Skip to content

Trying a new way again #159

Trying a new way again

Trying a new way again #159

Workflow file for this run

name: macOS
on: [push]
jobs:
build_app:
name: Build and sign macOS app
runs-on: macos-latest
env:
PYTHON: /Library/Frameworks/Python.framework/Versions/3.13/bin/python3
steps:
- name: Checkout repo
uses: actions/checkout@v4
- name: Clone Snappy repo
run: |
git clone https://github.com/3-manifolds/snappy/
- name: Download stripped frameworks for py2app
uses: dawidd6/action-download-artifact@v6
with:
github_token: ${{secrets.GITHUB_TOKEN}}
repo: 3-manifolds/frameworks
workflow: build.yml
workflow_conclusion: success
branch: python_3.13
name: Frameworks.tgz
path: frameworks
- name: Install the Apple certificate and provisioning profile
env:
BUILD_CERTIFICATE_BASE64: ${{ secrets.BUILD_CERTIFICATE_BASE64 }}
P12_PASSWORD: ${{ secrets.P12_PASSWORD }}
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
DEV_ID: ${{ secrets.DEV_ID }}
DEV_USERNAME: ${{ secrets.NOTARIZE_USERNAME }}
DEV_PASSWORD: ${{ secrets.NOTARIZE_PASSWORD }}
run: |
# create variables
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
PP_PATH=$RUNNER_TEMP/build_pp.mobileprovision
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
# import certificate and provisioning profile from secrets
echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode --output=$CERTIFICATE_PATH
# create temporary keychain
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
# import certificate to keychain
security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
security list-keychain -d user -s $KEYCHAIN_PATH
# Create config file needed by release.py
echo -e "[developer]\nidentity = $DEV_ID" > notabot.cfg
echo -e "username = $DEV_USERNAME" >> notabot.cfg
echo -e "password = $DEV_PASSWORD\n" >> notabot.cfg
echo -e "[app]\napp_name = SnapPy" >> notabot.cfg
echo -e "app_path = dist/SnapPy.app" >> notabot.cfg
echo -e "dmg_path = disk_images/SnapPy.dmg" >> notabot.cfg
echo -e "bundle_id = SnapPy-3.1" >> notabot.cfg
cp notabot.cfg snappy/macOS_app
- uses: actions/upload-artifact@v4
with:
name: SnapPy.dmg
path: snappy/macOS_app/disk_images/SnapPy.dmg