mirror of
https://github.com/moku-project/Moku.git
synced 2026-06-13 01:09:56 -05:00
Youwes09
262 lines
8.7 KiB
YAML
262 lines
8.7 KiB
YAML
name: Build macOS
|
|
|
|
on:
|
|
workflow_dispatch:
|
|
inputs:
|
|
version:
|
|
description: "Version to build (e.g. 0.3.0)"
|
|
required: true
|
|
|
|
jobs:
|
|
frontend:
|
|
name: Build frontend
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- uses: pnpm/action-setup@v4
|
|
with:
|
|
version: latest
|
|
|
|
- uses: actions/setup-node@v4
|
|
with:
|
|
node-version: 22
|
|
cache: pnpm
|
|
|
|
- name: Install dependencies
|
|
run: pnpm install --frozen-lockfile
|
|
|
|
- name: Build
|
|
run: pnpm build
|
|
|
|
- name: Upload dist
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: frontend-dist
|
|
path: dist/
|
|
retention-days: 1
|
|
|
|
tauri:
|
|
name: Tauri (macOS)
|
|
needs: frontend
|
|
runs-on: macos-latest
|
|
permissions:
|
|
contents: write
|
|
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: Download frontend dist
|
|
uses: actions/download-artifact@v4
|
|
with:
|
|
name: frontend-dist
|
|
path: dist/
|
|
|
|
- name: Install Rust
|
|
uses: dtolnay/rust-toolchain@stable
|
|
with:
|
|
targets: aarch64-apple-darwin,x86_64-apple-darwin
|
|
|
|
- name: Rust cache
|
|
uses: Swatinem/rust-cache@v2
|
|
with:
|
|
workspaces: src-tauri
|
|
|
|
- uses: pnpm/action-setup@v4
|
|
with:
|
|
version: latest
|
|
|
|
- uses: actions/setup-node@v4
|
|
with:
|
|
node-version: 22
|
|
cache: pnpm
|
|
|
|
- name: Install JS dependencies
|
|
run: pnpm install --frozen-lockfile
|
|
|
|
- name: Import Apple signing certificate
|
|
env:
|
|
APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }}
|
|
APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }}
|
|
run: |
|
|
if [ -z "$APPLE_CERTIFICATE" ]; then
|
|
echo "No certificate configured — building unsigned."
|
|
exit 0
|
|
fi
|
|
CERT_PATH=$RUNNER_TEMP/certificate.p12
|
|
KEYCHAIN_PATH=$RUNNER_TEMP/build.keychain
|
|
echo "$APPLE_CERTIFICATE" | base64 --decode > "$CERT_PATH"
|
|
security create-keychain -p "" "$KEYCHAIN_PATH"
|
|
security set-keychain-settings -lut 21600 "$KEYCHAIN_PATH"
|
|
security unlock-keychain -p "" "$KEYCHAIN_PATH"
|
|
security import "$CERT_PATH" -P "$APPLE_CERTIFICATE_PASSWORD" \
|
|
-A -t cert -f pkcs12 -k "$KEYCHAIN_PATH"
|
|
security set-key-partition-list -S apple-tool:,apple: -k "" "$KEYCHAIN_PATH"
|
|
security list-keychains -d user -s "$KEYCHAIN_PATH" login.keychain
|
|
|
|
- name: Download Suwayomi binaries
|
|
run: |
|
|
download_suwayomi() {
|
|
local asset="$1" sha="$2" outdir="$3"
|
|
curl -fsSL \
|
|
"https://github.com/Suwayomi/Suwayomi-Server/releases/download/v2.1.1867/${asset}" \
|
|
-o "${outdir}.tar.gz"
|
|
echo "${sha} ${outdir}.tar.gz" | shasum -a 256 -c -
|
|
mkdir -p "${outdir}"
|
|
tar -xzf "${outdir}.tar.gz" -C "${outdir}" --strip-components=1
|
|
}
|
|
|
|
download_suwayomi \
|
|
"Suwayomi-Server-v2.1.1867-macOS-arm64.tar.gz" \
|
|
"c80abdbba29f7895e9556c6c9481368557d5f930b5f69bcb30639ba498925f3c" \
|
|
"suwayomi-arm64"
|
|
|
|
download_suwayomi \
|
|
"Suwayomi-Server-v2.1.1867-macOS-x64.tar.gz" \
|
|
"c7590aeb645dd7135a05b9f3ea1fee384a4abeb465c0b3638d5b738d20dfe174" \
|
|
"suwayomi-x64"
|
|
|
|
- name: Stage Suwayomi sidecars
|
|
run: |
|
|
mkdir -p src-tauri/binaries
|
|
|
|
find_launcher() {
|
|
local dir="$1"
|
|
# v2.1.1867 macOS tarball ships "Suwayomi Launcher.command" (space, .command)
|
|
find "$dir" -maxdepth 1 -type f -name "*.command" | head -1
|
|
}
|
|
|
|
ARM_LAUNCHER=$(find_launcher suwayomi-arm64)
|
|
X64_LAUNCHER=$(find_launcher suwayomi-x64)
|
|
|
|
if [ -z "$ARM_LAUNCHER" ] || [ -z "$X64_LAUNCHER" ]; then
|
|
echo "ERROR: could not find launchers — tarball contents:"
|
|
ls -lR suwayomi-arm64 suwayomi-x64
|
|
exit 1
|
|
fi
|
|
|
|
echo "arm64 launcher: $ARM_LAUNCHER"
|
|
echo "x64 launcher: $X64_LAUNCHER"
|
|
|
|
cp "$ARM_LAUNCHER" src-tauri/binaries/suwayomi-server-aarch64-apple-darwin
|
|
cp "$X64_LAUNCHER" src-tauri/binaries/suwayomi-server-x86_64-apple-darwin
|
|
chmod +x src-tauri/binaries/suwayomi-server-aarch64-apple-darwin
|
|
chmod +x src-tauri/binaries/suwayomi-server-x86_64-apple-darwin
|
|
|
|
cp -r suwayomi-arm64 src-tauri/binaries/suwayomi-bundle-arm64
|
|
cp -r suwayomi-x64 src-tauri/binaries/suwayomi-bundle-x64
|
|
|
|
- name: Patch tauri.conf.json for CI
|
|
run: |
|
|
# dist/ is already built by the frontend job — suppress the rebuild.
|
|
# We patch in-place rather than using --config to avoid Tauri schema issues.
|
|
sed -i '' 's/"beforeBuildCommand": "pnpm build"/"beforeBuildCommand": ""/' src-tauri/tauri.conf.json
|
|
|
|
- name: Build Tauri app (aarch64)
|
|
uses: tauri-apps/tauri-action@v0
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }}
|
|
APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }}
|
|
APPLE_SIGNING_IDENTITY: ${{ secrets.APPLE_SIGNING_IDENTITY }}
|
|
APPLE_ID: ${{ secrets.APPLE_ID }}
|
|
APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
|
|
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
|
|
with:
|
|
args: --target aarch64-apple-darwin
|
|
|
|
- name: Build Tauri app (x86_64)
|
|
uses: tauri-apps/tauri-action@v0
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }}
|
|
APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }}
|
|
APPLE_SIGNING_IDENTITY: ${{ secrets.APPLE_SIGNING_IDENTITY }}
|
|
APPLE_ID: ${{ secrets.APPLE_ID }}
|
|
APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
|
|
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
|
|
with:
|
|
args: --target x86_64-apple-darwin
|
|
|
|
- name: Upload arm64 .dmg
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: moku-aarch64
|
|
path: src-tauri/target/aarch64-apple-darwin/release/bundle/dmg/*.dmg
|
|
retention-days: 7
|
|
|
|
- name: Upload x64 .dmg
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: moku-x86_64
|
|
path: src-tauri/target/x86_64-apple-darwin/release/bundle/dmg/*.dmg
|
|
retention-days: 7
|
|
|
|
- name: Upload arm64 .app (for universal job)
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: app-aarch64-apple-darwin
|
|
path: src-tauri/target/aarch64-apple-darwin/release/bundle/macos/
|
|
retention-days: 1
|
|
|
|
- name: Upload x64 .app (for universal job)
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: app-x86_64-apple-darwin
|
|
path: src-tauri/target/x86_64-apple-darwin/release/bundle/macos/
|
|
retention-days: 1
|
|
|
|
universal:
|
|
name: Universal .dmg
|
|
needs: tauri
|
|
runs-on: macos-latest
|
|
|
|
steps:
|
|
- name: Download arm64 .app
|
|
uses: actions/download-artifact@v4
|
|
with:
|
|
name: app-aarch64-apple-darwin
|
|
path: apps/arm64/
|
|
|
|
- name: Download x64 .app
|
|
uses: actions/download-artifact@v4
|
|
with:
|
|
name: app-x86_64-apple-darwin
|
|
path: apps/x64/
|
|
|
|
- name: lipo into universal binary
|
|
run: |
|
|
ARM_APP=$(find apps/arm64 -name "*.app" -maxdepth 1 | head -1)
|
|
X64_APP=$(find apps/x64 -name "*.app" -maxdepth 1 | head -1)
|
|
APP_NAME=$(basename "$ARM_APP")
|
|
|
|
mkdir -p universal
|
|
cp -r "$ARM_APP" "universal/${APP_NAME}"
|
|
|
|
find "universal/${APP_NAME}" -type f | while read -r f; do
|
|
if file "$f" | grep -q "Mach-O"; then
|
|
X64_EQUIV="${X64_APP}${f#universal/${APP_NAME}}"
|
|
if [ -f "$X64_EQUIV" ]; then
|
|
lipo -create -output "$f" "$f" "$X64_EQUIV" 2>/dev/null || true
|
|
fi
|
|
fi
|
|
done
|
|
|
|
- name: Package universal .dmg
|
|
run: |
|
|
APP_NAME=$(find universal -name "*.app" -maxdepth 1 | head -1 | xargs basename)
|
|
mkdir dmg-stage
|
|
cp -r "universal/${APP_NAME}" dmg-stage/
|
|
ln -s /Applications dmg-stage/Applications
|
|
hdiutil create \
|
|
-volname "Moku" \
|
|
-srcfolder dmg-stage \
|
|
-ov -format UDZO \
|
|
"moku-universal.dmg"
|
|
|
|
- name: Upload universal .dmg
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: moku-universal
|
|
path: moku-universal.dmg
|
|
retention-days: 7 |