWORD: ${{ secrets.P12_PASSWORD }}
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
NOTARIZE_USERNAME: ${{ secrets.AC_USERNAME }}
NOTARIZE_PASSWORD: ${{ secrets.AC_PASSWORD }}
CODESIGN_IDENTITY: ${{ secrets.CODESIGN_ID }}
PRODUCT_BUNDLE_IDENTIFIER: cc.avogadro
run: |
# be sure the DMG can be created easily
# https://github.com/actions/runner-images/issues/7522#issuecomment-1556766641
echo killing...; sudo pkill -9 XProtect >/dev/null || true;
echo waiting...; while pgrep XProtect; do sleep 3; done;
# create variables
if [ -n "${P12_PASSWORD}" ]; then
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
# import certificate and provisioning profile from secrets
echo -n "$BUILD_CERTIFICATE_BASE64" | base64 -d -o $CERTIFICATE_PATH
# create temporary keychain if the cert is non-zero
if [ -s $CERTIFICATE_PATH ]; then
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
# import certificate to keychain
security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
security list-keychain -d user -s $KEYCHAIN_PATH
# signing occurs via avogadroapp cpack instructions
fi # certificate exists
fi # password exists
- name: Create Mac and Windows Packages
if: runner.os == 'Windows' || runner.os == 'macOS'
shell: bash
run: |
if [ -z "${P12_PASSWORD}" ]; then
unset CODESIGN_IDENTITY # to prevent cpack failing when trying to sign
fi
if [ -z "${OPENSSL_ROOT_DIR}" ]; then
unset OPENSSL_ROOT_DIR
fi
[[ ! "${GITHUB_REF}" =~ "tags" ]] && export SNAPSHOT_DATE=`date "+%d-%m-%y"`
cpack ${{ matrix.config.cpack_flags }}
working-directory: ${{ runner.workspace }}/build/avogadroapp
continue-on-error: true
env:
P12_PASSWORD: ${{ secrets.P12_PASSWORD }}
CODESIGN_IDENTITY: ${{ secrets.CODESIGN_ID }}
OPENSSL_ROOT_DIR: ${{ matrix.config.ssl_env }}
- name: AppImage
if: matrix.config.os == 'ubuntu-22.04' && matrix.config.build_type == 'Release'
shell: bash
run: |
mkdir appdir
mv prefix appdir/usr
export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:appdir/usr/lib
wget -c -nv "https://github.com/linuxdeploy/linuxdeploy/releases/download/continuous/linuxdeploy-x86_64.AppImage"
wget -c -nv "https://github.com/linuxdeploy/linuxdeploy-plugin-qt/releases/download/continuous/linuxdeploy-plugin-qt-x86_64.AppImage"
wget -c -nv "https://github.com/AppImage/AppImageKit/releases/download/continuous/appimagetool-x86_64.AppImage"
chmod a+x *.AppImage
./linuxdeploy-x86_64.AppImage -d appdir/usr/share/applications/*.desktop --plugin qt --appdir appdir
# add the custom AppRun
rm appdir/AppRun
cp ../avogadrolibs/avogadrolibs/scripts/AppImage.sh appdir/AppRun
chmod a+x appdir/AppRun
./appimagetool-x86_64.AppImage appdir
mv Avogadro*.AppImage avogadroapp # for upload
working-directory: ${{ runner.workspace }}/build
- name: Notarize Mac DMG
if: runner.os == 'macOS'
run: |
# check if we have the password and the username
if [ -n "${NOTARIZE_PASSWORD}" ] && [ -n "${NOTARIZE_USERNAME}" ]; then
codesign -s "$CODESIGN_IDENTITY" --timestamp Avogadro2*.dmg
xcrun notarytool submit Avogadro2*.dmg --apple-id "$NOTARIZE_USERNAME" --team-id "$NOTARIZE_TEAM" --password "$NOTARIZE_PASSWORD" --verbose --wait
xcrun stapler staple -v Avogadro2*.dmg
fi
working-directory: ${{ runner.workspace }}/build/avogadroapp
env:
NOTARIZE_TEAM: ${{ secrets.AC_TEAM }}
NOTARIZE_USERNAME: ${{ secrets.AC_USERNAME }}
NOTARIZE_PASSWORD: ${{ secrets.AC_PASSWORD }}
CODESIGN_IDENTITY: ${{ secrets.CODESIGN_ID }}
continue-on-error: true
- name: Upload
if: matrix.config.artifact != 0
id: upload-artifact
uses: actions/upload-artifact@v4
with:
path: ${{ runner.workspace }}/build/avogadroapp/Avogadro*.*
name: ${{ matrix.config.artifact }}
- name: Cleanup
if: ${{ always() }} # To ensure this step runs even when earlier steps fail
shell: bash
run: |
ls -la ./
rm -rf ./* || true
rm -rf ./.??* || true
ls -la ./