name: Test macOS Build Action on: workflow_dispatch: # Manual trigger only for testing push: branches: [ozgur/build] jobs: test-macos-build: runs-on: macos steps: - name: Checkout repository uses: actions/checkout@v3 with: lfs: true fetch-depth: 0 - name: Check entitlements file run: | # Check if entitlements files exist if [ -f "LuckyWorld.entitlements" ]; then echo "Using existing LuckyWorld.entitlements file" ENTITLEMENTS_FILE="LuckyWorld.entitlements" else echo "Creating default entitlements file as LuckyWorld.entitlements" # Create entitlements file line by line instead of heredoc echo '' > LuckyWorld.entitlements echo '' >> LuckyWorld.entitlements echo '' >> LuckyWorld.entitlements echo '' >> LuckyWorld.entitlements echo ' com.apple.security.cs.allow-jit' >> LuckyWorld.entitlements echo ' ' >> LuckyWorld.entitlements echo ' com.apple.security.cs.allow-unsigned-executable-memory' >> LuckyWorld.entitlements echo ' ' >> LuckyWorld.entitlements echo ' com.apple.security.cs.disable-library-validation' >> LuckyWorld.entitlements echo ' ' >> LuckyWorld.entitlements echo ' com.apple.security.cs.allow-dyld-environment-variables' >> LuckyWorld.entitlements echo ' ' >> LuckyWorld.entitlements echo ' com.apple.security.device.audio-input' >> LuckyWorld.entitlements echo ' ' >> LuckyWorld.entitlements echo ' com.apple.security.device.camera' >> LuckyWorld.entitlements echo ' ' >> LuckyWorld.entitlements echo '' >> LuckyWorld.entitlements echo '' >> LuckyWorld.entitlements ENTITLEMENTS_FILE="LuckyWorld.entitlements" fi echo "Using entitlements file: $ENTITLEMENTS_FILE" echo "ENTITLEMENTS_FILE=$ENTITLEMENTS_FILE" >> "$GITHUB_ENV" shell: bash # Step 1: Setup environment - name: Setup environment run: | # Use the correct path where Unreal Engine is installed UE_PATH="/Users/Shared/Epic Games/UE_5.5" if [ ! -d "$UE_PATH" ]; then echo "Warning: Unreal Engine is not installed in the expected location" echo "This is expected in CI environment - continuing anyway" fi # Create directories for builds mkdir -p Builds/Mac mkdir -p PackagedReleases echo "Using Unreal Engine 5.5" # Get the working directory path for absolute paths WORKSPACE_DIR="$(pwd)" echo "WORKSPACE_DIR=$WORKSPACE_DIR" >> "$GITHUB_ENV" shell: bash # Step 2: Build for macOS - name: Build for macOS run: | if [ -f "./scripts/mac_build.sh" ]; then chmod +x ./scripts/mac_build.sh ./scripts/mac_build.sh else echo "Build script not found, skipping this step" fi shell: bash # Step 3: Setup API Key - name: Setup API Key id: setup-api-key env: API_KEY_PATH: ${{ secrets.NOTARY_API_KEY_PATH }} run: | # Decode the API key from Base64 secret and save it to a file echo "$API_KEY_PATH" | base64 --decode > api_key.p8 echo "API_KEY_FILE=$(pwd)/api_key.p8" >> "$GITHUB_ENV" echo "API key setup complete" shell: bash # Step 4: Find App Bundle - name: Find App Bundle id: find-app-bundle run: | # Find app bundle with absolute path REL_APP_PATH=$(find Builds -type d -name "*.app" | head -1) if [ -z "$REL_APP_PATH" ]; then # Look for a directory that might be a bundle but not named .app REL_APP_PATH=$(find Builds -mindepth 1 -maxdepth 1 -type d | head -1) if [ -z "$REL_APP_PATH" ]; then echo "No build directory found, cannot continue" exit 1 fi fi # Convert to absolute path APP_PATH="${WORKSPACE_DIR}/${REL_APP_PATH}" echo "Found relative app path: $REL_APP_PATH" echo "Using absolute app path: $APP_PATH" # Verify the path exists if [ ! -d "$APP_PATH" ]; then echo "WARNING: Path does not exist: $APP_PATH" echo "Checking if path exists without workspace prefix..." # Sometimes CI systems already provide absolute paths if [ -d "/$REL_APP_PATH" ]; then APP_PATH="/$REL_APP_PATH" echo "Using path: $APP_PATH" elif [[ "$REL_APP_PATH" == /* ]] && [ -d "$REL_APP_PATH" ]; then APP_PATH="$REL_APP_PATH" echo "Using original absolute path: $APP_PATH" else # List files in Builds directory for debugging echo "Contents of Builds directory:" find Builds -type d | sort # Try to find app anywhere in the workspace echo "Searching for .app files in the workspace:" APP_PATHS=$(find . -type d -name "*.app" 2>/dev/null) if [ -n "$APP_PATHS" ]; then echo "Found potential app bundles:" echo "$APP_PATHS" APP_PATH="$(pwd)/$(echo "$APP_PATHS" | head -1)" echo "Using first result: $APP_PATH" else echo "ERROR: Could not find any .app bundles in the workspace" exit 1 fi fi fi echo "APP_PATH=$APP_PATH" >> "$GITHUB_ENV" shell: bash # Step 5: Sign macOS App using lando/code-sign-action - name: Sign macOS App id: sign-app uses: lando/code-sign-action@v3 with: file: ${{ env.APP_PATH }} certificate-data: ${{ secrets.MACOS_CERTIFICATE }} certificate-password: ${{ secrets.MACOS_CERTIFICATE_PWD }} apple-team-id: ${{ secrets.APPLE_TEAM_ID }} options: --options runtime --deep --timestamp --entitlements ${{ env.WORKSPACE_DIR }}/${{ env.ENTITLEMENTS_FILE }} # API Key Notarization (daha güvenli ve modern) apple-api-key: ${{ env.API_KEY_FILE }} apple-api-key-id: ${{ secrets.NOTARY_API_KEY_ID }} apple-api-issuer: ${{ secrets.NOTARY_API_KEY_ISSUER_ID }} apple-product-id: dev.luckyrobots.luckyworld # Step 6: Package macOS App - name: Package macOS App run: | # Package the signed and notarized app APP_PATH="${{ steps.sign-app.outputs.file }}" APP_NAME=$(basename "$APP_PATH") DIR_PATH=$(dirname "$APP_PATH") echo "Creating final package..." (cd "$DIR_PATH" && zip -r "${WORKSPACE_DIR}/PackagedReleases/LuckyRobots-macOS.zip" "$APP_NAME") echo "Created packaged release: PackagedReleases/LuckyRobots-macOS.zip" echo "Packaged releases:" ls -la PackagedReleases/ shell: bash # Step 7: Upload macOS Build Artifact - name: Upload macOS Build Artifact uses: actions/upload-artifact@v3 if: success() with: name: LuckyRobots-macOS path: PackagedReleases/LuckyRobots-macOS.zip retention-days: 365 # Step 8: Cleanup - name: Cleanup if: always() run: | # Clean up files rm -f certificate.p12 AppleWWDRCAG3.cer DeveloperIDG2.cer api_key.p8 || true shell: bash