forked from LayerTwo-Labs/drivechain_launcher
-
Notifications
You must be signed in to change notification settings - Fork 0
74 lines (63 loc) · 2.7 KB
/
build.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
name: Build Launcher
on:
pull_request:
push:
branches:
- "main"
jobs:
build:
# both Windows and Linux builds run on Ubuntu
runs-on: ${{ matrix.build == 'macos' && 'macos' || 'ubuntu' }}-latest
strategy:
fail-fast: false
matrix:
build: [macos, windows, linux]
steps:
- uses: actions/checkout@v3
- uses: chickensoft-games/setup-godot@v1
with:
version: 4.2.1
use-dotnet: false
- name: Verify Setup
run: |
godot --version
- name: Import certificate to Keychain
if: ${{ matrix.build == 'macos' }}
run: |
echo "${{ secrets.MACOS_CERTIFICATE }}" | base64 --decode > certificate.p12
KEYCHAIN_PASSWORD=$(uuidgen)
security create-keychain -p "$KEYCHAIN_PASSWORD" build.keychain
security default-keychain -s build.keychain
security unlock-keychain -p "$KEYCHAIN_PASSWORD" build.keychain
security import ./certificate.p12 -k ~/Library/Keychains/build.keychain -P ${{ secrets.MACOS_CERTIFICATE_PASSWORD }} -T /usr/bin/codesign
security set-key-partition-list -S apple-tool:,apple: -s -k "$KEYCHAIN_PASSWORD" ~/Library/Keychains/build.keychain
env:
MACOS_CERTIFICATE_PASSWORD: ${{ secrets.MACOS_CERTIFICATE_PASSWORD }}
- name: Setup notarization credentials
if: ${{ matrix.build == 'macos' }}
run: |
echo ${{ secrets.GODOT_MACOS_NOTARIZATION_API_KEY }} | base64 --decode > notarization_api_key.p8
- name: Export build
run: |
name="${{fromJSON('{"windows": "Windows Desktop", "macos": "macOS", "linux": "Linux/X11"}')[matrix.build] }}"
godot --headless --export-debug "$name" --verbose 2>&1 | tee build.log
env:
GODOT_MACOS_NOTARIZATION_API_KEY_ID:
${{ secrets.GODOT_MACOS_NOTARIZATION_API_KEY_ID }}
GODOT_MACOS_NOTARIZATION_API_KEY: ./notarization_api_key.p8
GODOT_MACOS_NOTARIZATION_API_UUID:
${{ secrets.GODOT_MACOS_NOTARIZATION_API_UUID }}
- name: Upload build
uses: actions/upload-artifact@v4
with:
name: drivechain_launcher_${{ matrix.build }}
if-no-files-found: error
path: build/drivechain_launcher-*
- name: Wait for notarization to finish
if: ${{ matrix.build == 'macos' }}
run: |
request_id=$(grep 'Notarization request UUID' build.log | rev | cut -d ' ' -f 1 | rev | tr -d '"')
xcrun notarytool wait $request_id \
--issuer ${{ secrets.GODOT_MACOS_NOTARIZATION_API_UUID }} \
--key-id ${{ secrets.GODOT_MACOS_NOTARIZATION_API_KEY_ID }} \
--key ./notarization_api_key.p8