Skip to content

build-macosx-amd64

build-macosx-amd64 #42

name: build-macosx-amd64
on:
workflow_dispatch:
inputs:
repo:
description: 'Git repository to clone'
required: true
default: 'https://bitbucket.org/chromiumembedded/java-cef.git'
ref:
description: 'Git commit id to checkout'
required: true
default: 'master'
jobs:
build-macosx-amd64:
runs-on: macos-12
steps:
- uses: actions/checkout@v3
-
name: Setup environment
run: |
chmod +x scripts/install_macos_dependencies.sh
./scripts/install_macos_dependencies.sh
- name: Set up Java
uses: actions/setup-java@v3
with:
java-version: '8'
distribution: 'adopt'
- name: Install Apple certificate
env:
BUILD_CERTIFICATE_BASE64: ${{ secrets.APPLE_BUILD_CERTIFICATE_BASE64 }}
P12_PASSWORD: ${{ secrets.APPLE_P12_PASSWORD }}
KEYCHAIN_PASSWORD: ${{ secrets.APPLE_KEYCHAIN_PASSWORD }}
APPLE_API_KEY_BASE64: ${{ secrets.APPLE_API_KEY_BASE64 }}
APPLE_API_KEY_NAME: ${{ secrets.APPLE_API_KEY_NAME }}
run: |
# create variables
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
# import certificate from secrets
echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode --output $CERTIFICATE_PATH
# create temporary keychain
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
# import certificate to keychain
security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH -T /usr/bin/codesign
security list-keychain -d user -s $KEYCHAIN_PATH
# import api key from secrets
mkdir "${HOME}/private_keys"
echo -n "$APPLE_API_KEY_BASE64" | base64 --decode --output "${HOME}/private_keys/AuthKey_$APPLE_API_KEY_NAME.p8"
-
name: Build
run: |
chmod +x compile_macosx.sh
./compile_macosx.sh amd64 Release ${{ github.event.inputs.repo }} ${{ github.event.inputs.ref }} "${{ secrets.APPLE_BUILD_CERTIFICATE_NAME }}" ${{ secrets.APPLE_TEAM_NAME }} ${{ secrets.APPLE_API_KEY_ID }} "${HOME}/private_keys/AuthKey_${{ secrets.APPLE_API_KEY_NAME }}.p8" ${{ secrets.APPLE_API_KEY_ISSUER }}
- name: Clean up keychain
if: ${{ always() }}
run: |
security delete-keychain $RUNNER_TEMP/app-signing.keychain-db
rm -rf "${HOME}/private_keys"
-
name: Export artifacts
uses: actions/upload-artifact@v3
with:
name: macosx-amd64.tar.gz
path: out/binary_distrib.tar.gz