name: Test macOS Build Action on: workflow_dispatch: # Manual trigger only for testing push: branches: [ozgur/build] jobs: test-macos-build: runs-on: macos steps: - name: Checkout repository uses: actions/checkout@v3 with: lfs: true fetch-depth: 0 # Setup environment for build - name: Setup environment run: | # Get the working directory path for absolute paths WORKSPACE_DIR="$(pwd)" echo "WORKSPACE_DIR=$WORKSPACE_DIR" >> "$GITHUB_ENV" echo "ENTITLEMENTS_FILE=LuckyWorld.entitlements" >> "$GITHUB_ENV" # Set CI environment variable to true for build script echo "CI=true" >> "$GITHUB_ENV" # Create directories for builds mkdir -p Builds/Mac mkdir -p PackagedReleases echo "Environment setup complete" shell: bash # Set correct bundle identifier before build - name: Set bundle identifier run: | # Set the correct bundle identifier in DefaultGame.ini if it exists CONFIG_FILE="Config/DefaultGame.ini" if [ -f "$CONFIG_FILE" ]; then # Check if section exists or add it if grep -q "\[/Script/MacTargetPlatform\.MacTargetSettings\]" "$CONFIG_FILE"; then # Section exists, update the setting sed -i '' 's/BundleIdentifier=.*/BundleIdentifier=com.luckyrobots.luckyworld/g' "$CONFIG_FILE" else # Section doesn't exist, add it echo "" >> "$CONFIG_FILE" echo "[/Script/MacTargetPlatform.MacTargetSettings]" >> "$CONFIG_FILE" echo "BundleIdentifier=com.luckyrobots.luckyworld" >> "$CONFIG_FILE" fi echo "Updated bundle ID in project config" fi # Set the constant bundle ID for the workflow echo "BUNDLE_ID=com.luckyrobots.luckyworld" >> "$GITHUB_ENV" shell: bash # Build for macOS - use your own build script or create a test app if needed - name: Build for macOS run: | if [ -f "./scripts/mac_build.sh" ]; then chmod +x ./scripts/mac_build.sh # Set CI environment variable explicitly before running export CI=true ./scripts/mac_build.sh else echo "ERROR: Build script not found at ./scripts/mac_build.sh" exit 1 fi shell: bash # Find the app bundle - name: Find app bundle run: | # First check Saved/StagedBuilds directory - where Unreal often places built apps echo "Checking Saved/StagedBuilds directory..." APP_PATHS=$(find ./Saved/StagedBuilds -type d -name "*.app" 2>/dev/null) # If not found, check Builds directory if [ -z "$APP_PATHS" ]; then echo "Checking Builds directory..." APP_PATHS=$(find ./Builds -type d -name "*.app" 2>/dev/null) fi # If still not found, check the whole workspace if [ -z "$APP_PATHS" ]; then echo "Checking entire workspace..." APP_PATHS=$(find . -type d -name "*.app" -not -path "*/\.*" 2>/dev/null) fi if [ -z "$APP_PATHS" ]; then echo "ERROR: Could not find any app bundles!" echo "Listing all directories to help debug:" find . -type d -maxdepth 3 | sort exit 1 fi echo "Found potential app bundles:" echo "$APP_PATHS" # Use the first app path found (preferably the main app, not a child app) MAIN_APP_PATH=$(echo "$APP_PATHS" | grep -v "CrashReportClient" | head -1 || echo "$APP_PATHS" | head -1) echo "Using app bundle: $MAIN_APP_PATH" echo "APP_PATH=$MAIN_APP_PATH" >> "$GITHUB_ENV" # Make sure app exists - using local variable if [ ! -d "$MAIN_APP_PATH" ]; then echo "ERROR: App bundle not found at $MAIN_APP_PATH!" exit 1 fi # Export APP_PATH for next steps to use echo "APP_PATH=$MAIN_APP_PATH" >> "$GITHUB_ENV" # Fix bundle ID in Info.plist before signing if [ -f "$MAIN_APP_PATH/Contents/Info.plist" ]; then echo "Setting bundle identifier to $BUNDLE_ID" /usr/libexec/PlistBuddy -c "Set :CFBundleIdentifier $BUNDLE_ID" "$MAIN_APP_PATH/Contents/Info.plist" echo "Updated bundle ID in Info.plist: $(/usr/libexec/PlistBuddy -c "Print :CFBundleIdentifier" "$MAIN_APP_PATH/Contents/Info.plist")" else echo "WARNING: Could not find Info.plist in app bundle." fi # Find and repair nested app bundles as well (like CrashReportClient.app) NESTED_APPS=$(find "$MAIN_APP_PATH" -name "*.app" -type d) if [ -n "$NESTED_APPS" ]; then echo "Found nested app bundles, fixing their bundle IDs:" echo "$NESTED_APPS" | while read -r NESTED_APP; do if [ -f "$NESTED_APP/Contents/Info.plist" ]; then NESTED_NAME=$(basename "$NESTED_APP" .app) NESTED_BUNDLE_ID="$BUNDLE_ID.$NESTED_NAME" echo "Setting nested bundle ID to $NESTED_BUNDLE_ID for $NESTED_APP" /usr/libexec/PlistBuddy -c "Set :CFBundleIdentifier $NESTED_BUNDLE_ID" "$NESTED_APP/Contents/Info.plist" fi done fi shell: bash # Fix common issues that may cause notarization failure - name: Fix common issues for notarization run: | echo "🛠️ Fixing common issues that may cause notarization failure..." APP_PATH="${{ env.APP_PATH }}" # Remove get-task-allow entitlement from Info.plist files echo "Checking for get-task-allow entitlement..." find "$APP_PATH" -name "*.plist" -exec plutil -convert xml1 {} \; -exec grep -l "get-task-allow" {} \; | while read -r plist_file; do echo "Removing get-task-allow from $plist_file" /usr/libexec/PlistBuddy -c "Delete :com.apple.security.get-task-allow" "$plist_file" 2>/dev/null || true done # Check for problematic libraries that cause issues echo "Looking for problematic files..." PROBLEM_FILES=$(find "$APP_PATH" -type f -name "*.dylib" | grep -i "boost\|tbb\|ogg\|vorbis\|onnx") if [ -n "$PROBLEM_FILES" ]; then echo "Found potentially problematic libraries. These will be carefully handled during signing:" echo "$PROBLEM_FILES" | head -10 if [ $(echo "$PROBLEM_FILES" | wc -l) -gt 10 ]; then echo "... and $(echo "$PROBLEM_FILES" | wc -l) more" fi fi # Verify CrashReportClient specifically CRASH_REPORTER=$(find "$APP_PATH" -path "*CrashReportClient.app*" -type d | head -1) if [ -n "$CRASH_REPORTER" ]; then echo "Found CrashReportClient at $CRASH_REPORTER" if [ -f "$CRASH_REPORTER/Contents/Info.plist" ]; then # Ensure it has the correct bundle ID format CRASH_BUNDLE_ID="$BUNDLE_ID.CrashReportClient" echo "Setting CrashReportClient bundle ID to $CRASH_BUNDLE_ID" /usr/libexec/PlistBuddy -c "Set :CFBundleIdentifier $CRASH_BUNDLE_ID" "$CRASH_REPORTER/Contents/Info.plist" fi fi shell: bash # Use the macos-notarize action to sign and notarize the app - name: Sign and Notarize macOS App uses: ./.gitea/actions/macos-notarize id: sign-and-notarize with: app-path: ${{ env.APP_PATH }} entitlements-file: ${{ env.ENTITLEMENTS_FILE }} team-id: ${{ secrets.APPLE_TEAM_ID }} certificate-base64: ${{ secrets.MACOS_CERTIFICATE }} certificate-password: ${{ secrets.MACOS_CERTIFICATE_PWD }} notarization-method: 'api-key' notary-api-key-id: ${{ secrets.NOTARY_API_KEY_ID }} notary-api-key-issuer-id: ${{ secrets.NOTARY_API_KEY_ISSUER_ID }} notary-api-key-path: ${{ secrets.NOTARY_API_KEY_PATH }} bundle-id: ${{ env.BUNDLE_ID }} fallback-to-adhoc: 'false' # Upload signed app if available - name: Upload Signed App uses: actions/upload-artifact@v3 if: steps.sign-and-notarize.outputs.signed != 'none' with: name: ${{ steps.sign-and-notarize.outputs.notarized == 'true' && 'LuckyWorld-macOS-Signed-Notarized' || 'LuckyWorld-macOS-Signed' }} path: ${{ steps.sign-and-notarize.outputs.package-path }} retention-days: 30 # Report results - name: Report Results run: | echo "🔐 App signing: ${{ steps.sign-and-notarize.outputs.signed }}" echo "🔏 App notarization: ${{ steps.sign-and-notarize.outputs.notarized }}" if [ "${{ steps.sign-and-notarize.outputs.signed }}" != "none" ]; then echo "✅ Packaging completed successfully!" echo "Final package: ${{ steps.sign-and-notarize.outputs.package-path }}" else echo "⚠️ App was not signed - check the logs for details" fi shell: bash