Skip to content
Wails build

Build MacOS app in CI #37

Sign in to view logs

Build MacOS app in CI

Build MacOS app in CI #37

Workflow file for this run

.github/workflows/build.yml at f13c818
name: Wails build
on:
push:
tags:
# Match any new tag
- '*'
pull_request:
branches: [main]
workflow_dispatch: {}
env:
# Necessary for most environments as build failure can occur due to OOM issues
NODE_OPTIONS: "--max-old-space-size=4096"
jobs:
build:
strategy:
# Failure in one platform build won't impact the others
fail-fast: false
matrix:
build:
# - name: 'App'
# platform: 'linux/amd64'
# os: 'ubuntu-latest'
# - name: 'App'
# platform: 'windows/amd64'
# os: 'windows-latest'
- name: 'muscrat'
platform: 'darwin/arm64'
os: 'macos-14'
runs-on: ${{ matrix.build.os }}
steps:
- uses: actions/checkout@v3
- uses: cachix/install-nix-action@v22
with:
nix_path: nixpkgs=channel:nixos-unstable
- run: nix-shell --run 'PATH=$(go env GOPATH)/bin:$PATH make app'
## MacOS specific steps
- name: Add macOS perms
if: runner.os == 'macOS'
run: chmod +x build/bin/*/Contents/MacOS/*
shell: bash
############################################################################
# Code Signing
- name: Import Code-Signing Certificates for macOS
if: runner.os == 'macOS' && startsWith(github.ref, 'refs/tags/')
uses: Apple-Actions/import-codesign-certs@v1
with:
keychain-password: ${{ secrets.SIGN_MACOS_APPLE_PASSWORD }}
p12-file-base64: ${{ secrets.APPLE_DEVELOPER_CERTIFICATE_P12_BASE64 }}
p12-password: ${{ secrets.APPLE_DEVELOPER_CERTIFICATE_P12_BASE64_PASSWORD }}
- name: Import Code-Signing Certificates for macOS Installer
if: runner.os == 'macOS' && startsWith(github.ref, 'refs/tags/')
uses: Apple-Actions/import-codesign-certs@v1
with:
keychain-password: ${{ secrets.SIGN_MACOS_APPLE_PASSWORD }}
p12-file-base64: ${{ secrets.APPLE_INSTALLER_CERTIFICATE_P12_BASE64 }}
p12-password: ${{ secrets.APPLE_INSTALLER_CERTIFICATE_P12_BASE64_PASSWORD }}
create-keychain: false
- name: MacOS download gon for code signing and app notarization
if: runner.os == 'macOS' && startsWith(github.ref, 'refs/tags/')
run: |
brew install Bearer/tap/gon
- name: Sign our macOS binary
if: runner.os == 'macOS' && startsWith(github.ref, 'refs/tags/')
shell: bash
env:
APPLE_PASSWORD: ${{ secrets.SIGN_MACOS_APPLE_PASSWORD }}
APPLE_USERNAME: ${{ secrets.SIGN_MACOS_APPLE_USERNAME }}
run: |
echo "Signing Package"
envsubst < ./build/darwin/gon-sign.json.tmpl > ./build/darwin/gon-sign.json
gon -log-level=info ./build/darwin/gon-sign.json
############################################################################
# Zip App
- name: Build .app zip file
if: runner.os == 'macOS'
shell: bash
run: |
ditto -c -k ./build/bin/muscrat.app ./build/bin/muscrat.app.zip
############################################################################
# Build Installer
- name: Building Installer
if: runner.os == 'macOS' && startsWith(github.ref, 'refs/tags/')
shell: bash
run: |
productbuild --sign '${{ secrets.MACOS_INSTALLER_ID }}' --component ./build/bin/muscrat.app /Applications ./build/bin/muscrat.pkg
############################################################################
# Notarize
- name: Notarising Installer and zip
if: runner.os == 'macOS' && startsWith(github.ref, 'refs/tags/')
shell: bash
env:
APPLE_PASSWORD: ${{ secrets.SIGN_MACOS_APPLE_PASSWORD }}
APPLE_USERNAME: ${{ secrets.SIGN_MACOS_APPLE_USERNAME }}
run: |
echo "Notarizing Package"
envsubst < ./build/darwin/gon-notarize.json.tmpl > ./build/darwin/gon-notarize.json
gon -log-level=info ./build/darwin/gon-notarize.json
# Upload the build artifacts
- uses: actions/upload-artifact@v3
with:
name: Wails Build ${{runner.os}} ${{ matrix.build.name }}
path: |
*/bin/
*\bin\*
- name: Release
uses: softprops/action-gh-release@v1
if: startsWith(github.ref, 'refs/tags/')
with:
files: |
*/bin/*