From a75d0353986481210530a26b7362a2bc4e75183a Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Tue, 4 Mar 2025 12:54:28 -0700 Subject: [PATCH 01/50] use wails 3 --- action.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/action.yml b/action.yml index 1060d9a..7206709 100644 --- a/action.yml +++ b/action.yml @@ -184,7 +184,7 @@ runs: # install wails - name: Install Wails if: inputs.build == 'true' && inputs.wails-dev-build == 'false' - run: go install github.com/wailsapp/wails/v2/cmd/wails@${{inputs.wails-version}} + run: go install github.com/wailsapp/wails/v3/cmd/wails3@${{inputs.wails-version}} shell: bash - name: Install macOS Wails deps if: runner.os == 'macOS' @@ -196,7 +196,7 @@ runs: env: BUILD_OPTIONS: ${{ steps.build_options.outputs.BUILD_OPTIONS }} working-directory: ${{ inputs.app-working-directory }} - run: wails build --platform ${{inputs.build-platform}} -webview2 ${{inputs.wails-build-webview2}} -o ${{inputs.build-name}} $BUILD_OPTIONS + run: wails3 build --platform ${{inputs.build-platform}} -webview2 ${{inputs.wails-build-webview2}} -o ${{inputs.build-name}} $BUILD_OPTIONS shell: bash - name: Add macOS perms if: inputs.build == 'true' && runner.os == 'macOS' From 162d99c8e88e77a5512df849ed9bb2f3a35edbdf Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Tue, 4 Mar 2025 16:59:57 -0700 Subject: [PATCH 02/50] removes build details from wails build step (handled by project yml now) --- action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/action.yml b/action.yml index 7206709..0eef1ff 100644 --- a/action.yml +++ b/action.yml @@ -196,7 +196,7 @@ runs: env: BUILD_OPTIONS: ${{ steps.build_options.outputs.BUILD_OPTIONS }} working-directory: ${{ inputs.app-working-directory }} - run: wails3 build --platform ${{inputs.build-platform}} -webview2 ${{inputs.wails-build-webview2}} -o ${{inputs.build-name}} $BUILD_OPTIONS + run: wails3 build shell: bash - name: Add macOS perms if: inputs.build == 'true' && runner.os == 'macOS' From 1f90339f5d4e53c8ebfa6ed950c914be1829fff8 Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Tue, 4 Mar 2025 21:26:20 -0700 Subject: [PATCH 03/50] adjusts path target for macos chmod command --- action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/action.yml b/action.yml index 0eef1ff..f1084b6 100644 --- a/action.yml +++ b/action.yml @@ -201,7 +201,7 @@ runs: - name: Add macOS perms if: inputs.build == 'true' && runner.os == 'macOS' working-directory: ${{ inputs.app-working-directory }} - run: chmod +x build/bin/*/Contents/MacOS/* + run: chmod +x bin/*/Contents/MacOS/* shell: bash - name: Add Linux perms if: inputs.build == 'true' && runner.os == 'Linux' From e5349d6b4247fa62d676e83f2e070b315909f68c Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Tue, 4 Mar 2025 21:41:17 -0700 Subject: [PATCH 04/50] remove chmod altogether --- action.yml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/action.yml b/action.yml index f1084b6..18f9bd4 100644 --- a/action.yml +++ b/action.yml @@ -198,11 +198,6 @@ runs: working-directory: ${{ inputs.app-working-directory }} run: wails3 build shell: bash - - name: Add macOS perms - if: inputs.build == 'true' && runner.os == 'macOS' - working-directory: ${{ inputs.app-working-directory }} - run: chmod +x bin/*/Contents/MacOS/* - shell: bash - name: Add Linux perms if: inputs.build == 'true' && runner.os == 'Linux' working-directory: ${{ inputs.app-working-directory }} From 62d214caf6309529676633f65789b4d4f6138c8b Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Sun, 23 Mar 2025 13:55:27 -0600 Subject: [PATCH 05/50] alters ditto path for zip creation --- action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/action.yml b/action.yml index 18f9bd4..b6d78e9 100644 --- a/action.yml +++ b/action.yml @@ -233,7 +233,7 @@ runs: working-directory: ${{ inputs.app-working-directory }} shell: bash run: | - ditto -c -k --keepParent ${{ inputs.app-working-directory }}/build/bin/${{inputs.build-name}}.app ${{ inputs.app-working-directory }}/build/bin/${{inputs.build-name}}.app.zip + ditto -c -k --keepParent ${{ inputs.app-working-directory }}/bin/${{inputs.build-name}}.app ${{ inputs.app-working-directory }}/bin/${{inputs.build-name}}.app.zip - name: Building Installer if: runner.os == 'macOS' && inputs.sign != 'false' && inputs.sign-macos-installer-id != '' && startsWith(github.ref, 'refs/tags/') shell: bash From 64d8a737f5fa4d2e52058789060d85d64f741e62 Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Sun, 23 Mar 2025 14:14:57 -0600 Subject: [PATCH 06/50] adds app packaging step --- action.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/action.yml b/action.yml index b6d78e9..db54fc3 100644 --- a/action.yml +++ b/action.yml @@ -204,6 +204,13 @@ runs: run: chmod +x build/bin/* shell: bash # Package and Sign MacOS + - name: Package App + if: inputs.build == 'true' + env: + BUILD_OPTIONS: ${{ steps.build_options.outputs.BUILD_OPTIONS }} + working-directory: ${{ inputs.app-working-directory }} + run: wails3 package + shell: bash - name: Import Code-Signing Certificates for macOS if: runner.os == 'macOS' && inputs.sign != 'false' && startsWith(github.ref, 'refs/tags/') uses: Apple-Actions/import-codesign-certs@v1 From 097d0fa61bc806d000b2725f73347cbe162eeca4 Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Mon, 24 Mar 2025 13:32:24 -0600 Subject: [PATCH 07/50] write build version to app Plist before build --- action.yml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/action.yml b/action.yml index db54fc3..ee16140 100644 --- a/action.yml +++ b/action.yml @@ -31,6 +31,10 @@ inputs: description: "Platform to build for" required: false default: "darwin/universal" + build-version: + description: "Version of app being built" + required: false + default: "1.0.0" build-tags: description: "Build tags to pass to Go compiler. Must be quoted. Space or comma (but not both) separated" required: false @@ -191,6 +195,14 @@ runs: run: brew install mitchellh/gon/gon shell: bash # Building step + - name: Set App Version + if: inputs.build == 'true' + env: + VERSION: ${{ inputs.build-version }} + run: | + /usr/libexec/PlistBuddy -c "Set :CFBundleShortVersionString $VERSION" build/darwin/Info.plist + /usr/libexec/PlistBuddy -c "Set :CFBundleVersion $VERSION " build/darwin/Info.plist + shell: bash - name: Build App if: inputs.build == 'true' env: From 258ec9db1508a0e39168cb2345a9b705ca696b76 Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Mon, 24 Mar 2025 13:48:12 -0600 Subject: [PATCH 08/50] updates build path in packaging steps --- action.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/action.yml b/action.yml index ee16140..986ef36 100644 --- a/action.yml +++ b/action.yml @@ -201,7 +201,7 @@ runs: VERSION: ${{ inputs.build-version }} run: | /usr/libexec/PlistBuddy -c "Set :CFBundleShortVersionString $VERSION" build/darwin/Info.plist - /usr/libexec/PlistBuddy -c "Set :CFBundleVersion $VERSION " build/darwin/Info.plist + /usr/libexec/PlistBuddy -c "Set :CFBundleVersion $VERSION" build/darwin/Info.plist shell: bash - name: Build App if: inputs.build == 'true' @@ -258,13 +258,13 @@ runs: shell: bash working-directory: ${{ inputs.app-working-directory }} run: | - productbuild --sign '${{inputs.sign-macos-installer-id}}' --component ${{ inputs.app-working-directory }}/build/bin/${{inputs.build-name}}.app /Applications ${{ inputs.app-working-directory }}/build/bin/${{inputs.build-name}}.pkg + productbuild --sign '${{inputs.sign-macos-installer-id}}' --component ${{ inputs.app-working-directory }}/bin/${{inputs.build-name}}.app /Applications ${{ inputs.app-working-directory }}/bin/${{inputs.build-name}}.pkg - name: Building Installer if: runner.os == 'macOS' && inputs.sign-macos-installer-id == '' && startsWith(github.ref, 'refs/tags/') shell: bash working-directory: ${{ inputs.app-working-directory }} run: | - productbuild --component ${{ inputs.app-working-directory }}/build/bin/${{inputs.build-name}}.app /Applications ${{ inputs.app-working-directory }}/build/bin/${{inputs.build-name}}.pkg + productbuild --component ${{ inputs.app-working-directory }}/bin/${{inputs.build-name}}.app /Applications ${{ inputs.app-working-directory }}/bin/${{inputs.build-name}}.pkg - name: Notarising Installer and zip if: runner.os == 'macOS' && inputs.sign != 'false' && startsWith(github.ref, 'refs/tags/') shell: bash From 3cf313f346cc3c8f3a5515e9f377a67ee6646006 Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Mon, 24 Mar 2025 14:01:33 -0600 Subject: [PATCH 09/50] tries more deterministic artifact upload path --- action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/action.yml b/action.yml index 986ef36..5fe13cb 100644 --- a/action.yml +++ b/action.yml @@ -293,7 +293,7 @@ runs: with: name: Wails Build ${{runner.os}} ${{inputs.build-name}} path: | - */bin/ + ./bin/ *\bin\* - name: Release uses: softprops/action-gh-release@v1 From 5748a818d317c84d7d102d6272e002901c7e4825 Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Mon, 24 Mar 2025 14:02:00 -0600 Subject: [PATCH 10/50] removes release step --- action.yml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/action.yml b/action.yml index 5fe13cb..679c1f9 100644 --- a/action.yml +++ b/action.yml @@ -295,9 +295,3 @@ runs: path: | ./bin/ *\bin\* - - name: Release - uses: softprops/action-gh-release@v1 - if: inputs.package == 'true' && startsWith(github.ref, 'refs/tags/') - with: - files: | - */bin/* From d777299485e949b3323442fdbd0bef6f3c5c635e Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Mon, 24 Mar 2025 18:35:51 -0600 Subject: [PATCH 11/50] change dev PW env var --- action.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/action.yml b/action.yml index 679c1f9..1d6eade 100644 --- a/action.yml +++ b/action.yml @@ -243,7 +243,7 @@ runs: shell: bash working-directory: ${{ inputs.app-working-directory }} env: - APPLE_PASSWORD: ${{ inputs.sign-macos-apple-password }} + APPLE_DEVELOPER_PASSWORD: ${{ inputs.sign-macos-apple-password }} run: | echo "Signing Package" gon -log-level=info ./build/darwin/gon-sign.json @@ -270,7 +270,7 @@ runs: shell: bash working-directory: ${{ inputs.app-working-directory }} env: - APPLE_PASSWORD: ${{ inputs.sign-macos-apple-password }} + APPLE_DEVELOPER_PASSWORD: ${{ inputs.sign-macos-apple-password }} run: | gon -log-level=info ${{ inputs.app-working-directory }}/build/darwin/gon-notarize.json # Windows signing From 54f874e97fb0cb5435e8e98123cc02b94b48cd54 Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Mon, 24 Mar 2025 18:44:50 -0600 Subject: [PATCH 12/50] make notarization optional --- action.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/action.yml b/action.yml index 1d6eade..3eca09a 100644 --- a/action.yml +++ b/action.yml @@ -12,6 +12,10 @@ inputs: description: "Sign the build" required: false default: "false" + notarize: + description: "notarize the build" + required: false + default: "false" package: description: "Uploads workflow & uploads tag builds to a release" required: false @@ -266,7 +270,7 @@ runs: run: | productbuild --component ${{ inputs.app-working-directory }}/bin/${{inputs.build-name}}.app /Applications ${{ inputs.app-working-directory }}/bin/${{inputs.build-name}}.pkg - name: Notarising Installer and zip - if: runner.os == 'macOS' && inputs.sign != 'false' && startsWith(github.ref, 'refs/tags/') + if: runner.os == 'macOS' && inputs.sign != 'false' && inputs.notarize != 'false' && startsWith(github.ref, 'refs/tags/') shell: bash working-directory: ${{ inputs.app-working-directory }} env: From 43e96c1d3ddaae8797b094ba3e84135c7c64428a Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Mon, 24 Mar 2025 19:43:30 -0600 Subject: [PATCH 13/50] sign sparkle binaries --- action.yml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/action.yml b/action.yml index 3eca09a..c85aef8 100644 --- a/action.yml +++ b/action.yml @@ -12,6 +12,10 @@ inputs: description: "Sign the build" required: false default: "false" + sign-sparkle: + description: "Sign the sparkle framework" + required: false + default: "false" notarize: description: "notarize the build" required: false @@ -251,6 +255,18 @@ runs: run: | echo "Signing Package" gon -log-level=info ./build/darwin/gon-sign.json + - name: Sign sparkle framework + if: runner.os == 'macOS' && inputs.sign-sparkle != 'false' && startsWith(github.ref, 'refs/tags/') + shell: bash + working-directory: ${{ inputs.app-working-directory }} + env: + CODE_SIGN_IDENTITY: ${{ inputs.sign-macos-app-id }} + run: | + codesign -f -s "$CODE_SIGN_IDENTITY" -o runtime bin/${{inputs.build-name}}.app/Contents/Frameworks/Sparkle.framework/Versions/B/XPCServices/Installer.xpc + codesign -f -s "$CODE_SIGN_IDENTITY" -o runtime --preserve-metadata=entitlements bin/${{inputs.build-name}}.app/Contents/Frameworks/Sparkle.framework/Versions/B/XPCServices/Downloader.xpc + codesign -f -s "$CODE_SIGN_IDENTITY" -o runtime bin/${{inputs.build-name}}.app/Contents/Frameworks/Sparkle.framework/Versions/B/Autoupdate + codesign -f -s "$CODE_SIGN_IDENTITY" -o runtime bin/${{inputs.build-name}}.app/Contents/Frameworks/Sparkle.framework/Versions/B/Updater.app + codesign -f -s "$CODE_SIGN_IDENTITY" -o runtime bin/${{inputs.build-name}}.app/Contents/Frameworks/Sparkle.framework - name: Build .app zip file if: runner.os == 'macOS' working-directory: ${{ inputs.app-working-directory }} From 66d14d9f57079b0cca1397bec29055b8e80917a4 Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Mon, 24 Mar 2025 20:26:18 -0600 Subject: [PATCH 14/50] sign-sparkle default true --- action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/action.yml b/action.yml index c85aef8..88be93b 100644 --- a/action.yml +++ b/action.yml @@ -15,7 +15,7 @@ inputs: sign-sparkle: description: "Sign the sparkle framework" required: false - default: "false" + default: "true" notarize: description: "notarize the build" required: false From 8a6ce9cc9c3f12194153711c9adc175e42543c05 Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Mon, 24 Mar 2025 20:57:07 -0600 Subject: [PATCH 15/50] manual notarization instead of gon --- action.yml | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/action.yml b/action.yml index 88be93b..bcbd936 100644 --- a/action.yml +++ b/action.yml @@ -87,6 +87,14 @@ inputs: description: "MacOS Application Certificate id" required: false default: '' + sign-macos-app-email: + description: "Apple ID email" + required: false + default: '' + sign-macos-app-team-id: + description: "Apple ID team" + required: false + default: '' sign-macos-apple-password: description: "MacOS Apple password" required: false @@ -290,9 +298,11 @@ runs: shell: bash working-directory: ${{ inputs.app-working-directory }} env: + APPLE_ID: ${{ inputs.sign-macos-app-email }} + TEAM_ID: ${{ inputs.sign-macos-app-team-id }} APPLE_DEVELOPER_PASSWORD: ${{ inputs.sign-macos-apple-password }} run: | - gon -log-level=info ${{ inputs.app-working-directory }}/build/darwin/gon-notarize.json + xcrun notarytool submit --apple-id $APPLE_ID --team-id $TEAM_ID --password $APPLE_DEVELOPER_PASSWORD ${{ inputs.app-working-directory }}/bin/${{inputs.build-name}}.app.zip # Windows signing - name: Sign Windows binaries shell: powershell From 673a0b8fbc72f531acea3e943a1ea8720c6aaa82 Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Tue, 25 Mar 2025 13:11:31 -0600 Subject: [PATCH 16/50] sign app binary AFTER signing sparkle updater --- action.yml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/action.yml b/action.yml index bcbd936..f32ff1c 100644 --- a/action.yml +++ b/action.yml @@ -254,15 +254,6 @@ runs: p12-file-base64: ${{ inputs.sign-macos-installer-cert }} p12-password: ${{ inputs.sign-macos-installer-cert-password }} create-keychain: false - - name: Sign our macOS binary - if: runner.os == 'macOS' && inputs.sign != 'false' && startsWith(github.ref, 'refs/tags/') - shell: bash - working-directory: ${{ inputs.app-working-directory }} - env: - APPLE_DEVELOPER_PASSWORD: ${{ inputs.sign-macos-apple-password }} - run: | - echo "Signing Package" - gon -log-level=info ./build/darwin/gon-sign.json - name: Sign sparkle framework if: runner.os == 'macOS' && inputs.sign-sparkle != 'false' && startsWith(github.ref, 'refs/tags/') shell: bash @@ -275,6 +266,15 @@ runs: codesign -f -s "$CODE_SIGN_IDENTITY" -o runtime bin/${{inputs.build-name}}.app/Contents/Frameworks/Sparkle.framework/Versions/B/Autoupdate codesign -f -s "$CODE_SIGN_IDENTITY" -o runtime bin/${{inputs.build-name}}.app/Contents/Frameworks/Sparkle.framework/Versions/B/Updater.app codesign -f -s "$CODE_SIGN_IDENTITY" -o runtime bin/${{inputs.build-name}}.app/Contents/Frameworks/Sparkle.framework + - name: Sign our macOS binary + if: runner.os == 'macOS' && inputs.sign != 'false' && startsWith(github.ref, 'refs/tags/') + shell: bash + working-directory: ${{ inputs.app-working-directory }} + env: + APPLE_DEVELOPER_PASSWORD: ${{ inputs.sign-macos-apple-password }} + run: | + echo "Signing Package" + gon -log-level=info ./build/darwin/gon-sign.json - name: Build .app zip file if: runner.os == 'macOS' working-directory: ${{ inputs.app-working-directory }} From d33b1b16a704578c9db6d4a0ce154fd4c0c520b2 Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Tue, 25 Mar 2025 14:53:40 -0600 Subject: [PATCH 17/50] wait for notarization Only upload app zip --- action.yml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/action.yml b/action.yml index f32ff1c..3e15b05 100644 --- a/action.yml +++ b/action.yml @@ -302,7 +302,7 @@ runs: TEAM_ID: ${{ inputs.sign-macos-app-team-id }} APPLE_DEVELOPER_PASSWORD: ${{ inputs.sign-macos-apple-password }} run: | - xcrun notarytool submit --apple-id $APPLE_ID --team-id $TEAM_ID --password $APPLE_DEVELOPER_PASSWORD ${{ inputs.app-working-directory }}/bin/${{inputs.build-name}}.app.zip + xcrun notarytool submit --apple-id $APPLE_ID --team-id $TEAM_ID --password $APPLE_DEVELOPER_PASSWORD --wait --timeout 5m ${{ inputs.app-working-directory }}/bin/${{inputs.build-name}}.app.zip # Windows signing - name: Sign Windows binaries shell: powershell @@ -322,6 +322,4 @@ runs: if: inputs.package == 'true' with: name: Wails Build ${{runner.os}} ${{inputs.build-name}} - path: | - ./bin/ - *\bin\* + path: ./bin/${{inputs.build-name}}.app.zip From d6d2b874a6b2d1e5d7a2b4fe527fd1760aac4500 Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Thu, 27 Mar 2025 14:46:42 -0600 Subject: [PATCH 18/50] build and upload DMG removes gon deps --- action.yml | 65 ++++++++++++++++++++++++++---------------------------- 1 file changed, 31 insertions(+), 34 deletions(-) diff --git a/action.yml b/action.yml index 3e15b05..5e83560 100644 --- a/action.yml +++ b/action.yml @@ -208,7 +208,7 @@ runs: shell: bash - name: Install macOS Wails deps if: runner.os == 'macOS' - run: brew install mitchellh/gon/gon + run: brew install create-dmg shell: bash # Building step - name: Set App Version @@ -219,13 +219,6 @@ runs: /usr/libexec/PlistBuddy -c "Set :CFBundleShortVersionString $VERSION" build/darwin/Info.plist /usr/libexec/PlistBuddy -c "Set :CFBundleVersion $VERSION" build/darwin/Info.plist shell: bash - - name: Build App - if: inputs.build == 'true' - env: - BUILD_OPTIONS: ${{ steps.build_options.outputs.BUILD_OPTIONS }} - working-directory: ${{ inputs.app-working-directory }} - run: wails3 build - shell: bash - name: Add Linux perms if: inputs.build == 'true' && runner.os == 'Linux' working-directory: ${{ inputs.app-working-directory }} @@ -266,34 +259,38 @@ runs: codesign -f -s "$CODE_SIGN_IDENTITY" -o runtime bin/${{inputs.build-name}}.app/Contents/Frameworks/Sparkle.framework/Versions/B/Autoupdate codesign -f -s "$CODE_SIGN_IDENTITY" -o runtime bin/${{inputs.build-name}}.app/Contents/Frameworks/Sparkle.framework/Versions/B/Updater.app codesign -f -s "$CODE_SIGN_IDENTITY" -o runtime bin/${{inputs.build-name}}.app/Contents/Frameworks/Sparkle.framework - - name: Sign our macOS binary - if: runner.os == 'macOS' && inputs.sign != 'false' && startsWith(github.ref, 'refs/tags/') - shell: bash - working-directory: ${{ inputs.app-working-directory }} - env: - APPLE_DEVELOPER_PASSWORD: ${{ inputs.sign-macos-apple-password }} - run: | - echo "Signing Package" - gon -log-level=info ./build/darwin/gon-sign.json - - name: Build .app zip file + + codesign -f -s "$CODE_SIGN_IDENTITY" --entitlements build/darwin/entitlements.plist -o runtime bin/${{inputs.build-name}}.app + - name: Build .app DMG file if: runner.os == 'macOS' working-directory: ${{ inputs.app-working-directory }} + env: + APP_NAME: ${{inputs.build-name}} shell: bash run: | - ditto -c -k --keepParent ${{ inputs.app-working-directory }}/bin/${{inputs.build-name}}.app ${{ inputs.app-working-directory }}/bin/${{inputs.build-name}}.app.zip - - name: Building Installer - if: runner.os == 'macOS' && inputs.sign != 'false' && inputs.sign-macos-installer-id != '' && startsWith(github.ref, 'refs/tags/') - shell: bash - working-directory: ${{ inputs.app-working-directory }} - run: | - productbuild --sign '${{inputs.sign-macos-installer-id}}' --component ${{ inputs.app-working-directory }}/bin/${{inputs.build-name}}.app /Applications ${{ inputs.app-working-directory }}/bin/${{inputs.build-name}}.pkg - - name: Building Installer - if: runner.os == 'macOS' && inputs.sign-macos-installer-id == '' && startsWith(github.ref, 'refs/tags/') - shell: bash - working-directory: ${{ inputs.app-working-directory }} - run: | - productbuild --component ${{ inputs.app-working-directory }}/bin/${{inputs.build-name}}.app /Applications ${{ inputs.app-working-directory }}/bin/${{inputs.build-name}}.pkg - - name: Notarising Installer and zip + DMG_FILE_NAME="${APP_NAME}.dmg" + VOLUME_NAME="${APP_NAME}" + SOURCE_FOLDER_PATH="bin/" + + # Create the DMG + create-dmg \ + --volname "${VOLUME_NAME}" \ + --background "build/darwin/installer_background.png" \ + --window-pos 200 120 \ + --window-size 800 400 \ + --icon-size 100 \ + --icon "${APP_NAME}.app" 200 190 \ + --hide-extension "${APP_NAME}.app" \ + --app-drop-link 600 185 \ + "${DMG_FILE_NAME}" \ + "${SOURCE_FOLDER_PATH}" + + # delete .app + rm -rf bin/${{inputs.build-name}}.app + + # relocate dmg + mv $DMG_FILE_NAME bin + - name: Notarising and stapling DMG if: runner.os == 'macOS' && inputs.sign != 'false' && inputs.notarize != 'false' && startsWith(github.ref, 'refs/tags/') shell: bash working-directory: ${{ inputs.app-working-directory }} @@ -302,7 +299,7 @@ runs: TEAM_ID: ${{ inputs.sign-macos-app-team-id }} APPLE_DEVELOPER_PASSWORD: ${{ inputs.sign-macos-apple-password }} run: | - xcrun notarytool submit --apple-id $APPLE_ID --team-id $TEAM_ID --password $APPLE_DEVELOPER_PASSWORD --wait --timeout 5m ${{ inputs.app-working-directory }}/bin/${{inputs.build-name}}.app.zip + xcrun notarytool submit --apple-id $APPLE_ID --team-id $TEAM_ID --password $APPLE_DEVELOPER_PASSWORD --wait --timeout 5m bin/${{inputs.build-name}}.dmg # Windows signing - name: Sign Windows binaries shell: powershell @@ -322,4 +319,4 @@ runs: if: inputs.package == 'true' with: name: Wails Build ${{runner.os}} ${{inputs.build-name}} - path: ./bin/${{inputs.build-name}}.app.zip + path: ./bin/${{inputs.build-name}}.dmg From be890b1399e1e01476ec4bc701c57789236047ca Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Thu, 27 Mar 2025 15:00:01 -0600 Subject: [PATCH 19/50] remove loose binary from DMG --- action.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/action.yml b/action.yml index 5e83560..0060243 100644 --- a/action.yml +++ b/action.yml @@ -260,7 +260,7 @@ runs: codesign -f -s "$CODE_SIGN_IDENTITY" -o runtime bin/${{inputs.build-name}}.app/Contents/Frameworks/Sparkle.framework/Versions/B/Updater.app codesign -f -s "$CODE_SIGN_IDENTITY" -o runtime bin/${{inputs.build-name}}.app/Contents/Frameworks/Sparkle.framework - codesign -f -s "$CODE_SIGN_IDENTITY" --entitlements build/darwin/entitlements.plist -o runtime bin/${{inputs.build-name}}.app + codesign -f -s "$CODE_SIGN_IDENTITY" --timestamp --entitlements build/darwin/entitlements.plist -o runtime bin/${{inputs.build-name}}.app - name: Build .app DMG file if: runner.os == 'macOS' working-directory: ${{ inputs.app-working-directory }} @@ -285,8 +285,9 @@ runs: "${DMG_FILE_NAME}" \ "${SOURCE_FOLDER_PATH}" - # delete .app + # delete .app and binary rm -rf bin/${{inputs.build-name}}.app + rm bin/${{inputs.build-name}} # relocate dmg mv $DMG_FILE_NAME bin From 44e02170f48e749859e7553eefb357106482334a Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Thu, 27 Mar 2025 15:28:42 -0600 Subject: [PATCH 20/50] limits included files in DMG --- action.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/action.yml b/action.yml index 0060243..ffc552b 100644 --- a/action.yml +++ b/action.yml @@ -286,11 +286,11 @@ runs: "${SOURCE_FOLDER_PATH}" # delete .app and binary - rm -rf bin/${{inputs.build-name}}.app - rm bin/${{inputs.build-name}} + rm -rf bin # relocate dmg - mv $DMG_FILE_NAME bin + mkdir bin + mv $DMG_FILE_NAME bin/ - name: Notarising and stapling DMG if: runner.os == 'macOS' && inputs.sign != 'false' && inputs.notarize != 'false' && startsWith(github.ref, 'refs/tags/') shell: bash From 258a5e77dc996bd97ac0a3755bc952ba089a0d85 Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Thu, 27 Mar 2025 15:37:00 -0600 Subject: [PATCH 21/50] remove loose binary before DMG creation --- action.yml | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/action.yml b/action.yml index ffc552b..661a2ba 100644 --- a/action.yml +++ b/action.yml @@ -271,6 +271,9 @@ runs: DMG_FILE_NAME="${APP_NAME}.dmg" VOLUME_NAME="${APP_NAME}" SOURCE_FOLDER_PATH="bin/" + + # remove loose binary + rm "bin/${APP_NAME}" # Create the DMG create-dmg \ @@ -285,11 +288,6 @@ runs: "${DMG_FILE_NAME}" \ "${SOURCE_FOLDER_PATH}" - # delete .app and binary - rm -rf bin - - # relocate dmg - mkdir bin mv $DMG_FILE_NAME bin/ - name: Notarising and stapling DMG if: runner.os == 'macOS' && inputs.sign != 'false' && inputs.notarize != 'false' && startsWith(github.ref, 'refs/tags/') From 60d135a5160d4f931d478728dad058ef4a7d7ac3 Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Thu, 27 Mar 2025 17:09:52 -0600 Subject: [PATCH 22/50] heaps of sparkle updates --- action.yml | 43 ++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 42 insertions(+), 1 deletion(-) diff --git a/action.yml b/action.yml index 661a2ba..792f581 100644 --- a/action.yml +++ b/action.yml @@ -15,6 +15,17 @@ inputs: sign-sparkle: description: "Sign the sparkle framework" required: false + sparkle-signing-key: + description: "Signing key for Sparkle" + required: false + default: "true" + app-upload-url: + description: "URL to send appcasts" + required: false + default: "true" + app-upload-handshake: + description: "handshake for app upload" + required: false default: "true" notarize: description: "notarize the build" @@ -208,7 +219,7 @@ runs: shell: bash - name: Install macOS Wails deps if: runner.os == 'macOS' - run: brew install create-dmg + run: brew install create-dmg jq shell: bash # Building step - name: Set App Version @@ -252,8 +263,13 @@ runs: shell: bash working-directory: ${{ inputs.app-working-directory }} env: + SPARKLE_KEY: ${{inputs.sparkle-signing-key}} CODE_SIGN_IDENTITY: ${{ inputs.sign-macos-app-id }} run: | + # load sparkle keys to keychain + echo $SPARKLE_KEY >> sparkle.key + ./sparkle/bin/generate_keys -f ./sparkle.key + codesign -f -s "$CODE_SIGN_IDENTITY" -o runtime bin/${{inputs.build-name}}.app/Contents/Frameworks/Sparkle.framework/Versions/B/XPCServices/Installer.xpc codesign -f -s "$CODE_SIGN_IDENTITY" -o runtime --preserve-metadata=entitlements bin/${{inputs.build-name}}.app/Contents/Frameworks/Sparkle.framework/Versions/B/XPCServices/Downloader.xpc codesign -f -s "$CODE_SIGN_IDENTITY" -o runtime bin/${{inputs.build-name}}.app/Contents/Frameworks/Sparkle.framework/Versions/B/Autoupdate @@ -262,6 +278,7 @@ runs: codesign -f -s "$CODE_SIGN_IDENTITY" --timestamp --entitlements build/darwin/entitlements.plist -o runtime bin/${{inputs.build-name}}.app - name: Build .app DMG file + id: dmg-sparkle if: runner.os == 'macOS' working-directory: ${{ inputs.app-working-directory }} env: @@ -288,6 +305,10 @@ runs: "${DMG_FILE_NAME}" \ "${SOURCE_FOLDER_PATH}" + + # sign dmg for sparkle and format to json and export to GH output + ./sparkle/bin/sign_update $DMG_FILE_NAME | sed -E 's/sparkle:edSignature=([^ ]*) length=([0-9]*)/SIGNATURE={"signature":"\1","byteLength":\2}/' >> $GITHUB_OUTPUT + mv $DMG_FILE_NAME bin/ - name: Notarising and stapling DMG if: runner.os == 'macOS' && inputs.sign != 'false' && inputs.notarize != 'false' && startsWith(github.ref, 'refs/tags/') @@ -299,6 +320,26 @@ runs: APPLE_DEVELOPER_PASSWORD: ${{ inputs.sign-macos-apple-password }} run: | xcrun notarytool submit --apple-id $APPLE_ID --team-id $TEAM_ID --password $APPLE_DEVELOPER_PASSWORD --wait --timeout 5m bin/${{inputs.build-name}}.dmg + xcrun stapler staple bin/${{inputs.build-name}}.dmg + + - name: Upload app for sparkle + if: runner.os == 'macOS' && inputs.sign != 'false' && inputs.notarize != 'false' && startsWith(github.ref, 'refs/tags/') + shell: bash + working-directory: ${{ inputs.app-working-directory }} + env: + JSON: ${{ steps.dmg-sparkle.outputs.SIGNATURE }}" + URL: ${{inputs.app-upload-url}} + HANDSHAKE: ${{inputs.app-upload-handshake}} + run: | + # First, base64 encode the file and store it in a variable + B64_CONTENT=$(base64 -i bin/${{inputs.build-name}}.dmg) + BODY=$( echo $JSON | jq '. + { "version": "${{ inputs.build-tags }}", }') + + # Then make the curl request + curl -X POST $URL \ + -H 'Content-Type: application/json' \ + -H 'x-app-version-handshake: $HANDSHAKE' \ + -d $BODY # Windows signing - name: Sign Windows binaries shell: powershell From c6b1eb15204c944c3c2ff013306c781b45f8e287 Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Thu, 27 Mar 2025 17:43:33 -0600 Subject: [PATCH 23/50] fix RE and log signing --- action.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/action.yml b/action.yml index 792f581..3c613e9 100644 --- a/action.yml +++ b/action.yml @@ -307,7 +307,11 @@ runs: # sign dmg for sparkle and format to json and export to GH output - ./sparkle/bin/sign_update $DMG_FILE_NAME | sed -E 's/sparkle:edSignature=([^ ]*) length=([0-9]*)/SIGNATURE={"signature":"\1","byteLength":\2}/' >> $GITHUB_OUTPUT + ./sparkle/bin/sign_update $DMG_FILE_NAME + SIG=$(./sparkle/bin/sign_update $DMG_FILE_NAME) + echo "signature output is $SIG" + echo "parsing..." + echo $SIG | sed -E 's/sparkle:edSignature=([^ ]*) length=(.*)/{"signature":\1,"byteLength":\2}/' >> $GITHUB_OUTPUT mv $DMG_FILE_NAME bin/ - name: Notarising and stapling DMG From 3dfad742e1fd0df0e4dab2a28e1f6d72b1c6902f Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Thu, 27 Mar 2025 17:50:36 -0600 Subject: [PATCH 24/50] logs --- action.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/action.yml b/action.yml index 3c613e9..eb8f919 100644 --- a/action.yml +++ b/action.yml @@ -307,6 +307,7 @@ runs: # sign dmg for sparkle and format to json and export to GH output + echo "signing with sparkle sign_update..." ./sparkle/bin/sign_update $DMG_FILE_NAME SIG=$(./sparkle/bin/sign_update $DMG_FILE_NAME) echo "signature output is $SIG" From a74db13ff344fa02e537642ffbfbf9591a7ad965 Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Thu, 27 Mar 2025 17:55:45 -0600 Subject: [PATCH 25/50] sparkle key by argument --- action.yml | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/action.yml b/action.yml index eb8f919..2ee969b 100644 --- a/action.yml +++ b/action.yml @@ -263,13 +263,8 @@ runs: shell: bash working-directory: ${{ inputs.app-working-directory }} env: - SPARKLE_KEY: ${{inputs.sparkle-signing-key}} CODE_SIGN_IDENTITY: ${{ inputs.sign-macos-app-id }} run: | - # load sparkle keys to keychain - echo $SPARKLE_KEY >> sparkle.key - ./sparkle/bin/generate_keys -f ./sparkle.key - codesign -f -s "$CODE_SIGN_IDENTITY" -o runtime bin/${{inputs.build-name}}.app/Contents/Frameworks/Sparkle.framework/Versions/B/XPCServices/Installer.xpc codesign -f -s "$CODE_SIGN_IDENTITY" -o runtime --preserve-metadata=entitlements bin/${{inputs.build-name}}.app/Contents/Frameworks/Sparkle.framework/Versions/B/XPCServices/Downloader.xpc codesign -f -s "$CODE_SIGN_IDENTITY" -o runtime bin/${{inputs.build-name}}.app/Contents/Frameworks/Sparkle.framework/Versions/B/Autoupdate @@ -283,6 +278,7 @@ runs: working-directory: ${{ inputs.app-working-directory }} env: APP_NAME: ${{inputs.build-name}} + SPARKLE_KEY: ${{inputs.sparkle-signing-key}} shell: bash run: | DMG_FILE_NAME="${APP_NAME}.dmg" @@ -308,7 +304,8 @@ runs: # sign dmg for sparkle and format to json and export to GH output echo "signing with sparkle sign_update..." - ./sparkle/bin/sign_update $DMG_FILE_NAME + echo $SPARKLE_KEY > sparkle.key + ./sparkle/bin/sign_update -f ./sparkle.key $DMG_FILE_NAME SIG=$(./sparkle/bin/sign_update $DMG_FILE_NAME) echo "signature output is $SIG" echo "parsing..." From 8f4cfecaa4e9958b3f633c2257a636ba17e955c7 Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Thu, 27 Mar 2025 18:01:58 -0600 Subject: [PATCH 26/50] sparkle key by argument in 2nd spot --- action.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/action.yml b/action.yml index 2ee969b..ac84ced 100644 --- a/action.yml +++ b/action.yml @@ -305,8 +305,7 @@ runs: # sign dmg for sparkle and format to json and export to GH output echo "signing with sparkle sign_update..." echo $SPARKLE_KEY > sparkle.key - ./sparkle/bin/sign_update -f ./sparkle.key $DMG_FILE_NAME - SIG=$(./sparkle/bin/sign_update $DMG_FILE_NAME) + SIG=$(./sparkle/bin/sign_update -f ./sparkle.key $DMG_FILE_NAME) echo "signature output is $SIG" echo "parsing..." echo $SIG | sed -E 's/sparkle:edSignature=([^ ]*) length=(.*)/{"signature":\1,"byteLength":\2}/' >> $GITHUB_OUTPUT From aa003f6427ab7305fd93e5a1e3d9c28df3e5b6c4 Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Thu, 27 Mar 2025 18:11:12 -0600 Subject: [PATCH 27/50] corrects json --- action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/action.yml b/action.yml index ac84ced..b6fa3d2 100644 --- a/action.yml +++ b/action.yml @@ -334,7 +334,7 @@ runs: run: | # First, base64 encode the file and store it in a variable B64_CONTENT=$(base64 -i bin/${{inputs.build-name}}.dmg) - BODY=$( echo $JSON | jq '. + { "version": "${{ inputs.build-tags }}", }') + BODY=$( echo $JSON | jq '. + { "version": "${{ inputs.build-tags }}", "file": "$B64_CONTENT" }') # Then make the curl request curl -X POST $URL \ From ea624bffff9d6447995b8a4b0b5621d5064a5b37 Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Thu, 27 Mar 2025 18:21:37 -0600 Subject: [PATCH 28/50] corrects JSON output --- action.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/action.yml b/action.yml index b6fa3d2..f96419a 100644 --- a/action.yml +++ b/action.yml @@ -308,7 +308,9 @@ runs: SIG=$(./sparkle/bin/sign_update -f ./sparkle.key $DMG_FILE_NAME) echo "signature output is $SIG" echo "parsing..." - echo $SIG | sed -E 's/sparkle:edSignature=([^ ]*) length=(.*)/{"signature":\1,"byteLength":\2}/' >> $GITHUB_OUTPUT + OUTPUT=$(echo $SIG | sed -E 's/sparkle:edSignature=([^ ]*) length=(.*)/SIGNATURE={"signature":\1,"byteLength":\2}/') + echo "JSON output is $OUTPUT" + echo $OUTPUT >> $GITHUB_OUTPUT mv $DMG_FILE_NAME bin/ - name: Notarising and stapling DMG @@ -334,7 +336,7 @@ runs: run: | # First, base64 encode the file and store it in a variable B64_CONTENT=$(base64 -i bin/${{inputs.build-name}}.dmg) - BODY=$( echo $JSON | jq '. + { "version": "${{ inputs.build-tags }}", "file": "$B64_CONTENT" }') + BODY=$( echo $JSON | jq '. + { "version": "${{ inputs.build-tags }}", "file": "$B64_CONTENT" } ' ) # Then make the curl request curl -X POST $URL \ From cd5d3ebc891d90eea7388fe3b0d309d6a008e3d1 Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Thu, 27 Mar 2025 18:26:30 -0600 Subject: [PATCH 29/50] typo --- action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/action.yml b/action.yml index f96419a..4c1dc81 100644 --- a/action.yml +++ b/action.yml @@ -330,7 +330,7 @@ runs: shell: bash working-directory: ${{ inputs.app-working-directory }} env: - JSON: ${{ steps.dmg-sparkle.outputs.SIGNATURE }}" + JSON: ${{ steps.dmg-sparkle.outputs.SIGNATURE }} URL: ${{inputs.app-upload-url}} HANDSHAKE: ${{inputs.app-upload-handshake}} run: | From 6c351898131bbac7eb1624af857c5ecc3eb5d549 Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Thu, 27 Mar 2025 18:34:18 -0600 Subject: [PATCH 30/50] skip mgmt service upload --- action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/action.yml b/action.yml index 4c1dc81..2e7ec15 100644 --- a/action.yml +++ b/action.yml @@ -326,7 +326,7 @@ runs: xcrun stapler staple bin/${{inputs.build-name}}.dmg - name: Upload app for sparkle - if: runner.os == 'macOS' && inputs.sign != 'false' && inputs.notarize != 'false' && startsWith(github.ref, 'refs/tags/') + if: false && runner.os == 'macOS' && inputs.sign != 'false' && inputs.notarize != 'false' && startsWith(github.ref, 'refs/tags/') shell: bash working-directory: ${{ inputs.app-working-directory }} env: From 0dc2e0a588853d56abc78389a5a0f4ec8624ad96 Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Thu, 27 Mar 2025 18:53:23 -0600 Subject: [PATCH 31/50] try mgmt upload --- action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/action.yml b/action.yml index 2e7ec15..4c1dc81 100644 --- a/action.yml +++ b/action.yml @@ -326,7 +326,7 @@ runs: xcrun stapler staple bin/${{inputs.build-name}}.dmg - name: Upload app for sparkle - if: false && runner.os == 'macOS' && inputs.sign != 'false' && inputs.notarize != 'false' && startsWith(github.ref, 'refs/tags/') + if: runner.os == 'macOS' && inputs.sign != 'false' && inputs.notarize != 'false' && startsWith(github.ref, 'refs/tags/') shell: bash working-directory: ${{ inputs.app-working-directory }} env: From c8aec7a343b151672c7640cc368b8bd18f3dba53 Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Thu, 27 Mar 2025 19:13:23 -0600 Subject: [PATCH 32/50] log intermediate JSON --- action.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/action.yml b/action.yml index 4c1dc81..1743f68 100644 --- a/action.yml +++ b/action.yml @@ -336,7 +336,9 @@ runs: run: | # First, base64 encode the file and store it in a variable B64_CONTENT=$(base64 -i bin/${{inputs.build-name}}.dmg) - BODY=$( echo $JSON | jq '. + { "version": "${{ inputs.build-tags }}", "file": "$B64_CONTENT" } ' ) + BODY=$( echo $JSON | jq '. + { "version": "${{ inputs.build-tags }}"}' ) + echo "initial body: $BODY" + BODY=$(echo $BODY | jq '. + {"file": "$B64_CONTENT"}') # Then make the curl request curl -X POST $URL \ From 5d2c2beb44589b67c3218d8905821d29570e864e Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Thu, 27 Mar 2025 19:23:56 -0600 Subject: [PATCH 33/50] quote body --- action.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/action.yml b/action.yml index 1743f68..74f572b 100644 --- a/action.yml +++ b/action.yml @@ -336,7 +336,7 @@ runs: run: | # First, base64 encode the file and store it in a variable B64_CONTENT=$(base64 -i bin/${{inputs.build-name}}.dmg) - BODY=$( echo $JSON | jq '. + { "version": "${{ inputs.build-tags }}"}' ) + BODY=$( echo $JSON | jq '. + { "version": "${{ inputs.build-version }}"}' ) echo "initial body: $BODY" BODY=$(echo $BODY | jq '. + {"file": "$B64_CONTENT"}') @@ -344,7 +344,7 @@ runs: curl -X POST $URL \ -H 'Content-Type: application/json' \ -H 'x-app-version-handshake: $HANDSHAKE' \ - -d $BODY + -d '$BODY' # Windows signing - name: Sign Windows binaries shell: powershell From af4d65afcfdbf8e111b0d608d4347c616569aaf3 Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Thu, 27 Mar 2025 19:29:13 -0600 Subject: [PATCH 34/50] use compact jq output --- action.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/action.yml b/action.yml index 74f572b..76cfced 100644 --- a/action.yml +++ b/action.yml @@ -336,9 +336,9 @@ runs: run: | # First, base64 encode the file and store it in a variable B64_CONTENT=$(base64 -i bin/${{inputs.build-name}}.dmg) - BODY=$( echo $JSON | jq '. + { "version": "${{ inputs.build-version }}"}' ) + BODY=$( echo $JSON | jq -c '. + { "version": "${{ inputs.build-version }}"}' ) echo "initial body: $BODY" - BODY=$(echo $BODY | jq '. + {"file": "$B64_CONTENT"}') + BODY=$( echo $BODY | jq -c '. + { "file": "$B64_CONTENT" }' ) # Then make the curl request curl -X POST $URL \ From 0177a8dc186ce5c72dcfc6b2349f337f8379d99e Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Thu, 27 Mar 2025 19:38:04 -0600 Subject: [PATCH 35/50] wrap json --- action.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/action.yml b/action.yml index 76cfced..7f0b2d4 100644 --- a/action.yml +++ b/action.yml @@ -339,6 +339,7 @@ runs: BODY=$( echo $JSON | jq -c '. + { "version": "${{ inputs.build-version }}"}' ) echo "initial body: $BODY" BODY=$( echo $BODY | jq -c '. + { "file": "$B64_CONTENT" }' ) + BODY='{"version": $BODY}' # Then make the curl request curl -X POST $URL \ From 7bbd836f6c379ee9a0bd8ae7a377214427542aa0 Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Thu, 27 Mar 2025 19:51:53 -0600 Subject: [PATCH 36/50] reorder curl args --- action.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/action.yml b/action.yml index 7f0b2d4..bd87780 100644 --- a/action.yml +++ b/action.yml @@ -342,10 +342,11 @@ runs: BODY='{"version": $BODY}' # Then make the curl request - curl -X POST $URL \ + curl -X POST \ -H 'Content-Type: application/json' \ -H 'x-app-version-handshake: $HANDSHAKE' \ - -d '$BODY' + -d '$BODY' \ + $URL # Windows signing - name: Sign Windows binaries shell: powershell From 414db1cc8ecc3b5ec0afef9e01ab7f6d6bb09ccc Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Thu, 27 Mar 2025 19:59:24 -0600 Subject: [PATCH 37/50] variable interpolation --- action.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/action.yml b/action.yml index bd87780..e3c0df7 100644 --- a/action.yml +++ b/action.yml @@ -338,14 +338,14 @@ runs: B64_CONTENT=$(base64 -i bin/${{inputs.build-name}}.dmg) BODY=$( echo $JSON | jq -c '. + { "version": "${{ inputs.build-version }}"}' ) echo "initial body: $BODY" - BODY=$( echo $BODY | jq -c '. + { "file": "$B64_CONTENT" }' ) - BODY='{"version": $BODY}' + BODY=$( echo $BODY | jq -c ". + { \"file\": \"$B64_CONTENT\" }" ) + BODY="{\"version\": $BODY}" # Then make the curl request curl -X POST \ -H 'Content-Type: application/json' \ -H 'x-app-version-handshake: $HANDSHAKE' \ - -d '$BODY' \ + -d $BODY \ $URL # Windows signing - name: Sign Windows binaries From 899f603df4dceebfe3436863d63df2daff6975b2 Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Thu, 27 Mar 2025 20:16:04 -0600 Subject: [PATCH 38/50] escaping --- action.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/action.yml b/action.yml index e3c0df7..34e7386 100644 --- a/action.yml +++ b/action.yml @@ -336,16 +336,16 @@ runs: run: | # First, base64 encode the file and store it in a variable B64_CONTENT=$(base64 -i bin/${{inputs.build-name}}.dmg) - BODY=$( echo $JSON | jq -c '. + { "version": "${{ inputs.build-version }}"}' ) + BODY=$( echo $JSON | jq -c --arg version "${{ inputs.build-version }}" '. + { "version": $version }' ) echo "initial body: $BODY" - BODY=$( echo $BODY | jq -c ". + { \"file\": \"$B64_CONTENT\" }" ) + BODY=$( echo $BODY | jq -c --arg file "$B64_CONTENT" '. + { "file": $file }' ) BODY="{\"version\": $BODY}" # Then make the curl request curl -X POST \ - -H 'Content-Type: application/json' \ - -H 'x-app-version-handshake: $HANDSHAKE' \ - -d $BODY \ + -H "Content-Type: application/json" \ + -H "x-app-version-handshake: $HANDSHAKE" \ + -d "$BODY" \ $URL # Windows signing - name: Sign Windows binaries From 89a2ef8f5e53f28b387e6a6a838d552fdc3f27ac Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Thu, 27 Mar 2025 20:28:31 -0600 Subject: [PATCH 39/50] handle large strings better --- action.yml | 35 ++++++++++++++++++++++++----------- 1 file changed, 24 insertions(+), 11 deletions(-) diff --git a/action.yml b/action.yml index 34e7386..51ff34a 100644 --- a/action.yml +++ b/action.yml @@ -334,19 +334,32 @@ runs: URL: ${{inputs.app-upload-url}} HANDSHAKE: ${{inputs.app-upload-handshake}} run: | - # First, base64 encode the file and store it in a variable - B64_CONTENT=$(base64 -i bin/${{inputs.build-name}}.dmg) - BODY=$( echo $JSON | jq -c --arg version "${{ inputs.build-version }}" '. + { "version": $version }' ) - echo "initial body: $BODY" - BODY=$( echo $BODY | jq -c --arg file "$B64_CONTENT" '. + { "file": $file }' ) - BODY="{\"version\": $BODY}" + # Create a temporary file for the JSON payload + TEMP_JSON=$(mktemp) + + # Base64 encode the file directly to a temporary file + base64 -i "bin/${{inputs.build-name}}.dmg" > temp_b64.txt + + # Create the initial JSON structure + echo $JSON | jq -c --arg version "${{ inputs.build-version }}" '. + { "version": $version }' > "$TEMP_JSON" - # Then make the curl request + # Use jq with slurp to read the base64 content from file + jq -c --rawfile file temp_b64.txt '.file = $file' "$TEMP_JSON" > "${TEMP_JSON}.tmp" + mv "${TEMP_JSON}.tmp" "$TEMP_JSON" + + # Wrap in the final structure + jq -c '{ version: . }' "$TEMP_JSON" > "${TEMP_JSON}.tmp" + mv "${TEMP_JSON}.tmp" "$TEMP_JSON" + + # Make the curl request using the temporary file curl -X POST \ - -H "Content-Type: application/json" \ - -H "x-app-version-handshake: $HANDSHAKE" \ - -d "$BODY" \ - $URL + -H "Content-Type: application/json" \ + -H "x-app-version-handshake: $HANDSHAKE" \ + -d "@$TEMP_JSON" \ + "$URL" + + # Clean up temporary files + rm -f "$TEMP_JSON" temp_b64.txt # Windows signing - name: Sign Windows binaries shell: powershell From c66b65b5dd9d2d38c485f9c42b557e71d6ae7a83 Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Thu, 27 Mar 2025 21:33:49 -0600 Subject: [PATCH 40/50] send commit message as release notes --- action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/action.yml b/action.yml index 51ff34a..4cba41b 100644 --- a/action.yml +++ b/action.yml @@ -341,7 +341,7 @@ runs: base64 -i "bin/${{inputs.build-name}}.dmg" > temp_b64.txt # Create the initial JSON structure - echo $JSON | jq -c --arg version "${{ inputs.build-version }}" '. + { "version": $version }' > "$TEMP_JSON" + echo $JSON | jq -c --arg version "${{ inputs.build-version }}" --arg msg "${{ github.event.head_commit.message }}" '. + { "version": $version, "releaseNotes": $msg }' > "$TEMP_JSON" # Use jq with slurp to read the base64 content from file jq -c --rawfile file temp_b64.txt '.file = $file' "$TEMP_JSON" > "${TEMP_JSON}.tmp" From 202ac6cf517259c8560c9f3abdc4d968ec78bd7d Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Fri, 28 Mar 2025 12:15:53 -0600 Subject: [PATCH 41/50] add ldflags option --- action.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/action.yml b/action.yml index 4cba41b..9dec1db 100644 --- a/action.yml +++ b/action.yml @@ -8,6 +8,9 @@ inputs: description: "Platform to build for" required: false default: "true" + build-ldflags: + description: "LDFLAGS for go build" + required: false sign: description: "Sign the build" required: false @@ -240,6 +243,7 @@ runs: if: inputs.build == 'true' env: BUILD_OPTIONS: ${{ steps.build_options.outputs.BUILD_OPTIONS }} + LDFLAGS: ${{inputs.build-ldflags}} working-directory: ${{ inputs.app-working-directory }} run: wails3 package shell: bash From 9a341868f9f3465a9709376fffdee0c26830d8b2 Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Fri, 28 Mar 2025 12:24:22 -0600 Subject: [PATCH 42/50] accept appcast url args --- action.yml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/action.yml b/action.yml index 9dec1db..93f5209 100644 --- a/action.yml +++ b/action.yml @@ -22,10 +22,12 @@ inputs: description: "Signing key for Sparkle" required: false default: "true" + appcast-url: + description: "URL to check for app updates" + required: false app-upload-url: description: "URL to send appcasts" required: false - default: "true" app-upload-handshake: description: "handshake for app upload" required: false @@ -225,13 +227,15 @@ runs: run: brew install create-dmg jq shell: bash # Building step - - name: Set App Version + - name: Set App Version & Updates if: inputs.build == 'true' env: VERSION: ${{ inputs.build-version }} + APPCAST_URL: ${{inputs.appcast-url}} run: | /usr/libexec/PlistBuddy -c "Set :CFBundleShortVersionString $VERSION" build/darwin/Info.plist /usr/libexec/PlistBuddy -c "Set :CFBundleVersion $VERSION" build/darwin/Info.plist + /usr/libexec/PlistBuddy -c "Set :SUFeedURL $APPCAST_URL" build/darwin/Info.plist shell: bash - name: Add Linux perms if: inputs.build == 'true' && runner.os == 'Linux' From dee128c5e054559005b797483cb42e6a17722086 Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Fri, 28 Mar 2025 13:57:44 -0600 Subject: [PATCH 43/50] take sparkle signature after DMG staple --- action.yml | 25 ++++++++++--------------- 1 file changed, 10 insertions(+), 15 deletions(-) diff --git a/action.yml b/action.yml index 93f5209..a5082db 100644 --- a/action.yml +++ b/action.yml @@ -281,12 +281,10 @@ runs: codesign -f -s "$CODE_SIGN_IDENTITY" --timestamp --entitlements build/darwin/entitlements.plist -o runtime bin/${{inputs.build-name}}.app - name: Build .app DMG file - id: dmg-sparkle if: runner.os == 'macOS' working-directory: ${{ inputs.app-working-directory }} env: APP_NAME: ${{inputs.build-name}} - SPARKLE_KEY: ${{inputs.sparkle-signing-key}} shell: bash run: | DMG_FILE_NAME="${APP_NAME}.dmg" @@ -308,18 +306,7 @@ runs: --app-drop-link 600 185 \ "${DMG_FILE_NAME}" \ "${SOURCE_FOLDER_PATH}" - - - # sign dmg for sparkle and format to json and export to GH output - echo "signing with sparkle sign_update..." - echo $SPARKLE_KEY > sparkle.key - SIG=$(./sparkle/bin/sign_update -f ./sparkle.key $DMG_FILE_NAME) - echo "signature output is $SIG" - echo "parsing..." - OUTPUT=$(echo $SIG | sed -E 's/sparkle:edSignature=([^ ]*) length=(.*)/SIGNATURE={"signature":\1,"byteLength":\2}/') - echo "JSON output is $OUTPUT" - echo $OUTPUT >> $GITHUB_OUTPUT - + mv $DMG_FILE_NAME bin/ - name: Notarising and stapling DMG if: runner.os == 'macOS' && inputs.sign != 'false' && inputs.notarize != 'false' && startsWith(github.ref, 'refs/tags/') @@ -338,10 +325,18 @@ runs: shell: bash working-directory: ${{ inputs.app-working-directory }} env: - JSON: ${{ steps.dmg-sparkle.outputs.SIGNATURE }} + SPARKLE_KEY: ${{inputs.sparkle-signing-key}} URL: ${{inputs.app-upload-url}} HANDSHAKE: ${{inputs.app-upload-handshake}} run: | + # sign dmg for sparkle and format to json + echo "signing with sparkle sign_update..." + echo $SPARKLE_KEY > sparkle.key + SIG=$(./sparkle/bin/sign_update -f ./sparkle.key bin/${{inputs.build-name}}.dmg) + echo "signature output is $SIG" + echo "parsing..." + JSON=$(echo $SIG | sed -E 's/sparkle:edSignature=([^ ]*) length=(.*)/{"signature":\1,"byteLength":\2}/') + # Create a temporary file for the JSON payload TEMP_JSON=$(mktemp) From 1491903ebb8cc5ec940b294834d24e0c9ef375cf Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Fri, 28 Mar 2025 14:13:23 -0600 Subject: [PATCH 44/50] use zip for distribution --- action.yml | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/action.yml b/action.yml index a5082db..04df83a 100644 --- a/action.yml +++ b/action.yml @@ -306,9 +306,10 @@ runs: --app-drop-link 600 185 \ "${DMG_FILE_NAME}" \ "${SOURCE_FOLDER_PATH}" - - mv $DMG_FILE_NAME bin/ - - name: Notarising and stapling DMG + + ditto -c -k --keepParent $DMG_FILE_NAME $DMG_FILE_NAME.zip + mv $DMG_FILE_NAME.zip bin/ + - name: Notarising and stapling archive if: runner.os == 'macOS' && inputs.sign != 'false' && inputs.notarize != 'false' && startsWith(github.ref, 'refs/tags/') shell: bash working-directory: ${{ inputs.app-working-directory }} @@ -317,8 +318,8 @@ runs: TEAM_ID: ${{ inputs.sign-macos-app-team-id }} APPLE_DEVELOPER_PASSWORD: ${{ inputs.sign-macos-apple-password }} run: | - xcrun notarytool submit --apple-id $APPLE_ID --team-id $TEAM_ID --password $APPLE_DEVELOPER_PASSWORD --wait --timeout 5m bin/${{inputs.build-name}}.dmg - xcrun stapler staple bin/${{inputs.build-name}}.dmg + xcrun notarytool submit --apple-id $APPLE_ID --team-id $TEAM_ID --password $APPLE_DEVELOPER_PASSWORD --wait --timeout 5m bin/${{inputs.build-name}}.dmg.zip + xcrun stapler staple bin/${{inputs.build-name}}.dmg.zip - name: Upload app for sparkle if: runner.os == 'macOS' && inputs.sign != 'false' && inputs.notarize != 'false' && startsWith(github.ref, 'refs/tags/') @@ -329,10 +330,10 @@ runs: URL: ${{inputs.app-upload-url}} HANDSHAKE: ${{inputs.app-upload-handshake}} run: | - # sign dmg for sparkle and format to json + # sign zip for sparkle and format to json echo "signing with sparkle sign_update..." echo $SPARKLE_KEY > sparkle.key - SIG=$(./sparkle/bin/sign_update -f ./sparkle.key bin/${{inputs.build-name}}.dmg) + SIG=$(./sparkle/bin/sign_update -f ./sparkle.key bin/${{inputs.build-name}}.dmg.zip) echo "signature output is $SIG" echo "parsing..." JSON=$(echo $SIG | sed -E 's/sparkle:edSignature=([^ ]*) length=(.*)/{"signature":\1,"byteLength":\2}/') @@ -341,7 +342,7 @@ runs: TEMP_JSON=$(mktemp) # Base64 encode the file directly to a temporary file - base64 -i "bin/${{inputs.build-name}}.dmg" > temp_b64.txt + base64 -i "bin/${{inputs.build-name}}.dmg.zip" > temp_b64.txt # Create the initial JSON structure echo $JSON | jq -c --arg version "${{ inputs.build-version }}" --arg msg "${{ github.event.head_commit.message }}" '. + { "version": $version, "releaseNotes": $msg }' > "$TEMP_JSON" @@ -382,4 +383,4 @@ runs: if: inputs.package == 'true' with: name: Wails Build ${{runner.os}} ${{inputs.build-name}} - path: ./bin/${{inputs.build-name}}.dmg + path: ./bin/${{inputs.build-name}}.dmg.zip From bcc834777de1239c4108305e090944cb3899ac6f Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Fri, 28 Mar 2025 14:23:43 -0600 Subject: [PATCH 45/50] Revert "use zip for distribution" This reverts commit 1491903ebb8cc5ec940b294834d24e0c9ef375cf. --- action.yml | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) diff --git a/action.yml b/action.yml index 04df83a..a5082db 100644 --- a/action.yml +++ b/action.yml @@ -306,10 +306,9 @@ runs: --app-drop-link 600 185 \ "${DMG_FILE_NAME}" \ "${SOURCE_FOLDER_PATH}" - - ditto -c -k --keepParent $DMG_FILE_NAME $DMG_FILE_NAME.zip - mv $DMG_FILE_NAME.zip bin/ - - name: Notarising and stapling archive + + mv $DMG_FILE_NAME bin/ + - name: Notarising and stapling DMG if: runner.os == 'macOS' && inputs.sign != 'false' && inputs.notarize != 'false' && startsWith(github.ref, 'refs/tags/') shell: bash working-directory: ${{ inputs.app-working-directory }} @@ -318,8 +317,8 @@ runs: TEAM_ID: ${{ inputs.sign-macos-app-team-id }} APPLE_DEVELOPER_PASSWORD: ${{ inputs.sign-macos-apple-password }} run: | - xcrun notarytool submit --apple-id $APPLE_ID --team-id $TEAM_ID --password $APPLE_DEVELOPER_PASSWORD --wait --timeout 5m bin/${{inputs.build-name}}.dmg.zip - xcrun stapler staple bin/${{inputs.build-name}}.dmg.zip + xcrun notarytool submit --apple-id $APPLE_ID --team-id $TEAM_ID --password $APPLE_DEVELOPER_PASSWORD --wait --timeout 5m bin/${{inputs.build-name}}.dmg + xcrun stapler staple bin/${{inputs.build-name}}.dmg - name: Upload app for sparkle if: runner.os == 'macOS' && inputs.sign != 'false' && inputs.notarize != 'false' && startsWith(github.ref, 'refs/tags/') @@ -330,10 +329,10 @@ runs: URL: ${{inputs.app-upload-url}} HANDSHAKE: ${{inputs.app-upload-handshake}} run: | - # sign zip for sparkle and format to json + # sign dmg for sparkle and format to json echo "signing with sparkle sign_update..." echo $SPARKLE_KEY > sparkle.key - SIG=$(./sparkle/bin/sign_update -f ./sparkle.key bin/${{inputs.build-name}}.dmg.zip) + SIG=$(./sparkle/bin/sign_update -f ./sparkle.key bin/${{inputs.build-name}}.dmg) echo "signature output is $SIG" echo "parsing..." JSON=$(echo $SIG | sed -E 's/sparkle:edSignature=([^ ]*) length=(.*)/{"signature":\1,"byteLength":\2}/') @@ -342,7 +341,7 @@ runs: TEMP_JSON=$(mktemp) # Base64 encode the file directly to a temporary file - base64 -i "bin/${{inputs.build-name}}.dmg.zip" > temp_b64.txt + base64 -i "bin/${{inputs.build-name}}.dmg" > temp_b64.txt # Create the initial JSON structure echo $JSON | jq -c --arg version "${{ inputs.build-version }}" --arg msg "${{ github.event.head_commit.message }}" '. + { "version": $version, "releaseNotes": $msg }' > "$TEMP_JSON" @@ -383,4 +382,4 @@ runs: if: inputs.package == 'true' with: name: Wails Build ${{runner.os}} ${{inputs.build-name}} - path: ./bin/${{inputs.build-name}}.dmg.zip + path: ./bin/${{inputs.build-name}}.dmg From 88aee66acb2a65aabea530756e56d6d3f07ec377 Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Mon, 31 Mar 2025 18:00:36 -0600 Subject: [PATCH 46/50] pull custom secrets into env --- action.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/action.yml b/action.yml index a5082db..7ab647d 100644 --- a/action.yml +++ b/action.yml @@ -252,6 +252,9 @@ runs: run: wails3 package shell: bash - name: Import Code-Signing Certificates for macOS + env: + VITE_SERVER_CLOUD_API_URL: ${{secrets.VITE_SERVER_CLOUD_API_URL}} + VITE_ML_API_URL: ${{secrets.VITE_ML_API_URL}} if: runner.os == 'macOS' && inputs.sign != 'false' && startsWith(github.ref, 'refs/tags/') uses: Apple-Actions/import-codesign-certs@v1 with: From 7c34ae69d879990a412ac300f84f4d14f19ae022 Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Mon, 31 Mar 2025 18:08:55 -0600 Subject: [PATCH 47/50] set staging as default values --- action.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/action.yml b/action.yml index 7ab647d..a5082db 100644 --- a/action.yml +++ b/action.yml @@ -252,9 +252,6 @@ runs: run: wails3 package shell: bash - name: Import Code-Signing Certificates for macOS - env: - VITE_SERVER_CLOUD_API_URL: ${{secrets.VITE_SERVER_CLOUD_API_URL}} - VITE_ML_API_URL: ${{secrets.VITE_ML_API_URL}} if: runner.os == 'macOS' && inputs.sign != 'false' && startsWith(github.ref, 'refs/tags/') uses: Apple-Actions/import-codesign-certs@v1 with: From 7faf61b5b1e7357327220a3b8066fb67b2241f57 Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Mon, 12 May 2025 15:19:58 -0600 Subject: [PATCH 48/50] dump sparkle key --- action.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/action.yml b/action.yml index a5082db..c3abe6f 100644 --- a/action.yml +++ b/action.yml @@ -332,6 +332,7 @@ runs: # sign dmg for sparkle and format to json echo "signing with sparkle sign_update..." echo $SPARKLE_KEY > sparkle.key + cat ./sparkle.key SIG=$(./sparkle/bin/sign_update -f ./sparkle.key bin/${{inputs.build-name}}.dmg) echo "signature output is $SIG" echo "parsing..." From 7824c2b49577fd6f91dbce345abb4638e76aa14f Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Mon, 12 May 2025 15:31:30 -0600 Subject: [PATCH 49/50] Revert "dump sparkle key" This reverts commit 7faf61b5b1e7357327220a3b8066fb67b2241f57. --- action.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/action.yml b/action.yml index c3abe6f..a5082db 100644 --- a/action.yml +++ b/action.yml @@ -332,7 +332,6 @@ runs: # sign dmg for sparkle and format to json echo "signing with sparkle sign_update..." echo $SPARKLE_KEY > sparkle.key - cat ./sparkle.key SIG=$(./sparkle/bin/sign_update -f ./sparkle.key bin/${{inputs.build-name}}.dmg) echo "signature output is $SIG" echo "parsing..." From 4a6a3b352e06ed32edc0cd8daaa8b8e0efa00f46 Mon Sep 17 00:00:00 2001 From: Andrew Krueger Date: Thu, 29 May 2025 19:09:48 -0600 Subject: [PATCH 50/50] pass production through --- action.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/action.yml b/action.yml index a5082db..98d31fb 100644 --- a/action.yml +++ b/action.yml @@ -4,6 +4,10 @@ branding: icon: 'box' color: 'purple' inputs: + production: + description: "PRODUCTION env var for wails build" + default: "false" + required: false build: description: "Platform to build for" required: false @@ -246,6 +250,7 @@ runs: - name: Package App if: inputs.build == 'true' env: + PRODUCTION: ${{inputs.production}} BUILD_OPTIONS: ${{ steps.build_options.outputs.BUILD_OPTIONS }} LDFLAGS: ${{inputs.build-ldflags}} working-directory: ${{ inputs.app-working-directory }}