Build MacOS Artifacts #382
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build MacOS Artifacts | |
on: | |
workflow_dispatch: | |
inputs: | |
tags: | |
description: "Version tags" | |
env: | |
VERSION: 0.9.0 | |
jobs: | |
build: | |
strategy: | |
matrix: | |
go: [1.21.1] | |
runs-on: "macos-latest" | |
steps: | |
- name: Setup Node.js | |
uses: actions/setup-node@v4 | |
with: | |
node-version: 18 | |
- name: Install pnpm | |
run: npm install -g pnpm | |
- name: Setup Cache | |
uses: actions/cache@v4 | |
with: | |
path: | | |
~/.cache/go-build | |
~/go/pkg/mod | |
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} | |
restore-keys: | | |
${{ runner.os }}-go- | |
- name: Checkout Kun | |
uses: actions/checkout@v4 | |
with: | |
repository: yaoapp/kun | |
path: kun | |
- name: Checkout Xun | |
uses: actions/checkout@v4 | |
with: | |
repository: yaoapp/xun | |
path: xun | |
- name: Checkout Gou | |
uses: actions/checkout@v4 | |
with: | |
repository: yaoapp/gou | |
path: gou | |
- name: Checkout V8Go | |
uses: actions/checkout@v4 | |
with: | |
repository: yaoapp/v8go | |
lfs: true | |
path: v8go | |
- name: Checkout XGen v1.0 | |
# ** XGEN will be renamed to DUI in the feature. and move to the new repository. ** | |
# ** new repository: https://github.com/YaoApp/dui.git ** | |
uses: actions/checkout@v4 | |
with: | |
repository: yaoapp/xgen | |
path: xgen-v1.0 | |
- name: Checkout Yao-Init | |
uses: actions/checkout@v4 | |
with: | |
repository: yaoapp/yao-init | |
path: yao-init | |
- name: Move Kun, Xun, Gou, UI, V8Go | |
run: | | |
mv kun ../ | |
mv xun ../ | |
mv gou ../ | |
mv v8go ../ | |
mv xgen-v1.0 ../ | |
mv yao-init ../ | |
rm -f ../xgen-v1.0/packages/setup/vite.config.ts.* | |
ls -l . | |
ls -l ../ | |
ls -l ../xgen-v1.0/packages/setup/ | |
- name: Checkout Code | |
uses: actions/checkout@v4 | |
- name: Setup Go ${{ matrix.go }} | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ matrix.go }} | |
- name: Setup Go Tools | |
run: | | |
make tools | |
- name: Get Version | |
run: | | |
echo VERSION=$(cat share/const.go |grep 'const VERSION' | awk '{print $4}' | sed "s/\"//g") >> $GITHUB_ENV | |
- name: Make Artifacts MacOS | |
run: | | |
make artifacts-macos | |
mv dist/release/yao-$VERSION-dev-darwin-arm64 dist/release/yao-$VERSION-unstable-darwin-arm64 | |
mv dist/release/yao-$VERSION-dev-darwin-amd64 dist/release/yao-$VERSION-unstable-darwin-amd64 | |
- name: Install Certificates | |
env: | |
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }} | |
run: | | |
mkdir -p certs | |
echo "${{ secrets.APPLE_DEVELOPERIDG2CA }}" | base64 --decode > certs/DeveloperIDG2CA.cer | |
echo "${{ secrets.APPLE_DISTRIBUTION }}" | base64 --decode > certs/distribution.cer | |
echo "${{ secrets.APPLE_PRIVATE_KEY }}" | base64 --decode > certs/private_key.p12 | |
security verify-cert -c certs/DeveloperIDG2CA.cer | |
security verify-cert -c certs/distribution.cer | |
- name: Import Certificates | |
run: | | |
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db | |
# create temporary keychain | |
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH | |
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH | |
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH | |
# import certificate to keychain | |
security import ./certs/DeveloperIDG2CA.cer -k $KEYCHAIN_PATH -T /usr/bin/codesign | |
security import ./certs/distribution.cer -k $KEYCHAIN_PATH -T /usr/bin/codesign | |
# import private key to keychain | |
security import ./certs/private_key.p12 -k $KEYCHAIN_PATH -P "${{ secrets.APPLE_PRIVATE_KEY_PASSWORD }}" -T /usr/bin/codesign | |
security list-keychain -d user -s $KEYCHAIN_PATH | |
- name: Sign Artifacts | |
run: | | |
codesign --deep --force --verify --verbose --sign "${{ secrets.APPLE_SIGN }}" dist/release/yao-$VERSION-unstable-darwin-arm64 | |
codesign --deep --force --verify --verbose --sign "${{ secrets.APPLE_SIGN }}" dist/release/yao-$VERSION-unstable-darwin-amd64 | |
- name: Archive production artifacts | |
uses: actions/upload-artifact@v4 | |
with: | |
name: yao-macos | |
path: | | |
dist/release/* |