-
Notifications
You must be signed in to change notification settings - Fork 2
129 lines (115 loc) · 4.27 KB
/
build.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
name: Wails build
on:
push:
tags:
# Match any new tag
- '*'
pull_request:
branches: [main]
workflow_dispatch: {}
env:
# Necessary for most environments as build failure can occur due to OOM issues
NODE_OPTIONS: "--max-old-space-size=4096"
jobs:
build:
strategy:
# Failure in one platform build won't impact the others
fail-fast: false
matrix:
build:
# - name: 'App'
# platform: 'linux/amd64'
# os: 'ubuntu-latest'
# - name: 'App'
# platform: 'windows/amd64'
# os: 'windows-latest'
- name: 'muscrat'
platform: 'darwin/arm64'
os: 'macos-14'
runs-on: ${{ matrix.build.os }}
steps:
- uses: actions/checkout@v3
with:
lfs: true
- uses: actions/setup-go@v5
with:
go-version-file: './go.mod'
- uses: actions/setup-node@v4
with:
node-version: '18.17.1'
- run: PATH=$(go env GOPATH)/bin:$PATH make app
## MacOS specific steps
- name: Add macOS perms
if: runner.os == 'macOS'
run: chmod +x build/bin/*/Contents/MacOS/*
shell: bash
############################################################################
# Code Signing
- name: Import Code-Signing Certificates for macOS
if: runner.os == 'macOS' && startsWith(github.ref, 'refs/tags/')
uses: Apple-Actions/import-codesign-certs@v1
with:
keychain-password: ${{ secrets.SIGN_MACOS_APPLE_PASSWORD }}
p12-file-base64: ${{ secrets.APPLE_DEVELOPER_CERTIFICATE_P12_BASE64 }}
p12-password: ${{ secrets.APPLE_DEVELOPER_CERTIFICATE_P12_BASE64_PASSWORD }}
- name: Import Code-Signing Certificates for macOS Installer
if: runner.os == 'macOS' && startsWith(github.ref, 'refs/tags/')
uses: Apple-Actions/import-codesign-certs@v1
with:
keychain-password: ${{ secrets.SIGN_MACOS_APPLE_PASSWORD }}
p12-file-base64: ${{ secrets.APPLE_INSTALLER_CERTIFICATE_P12_BASE64 }}
p12-password: ${{ secrets.APPLE_INSTALLER_CERTIFICATE_P12_BASE64_PASSWORD }}
create-keychain: false
- name: MacOS download gon for code signing and app notarization
if: runner.os == 'macOS' && startsWith(github.ref, 'refs/tags/')
run: |
brew install Bearer/tap/gon
- name: Sign our macOS binary
if: runner.os == 'macOS' && startsWith(github.ref, 'refs/tags/')
shell: bash
env:
APPLE_PASSWORD: ${{ secrets.SIGN_MACOS_APPLE_PASSWORD }}
APPLE_USERNAME: ${{ secrets.SIGN_MACOS_APPLE_USERNAME }}
run: |
echo "Signing Package"
envsubst < ./build/darwin/gon-sign.json.tmpl > ./build/darwin/gon-sign.json
gon -log-level=info ./build/darwin/gon-sign.json
############################################################################
# Zip App
- name: Build .app zip file
if: runner.os == 'macOS'
shell: bash
run: |
ditto -c -k ./build/bin/muscrat.app ./build/bin/muscrat.app.zip
############################################################################
# Build Installer
- name: Building Installer
if: runner.os == 'macOS' && startsWith(github.ref, 'refs/tags/')
shell: bash
run: |
productbuild --sign '${{ secrets.MACOS_INSTALLER_ID }}' --component ./build/bin/muscrat.app /Applications ./build/bin/muscrat.pkg
############################################################################
# Notarize
- name: Notarising Installer and zip
if: runner.os == 'macOS' && startsWith(github.ref, 'refs/tags/')
shell: bash
env:
APPLE_PASSWORD: ${{ secrets.SIGN_MACOS_APPLE_PASSWORD }}
APPLE_USERNAME: ${{ secrets.SIGN_MACOS_APPLE_USERNAME }}
run: |
echo "Notarizing Package"
envsubst < ./build/darwin/gon-notarize.json.tmpl > ./build/darwin/gon-notarize.json
gon -log-level=info ./build/darwin/gon-notarize.json
# Upload the build artifacts
- uses: actions/upload-artifact@v3
with:
name: Wails Build ${{runner.os}} ${{ matrix.build.name }}
path: |
*/bin/
*\bin\*
- name: Release
uses: softprops/action-gh-release@v1
if: startsWith(github.ref, 'refs/tags/')
with:
files: |
*/bin/*