name: Test macOS Build Action on: workflow_dispatch: # Manual trigger only for testing push: branches: [ozgur/build] jobs: test-macos-build: runs-on: macos steps: - name: Checkout repository uses: actions/checkout@v3 with: lfs: true fetch-depth: 0 # Step 1: Setup environment - name: Setup environment run: | # Use the correct path where Unreal Engine is installed UE_PATH="/Users/Shared/Epic Games/UE_5.5" if [ ! -d "$UE_PATH" ]; then echo "Error: Unreal Engine is not installed in the expected location" echo "Please ensure Unreal Engine is installed at $UE_PATH" exit 1 fi # Create directories for builds mkdir -p Builds/Mac mkdir -p PackagedReleases echo "Using Unreal Engine 5.5" shell: bash # Step 2: Build for macOS - name: Build for macOS run: | chmod +x ./scripts/mac_build.sh ./scripts/mac_build.sh shell: bash # Step 3: Setup for Signing - name: Setup for Signing id: setup-signing env: API_KEY_PATH: ${{ secrets.NOTARY_API_KEY_PATH }} run: | # Create output directory mkdir -p PackagedReleases # Decode the API key from Base64 secret echo "$API_KEY_PATH" | base64 --decode > api_key.p8 echo "api_key_file=$(pwd)/api_key.p8" >> $GITEA_OUTPUT # Find app bundle APP_PATH=$(find Builds -type d -name "*.app" | head -1) if [ -z "$APP_PATH" ]; then # Look for a directory that might be a bundle but not named .app APP_PATH=$(find Builds -mindepth 1 -maxdepth 1 -type d | head -1) if [ -z "$APP_PATH" ]; then echo "No build directory found, cannot continue" exit 1 fi fi echo "Found app path: $APP_PATH" echo "app_path=$APP_PATH" >> $GITEA_OUTPUT shell: bash # Step 4: Sign macOS App - name: Sign macOS App uses: lando/code-sign-action@v3 id: sign-app with: file: ${{ steps.setup-signing.outputs.app_path }} certificate-data: ${{ secrets.MACOS_CERTIFICATE }} certificate-password: ${{ secrets.MACOS_CERTIFICATE_PWD }} certificate-id: ${{ secrets.APPLE_TEAM_ID }} options: --force --options runtime --deep --timestamp --entitlements ./LuckyRobots.entitlements # Step 5: Notarize macOS App - name: Notarize macOS App run: | # Create a temporary file for notarization APP_PATH="${{ steps.setup-signing.outputs.app_path }}" NOTARIZE_APP_PATH="./LuckyRobots-notarize.zip" ditto -c -k --keepParent "$APP_PATH" "$NOTARIZE_APP_PATH" API_KEY_FILE="${{ steps.setup-signing.outputs.api_key_file }}" # Submit for notarization using API key echo "Submitting for notarization with API key..." xcrun notarytool submit "$NOTARIZE_APP_PATH" --key "$API_KEY_FILE" --key-id "${{ secrets.NOTARY_API_KEY_ID }}" --issuer "${{ secrets.NOTARY_API_KEY_ISSUER_ID }}" --wait # Staple the ticket to the application xcrun stapler staple "$APP_PATH" # Clean up the API key file rm -f "$API_KEY_FILE" rm -f "$NOTARIZE_APP_PATH" shell: bash # Step 6: Package macOS App - name: Package macOS App run: | # Package the signed and notarized app APP_PATH="${{ steps.setup-signing.outputs.app_path }}" APP_NAME=$(basename "$APP_PATH") DIR_PATH=$(dirname "$APP_PATH") echo "Creating final package..." (cd "$DIR_PATH" && zip -r "../../PackagedReleases/LuckyRobots-macOS.zip" "$APP_NAME") echo "Created packaged release: PackagedReleases/LuckyRobots-macOS.zip" echo "Packaged releases:" ls -la PackagedReleases/ shell: bash # Step 7: Upload macOS Build Artifact - name: Upload macOS Build Artifact uses: actions/upload-artifact@v3 if: success() with: name: LuckyRobots-macOS path: PackagedReleases/LuckyRobots-macOS.zip retention-days: 365