WIP: feat(workflows): add new build workflows for Windows, Linux, and macOS, and remove obsolete build scripts #17
@ -35,13 +35,22 @@ jobs:
|
|||||||
|
|
||||||
echo "Created entitlements file:"
|
echo "Created entitlements file:"
|
||||||
cat LuckyRobots.entitlements
|
cat LuckyRobots.entitlements
|
||||||
|
|
||||||
|
# Move entitlements to home directory to ensure consistent access
|
||||||
|
cp LuckyRobots.entitlements ~/LuckyRobots.entitlements
|
||||||
shell: bash
|
shell: bash
|
||||||
|
|
||||||
- name: Download and Extract Artifact
|
- name: Download and Extract Artifact
|
||||||
id: extract-artifact
|
id: extract-artifact
|
||||||
run: |
|
run: |
|
||||||
|
# Working with absolute paths to eliminate path inconsistencies
|
||||||
|
WORKSPACE_DIR="$(pwd)"
|
||||||
|
BUILDS_DIR="$WORKSPACE_DIR/Builds"
|
||||||
|
EXTRACT_DIR="$WORKSPACE_DIR/temp_extract"
|
||||||
|
|
||||||
# Create directories
|
# Create directories
|
||||||
mkdir -p Builds/Mac
|
mkdir -p "$BUILDS_DIR/Mac"
|
||||||
|
mkdir -p "$EXTRACT_DIR"
|
||||||
|
|
||||||
# Download specific artifact
|
# Download specific artifact
|
||||||
echo "Downloading build artifact..."
|
echo "Downloading build artifact..."
|
||||||
@ -50,45 +59,69 @@ jobs:
|
|||||||
ARTIFACT_URL="https://luckyrobots.com/LuckyRobots/LuckyWorld/actions/runs/84/artifacts/LuckyRobots-macOS"
|
ARTIFACT_URL="https://luckyrobots.com/LuckyRobots/LuckyWorld/actions/runs/84/artifacts/LuckyRobots-macOS"
|
||||||
|
|
||||||
echo "Using artifact URL: $ARTIFACT_URL"
|
echo "Using artifact URL: $ARTIFACT_URL"
|
||||||
|
BUILD_ZIP="$WORKSPACE_DIR/build.zip"
|
||||||
|
|
||||||
# Download the artifact
|
# Download the artifact
|
||||||
curl -L "$ARTIFACT_URL" -o build.zip
|
curl -L "$ARTIFACT_URL" -o "$BUILD_ZIP"
|
||||||
|
|
||||||
# First unzip - Outer artifact zip file
|
# First unzip - Outer artifact zip file
|
||||||
echo "Extracting outer zip file..."
|
echo "Extracting outer zip file..."
|
||||||
unzip -o build.zip -d temp_extract/
|
unzip -o "$BUILD_ZIP" -d "$EXTRACT_DIR"
|
||||||
|
|
||||||
# List the contents of temp_extract
|
# List the contents of temp_extract
|
||||||
echo "Contents of temp_extract:"
|
echo "Contents of temp_extract:"
|
||||||
ls -la temp_extract/
|
ls -la "$EXTRACT_DIR"
|
||||||
|
|
||||||
# Second unzip - Inner macOS app package
|
# Handle case where the artifact might have different structure
|
||||||
echo "Extracting inner zip file..."
|
# Try to find any zip files recursively
|
||||||
INNER_ZIP=$(find temp_extract -name "*.zip" | head -1)
|
echo "Searching for zip files in extract directory..."
|
||||||
|
ZIP_FILES=$(find "$EXTRACT_DIR" -name "*.zip" -type f)
|
||||||
|
echo "Found ZIP files: $ZIP_FILES"
|
||||||
|
|
||||||
if [[ -z "$INNER_ZIP" ]]; then
|
# Create target directory for Mac app
|
||||||
echo "Could not find inner zip in artifact"
|
TARGET_DIR="$BUILDS_DIR/Mac"
|
||||||
exit 1
|
mkdir -p "$TARGET_DIR"
|
||||||
|
|
||||||
|
# Extract all found zip files
|
||||||
|
for ZIP_FILE in $ZIP_FILES; do
|
||||||
|
echo "Extracting: $ZIP_FILE to $TARGET_DIR"
|
||||||
|
unzip -o "$ZIP_FILE" -d "$TARGET_DIR"
|
||||||
|
done
|
||||||
|
|
||||||
|
# Look for LuckyWorld-Mac-Shipping.app specifically
|
||||||
|
if [ -d "$TARGET_DIR/LuckyWorld-Mac-Shipping.app" ]; then
|
||||||
|
APP_PATH="$TARGET_DIR/LuckyWorld-Mac-Shipping.app"
|
||||||
|
echo "Found specific app: $APP_PATH"
|
||||||
|
else
|
||||||
|
# Try to find any .app bundle recursively
|
||||||
|
echo "Searching for .app bundles in all directories..."
|
||||||
|
APP_PATH=$(find "$BUILDS_DIR" -name "*.app" -type d | head -1)
|
||||||
|
|
||||||
|
if [ -z "$APP_PATH" ]; then
|
||||||
|
echo "Could not find any .app bundle. Looking in other directories..."
|
||||||
|
APP_PATH=$(find "$WORKSPACE_DIR" -name "*.app" -type d | head -1)
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
echo "Found inner zip: $INNER_ZIP"
|
if [ -z "$APP_PATH" ]; then
|
||||||
unzip -o "$INNER_ZIP" -d Builds/Mac/
|
echo "ERROR: Could not find any .app bundle"
|
||||||
|
|
||||||
# Recursive search for .app directory
|
|
||||||
echo "Searching for .app bundle..."
|
|
||||||
APP_PATH=$(find Builds -type d -name "*.app" -print 2>/dev/null | head -1)
|
|
||||||
|
|
||||||
if [[ -z "$APP_PATH" ]]; then
|
|
||||||
echo "Could not find app bundle in extracted files"
|
|
||||||
echo "Contents of Builds directory:"
|
echo "Contents of Builds directory:"
|
||||||
find Builds -type d | sort
|
find "$BUILDS_DIR" -type d | sort
|
||||||
echo "All directories in workspace:"
|
echo "Contents of extracted files:"
|
||||||
find . -type d -maxdepth 4 | grep -v "node_modules\|.git" | sort
|
find "$EXTRACT_DIR" -type f | sort
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
echo "Found app bundle: $APP_PATH"
|
echo "Found app bundle at: $APP_PATH"
|
||||||
echo "app_path=$APP_PATH" >> $GITHUB_OUTPUT
|
# Make a local copy to ensure access
|
||||||
|
LOCAL_APP="$WORKSPACE_DIR/LuckyWorld.app"
|
||||||
|
echo "Creating accessible copy at: $LOCAL_APP"
|
||||||
|
|
||||||
|
# Remove if exists
|
||||||
|
rm -rf "$LOCAL_APP"
|
||||||
|
cp -R "$APP_PATH" "$LOCAL_APP"
|
||||||
|
|
||||||
|
echo "app_path=$LOCAL_APP" >> $GITHUB_OUTPUT
|
||||||
shell: bash
|
shell: bash
|
||||||
|
|
||||||
- name: Validate App Path
|
- name: Validate App Path
|
||||||
@ -103,22 +136,18 @@ jobs:
|
|||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# Ensure the path is absolute
|
||||||
|
if [[ "$APP_PATH" != /* ]]; then
|
||||||
|
APP_PATH="$(pwd)/$APP_PATH"
|
||||||
|
echo "Converted to absolute path: $APP_PATH"
|
||||||
|
fi
|
||||||
|
|
||||||
echo "Will sign and notarize: $APP_PATH"
|
echo "Will sign and notarize: $APP_PATH"
|
||||||
echo "Contents of app bundle:"
|
echo "Contents of app bundle:"
|
||||||
ls -la "$APP_PATH"
|
ls -la "$APP_PATH"
|
||||||
echo "app_path=$APP_PATH" >> $GITHUB_OUTPUT
|
echo "app_path=$APP_PATH" >> $GITHUB_OUTPUT
|
||||||
shell: bash
|
shell: bash
|
||||||
|
|
||||||
- name: Setup for Signing
|
|
||||||
id: setup-signing
|
|
||||||
env:
|
|
||||||
API_KEY_PATH: ${{ secrets.NOTARY_API_KEY_PATH }}
|
|
||||||
run: |
|
|
||||||
# Decode the API key from Base64 secret
|
|
||||||
echo "$API_KEY_PATH" | base64 --decode > api_key.p8
|
|
||||||
echo "api_key_file=$(pwd)/api_key.p8" >> $GITHUB_OUTPUT
|
|
||||||
shell: bash
|
|
||||||
|
|
||||||
- name: Sign macOS App
|
- name: Sign macOS App
|
||||||
uses: lando/code-sign-action@v3
|
uses: lando/code-sign-action@v3
|
||||||
id: sign-app
|
id: sign-app
|
||||||
@ -127,7 +156,7 @@ jobs:
|
|||||||
certificate-data: ${{ secrets.MACOS_CERTIFICATE }}
|
certificate-data: ${{ secrets.MACOS_CERTIFICATE }}
|
||||||
certificate-password: ${{ secrets.MACOS_CERTIFICATE_PWD }}
|
certificate-password: ${{ secrets.MACOS_CERTIFICATE_PWD }}
|
||||||
apple-team-id: "${{ secrets.APPLE_TEAM_ID }}"
|
apple-team-id: "${{ secrets.APPLE_TEAM_ID }}"
|
||||||
options: --force --options runtime --deep --timestamp --entitlements ./LuckyRobots.entitlements
|
options: --force --options runtime --deep --timestamp --entitlements ~/LuckyRobots.entitlements
|
||||||
|
|
||||||
- name: Notarize macOS App
|
- name: Notarize macOS App
|
||||||
run: |
|
run: |
|
||||||
@ -136,17 +165,19 @@ jobs:
|
|||||||
NOTARIZE_APP_PATH="./LuckyRobots-notarize.zip"
|
NOTARIZE_APP_PATH="./LuckyRobots-notarize.zip"
|
||||||
ditto -c -k --keepParent "$APP_PATH" "$NOTARIZE_APP_PATH"
|
ditto -c -k --keepParent "$APP_PATH" "$NOTARIZE_APP_PATH"
|
||||||
|
|
||||||
API_KEY_FILE="${{ steps.setup-signing.outputs.api_key_file }}"
|
# Set up API key
|
||||||
|
API_KEY_PATH="$(pwd)/api_key.p8"
|
||||||
|
echo "${{ secrets.NOTARY_API_KEY_PATH }}" | base64 --decode > "$API_KEY_PATH"
|
||||||
|
|
||||||
# Submit for notarization using API key
|
# Submit for notarization using API key
|
||||||
echo "Submitting for notarization with API key..."
|
echo "Submitting for notarization with API key..."
|
||||||
xcrun notarytool submit "$NOTARIZE_APP_PATH" --key "$API_KEY_FILE" --key-id "${{ secrets.NOTARY_API_KEY_ID }}" --issuer "${{ secrets.NOTARY_API_KEY_ISSUER_ID }}" --wait
|
xcrun notarytool submit "$NOTARIZE_APP_PATH" --key "$API_KEY_PATH" --key-id "${{ secrets.NOTARY_API_KEY_ID }}" --issuer "${{ secrets.NOTARY_API_KEY_ISSUER_ID }}" --wait
|
||||||
|
|
||||||
# Staple the ticket to the application
|
# Staple the ticket to the application
|
||||||
xcrun stapler staple "$APP_PATH"
|
xcrun stapler staple "$APP_PATH"
|
||||||
|
|
||||||
# Clean up the API key file
|
# Clean up the API key file
|
||||||
rm -f "$API_KEY_FILE"
|
rm -f "$API_KEY_PATH"
|
||||||
rm -f "$NOTARIZE_APP_PATH"
|
rm -f "$NOTARIZE_APP_PATH"
|
||||||
shell: bash
|
shell: bash
|
||||||
|
|
||||||
@ -155,17 +186,18 @@ jobs:
|
|||||||
# Package the signed and notarized app
|
# Package the signed and notarized app
|
||||||
APP_PATH="${{ steps.validate-app.outputs.app_path }}"
|
APP_PATH="${{ steps.validate-app.outputs.app_path }}"
|
||||||
APP_NAME=$(basename "$APP_PATH")
|
APP_NAME=$(basename "$APP_PATH")
|
||||||
DIR_PATH=$(dirname "$APP_PATH")
|
WORKSPACE_DIR="$(pwd)"
|
||||||
|
OUTPUT_DIR="$WORKSPACE_DIR/TestSignedApps"
|
||||||
|
|
||||||
# Create test output directory
|
# Create test output directory
|
||||||
mkdir -p TestSignedApps
|
mkdir -p "$OUTPUT_DIR"
|
||||||
|
|
||||||
echo "Creating test package..."
|
echo "Creating test package..."
|
||||||
(cd "$DIR_PATH" && zip -r "../../TestSignedApps/Test-$APP_NAME.zip" "$APP_NAME")
|
ditto -c -k --keepParent "$APP_PATH" "$OUTPUT_DIR/Test-$APP_NAME.zip"
|
||||||
echo "Created test package: TestSignedApps/Test-$APP_NAME.zip"
|
echo "Created test package: $OUTPUT_DIR/Test-$APP_NAME.zip"
|
||||||
|
|
||||||
echo "Test packaged apps:"
|
echo "Test packaged apps:"
|
||||||
ls -la TestSignedApps/
|
ls -la "$OUTPUT_DIR"
|
||||||
shell: bash
|
shell: bash
|
||||||
|
|
||||||
- name: Upload Test Signed App
|
- name: Upload Test Signed App
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user