@@ -35,40 +35,98 @@ jobs:
3535 CI : false
3636 run : npm run react-build
3737
38- - name : Build Electron app
39- if : matrix.os != 'ubuntu-latest-large'
38+ # ---------------------------
39+ # macOS Build
40+ # ---------------------------
41+ - name : Debug environment (macOS)
42+ if : matrix.os == 'macos-latest'
43+ run : |
44+ echo "===== DEBUGGING ENVIRONMENT ====="
45+ echo "API Key ID: [MASKED]"
46+ echo "API Issuer: [MASKED]"
47+ echo "Certificate: [MASKED]"
48+ echo "================================="
49+
50+ - name : Setup macOS certificates
51+ if : matrix.os == 'macos-latest'
4052 env :
41- DEBUG : electron-builder
53+ MACOS_CERTIFICATE : ${{ secrets.MACOS_CERTIFICATE }}
54+ MACOS_CERTIFICATE_PASSWORD : ${{ secrets.MACOS_CERTIFICATE_PASSWORD }}
55+ run : |
56+ # Create keychain
57+ security create-keychain -p "" build.keychain
58+ security default-keychain -s build.keychain
59+ security unlock-keychain -p "" build.keychain
60+
61+ # Import certificate
62+ echo $MACOS_CERTIFICATE | base64 --decode > certificate.p12
63+ security import certificate.p12 -k build.keychain -P $MACOS_CERTIFICATE_PASSWORD -T /usr/bin/codesign
64+ security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k "" build.keychain
65+
66+ # Clean up
67+ rm certificate.p12
68+
69+ name : Build and Sign Electron app (macOS)
70+ if : matrix.os == 'macos-latest'
71+ env :
72+ DEBUG : electron-builder,electron-builder:*
4273 GH_TOKEN : ${{ secrets.GITHUB_TOKEN }}
43- # macOS signing environment variables
44- APPLE_TEAM_ID : ${{ secrets.APPLE_TEAM_ID }}
45- APPLE_API_KEY : ${{ secrets.APPLE_API_KEY }}
46- APPLE_API_KEY_ID : ${{ secrets.APPLE_API_KEY_ID }}
47- APPLE_API_ISSUER : ${{ secrets.APPLE_API_ISSUER }}
74+
75+ # Apple notarization credentials
76+ APPLE_TEAM_ID : ${{ secrets.GODOT_MACOS_NOTARIZATION_API_UUID }}
77+ APPLE_API_KEY : ${{ secrets.GODOT_MACOS_NOTARIZATION_API_KEY }}
78+ APPLE_API_KEY_ID : ${{ secrets.GODOT_MACOS_NOTARIZATION_API_KEY_ID }}
79+ APPLE_API_ISSUER : ${{ secrets.GODOT_MACOS_NOTARIZATION_API_UUID }}
80+
81+ # Signing certificate
4882 CSC_LINK : ${{ secrets.MACOS_CERTIFICATE }}
4983 CSC_KEY_PASSWORD : ${{ secrets.MACOS_CERTIFICATE_PASSWORD }}
84+ run : |
85+ # Show electron-builder version
86+ npx electron-builder --version
87+
88+ # Pre-sign any nested binaries (similar to the bash script)
89+ find . -type f -path "*/Resources/*/bin/*" -exec codesign --force --sign "$APPLE_TEAM_ID" --options runtime {} \;
90+
91+ # Build with electron-builder
92+ npx electron-builder --mac --x64 --arm64 --publish=never
93+
94+ # Verify signing and notarization for both architectures
95+ echo "Verifying x64 build..."
96+ spctl --assess --verbose=4 "dist/mac-universal/Drivechain Launcher.app"
97+ xcrun stapler validate "dist/mac-universal/Drivechain Launcher.app"
98+
99+ echo "Verifying arm64 build..."
100+ spctl --assess --verbose=4 "dist/mac-arm64/Drivechain Launcher.app"
101+ xcrun stapler validate "dist/mac-arm64/Drivechain Launcher.app"
102+
103+ # ---------------------------
104+ # Windows Build
105+ # ---------------------------
106+ - name : Build Electron app (Windows)
107+ if : matrix.os == 'windows-latest'
108+ env :
109+ DEBUG : electron-builder
110+ GH_TOKEN : ${{ secrets.GITHUB_TOKEN }}
50111 run : npm run electron-build
51112
113+ # ---------------------------
114+ # Linux Build
115+ # ---------------------------
52116 - name : Build Electron app (Linux)
53117 if : matrix.os == 'ubuntu-latest-large'
54118 env :
55119 DEBUG : electron-builder
56120 GH_TOKEN : ${{ secrets.GITHUB_TOKEN }}
57121 run : |
58- # Show electron-builder version
59122 npx electron-builder --version
60-
61- # List contents before build
62123 ls -la
63-
64- # Run build with verbose logging
65124 npx electron-builder --linux AppImage --x64
66-
67- # Show build output directory
68- echo "Build output directory contents:"
69125 ls -la dist/
70126
71- # Upload artifacts based on platform
127+ # ---------------------------
128+ # Upload Artifacts
129+ # ---------------------------
72130 - name : Check Linux build output
73131 if : matrix.os == 'ubuntu-latest-large'
74132 run : |
@@ -78,34 +136,34 @@ jobs:
78136 exit 1
79137 fi
80138 find dist -type f -name "*.AppImage" || echo "No AppImage files found in dist/"
81-
139+
82140name : Upload Linux artifacts
83141 if : matrix.os == 'ubuntu-latest-large'
84142 uses : actions/upload-artifact@v4
85143 with :
86144 name : linux-build
87- path : |
88- dist/*.AppImage
145+ path : dist/*.AppImage
89146 if-no-files-found : error
90147
91148 - name : Upload Windows artifacts
92149 if : matrix.os == 'windows-latest'
93150 uses : actions/upload-artifact@v4
94151 with :
95152 name : windows-build
96- path : |
97- dist/*.exe
153+ path : dist/*.exe
98154 if-no-files-found : error
99155
100156 - name : Upload macOS artifacts
101157 if : matrix.os == 'macos-latest'
102158 uses : actions/upload-artifact@v4
103159 with :
104160 name : macos-build
105- path : |
106- dist/*.dmg
161+ path : dist/*.dmg
107162 if-no-files-found : error
108163
164+ # ----------------------------------
165+ # Upload to your server step
166+ # ----------------------------------
109167 upload-to-releases :
110168 name : Upload to releases.drivechain.info
111169 runs-on : ubuntu-latest
@@ -131,50 +189,37 @@ jobs:
131189
132190name : Process artifacts
133191 run : |
134- # Process Linux artifact
192+ # ( Linux) rename AppImage
135193 cd artifacts/linux-build
136194 mv *.AppImage ../../drivechain-launcher-latest-x86_64-linux.AppImage
137195 cd ../..
138196
139- # Process Windows artifact
197+ # ( Windows) zip up the .exe
140198 cd artifacts/windows-build
141- echo "Windows build directory contents before processing:"
142- ls -la
143-
144- # Find the exact exe file
145199 EXE_FILE=$(ls Drivechain-Launcher-Setup-*.exe 2>/dev/null || echo "")
146200 if [ -z "$EXE_FILE" ]; then
147201 echo "Error: No Windows exe file found"
148202 exit 1
149203 fi
150- echo "Found Windows exe file: $EXE_FILE"
151-
152- # Create zip file containing the exe
153204 zip ../../drivechain-launcher-latest-windows.zip "$EXE_FILE"
154205 cd ../..
155206
156- # Process macOS artifacts
207+ # ( macOS) rename the DMGs
157208 cd artifacts/macos-build
158- echo "macOS build directory contents before processing:"
159- ls -la
160-
161- # Process arm64 DMG
162209 ARM64_DMG=$(ls *-arm64.dmg 2>/dev/null || echo "")
163210 if [ -z "$ARM64_DMG" ]; then
164211 echo "Error: No arm64 DMG file found"
165212 exit 1
166213 fi
167214 mv "$ARM64_DMG" ../../drivechain-launcher-latest-osx-arm64.dmg
168215
169- # Process x64 DMG
170216 X64_DMG=$(ls *-x64.dmg 2>/dev/null || echo "")
171217 if [ -z "$X64_DMG" ]; then
172218 echo "Error: No x64 DMG file found"
173219 exit 1
174220 fi
175221 mv "$X64_DMG" ../../drivechain-launcher-latest-osx-x64.dmg
176222 cd ../..
177-
178223 echo "Final files:"
179224 ls -la drivechain-launcher-*
180225
0 commit comments