Skip to content

wip

wip #331

Workflow file for this run

name: Build on macOS
on: push
jobs:
build:
runs-on: macos-12
steps:
- name: Check out repository code
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Install certificates. Write dist_config.json.
env:
DIST_CONFIG: ${{ secrets.PROD_MACOS_DIST_CONFIG }}
CERTIFICATE: ${{ secrets.PROD_MACOS_CERTIFICATE }}
CERTIFICATE_PWD: ${{ secrets.PROD_MACOS_CERTIFICATE_PWD }}
CERTIFICATE_NAME: ${{ secrets.PROD_MACOS_CERTIFICATE_NAME }}
KEYCHAIN_PWD: ${{ secrets.PROD_MACOS_CI_KEYCHAIN_PWD }}
NOTARIZATION_APPLE_ID: ${{ secrets.PROD_MACOS_NOTARIZATION_APPLE_ID }}
NOTARIZATION_TEAM_ID: ${{ secrets.PROD_MACOS_NOTARIZATION_TEAM_ID }}
NOTARIZATION_PWD: ${{ secrets.PROD_MACOS_NOTARIZATION_PWD }}
NOTARIZATION_PROFILE: ${{ secrets.PROD_MACOS_NOTARIZATION_PROFILE }}
run: |
# Adapted from https://federicoterzi.com/blog/automatic-code-signing-and-notarization-for-macos-apps-using-github-actions/
# Turn our base64-encoded certificate back to a regular .p12 file
echo $CERTIFICATE | base64 --decode > certificate.p12
echo $DIST_CONFIG | base64 --decode > dist_config.json
# We need to create a new keychain, otherwise using the certificate will prompt
# with a UI dialog asking for the certificate password, which we can't
# use in a headless CI environment
security create-keychain -p "$KEYCHAIN_PWD" build.keychain
security default-keychain -s build.keychain
security unlock-keychain -p "$KEYCHAIN_PWD" build.keychain
security import certificate.p12 -k build.keychain -P "$CERTIFICATE_PWD" -T /usr/bin/codesign
security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k "$KEYCHAIN_PWD" build.keychain
echo "Create keychain profile"
xcrun notarytool store-credentials "$NOTARIZATION_PROFILE" --apple-id "$NOTARIZATION_APPLE_ID" --team-id "$NOTARIZATION_TEAM_ID" --password "$NOTARIZATION_PWD"
- name: Install build deps
run: brew install nim scons yasm
- name: Install nim
run: |
curl -LO https://github.com/nim-lang/nightlies/releases/download/2023-12-15-version-2-0-c4c44d10df8a14204a75c34e499def200589cb7c/nim-2.0.2-macosx_x64.tar.xz
tar xzf nim-2.0.2-macosx_x64.tar.xz
echo "$(pwd)/nim-2.0.2/bin" >> $GITHUB_PATH
- name: Update path
run: echo "$HOME/.nimble/bin" >> $GITHUB_PATH
- name: Install nimble deps
run: nimble setup -y
- name: Save SHAs of submodules
run: 'git submodule status > .submodules.tmp'
- name: prereq cache
id: prereq-cache
uses: actions/cache@v3
with:
path: |
vendor/godot/bin
fonts
key: ${{ runner.os }}-prereq-cache-v2-${{ hashFiles('.submodules.tmp') }}
- name: build prereqs
run: nimble dist_prereqs
if: steps.prereq-cache.outputs.cache-hit != 'true'
- name: Dist
run: nimble dist_package
- uses: actions/upload-artifact@v3
with:
name: Enu macOS Distribution
path: dist/*.dmg