name: macOS Build on: workflow_dispatch: workflow_call: jobs: macos-build: runs-on: macos steps: - name: Checkout repository uses: actions/checkout@v3 with: lfs: true fetch-depth: 0 - name: Setup environment run: | # Use the correct path where Unreal Engine is installed UE_PATH="/Users/Shared/Epic Games/UE_5.5" if [ ! -d "$UE_PATH" ]; then echo "Error: Unreal Engine is not installed in the expected location" echo "Please ensure Unreal Engine is installed at $UE_PATH" exit 1 fi # Create directories for builds mkdir -p Builds/Mac mkdir -p PackagedReleases echo "Using Unreal Engine 5.5" - name: Build for macOS run: | chmod +x ./scripts/mac_build.sh ./scripts/mac_build.sh - name: Package macOS build run: | echo "Preparing packaged files for release..." # Find the app bundle in the Builds directory APP_PATH=$(find Builds -type d -name "*.app" | head -1) if [ -n "$APP_PATH" ]; then echo "Found app bundle: $APP_PATH" # Get the app name APP_NAME=$(basename "$APP_PATH") # Create zip file of the app bundle (cd $(dirname "$APP_PATH") && zip -r "../../PackagedReleases/LuckyRobots-macOS.zip" "$APP_NAME") echo "Created packaged release: PackagedReleases/LuckyRobots-macOS.zip" else echo "No .app bundle found in Builds directory" # Look for a directory that might be a bundle but not named .app MAIN_BUILD_DIR=$(find Builds -mindepth 1 -maxdepth 1 -type d | head -1) if [ -n "$MAIN_BUILD_DIR" ]; then echo "Found main build directory: $MAIN_BUILD_DIR" DIR_NAME=$(basename "$MAIN_BUILD_DIR") # Package this directory as if it were the app (cd $(dirname "$MAIN_BUILD_DIR") && zip -r "../../PackagedReleases/LuckyRobots-macOS.zip" "$DIR_NAME") echo "Created packaged release from main directory: PackagedReleases/LuckyRobots-macOS.zip" else # Package the entire Builds directory as a fallback echo "No main directory found, packaging everything" zip -r "PackagedReleases/LuckyRobots-macOS.zip" Builds echo "Created fallback package: PackagedReleases/LuckyRobots-macOS.zip" fi fi echo "Packaged releases:" ls -la PackagedReleases/ echo "tests" - name: Sign and Notarize macOS App 2 if: ${{ success() }} env: APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} APPLE_CERTIFICATE_BASE64: ${{ secrets.MACOS_CERTIFICATE }} APPLE_CERTIFICATE_PASSWORD: ${{ secrets.MACOS_CERTIFICATE_PWD }} API_KEY_PATH: ${{ secrets.NOTARY_API_KEY_PATH }} API_KEY_ID: ${{ secrets.NOTARY_API_KEY_ID }} API_KEY_ISSUER_ID: ${{ secrets.NOTARY_API_KEY_ISSUER_ID }} run: | # Decode the base64 certificate echo "Setting up certificate..." echo $APPLE_CERTIFICATE_BASE64 | base64 --decode > certificate.p12 # Create keychain and import certificate KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db KEYCHAIN_PASSWORD=temporary security create-keychain -p "$KEYCHAIN_PASSWORD" "$KEYCHAIN_PATH" security set-keychain-settings -lut 21600 "$KEYCHAIN_PATH" security unlock-keychain -p "$KEYCHAIN_PASSWORD" "$KEYCHAIN_PATH" security import certificate.p12 -P "$APPLE_CERTIFICATE_PASSWORD" -A -t cert -f pkcs12 -k "$KEYCHAIN_PATH" security list-keychain -d user -s "$KEYCHAIN_PATH" # Find app bundle APP_PATH=$(find Builds -type d -name "*.app" | head -1) if [ -n "$APP_PATH" ]; then echo "Signing app bundle: $APP_PATH" # Sign the application /usr/bin/codesign --force --options runtime --sign "Developer ID Application: $APPLE_TEAM_ID" --deep --entitlements "./LuckyRobots.entitlements" "$APP_PATH" # Create a temporary file for notarization NOTARIZE_APP_PATH="./LuckyRobots-notarize.zip" ditto -c -k --keepParent "$APP_PATH" "$NOTARIZE_APP_PATH" # Decode the API key from Base64 secret echo "$API_KEY_PATH" | base64 --decode > api_key.p8 API_KEY_FILE="api_key.p8" # Submit for notarization using API key echo "Submitting for notarization with API key..." xcrun notarytool submit "$NOTARIZE_APP_PATH" --key "$API_KEY_FILE" --key-id "$API_KEY_ID" --issuer "$API_KEY_ISSUER_ID" --wait # Check notarization result NOTARIZATION_INFO=$(xcrun notarytool history --key "$API_KEY_FILE" --key-id "$API_KEY_ID" --issuer "$API_KEY_ISSUER_ID" | grep -E '(success|invalid)' | head -1) # Clean up the API key file rm -f "$API_KEY_FILE" if echo "$NOTARIZATION_INFO" | grep -q "success"; then echo "Notarization successful" # Staple the ticket to the application xcrun stapler staple "$APP_PATH" # Repackage the notarized app rm "PackagedReleases/LuckyRobots-macOS.zip" (cd $(dirname "$APP_PATH") && zip -r "../../PackagedReleases/LuckyRobots-macOS.zip" "$(basename "$APP_PATH")") echo "Repackaged notarized app" else echo "Notarization failed: $NOTARIZATION_INFO" exit 1 fi else echo "No app bundle found for signing and notarization" exit 1 fi # Clean up rm -f certificate.p12 security delete-keychain "$KEYCHAIN_PATH" - name: Upload macOS Build Artifact uses: actions/upload-artifact@v3 if: success() with: name: LuckyRobots-macOS path: PackagedReleases/LuckyRobots-macOS.zip retention-days: 365