[release-0.14] コード署名をeSignerCKAに #1741
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: build and deploy workflow | |
on: | |
workflow_dispatch: | |
inputs: | |
version: | |
description: "バージョン情報(A.BB.C / A.BB.C-preview.D)" | |
required: true | |
code_signing: | |
description: "コード署名する" | |
type: boolean | |
required: false | |
release: | |
types: | |
- published | |
pull_request: | |
push: | |
branches: | |
- "*" | |
- "**/*" | |
env: | |
# releaseタグ名か、workflow_dispatchでのバージョン名か、DEBUGが入る | |
VERSION: ${{ github.event.release.tag_name || github.event.inputs.version || 'DEBUG' }} | |
# Raw character weights are not public. | |
# Skip uploading to GitHub Release on public repo. | |
SKIP_UPLOADING_RELEASE_ASSET: ${{ secrets.SKIP_UPLOADING_RELEASE_ASSET || '1' }} | |
jobs: | |
build_and_deploy: | |
environment: ${{ github.event.inputs.code_signing == 'true' && 'code_signing' || '' }} # コード署名用のenvironment | |
strategy: | |
matrix: | |
include: | |
- os: windows-2019 | |
features: "" | |
target: x86_64-pc-windows-msvc | |
artifact_name: windows-x64-cpu | |
whl_local_version: cpu | |
use_cuda: false | |
- os: windows-2019 | |
features: directml | |
target: x86_64-pc-windows-msvc | |
artifact_name: windows-x64-directml | |
whl_local_version: directml | |
use_cuda: false | |
- os: windows-2019 | |
features: "" | |
target: x86_64-pc-windows-msvc | |
artifact_name: windows-x64-cuda | |
whl_local_version: cuda | |
use_cuda: true | |
- os: windows-2019 | |
features: "" | |
target: i686-pc-windows-msvc | |
artifact_name: windows-x86-cpu | |
whl_local_version: cpu | |
use_cuda: false | |
- os: ubuntu-20.04 | |
features: "" | |
target: x86_64-unknown-linux-gnu | |
artifact_name: linux-x64-cpu | |
whl_local_version: cpu | |
use_cuda: false | |
- os: ubuntu-20.04 | |
features: "" | |
target: x86_64-unknown-linux-gnu | |
artifact_name: linux-x64-gpu | |
whl_local_version: cuda | |
use_cuda: true | |
- os: ubuntu-20.04 | |
features: "" | |
target: aarch64-unknown-linux-gnu | |
artifact_name: linux-arm64-cpu | |
whl_local_version: cpu | |
use_cuda: false | |
- os: macos-11 | |
features: "" | |
target: aarch64-apple-darwin | |
artifact_name: osx-arm64-cpu | |
whl_local_version: cpu | |
use_cuda: false | |
- os: macos-11 | |
features: "" | |
target: x86_64-apple-darwin | |
artifact_name: osx-x64-cpu | |
whl_local_version: cpu | |
use_cuda: false | |
runs-on: ${{ matrix.os }} | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Set up Python 3.8 | |
uses: actions/setup-python@v4 | |
with: | |
python-version: "3.8" | |
architecture: ${{ contains(matrix.artifact_name,'x86') && 'x86' || 'x64' }} | |
- name: set up ${{ matrix.target }} | |
uses: ./.github/actions/rust-toolchain-from-file | |
with: | |
targets: ${{ matrix.target }} | |
- name: Install cross compiler for aarch64-unknown-linux-gnu | |
if: matrix.target == 'aarch64-unknown-linux-gnu' | |
shell: bash | |
run: | | |
sudo apt update | |
sudo apt install gcc-aarch64-linux-gnu g++-aarch64-linux-gnu | |
- name: Install cargo-binstall | |
uses: taiki-e/install-action@cargo-binstall | |
- name: Install cbindgen | |
uses: ./.github/actions/cargo-binstall-cbindgen | |
- name: Install cargo-edit | |
if: ${{ env.VERSION != 'DEBUG' }} | |
shell: bash | |
run: cargo binstall cargo-edit@^0.11 --no-confirm --log-level debug | |
- name: set cargo version | |
if: ${{ env.VERSION != 'DEBUG' }} | |
shell: bash | |
run: | | |
cargo set-version "$VERSION" --exclude voicevox_core_python_api --exclude download --exclude xtask | |
cargo set-version "$VERSION+"${{ matrix.whl_local_version }} -p voicevox_core_python_api | |
- name: generate voicevox_core.h | |
shell: bash | |
run: cbindgen --crate voicevox_core_c_api -o ./voicevox_core.h | |
- name: build voicevox_core_c_api | |
run: cargo build -p voicevox_core_c_api -vv --features ${{ matrix.features }}, --target ${{ matrix.target }} --release | |
env: | |
ORT_USE_CUDA: ${{ matrix.use_cuda }} | |
- name: build voicevox_core_python_api | |
id: build-voicevox-core-python-api | |
shell: bash | |
run: | | |
pip install -r ./crates/voicevox_core_python_api/requirements.txt | |
maturin build --manifest-path ./crates/voicevox_core_python_api/Cargo.toml --features ${{ matrix.features }}, --target ${{ matrix.target }} --release | |
echo "whl=$(find ./target/wheels -type f)" >> "$GITHUB_OUTPUT" | |
env: | |
ORT_USE_CUDA: ${{ matrix.use_cuda }} | |
- name: Set ASSET_NAME env var | |
shell: bash | |
run: echo "ASSET_NAME=voicevox_core-${{ matrix.artifact_name }}-${{ env.VERSION }}" >> "$GITHUB_ENV" | |
- name: Organize artifact | |
shell: bash | |
run: | | |
mkdir -p "artifact/${{ env.ASSET_NAME }}" | |
cp -v voicevox_core.h "artifact/${{ env.ASSET_NAME }}" | |
cp -v target/${{ matrix.target }}/release/*voicevox_core.{dll,so,dylib} "artifact/${{ env.ASSET_NAME }}" || true | |
cp -v target/${{ matrix.target }}/release/voicevox_core.dll.lib "artifact/${{ env.ASSET_NAME }}/voicevox_core.lib" || true | |
cp -v -n target/${{ matrix.target }}/release/build/onnxruntime-sys-*/out/onnxruntime_*/onnxruntime-*/lib/*.{dll,so.*,so,dylib} "artifact/${{ env.ASSET_NAME }}" || true | |
# libonnxruntimeについてはバージョン付のshared libraryを使用するためバージョンがついてないものを削除する | |
rm -f artifact/${{ env.ASSET_NAME }}/libonnxruntime.{so,dylib} | |
cp -v README.md "artifact/${{ env.ASSET_NAME }}/README.txt" | |
cp -vr model "artifact/${{ env.ASSET_NAME }}/" | |
echo "${{ env.VERSION }}" > "artifact/${{ env.ASSET_NAME }}/VERSION" | |
- name: Code signing (Windows) | |
if: startsWith(matrix.os, 'windows') && github.event.inputs.code_signing == 'true' | |
shell: bash | |
run: | | |
bash build_util/codesign.bash "artifact/${{ env.ASSET_NAME }}/voicevox_core.dll" | |
env: | |
ESIGNERCKA_USERNAME: ${{ secrets.ESIGNERCKA_USERNAME }} | |
ESIGNERCKA_PASSWORD: ${{ secrets.ESIGNERCKA_PASSWORD }} | |
ESIGNERCKA_TOTP_SECRET: ${{ secrets.ESIGNERCKA_TOTP_SECRET }} | |
- name: Archive artifact | |
shell: bash | |
run: | | |
cd artifact | |
7z a "../${{ env.ASSET_NAME }}.zip" "${{ env.ASSET_NAME }}" | |
- name: Upload to Release | |
if: env.VERSION != 'DEBUG' && env.SKIP_UPLOADING_RELEASE_ASSET == '0' | |
uses: softprops/action-gh-release@v1 | |
with: | |
prerelease: true | |
tag_name: ${{ env.VERSION }} | |
files: |- | |
${{ env.ASSET_NAME }}.zip | |
target_commitish: ${{ github.sha }} | |
- name: Upload Python whl to Release | |
if: env.VERSION != 'DEBUG' && env.SKIP_UPLOADING_RELEASE_ASSET == '0' | |
uses: softprops/action-gh-release@v1 | |
with: | |
prerelease: true | |
tag_name: ${{ env.VERSION }} | |
files: |- | |
${{ steps.build-voicevox-core-python-api.outputs.whl }} | |
target_commitish: ${{ github.sha }} | |
deploy_downloader: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Upload to Release | |
if: env.VERSION != 'DEBUG' && env.SKIP_UPLOADING_RELEASE_ASSET == '0' | |
uses: softprops/action-gh-release@v1 | |
with: | |
prerelease: true | |
tag_name: ${{ env.VERSION }} | |
files: |- | |
scripts/downloads/* | |
target_commitish: ${{ github.sha }} | |
deploy_precompiled_downloader: | |
environment: ${{ github.event.inputs.code_signing == 'true' && 'code_signing' || '' }} # コード署名用のenvironment | |
strategy: | |
matrix: | |
include: | |
- name: download-windows-x64.exe | |
target: x86_64-pc-windows-msvc | |
os: windows-2019 | |
- name: download-linux-x64 | |
target: x86_64-unknown-linux-gnu | |
os: ubuntu-20.04 | |
- name: download-linux-arm64 | |
target: aarch64-unknown-linux-gnu | |
os: ubuntu-20.04 | |
- name: download-osx-x64 | |
target: x86_64-apple-darwin | |
os: macos-11 | |
- name: download-osx-arm64 | |
target: aarch64-apple-darwin | |
os: macos-11 | |
runs-on: ${{ matrix.os }} | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Install cross compiler for aarch64-unknown-linux-gnu | |
if: matrix.target == 'aarch64-unknown-linux-gnu' | |
shell: bash | |
run: | | |
sudo apt update | |
sudo apt install gcc-aarch64-linux-gnu g++-aarch64-linux-gnu | |
- name: Set up ${{ matrix.target }} | |
uses: ./.github/actions/rust-toolchain-from-file | |
with: | |
targets: ${{ matrix.target }} | |
- name: Build downloader | |
run: cargo build -vv --release -p download --target ${{ matrix.target }} | |
- name: Rename the binary | |
shell: bash | |
run: | | |
case "$OS" in | |
Windows) exe_suffix=.exe;; | |
Linux | macOS) exe_suffix=;; | |
esac | |
mv $"target/${{ matrix.target }}/release/download$exe_suffix" ./${{ matrix.name }} | |
- name: Code signing (Windows) | |
if: startsWith(matrix.os, 'windows') && github.event.inputs.code_signing == 'true' | |
shell: bash | |
run: | | |
bash build_util/codesign.bash ./${{ matrix.name }} | |
env: | |
ESIGNERCKA_USERNAME: ${{ secrets.ESIGNERCKA_USERNAME }} | |
ESIGNERCKA_PASSWORD: ${{ secrets.ESIGNERCKA_PASSWORD }} | |
ESIGNERCKA_TOTP_SECRET: ${{ secrets.ESIGNERCKA_TOTP_SECRET }} | |
- name: Upload to Release | |
if: env.VERSION != 'DEBUG' && env.SKIP_UPLOADING_RELEASE_ASSET == '0' | |
uses: softprops/action-gh-release@v1 | |
with: | |
prerelease: true | |
tag_name: ${{ env.VERSION }} | |
files: ${{ matrix.name }} | |
target_commitish: ${{ github.sha }} |