This repository was archived by the owner on Jul 4, 2025. It is now read-only.
feat: add codesign for macos #39
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and Package Python Library | |
| on: | |
| push: | |
| branches: [ feat/codesign-python-package ] | |
| workflow_dispatch: | |
| inputs: | |
| model_dir: | |
| description: "Path to model directory in janhq/models repo" | |
| required: true | |
| model_name: | |
| description: "name of model to be release" | |
| required: true | |
| env: | |
| MODEL_DIR: models/whispervq # ${{ inputs.model_dir }} | |
| MODEL_NAME: whispervq # ${{ inputs.model_name }} | |
| jobs: | |
| build-and-test: | |
| runs-on: ${{ matrix.runs-on }} | |
| timeout-minutes: 60 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| # - os: "linux" | |
| # name: "amd64" | |
| # runs-on: "ubuntu-20-04-cuda-12-0" | |
| - os: "mac" | |
| name: "amd64" | |
| runs-on: "macos-selfhosted-12" | |
| - os: "mac" | |
| name: "arm64" | |
| runs-on: "macos-silicon" | |
| # - os: "windows" | |
| # name: "amd64" | |
| # runs-on: "windows-cuda-12-0" | |
| steps: | |
| - name: Clone | |
| id: checkout | |
| uses: actions/checkout@v3 | |
| with: | |
| submodules: recursive | |
| repository: janhq/models | |
| ref: "feat/ci-python-models" | |
| # - name: Install Miniconda on Linux | |
| # if: runner.os == 'Linux' | |
| # run: | | |
| # wget https://repo.anaconda.com/miniconda/Miniconda3-latest-Linux-x86_64.sh -O miniconda.sh | |
| # bash miniconda.sh -b -p $HOME/miniconda | |
| # echo "$HOME/miniconda/bin" >> $GITHUB_PATH | |
| # - name: Install Miniconda on macOS | |
| # if: runner.os == 'macOS' | |
| # run: | | |
| # if [ "$(uname -m)" = "arm64" ]; then | |
| # echo "Running on macOS ARM" | |
| # MINICONDA_URL="https://repo.anaconda.com/miniconda/Miniconda3-latest-MacOSX-arm64.sh" | |
| # else | |
| # echo "Running on macOS Intel" | |
| # MINICONDA_URL="https://repo.anaconda.com/miniconda/Miniconda3-latest-MacOSX-x86_64.sh" | |
| # fi | |
| # echo "Downloading Miniconda from $MINICONDA_URL" | |
| # curl -L $MINICONDA_URL -o miniconda.sh | |
| # bash miniconda.sh -b -p $HOME/miniconda | |
| # echo "$HOME/miniconda/bin" >> $GITHUB_PATH | |
| # - name: Install Miniconda on Windows | |
| # if: runner.os == 'Windows' | |
| # shell: pwsh | |
| # run: | | |
| # $minicondaUrl = 'https://repo.anaconda.com/miniconda/Miniconda3-latest-Windows-x86_64.exe' | |
| # Invoke-WebRequest -Uri $minicondaUrl -OutFile miniconda.exe | |
| # Start-Process -FilePath miniconda.exe -ArgumentList '/InstallationType=JustMe', '/AddToPath=1', '/RegisterPython=0', '/S', ('/D=Miniconda3') -Wait | |
| # echo "$env:USERPROFILE\\Miniconda3" >> $GITHUB_PATH | |
| - name: Install dependencies Windows | |
| if: runner.os == 'windows' | |
| run: | | |
| Miniconda\_conda.exe init | |
| conda create -y -n ${{env.MODEL_NAME}} python=3.11 | |
| conda activate ${{env.MODEL_NAME}} | |
| python -m pip install --upgrade pip | |
| python -m pip install -r ${{env.MODEL_DIR}}/requirements.cuda.txt | |
| - name: Install dependencies Linux | |
| if: runner.os == 'linux' | |
| run: | | |
| export PATH=$PATH:$HOME/miniconda/bin/ | |
| conda init | |
| conda create -y -n ${{env.MODEL_NAME}} python=3.11 | |
| source $HOME/miniconda/bin/activate base | |
| conda activate ${{env.MODEL_NAME}} | |
| python -m pip install --upgrade pip | |
| python -m pip install -r ${{env.MODEL_DIR}}/requirements.cuda.txt | |
| - name: Install dependencies Mac | |
| if: runner.os == 'macOS' | |
| run: | | |
| export PATH=$PATH:$HOME/miniconda/bin/ | |
| conda init | |
| conda create -y -n ${{env.MODEL_NAME}} python=3.11 | |
| source $HOME/miniconda/bin/activate base | |
| conda activate ${{env.MODEL_NAME}} | |
| python -m pip install --upgrade pip | |
| python -m pip install -r ${{env.MODEL_DIR}}/requirements.txt | |
| - name: prepare python package windows | |
| if : runner.os == 'windows' | |
| shell: cmd | |
| run: | | |
| conda activate ${{env.MODEL_NAME}} | |
| for /f "delims=" %%a in ('where python') do set "PYTHON_PATH=%%a" | |
| echo %PYTHON_PATH% | |
| - name: prepare python package unix | |
| if : runner.os != 'windows' | |
| run: | | |
| export PATH=$PATH:$HOME/miniconda/bin/ | |
| source $HOME/miniconda/bin/activate base | |
| conda activate ${{env.MODEL_NAME}} | |
| PYTHON_PATH=$(which python) | |
| echo $PYTHON_PATH | |
| PYTHON_FOLDER=$(dirname $(dirname "$PYTHON_PATH")) | |
| echo "PYTHON_FOLDER=$PYTHON_FOLDER" >> $GITHUB_ENV | |
| echo "github end PYTHON_FOLDER: ${{env.PYTHON_FOLDER}}" | |
| - name: Upload Artifact | |
| if : runner.os == 'macOS' || runner.os == 'linux' | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: ${{env.MODEL_NAME}}-${{ matrix.os }}-${{ matrix.name }} | |
| path: ${{env.PYTHON_FOLDER}} | |
| codesign: | |
| runs-on: macos-latest | |
| needs: build-and-test | |
| steps: | |
| - name: checkout | |
| uses: actions/checkout@v3 | |
| - uses: apple-actions/import-codesign-certs@v2 | |
| continue-on-error: true | |
| with: | |
| p12-file-base64: ${{ secrets.CODE_SIGN_P12_BASE64 }} | |
| p12-password: ${{ secrets.CODE_SIGN_P12_PASSWORD }} | |
| - name: Download Artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: ${{env.MODEL_NAME}}-mac-amd64 | |
| path: ${{env.MODEL_NAME}}-mac-amd64 | |
| - name: Download Artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: ${{env.MODEL_NAME}}-mac-amd64 | |
| path: ${{env.MODEL_NAME}}-mac-arm64 | |
| - run: | | |
| find "${{env.MODEL_NAME}}-mac-amd64" \( -type f -perm +111 \) -exec codesign --force --entitlements="./engine/templates/macos/entitlements.plist" -s "${{ secrets.DEVELOPER_ID }}" --options=runtime {} \; | |
| find "${{env.MODEL_NAME}}-mac-arm64" \( -type f -perm +111 \) -exec codesign --force --entitlements="./engine/templates/macos/entitlements.plist" -s "${{ secrets.DEVELOPER_ID }}" --options=runtime {} \; | |
| - name: Upload Artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: ${{env.MODEL_NAME}}-mac-amd64-signed | |
| path: ${{env.MODEL_NAME}}-mac-amd64 | |
| - name: Upload Artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: ${{env.MODEL_NAME}}-mac-arm64-signed | |
| path: ${{env.MODEL_NAME}}-mac-arm64 |