-
Notifications
You must be signed in to change notification settings - Fork 652
160 lines (133 loc) · 4.8 KB
/
build-macos.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
name: Build MacOS Artifacts
on:
workflow_dispatch:
inputs:
tags:
description: "Version tags"
env:
VERSION: 0.9.0
jobs:
build:
strategy:
matrix:
go: [1.21.1]
runs-on: "macos-latest"
steps:
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: 18
- name: Install pnpm
run: npm install -g pnpm
- name: Setup Cache
uses: actions/cache@v4
with:
path: |
~/.cache/go-build
~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-
- name: Checkout Kun
uses: actions/checkout@v4
with:
repository: yaoapp/kun
path: kun
- name: Checkout Xun
uses: actions/checkout@v4
with:
repository: yaoapp/xun
path: xun
- name: Checkout Gou
uses: actions/checkout@v4
with:
repository: yaoapp/gou
path: gou
- name: Checkout V8Go
uses: actions/checkout@v4
with:
repository: yaoapp/v8go
path: v8go
- name: Unzip libv8
run: |
files=$(find ./v8go -name "libv8*.zip")
for file in $files; do
dir=$(dirname "$file") # Get the directory where the ZIP file is located
echo "Extracting $file to directory $dir"
unzip -o -d $dir $file
rm -rf $dir/__MACOSX
done
- name: Checkout XGen v1.0
# ** XGEN will be renamed to DUI in the feature. and move to the new repository. **
# ** new repository: https://github.com/YaoApp/dui.git **
uses: actions/checkout@v4
with:
repository: yaoapp/xgen
path: xgen-v1.0
- name: Checkout Yao-Init
uses: actions/checkout@v4
with:
repository: yaoapp/yao-init
path: yao-init
- name: Move Kun, Xun, Gou, UI, V8Go
run: |
mv kun ../
mv xun ../
mv gou ../
mv v8go ../
mv xgen-v1.0 ../
mv yao-init ../
rm -f ../xgen-v1.0/packages/setup/vite.config.ts.*
ls -l .
ls -l ../
ls -l ../xgen-v1.0/packages/setup/
- name: Checkout Code
uses: actions/checkout@v4
- name: Setup Go ${{ matrix.go }}
uses: actions/setup-go@v5
with:
go-version: ${{ matrix.go }}
- name: Setup Go Tools
run: |
make tools
- name: Get Version
run: |
echo VERSION=$(cat share/const.go |grep 'const VERSION' | awk '{print $4}' | sed "s/\"//g") >> $GITHUB_ENV
- name: Make Artifacts MacOS
run: |
make artifacts-macos
mv dist/release/yao-$VERSION-dev-darwin-arm64 dist/release/yao-$VERSION-unstable-darwin-arm64
mv dist/release/yao-$VERSION-dev-darwin-amd64 dist/release/yao-$VERSION-unstable-darwin-amd64
- name: Install Certificates
env:
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
run: |
mkdir -p certs
echo "${{ secrets.APPLE_DEVELOPERIDG2CA }}" | base64 --decode > certs/DeveloperIDG2CA.cer
echo "${{ secrets.APPLE_DISTRIBUTION }}" | base64 --decode > certs/distribution.cer
echo "${{ secrets.APPLE_PRIVATE_KEY }}" | base64 --decode > certs/private_key.p12
security verify-cert -c certs/DeveloperIDG2CA.cer
security verify-cert -c certs/distribution.cer
- name: Import Certificates
run: |
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
# create temporary keychain
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
# import certificate to keychain
security import ./certs/DeveloperIDG2CA.cer -k $KEYCHAIN_PATH -T /usr/bin/codesign
security import ./certs/distribution.cer -k $KEYCHAIN_PATH -T /usr/bin/codesign
# import private key to keychain
security import ./certs/private_key.p12 -k $KEYCHAIN_PATH -P "${{ secrets.APPLE_PRIVATE_KEY_PASSWORD }}" -T /usr/bin/codesign
security list-keychain -d user -s $KEYCHAIN_PATH
- name: Sign Artifacts
run: |
codesign --deep --force --verify --verbose --sign "${{ secrets.APPLE_SIGN }}" dist/release/yao-$VERSION-unstable-darwin-arm64
codesign --deep --force --verify --verbose --sign "${{ secrets.APPLE_SIGN }}" dist/release/yao-$VERSION-unstable-darwin-amd64
- name: Archive production artifacts
uses: actions/upload-artifact@v4
with:
name: yao-macos
path: |
dist/release/*