Skip to content

Commit 7fda186

Browse files
hiento09hiento09
authored
chore: separate mac binary (#2198)
1 parent 005e268 commit 7fda186

File tree

1 file changed

+72
-0
lines changed

1 file changed

+72
-0
lines changed

.github/workflows/template-build-macos.yml

+72
Original file line numberDiff line numberDiff line change
@@ -253,6 +253,14 @@ jobs:
253253
cd engine
254254
make codesign-binary CODE_SIGN=true DEVELOPER_ID="${{ secrets.DEVELOPER_ID }}" DESTINATION_BINARY_NAME="${{ steps.set-output-params.outputs.destination_binary_name }}" DESTINATION_BINARY_SERVER_NAME="${{ steps.set-output-params.outputs.destination_binary_server_name }}"
255255
256+
- name: Code Signing binaries for separate binary
257+
run: |
258+
codesign --force -s "${{ secrets.DEVELOPER_ID }}" --options=runtime --entitlements="./engine/templates/macos/entitlements.plist" ./cortex-${{ inputs.new_version }}-mac-arm64/${{ steps.set-output-params.outputs.destination_binary_name }}
259+
codesign --force -s "${{ secrets.DEVELOPER_ID }}" --options=runtime --entitlements="./engine/templates/macos/entitlements.plist" ./cortex-${{ inputs.new_version }}-mac-arm64/${{ steps.set-output-params.outputs.destination_binary_server_name }}
260+
261+
codesign --force -s "${{ secrets.DEVELOPER_ID }}" --options=runtime --entitlements="./engine/templates/macos/entitlements.plist" ./cortex-${{ inputs.new_version }}-mac-amd64/${{ steps.set-output-params.outputs.destination_binary_name }}
262+
codesign --force -s "${{ secrets.DEVELOPER_ID }}" --options=runtime --entitlements="./engine/templates/macos/entitlements.plist" ./cortex-${{ inputs.new_version }}-mac-amd64/${{ steps.set-output-params.outputs.destination_binary_server_name }}
263+
256264
- name: Notary macOS Binary
257265
run: |
258266
curl -sSfL https://raw.githubusercontent.com/anchore/quill/main/install.sh | sh -s -- -b /usr/local/bin
@@ -265,6 +273,18 @@ jobs:
265273
QUILL_NOTARY_ISSUER: ${{ secrets.NOTARY_ISSUER }}
266274
QUILL_NOTARY_KEY: "/tmp/notary-key.p8"
267275

276+
- name: Notary macOS Binary for separate binary
277+
run: |
278+
# Notarize the binary
279+
quill notarize ./cortex-${{ inputs.new_version }}-mac-arm64/${{ steps.set-output-params.outputs.destination_binary_name }}
280+
quill notarize ./cortex-${{ inputs.new_version }}-mac-arm64/${{ steps.set-output-params.outputs.destination_binary_server_name }}
281+
quill notarize ./cortex-${{ inputs.new_version }}-mac-amd64/${{ steps.set-output-params.outputs.destination_binary_name }}
282+
quill notarize ./cortex-${{ inputs.new_version }}-mac-amd64/${{ steps.set-output-params.outputs.destination_binary_server_name }}
283+
env:
284+
QUILL_NOTARY_KEY_ID: ${{ secrets.NOTARY_KEY_ID }}
285+
QUILL_NOTARY_ISSUER: ${{ secrets.NOTARY_ISSUER }}
286+
QUILL_NOTARY_KEY: "/tmp/notary-key.p8"
287+
268288
- name: Build network Installers
269289
shell: bash
270290
run: |
@@ -310,6 +330,24 @@ jobs:
310330
xcrun notarytool submit ${{ steps.set-output-params.outputs.package_name }}-local.pkg --apple-id ${{ secrets.APPLE_ID }} --password ${{ secrets.APPLE_APP_SPECIFIC_PASSWORD }} --team-id ${{ secrets.APPLE_TEAM_ID }} --wait
311331
312332
- name: Package
333+
run: |
334+
mkdir temp
335+
# Mac arm64
336+
mv cortex-${{ inputs.new_version }}-mac-arm64 temp/cortex
337+
cd temp
338+
tar -czvf cortex-arm64.tar.gz cortex
339+
mv cortex-arm64.tar.gz ../cortex-arm64.tar.gz
340+
cd ..
341+
rm -rf temp/cortex
342+
343+
# Mac amd64
344+
mv cortex-${{ inputs.new_version }}-mac-amd64 temp/cortex
345+
cd temp
346+
tar -czvf cortex-amd64.tar.gz cortex
347+
mv cortex-amd64.tar.gz ../cortex-amd64.tar.gz
348+
cd ..
349+
350+
- name: Package for separate binary
313351
run: |
314352
cd engine
315353
make package
@@ -320,6 +358,18 @@ jobs:
320358
name: cortex-${{ inputs.new_version }}-mac-universal
321359
path: ./engine/cortex
322360

361+
- name: Upload Artifact
362+
uses: actions/upload-artifact@v4
363+
with:
364+
name: cortex-${{ inputs.new_version }}-mac-arm64-signed
365+
path: ./cortex-${{ inputs.new_version }}-mac-arm64
366+
367+
- name: Upload Artifact
368+
uses: actions/upload-artifact@v4
369+
with:
370+
name: cortex-${{ inputs.new_version }}-mac-amd64-signed
371+
path: ./cortex-${{ inputs.new_version }}-mac-amd64
372+
323373
- name: Upload Artifact
324374
uses: actions/upload-artifact@v4
325375
with:
@@ -358,6 +408,28 @@ jobs:
358408
asset_name: cortex-${{ inputs.new_version }}-mac-universal.tar.gz
359409
asset_content_type: application/zip
360410

411+
- name: Upload release assert if public provider is github
412+
if: inputs.public_provider == 'github'
413+
env:
414+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
415+
uses: actions/[email protected]
416+
with:
417+
upload_url: ${{ inputs.upload_url }}
418+
asset_path: ./cortex-arm64.tar.gz
419+
asset_name: cortex-${{ inputs.new_version }}-mac-arm64.tar.gz
420+
asset_content_type: application/zip
421+
422+
- name: Upload release assert if public provider is github
423+
if: inputs.public_provider == 'github'
424+
env:
425+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
426+
uses: actions/[email protected]
427+
with:
428+
upload_url: ${{ inputs.upload_url }}
429+
asset_path: ./cortex-amd64.tar.gz
430+
asset_name: cortex-${{ inputs.new_version }}-mac-amd64.tar.gz
431+
asset_content_type: application/zip
432+
361433
- name: Upload release assert if public provider is github
362434
if: inputs.public_provider == 'github'
363435
env:

0 commit comments

Comments
 (0)