LuckyRobots/LuckyWorld
14
0
Fork 0
Code Issues Pull Requests 1 Actions 1 Packages Projects 1 Releases 13 Wiki Activity
LuckyWorld/.gitea/workflows/test-macos-build.yml
Ozgur Ersoy e6e28290b7
Some checks failed
Test macOS Build Action / test-macos-build (push) Failing after 27m46s
Details
fix(workflows): update macOS build workflow to streamline API key setup and signing process
2025-04-13 18:42:04 +02:00

162 lines
6.3 KiB
YAML
Raw Blame History

name: Test macOS Build Action
on:
workflow_dispatch: # Manual trigger only for testing
push:
branches: [ozgur/build]
jobs:
test-macos-build:
runs-on: macos
steps:
- name: Checkout repository
uses: actions/checkout@v3
with:
lfs: true
fetch-depth: 0
- name: Check entitlements file
run: |
# Check if entitlements files exist
if [ -f "LuckyWorld.entitlements" ]; then
echo "Using existing LuckyWorld.entitlements file"
ENTITLEMENTS_FILE="LuckyWorld.entitlements"
else
echo "Creating default entitlements file as LuckyWorld.entitlements"
# Create entitlements file line by line instead of heredoc
echo '<?xml version="1.0" encoding="UTF-8"?>' > LuckyWorld.entitlements
echo '<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">' >> LuckyWorld.entitlements
echo '<plist version="1.0">' >> LuckyWorld.entitlements
echo '<dict>' >> LuckyWorld.entitlements
echo ' <key>com.apple.security.cs.allow-jit</key>' >> LuckyWorld.entitlements
echo ' <true/>' >> LuckyWorld.entitlements
echo ' <key>com.apple.security.cs.allow-unsigned-executable-memory</key>' >> LuckyWorld.entitlements
echo ' <true/>' >> LuckyWorld.entitlements
echo ' <key>com.apple.security.cs.disable-library-validation</key>' >> LuckyWorld.entitlements
echo ' <true/>' >> LuckyWorld.entitlements
echo ' <key>com.apple.security.cs.allow-dyld-environment-variables</key>' >> LuckyWorld.entitlements
echo ' <true/>' >> LuckyWorld.entitlements
echo ' <key>com.apple.security.device.audio-input</key>' >> LuckyWorld.entitlements
echo ' <true/>' >> LuckyWorld.entitlements
echo ' <key>com.apple.security.device.camera</key>' >> LuckyWorld.entitlements
echo ' <true/>' >> LuckyWorld.entitlements
echo '</dict>' >> LuckyWorld.entitlements
echo '</plist>' >> LuckyWorld.entitlements
ENTITLEMENTS_FILE="LuckyWorld.entitlements"
fi
echo "Using entitlements file: $ENTITLEMENTS_FILE"
echo "ENTITLEMENTS_FILE=$ENTITLEMENTS_FILE" >> "$GITHUB_ENV"
shell: bash
# Step 1: Setup environment
- name: Setup environment
run: |
# Use the correct path where Unreal Engine is installed
UE_PATH="/Users/Shared/Epic Games/UE_5.5"
if [ ! -d "$UE_PATH" ]; then
echo "Warning: Unreal Engine is not installed in the expected location"
echo "This is expected in CI environment - continuing anyway"
fi
# Create directories for builds
mkdir -p Builds/Mac
mkdir -p PackagedReleases
echo "Using Unreal Engine 5.5"
shell: bash
# Step 2: Build for macOS
- name: Build for macOS
run: |
if [ -f "./scripts/mac_build.sh" ]; then
chmod +x ./scripts/mac_build.sh
./scripts/mac_build.sh
else
echo "Build script not found, skipping this step"
fi
shell: bash
# Step 3: Setup API Key
- name: Setup API Key
id: setup-api-key
env:
API_KEY_PATH: ${{ secrets.NOTARY_API_KEY_PATH }}
run: |
# Decode the API key from Base64 secret and save it to a file
echo "$API_KEY_PATH" | base64 --decode > api_key.p8
echo "API_KEY_FILE=$(pwd)/api_key.p8" >> "$GITHUB_ENV"
echo "API key setup complete"
shell: bash
# Step 4: Find App Bundle
- name: Find App Bundle
id: find-app-bundle
run: |
# Find app bundle
APP_PATH=$(find Builds -type d -name "*.app" | head -1)
if [ -z "$APP_PATH" ]; then
# Look for a directory that might be a bundle but not named .app
APP_PATH=$(find Builds -mindepth 1 -maxdepth 1 -type d | head -1)
if [ -z "$APP_PATH" ]; then
echo "No build directory found, cannot continue"
exit 1
fi
fi
echo "Found app path: $APP_PATH"
echo "APP_PATH=$APP_PATH" >> "$GITHUB_ENV"
shell: bash
# Step 5: Sign macOS App using lando/code-sign-action
- name: Sign macOS App
id: sign-app
uses: lando/code-sign-action@v3
with:
file: ${{ env.APP_PATH }}
certificate-data: ${{ secrets.MACOS_CERTIFICATE }}
certificate-password: ${{ secrets.MACOS_CERTIFICATE_PWD }}
apple-team-id: ${{ secrets.APPLE_TEAM_ID }}
options: --options runtime --deep --timestamp --entitlements ./${{ env.ENTITLEMENTS_FILE }}
# API Key Notarization (daha güvenli ve modern)
apple-api-key: ${{ env.API_KEY_FILE }}
apple-api-key-id: ${{ secrets.NOTARY_API_KEY_ID }}
apple-api-issuer: ${{ secrets.NOTARY_API_KEY_ISSUER_ID }}
apple-product-id: dev.luckyrobots.luckyworld
# Step 6: Package macOS App
- name: Package macOS App
run: |
# Package the signed and notarized app
APP_PATH="${{ steps.sign-app.outputs.file }}"
APP_NAME=$(basename "$APP_PATH")
DIR_PATH=$(dirname "$APP_PATH")
echo "Creating final package..."
(cd "$DIR_PATH" && zip -r "../../PackagedReleases/LuckyRobots-macOS.zip" "$APP_NAME")
echo "Created packaged release: PackagedReleases/LuckyRobots-macOS.zip"
echo "Packaged releases:"
ls -la PackagedReleases/
shell: bash
# Step 7: Upload macOS Build Artifact
- name: Upload macOS Build Artifact
uses: actions/upload-artifact@v3
if: success()
with:
name: LuckyRobots-macOS
path: PackagedReleases/LuckyRobots-macOS.zip
retention-days: 365
# Step 8: Cleanup
- name: Cleanup
if: always()
run: |
# Clean up files
rm -f certificate.p12 AppleWWDRCAG3.cer DeveloperIDG2.cer api_key.p8 || true
shell: bash
Reference in New Issue View Git Blame Copy Permalink