mirror of
https://github.com/Cockatrice/Cockatrice.git
synced 2026-07-01 02:53:56 -07:00
Merge 31f331b850 into 80426d77bc
This commit is contained in:
commit
28390013b1
2 changed files with 119 additions and 73 deletions
84
.ci/sign_macos_bundle.sh
Executable file
84
.ci/sign_macos_bundle.sh
Executable file
|
|
@ -0,0 +1,84 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# This script is to be used by the ci environment.
|
||||||
|
|
||||||
|
# Signs and notarizes a macOS app bundle
|
||||||
|
# Requires: $1 - path to the app bundle
|
||||||
|
# Environment variables:
|
||||||
|
# - MACOS_CERTIFICATE_NAME: Name of the certificate for signing (optional, skips signing if not set)
|
||||||
|
# - MACOS_CI_KEYCHAIN_PWD: Password for the CI keychain (required if MACOS_CERTIFICATE_NAME is set)
|
||||||
|
# - MACOS_NOTARIZATION_APPLE_ID: Apple ID for notarization (optional, skips notarization if not set)
|
||||||
|
# - MACOS_NOTARIZATION_PWD: Password for notarization (required if MACOS_NOTARIZATION_APPLE_ID is set)
|
||||||
|
# - MACOS_NOTARIZATION_TEAM_ID: Team ID for notarization (required if MACOS_NOTARIZATION_APPLE_ID is set)
|
||||||
|
# exitcode: 1 for failure, 2 for invalid arguments
|
||||||
|
|
||||||
|
set -e
|
||||||
|
|
||||||
|
# Check input arguments
|
||||||
|
if [[ $# -lt 1 ]]; then
|
||||||
|
echo "::error file=$0::No argument passed to the script - provide <path_to_app_bundle>"
|
||||||
|
exit 2
|
||||||
|
fi
|
||||||
|
|
||||||
|
APP_BUNDLE_PATH="$1"
|
||||||
|
|
||||||
|
# Verify that app bundle exists
|
||||||
|
if [[ ! -f "$APP_BUNDLE_PATH" ]]; then
|
||||||
|
echo "::error file=$0::App bundle not found at: $APP_BUNDLE_PATH"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Sign app bundle
|
||||||
|
if [[ -n "$MACOS_CERTIFICATE_NAME" ]]; then
|
||||||
|
echo "::group::Sign app bundle"
|
||||||
|
security unlock-keychain -p "$MACOS_CI_KEYCHAIN_PWD" build.keychain
|
||||||
|
/usr/bin/codesign --sign="$MACOS_CERTIFICATE_NAME" --entitlements=".ci/macos.entitlements" --options=runtime --force --deep --timestamp --verbose "$APP_BUNDLE_PATH"
|
||||||
|
|
||||||
|
# Verify signature
|
||||||
|
codesign --verify --deep --strict --verbose=2 "$APP_BUNDLE_PATH"
|
||||||
|
spctl -a -v --type install "$APP_BUNDLE_PATH"
|
||||||
|
echo "::endgroup::"
|
||||||
|
else
|
||||||
|
echo "::error file=$0::MACOS_CERTIFICATE_NAME not set. Can not sign app bundle."
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Notarize app bundle
|
||||||
|
if [[ -n "$MACOS_NOTARIZATION_APPLE_ID" ]]; then
|
||||||
|
echo "::group::Notarize app bundle"
|
||||||
|
# Store the notarization credentials so that we can prevent a UI password dialog from blocking the CI
|
||||||
|
xcrun notarytool store-credentials "notarytool-profile" --apple-id "$MACOS_NOTARIZATION_APPLE_ID" --team-id "$MACOS_NOTARIZATION_TEAM_ID" --password "$MACOS_NOTARIZATION_PWD"
|
||||||
|
|
||||||
|
# We can't notarize an app bundle directly, but we need to compress it as an archive.
|
||||||
|
# Therefore, we create a zip file containing our app bundle, so that we can send it to the notarization service
|
||||||
|
echo ""
|
||||||
|
echo "Creating temp notarization archive..."
|
||||||
|
ditto -c -k --keepParent "$APP_BUNDLE_PATH" "notarization.zip"
|
||||||
|
|
||||||
|
# Here we send the notarization request to the Apple's Notarization service, waiting for the result.
|
||||||
|
# This typically takes a few seconds inside a CI environment, but it might take more depending on the App characteristics.
|
||||||
|
# Visit the Notarization docs for more information and strategies on how to optimize it if you're curious.
|
||||||
|
echo ""
|
||||||
|
xcrun notarytool submit "notarization.zip" --keychain-profile "notarytool-profile" --wait
|
||||||
|
echo "::endgroup::"
|
||||||
|
|
||||||
|
echo "::group::Staple app"
|
||||||
|
# Finally, we need to "attach the staple" to our executable, which will allow our app to be
|
||||||
|
# validated by macOS even when an internet connection is not available.
|
||||||
|
echo "Attach staple"
|
||||||
|
xcrun stapler staple "$APP_BUNDLE_PATH"
|
||||||
|
|
||||||
|
# Validate staple
|
||||||
|
xcrun stapler validate "$APP_BUNDLE_PATH"
|
||||||
|
echo "::endgroup::"
|
||||||
|
else
|
||||||
|
echo "::error file=$0::MACOS_NOTARIZATION_APPLE_ID not set. Can not notarize app bundle."
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "::group::Cleanup"
|
||||||
|
# Cleanup keychain and files to avoid leaking credentials
|
||||||
|
echo "Deleting keychain"
|
||||||
|
security delete-keychain build.keychain
|
||||||
|
rm -f certificate.p12 notarization.zip
|
||||||
|
echo "::endgroup::"
|
||||||
100
.github/workflows/desktop-build.yml
vendored
100
.github/workflows/desktop-build.yml
vendored
|
|
@ -7,6 +7,17 @@ permissions:
|
||||||
id-token: write # needed for signing certificate in attestation
|
id-token: write # needed for signing certificate in attestation
|
||||||
|
|
||||||
on:
|
on:
|
||||||
|
pull_request:
|
||||||
|
paths:
|
||||||
|
- '*/**' # matches all files not in root
|
||||||
|
- '!**.md'
|
||||||
|
- '!.github/**'
|
||||||
|
- '!.tx/**'
|
||||||
|
- '!doc/**'
|
||||||
|
- '.github/workflows/desktop-build.yml'
|
||||||
|
- 'CMakeLists.txt'
|
||||||
|
- 'vcpkg.json'
|
||||||
|
- 'vcpkg' # needed to match submodule bumps (gitlink)
|
||||||
push:
|
push:
|
||||||
branches:
|
branches:
|
||||||
- master
|
- master
|
||||||
|
|
@ -22,30 +33,19 @@ on:
|
||||||
- 'vcpkg' # needed to match submodule bumps (gitlink)
|
- 'vcpkg' # needed to match submodule bumps (gitlink)
|
||||||
tags:
|
tags:
|
||||||
- '*'
|
- '*'
|
||||||
pull_request:
|
|
||||||
paths:
|
|
||||||
- '*/**' # matches all files not in root
|
|
||||||
- '!**.md'
|
|
||||||
- '!.github/**'
|
|
||||||
- '!.tx/**'
|
|
||||||
- '!doc/**'
|
|
||||||
- '.github/workflows/desktop-build.yml'
|
|
||||||
- 'CMakeLists.txt'
|
|
||||||
- 'vcpkg.json'
|
|
||||||
- 'vcpkg' # needed to match submodule bumps (gitlink)
|
|
||||||
|
|
||||||
# Cancel earlier, unfinished runs of this workflow on the same branch (unless on release)
|
# Cancel earlier, unfinished runs of this workflow on the same branch (unless on release)
|
||||||
concurrency:
|
concurrency:
|
||||||
group: "${{ github.workflow }} @ ${{ github.ref_name }}"
|
|
||||||
cancel-in-progress: ${{ github.ref_type != 'tag' }}
|
cancel-in-progress: ${{ github.ref_type != 'tag' }}
|
||||||
|
group: "${{ github.workflow }} @ ${{ github.ref_name }}"
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
configure:
|
configure:
|
||||||
name: Configure
|
name: Configure
|
||||||
runs-on: ubuntu-slim
|
runs-on: ubuntu-slim
|
||||||
outputs:
|
outputs:
|
||||||
tag: ${{ steps.configure.outputs.tag }}
|
|
||||||
sha: ${{ steps.configure.outputs.sha }}
|
sha: ${{ steps.configure.outputs.sha }}
|
||||||
|
tag: ${{ steps.configure.outputs.tag }}
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
- name: "Configure"
|
- name: "Configure"
|
||||||
|
|
@ -66,8 +66,8 @@ jobs:
|
||||||
fetch-depth: 0 # fetch all history for all branches and tags
|
fetch-depth: 0 # fetch all history for all branches and tags
|
||||||
|
|
||||||
- name: "Prepare release parameters"
|
- name: "Prepare release parameters"
|
||||||
id: prepare
|
|
||||||
if: steps.configure.outputs.tag != null
|
if: steps.configure.outputs.tag != null
|
||||||
|
id: prepare
|
||||||
shell: bash
|
shell: bash
|
||||||
env:
|
env:
|
||||||
TAG: ${{ steps.configure.outputs.tag }}
|
TAG: ${{ steps.configure.outputs.tag }}
|
||||||
|
|
@ -78,12 +78,12 @@ jobs:
|
||||||
id: create_release
|
id: create_release
|
||||||
shell: bash
|
shell: bash
|
||||||
env:
|
env:
|
||||||
|
body_path: ${{ steps.prepare.outputs.body_path }}
|
||||||
GH_TOKEN: ${{ github.token }}
|
GH_TOKEN: ${{ github.token }}
|
||||||
|
prerelease: ${{ steps.prepare.outputs.is_beta }}
|
||||||
|
release_name: ${{ steps.prepare.outputs.title }}
|
||||||
tag_name: ${{ steps.configure.outputs.tag }}
|
tag_name: ${{ steps.configure.outputs.tag }}
|
||||||
target: ${{ steps.configure.outputs.sha }}
|
target: ${{ steps.configure.outputs.sha }}
|
||||||
release_name: ${{ steps.prepare.outputs.title }}
|
|
||||||
body_path: ${{ steps.prepare.outputs.body_path }}
|
|
||||||
prerelease: ${{ steps.prepare.outputs.is_beta }}
|
|
||||||
run: |
|
run: |
|
||||||
args=()
|
args=()
|
||||||
[[ $prerelease == yes ]] && args+=(--prerelease)
|
[[ $prerelease == yes ]] && args+=(--prerelease)
|
||||||
|
|
@ -183,13 +183,13 @@ jobs:
|
||||||
--cmake-generator "$CMAKE_GENERATOR"
|
--cmake-generator "$CMAKE_GENERATOR"
|
||||||
|
|
||||||
- name: "Build release package"
|
- name: "Build release package"
|
||||||
id: build
|
|
||||||
if: matrix.package != 'skip'
|
if: matrix.package != 'skip'
|
||||||
|
id: build
|
||||||
shell: bash
|
shell: bash
|
||||||
env:
|
env:
|
||||||
SUFFIX: '-${{ matrix.distro }}${{ matrix.version }}'
|
|
||||||
package: '${{ matrix.package }}'
|
package: '${{ matrix.package }}'
|
||||||
server_only: '${{ matrix.server_only }}'
|
server_only: '${{ matrix.server_only }}'
|
||||||
|
SUFFIX: '-${{ matrix.distro }}${{ matrix.version }}'
|
||||||
run: |
|
run: |
|
||||||
source .ci/docker.sh
|
source .ci/docker.sh
|
||||||
args=()
|
args=()
|
||||||
|
|
@ -221,8 +221,8 @@ jobs:
|
||||||
path: ${{ env.CACHE }}
|
path: ${{ env.CACHE }}
|
||||||
|
|
||||||
- name: "Upload artifact"
|
- name: "Upload artifact"
|
||||||
id: upload_artifact
|
|
||||||
if: matrix.package != 'skip'
|
if: matrix.package != 'skip'
|
||||||
|
id: upload_artifact
|
||||||
uses: actions/upload-artifact@v7
|
uses: actions/upload-artifact@v7
|
||||||
with:
|
with:
|
||||||
archive: false
|
archive: false
|
||||||
|
|
@ -230,8 +230,8 @@ jobs:
|
||||||
path: ${{ steps.build.outputs.path }}
|
path: ${{ steps.build.outputs.path }}
|
||||||
|
|
||||||
- name: "Upload to release"
|
- name: "Upload to release"
|
||||||
id: upload_release
|
|
||||||
if: matrix.package != 'skip' && needs.configure.outputs.tag != null
|
if: matrix.package != 'skip' && needs.configure.outputs.tag != null
|
||||||
|
id: upload_release
|
||||||
shell: bash
|
shell: bash
|
||||||
env:
|
env:
|
||||||
asset_name: ${{ steps.build.outputs.fullname }}
|
asset_name: ${{ steps.build.outputs.fullname }}
|
||||||
|
|
@ -241,8 +241,8 @@ jobs:
|
||||||
run: gh release upload "$tag_name" "$asset_path#$asset_name"
|
run: gh release upload "$tag_name" "$asset_path#$asset_name"
|
||||||
|
|
||||||
- name: "Attest binary provenance"
|
- name: "Attest binary provenance"
|
||||||
id: attestation
|
|
||||||
if: steps.upload_release.outcome == 'success'
|
if: steps.upload_release.outcome == 'success'
|
||||||
|
id: attestation
|
||||||
uses: actions/attest@v4
|
uses: actions/attest@v4
|
||||||
with:
|
with:
|
||||||
show-summary: false
|
show-summary: false
|
||||||
|
|
@ -265,7 +265,6 @@ jobs:
|
||||||
target: 13
|
target: 13
|
||||||
runner: macos-15-intel
|
runner: macos-15-intel
|
||||||
|
|
||||||
ccache_eviction_age: 7d
|
|
||||||
cmake_generator: Ninja
|
cmake_generator: Ninja
|
||||||
make_package: 1
|
make_package: 1
|
||||||
override_target: 13
|
override_target: 13
|
||||||
|
|
@ -282,7 +281,6 @@ jobs:
|
||||||
target: 14
|
target: 14
|
||||||
runner: macos-14
|
runner: macos-14
|
||||||
|
|
||||||
ccache_eviction_age: 7d
|
|
||||||
cmake_generator: Ninja
|
cmake_generator: Ninja
|
||||||
make_package: 1
|
make_package: 1
|
||||||
package_suffix: "-macOS14"
|
package_suffix: "-macOS14"
|
||||||
|
|
@ -298,7 +296,6 @@ jobs:
|
||||||
target: 15
|
target: 15
|
||||||
runner: macos-15
|
runner: macos-15
|
||||||
|
|
||||||
ccache_eviction_age: 7d
|
|
||||||
cmake_generator: Ninja
|
cmake_generator: Ninja
|
||||||
make_package: 1
|
make_package: 1
|
||||||
package_suffix: "-macOS15"
|
package_suffix: "-macOS15"
|
||||||
|
|
@ -314,7 +311,6 @@ jobs:
|
||||||
target: 15
|
target: 15
|
||||||
runner: macos-15
|
runner: macos-15
|
||||||
|
|
||||||
ccache_eviction_age: 7d
|
|
||||||
cmake_generator: Ninja
|
cmake_generator: Ninja
|
||||||
qt_version: 6.11.0
|
qt_version: 6.11.0
|
||||||
qt_arch: clang_64
|
qt_arch: clang_64
|
||||||
|
|
@ -343,6 +339,7 @@ jobs:
|
||||||
timeout-minutes: 100
|
timeout-minutes: 100
|
||||||
env:
|
env:
|
||||||
CCACHE_DIR: ${{ github.workspace }}/.cache/
|
CCACHE_DIR: ${{ github.workspace }}/.cache/
|
||||||
|
CCACHE_EVICTION_AGE: 7d
|
||||||
CCACHE_SIZE: 550M # space of all repo is 10Gi: https://docs.github.com/en/actions/using-workflows/caching-dependencies-to-speed-up-workflows#usage-limits-and-eviction-policy
|
CCACHE_SIZE: 550M # space of all repo is 10Gi: https://docs.github.com/en/actions/using-workflows/caching-dependencies-to-speed-up-workflows#usage-limits-and-eviction-policy
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
|
|
@ -442,8 +439,7 @@ jobs:
|
||||||
id: build
|
id: build
|
||||||
shell: bash
|
shell: bash
|
||||||
env:
|
env:
|
||||||
BUILDTYPE: '${{ matrix.type }}'
|
BUILDTYPE: ${{ matrix.type }}
|
||||||
CCACHE_EVICTION_AGE: ${{ matrix.ccache_eviction_age }}
|
|
||||||
CMAKE_GENERATOR: ${{ matrix.cmake_generator }}
|
CMAKE_GENERATOR: ${{ matrix.cmake_generator }}
|
||||||
CMAKE_GENERATOR_PLATFORM: ${{ matrix.cmake_generator_platform }}
|
CMAKE_GENERATOR_PLATFORM: ${{ matrix.cmake_generator_platform }}
|
||||||
DEVELOPER_DIR: '/Applications/Xcode_${{ matrix.xcode }}.app/Contents/Developer'
|
DEVELOPER_DIR: '/Applications/Xcode_${{ matrix.xcode }}.app/Contents/Developer'
|
||||||
|
|
@ -451,8 +447,8 @@ jobs:
|
||||||
MACOS_CERTIFICATE_NAME: ${{ secrets.PROD_MACOS_CERTIFICATE_NAME }}
|
MACOS_CERTIFICATE_NAME: ${{ secrets.PROD_MACOS_CERTIFICATE_NAME }}
|
||||||
MACOS_CERTIFICATE_PWD: ${{ secrets.PROD_MACOS_CERTIFICATE_PWD }}
|
MACOS_CERTIFICATE_PWD: ${{ secrets.PROD_MACOS_CERTIFICATE_PWD }}
|
||||||
MACOS_CI_KEYCHAIN_PWD: ${{ secrets.PROD_MACOS_CI_KEYCHAIN_PWD }}
|
MACOS_CI_KEYCHAIN_PWD: ${{ secrets.PROD_MACOS_CI_KEYCHAIN_PWD }}
|
||||||
MAKE_PACKAGE: '${{ matrix.make_package }}'
|
MAKE_PACKAGE: ${{ matrix.make_package }}
|
||||||
PACKAGE_SUFFIX: '${{ matrix.package_suffix }}'
|
PACKAGE_SUFFIX: ${{ matrix.package_suffix }}
|
||||||
TARGET_MACOS_VERSION: ${{ matrix.override_target }}
|
TARGET_MACOS_VERSION: ${{ matrix.override_target }}
|
||||||
USE_CCACHE: ${{ matrix.use_ccache }}
|
USE_CCACHE: ${{ matrix.use_ccache }}
|
||||||
VCPKG_BINARY_SOURCES: 'clear;files,${{ steps.vcpkg-cache.outputs.path }},readwrite'
|
VCPKG_BINARY_SOURCES: 'clear;files,${{ steps.vcpkg-cache.outputs.path }},readwrite'
|
||||||
|
|
@ -478,52 +474,18 @@ jobs:
|
||||||
key: ${{ steps.ccache_restore.outputs.cache-primary-key }}
|
key: ${{ steps.ccache_restore.outputs.cache-primary-key }}
|
||||||
path: ${{ env.CCACHE_DIR }}
|
path: ${{ env.CCACHE_DIR }}
|
||||||
|
|
||||||
- name: "[macOS] Sign app bundle"
|
- name: "[macOS] Sign & notarize app bundle"
|
||||||
if: matrix.os == 'macOS' && matrix.make_package && needs.configure.outputs.tag != null
|
# if: matrix.os == 'macOS' && matrix.make_package && needs.configure.outputs.tag != null
|
||||||
id: sign_macos
|
if: matrix.os == 'macOS'
|
||||||
|
shell: bash
|
||||||
env:
|
env:
|
||||||
BUILD_PATH: ${{ steps.build.outputs.path }}
|
BUILD_PATH: ${{ steps.build.outputs.path }}
|
||||||
MACOS_CERTIFICATE_NAME: ${{ secrets.PROD_MACOS_CERTIFICATE_NAME }}
|
MACOS_CERTIFICATE_NAME: ${{ secrets.PROD_MACOS_CERTIFICATE_NAME }}
|
||||||
MACOS_CI_KEYCHAIN_PWD: ${{ secrets.PROD_MACOS_CI_KEYCHAIN_PWD }}
|
MACOS_CI_KEYCHAIN_PWD: ${{ secrets.PROD_MACOS_CI_KEYCHAIN_PWD }}
|
||||||
run: |
|
|
||||||
if [[ -n "$MACOS_CERTIFICATE_NAME" ]]
|
|
||||||
then
|
|
||||||
security unlock-keychain -p "$MACOS_CI_KEYCHAIN_PWD" build.keychain
|
|
||||||
/usr/bin/codesign --sign="$MACOS_CERTIFICATE_NAME" --entitlements=".ci/macos.entitlements" --options=runtime --force --deep --timestamp --verbose "$BUILD_PATH"
|
|
||||||
fi
|
|
||||||
|
|
||||||
- name: "[macOS] Notarize app bundle"
|
|
||||||
if: matrix.os == 'macOS' && steps.sign_macos.outcome == 'success'
|
|
||||||
env:
|
|
||||||
BUILD_PATH: ${{ steps.build.outputs.path }}
|
|
||||||
MACOS_NOTARIZATION_APPLE_ID: ${{ secrets.PROD_MACOS_NOTARIZATION_APPLE_ID }}
|
MACOS_NOTARIZATION_APPLE_ID: ${{ secrets.PROD_MACOS_NOTARIZATION_APPLE_ID }}
|
||||||
MACOS_NOTARIZATION_PWD: ${{ secrets.PROD_MACOS_NOTARIZATION_PWD }}
|
MACOS_NOTARIZATION_PWD: ${{ secrets.PROD_MACOS_NOTARIZATION_PWD }}
|
||||||
MACOS_NOTARIZATION_TEAM_ID: ${{ secrets.PROD_MACOS_NOTARIZATION_TEAM_ID }}
|
MACOS_NOTARIZATION_TEAM_ID: ${{ secrets.PROD_MACOS_NOTARIZATION_TEAM_ID }}
|
||||||
run: |
|
run: .ci/sign_macos_bundle.sh "$BUILD_PATH"
|
||||||
if [[ -n "$MACOS_NOTARIZATION_APPLE_ID" ]]
|
|
||||||
then
|
|
||||||
# Store the notarization credentials so that we can prevent a UI password dialog from blocking the CI
|
|
||||||
echo "Create keychain profile"
|
|
||||||
xcrun notarytool store-credentials "notarytool-profile" --apple-id "$MACOS_NOTARIZATION_APPLE_ID" --team-id "$MACOS_NOTARIZATION_TEAM_ID" --password "$MACOS_NOTARIZATION_PWD"
|
|
||||||
|
|
||||||
# We can't notarize an app bundle directly, but we need to compress it as an archive.
|
|
||||||
# Therefore, we create a zip file containing our app bundle, so that we can send it to the
|
|
||||||
# notarization service
|
|
||||||
echo "Creating temp notarization archive"
|
|
||||||
ditto -c -k --keepParent "$BUILD_PATH" "notarization.zip"
|
|
||||||
|
|
||||||
# Here we send the notarization request to the Apple's Notarization service, waiting for the result.
|
|
||||||
# This typically takes a few seconds inside a CI environment, but it might take more depending on the App
|
|
||||||
# characteristics. Visit the Notarization docs for more information and strategies on how to optimize it if
|
|
||||||
# you're curious
|
|
||||||
echo "Notarize app"
|
|
||||||
xcrun notarytool submit "notarization.zip" --keychain-profile "notarytool-profile" --wait
|
|
||||||
|
|
||||||
# Finally, we need to "attach the staple" to our executable, which will allow our app to be
|
|
||||||
# validated by macOS even when an internet connection is not available.
|
|
||||||
echo "Attach staple"
|
|
||||||
xcrun stapler staple "$BUILD_PATH"
|
|
||||||
fi
|
|
||||||
|
|
||||||
- name: "Upload artifact"
|
- name: "Upload artifact"
|
||||||
if: matrix.make_package
|
if: matrix.make_package
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue