Skip to content

feat: updated macos notarization #130

feat: updated macos notarization

feat: updated macos notarization #130

Workflow file for this run

name: Build CI
on:
push:
tags:
- "**"
env:
GH_ACCESS_TOKEN: ${{secrets.GH_ACCESS_TOKEN}}
NODE_OPTIONS: "--max-old-space-size=8192"
jobs:
build-linux:
runs-on: ubuntu-latest
strategy:
matrix:
node-version: [16.x]
steps:
- uses: actions/checkout@v3
with:
submodules: "recursive"
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v2
with:
node-version: ${{ matrix.node-version }}
cache: "yarn"
- run: sudo apt-get install fakeroot dpkg rpm -y
- run: yarn
- run: yarn lint:check
- run: yarn pretty:check
- run: yarn install-pkgs
- run: yarn build-pkgs
- run: node scripts/prebuild.js
- run: yarn make
- uses: actions/upload-artifact@v3
with:
name: build-linux
path: cysync/out/make/*
retention-days: 1
build-win:
runs-on: windows-latest
strategy:
matrix:
node-version: [16.x]
steps:
- uses: actions/checkout@v3
with:
submodules: "recursive"
- name: Windows Certificate Config
id: write_file
uses: timheuer/base64-to-file@v1
with:
fileName: 'win-certificate.pfx'
encodedString: ${{ secrets.CERTIFICATE_WINDOWS_PFX }}
- name: Use Node.js ${{ matrix.node-version }}
env:
WINDOWS_PFX_FILE: ${{ steps.write_file.outputs.filePath }}
WINDOWS_PFX_PASSWORD: ${{ secrets.WINDOWS_PFX_PASSWORD }}
uses: actions/setup-node@v2
with:
node-version: ${{ matrix.node-version }}
cache: "yarn"
- run: yarn
- run: yarn install-pkgs
- run: yarn build-pkgs
- run: node scripts\prebuild.js
- name: create signed build
env:
WINDOWS_PFX_FILE: ${{ steps.write_file.outputs.filePath }}
WINDOWS_PFX_PASSWORD: ${{ secrets.WINDOWS_PFX_PASSWORD }}
run: yarn make
- uses: actions/upload-artifact@v3
with:
name: build-win
path: cysync/out/make/*
retention-days: 1
build-macos:
runs-on: macos-latest
steps:
- uses: actions/checkout@v3
with:
submodules: "recursive"
- name: Initialize Python 3.10
uses: actions/setup-python@v5
with:
python-version: '3.10'
- name: Install the Apple certificate and provisioning profile
env:
BUILD_CERTIFICATE_BASE64: ${{ secrets.BUILD_CERTIFICATE_BASE64 }}
P12_PASSWORD: ${{ secrets.P12_PASSWORD }}
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
run: |
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode --output $CERTIFICATE_PATH
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
security list-keychain -d user -s $KEYCHAIN_PATH
- name: Build Macos Arm64 & Intel
env:
APPLE_ID: ${{ secrets.APPLE_ID }}
APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }}
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
run: |
# arch -arm64 ./scripts/build-mac.sh
arch -x86_64 ./scripts/build-mac.sh
- uses: actions/upload-artifact@v3
with:
name: build-macos
path: cysync/out/make/*
retention-days: 1
release-build:
runs-on: ubuntu-latest
needs: [build-win, build-linux, build-macos]
strategy:
matrix:
node-version: [16.x]
steps:
- uses: actions/checkout@v3
with:
submodules: "recursive"
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v2
with:
node-version: ${{ matrix.node-version }}
cache: "yarn"
- uses: actions/download-artifact@v3
- run: yarn --ignore-scripts
- run: node scripts/prebuild.js
- run: node scripts/postbuild.js "build-win,build-linux,build-macos"