Merge pull request #180 from pieces-app/macos-matrix-build

Macos matrix build
pieces-app · Sep 12, 2024 · bd2b5db · bd2b5db
2 parents 597a9f5 + 678acea
commit bd2b5db
Show file tree

Hide file tree

Showing 5 changed files with 143 additions and 202 deletions.
diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
@@ -27,16 +27,24 @@ on:
 
 jobs:
   build:
-    runs-on: macos-latest
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        os: [ macos-14-large, macos-latest ]
+        include:
+          - os: macos-14-large
+            zipFileName: pieces-cli-mac_x86_64
+          - os: macos-latest
+            zipFileName: pieces-cli-mac_arm64
     steps:
       ### Checking out our Repo
       - uses: actions/checkout@v3
 
       ### Setting up python
-      - name: Set up Python 3.9
+      - name: Set up Python 3.11
         uses: actions/setup-python@v5
         with:
-          python-version: 3.9
+          python-version: 3.11
 
       ### Getting the version from the git tag or the branch name if there is none
       - name: Get the version
@@ -51,6 +59,24 @@ jobs:
         run: echo "STAGING_VERSION=$(/bin/bash staging_versioning.sh)" >> $GITHUB_OUTPUT
         if: inputs.deploy == false
 
+      ### Install SSH
+      - uses: shimataro/ssh-key-action@v2
+        with:
+          key: "${{ secrets.ssh_private_key }}"
+          name: id_rsa
+          known_hosts: "github.com"
+          if_key_exists: fail
+
+      ### Setting up our fastlane certificates
+      - name: Setup Certificates
+        run: |-
+          cd macos
+          bundle install
+          bundle exec fastlane setup
+        env:
+          MATCH_PASSWORD: ${{ secrets.match_password }}
+          FASTLANE_PASSWORD: ${{ secrets.fastlane_password }}
+
       ### Installing our dependencies
       - name: Install dependencies
         run: |
@@ -73,73 +99,47 @@ jobs:
                 poetry version $STAGING_VERSION
           fi
 
-      ### Building the Library
+      ### Writing our staging version to a file to be pulled in the last step to update our json in the cloud
+      - name: Write staging version to file
+        shell: bash
+        run: echo "${{ steps.staging_version.outputs.STAGING_VERSION }}" > staging_version$GITHUB_RUN_NUMBER.txt
+        if: ${{ inputs.deploy == false && inputs.beta == false }}
+
+      ### Building the Library and Wheel files
       - name: Build library
         run: poetry build
 
       ### Building Standalone Package
+      ### Note, this is also how it should be code-signed. Code-signing the Binary after it is built breaks it as I think it overwrites signatures on Python Libs
       - name: Build stand alone
         run: |
-          poetry run pyinstaller -c --onefile src/pieces/app.py  --hidden-import=pydantic_core --name=pieces
-
-      ### Install SSH
-      - uses: shimataro/ssh-key-action@v2
-        with:
-          key: "${{ secrets.ssh_private_key }}"
-          name: id_rsa
-          known_hosts: "github.com"
-          if_key_exists: fail
-
-      ### Setting up our fastlane certificates
-      - name: Setup Certificates
-        run: |-
-          cd macos
-          bundle install
-          bundle exec fastlane setup
-        env:
-          MATCH_PASSWORD: ${{ secrets.match_password }}
-          FASTLANE_PASSWORD: ${{ secrets.fastlane_password }}
-
-      ### Codesign Binary Macos
-      - name: Codesign Binary Macos
-        run: |
-          codesign -s "Developer ID Application: Mesh Intelligent Technologies, Inc. (287L9TU9JL)" -i com.pieces.cli -o runtime --entitlements macos/Release.entitlements --timestamp -f dist/pieces
+          poetry run pyinstaller -c --onefile src/pieces/app.py  --hidden-import=pydantic_core --name=pieces --codesign-identity="Developer ID Application: Mesh Intelligent Technologies, Inc. (287L9TU9JL)"
 
       ### Binary to Zip file
       - name: Mac Binary to Zip File
         run: |
           if [[ ${{ steps.get_version.outputs.VERSION }} =~ [0-9]+.[0-9]+.[0-9]+$ ]]
           then
-              ditto -c -k --sequesterRsrc "dist/pieces" dist/pieces-cli-mac-${{ steps.get_version.outputs.VERSION }}.zip
+              ditto -c -k --sequesterRsrc "dist/pieces" dist/${{ matrix.zipFileName }}-${{ steps.get_version.outputs.VERSION }}.zip
           else
-              ditto -c -k --sequesterRsrc "dist/pieces" dist/pieces-cli-mac-${{ steps.staging_version.outputs.STAGING_VERSION }}.zip
+              ditto -c -k --sequesterRsrc "dist/pieces" dist/${{ matrix.zipFileName }}-${{ steps.staging_version.outputs.STAGING_VERSION }}.zip
           fi
 
       ### Submission to apple notary
       - name: Submit Zip to apple notary
         run: |
           if [[ ${{ steps.get_version.outputs.VERSION }} =~ [0-9]+.[0-9]+.[0-9]+$ ]]
           then
-              xcrun notarytool submit dist/pieces-cli-mac-${{ steps.get_version.outputs.VERSION }}.zip --password ${{ secrets.APPLE_APP_SPECIFIC_PASSWORD }} --apple-id "[email protected]" --team-id "287L9TU9JL" --wait
+              xcrun notarytool submit dist/${{ matrix.zipFileName }}-${{ steps.get_version.outputs.VERSION }}.zip --password ${{ secrets.APPLE_APP_SPECIFIC_PASSWORD }} --apple-id "[email protected]" --team-id "287L9TU9JL" --wait
           else
-              xcrun notarytool submit dist/pieces-cli-mac-${{ steps.staging_version.outputs.STAGING_VERSION }}.zip --password ${{ secrets.APPLE_APP_SPECIFIC_PASSWORD }} --apple-id "[email protected]" --team-id "287L9TU9JL" --wait
+              xcrun notarytool submit dist/${{ matrix.zipFileName }}-${{ steps.staging_version.outputs.STAGING_VERSION }}.zip --password ${{ secrets.APPLE_APP_SPECIFIC_PASSWORD }} --apple-id "[email protected]" --team-id "287L9TU9JL" --wait
           fi
 
-      ### Writing our staging version to a file to be pulled in the last step to update our json in the cloud
-      - name: Write staging version to file
-        shell: bash
-        run: echo "${{ steps.staging_version.outputs.STAGING_VERSION }}" > staging_version$GITHUB_RUN_NUMBER.txt
-        if: ${{ inputs.deploy == false && inputs.beta == false }}
-
-      ### Uploading our builds and version text files to be pulled down in the next job
-      - uses: actions/upload-artifact@v3
-        with:
-          path: dist/pieces*
-
+      ### Upload build artifact for pushing
       - uses: actions/upload-artifact@v3
         with:
-          name: output
-          path: dist/pieces*
+          name: artifacts
+          path: dist/*
 
       ### Uploading our staging version text file to be pulled down later
       - uses: actions/upload-artifact@v3
@@ -149,7 +149,6 @@ jobs:
         if: inputs.deploy == false
 
 
-
   ### Pushing the built packages to GCP and GitHub
   push-build:
     runs-on: ubuntu-latest
@@ -160,7 +159,7 @@ jobs:
       ### Pulling down the previously built plugins
       - uses: actions/download-artifact@v3
         with:
-          name: output
+          name: artifacts
 
       ### Pulling down the staging version number to pass to gcp and GitHub releases
       - uses: actions/download-artifact@v3

diff --git a/.github/workflows/staging.yaml b/.github/workflows/staging.yaml
@@ -4,7 +4,6 @@ on:
   push:
     branches:
       - main
-      - test_mac_binary
 
 jobs:
   build:

diff --git a/.gitignore b/.gitignore
@@ -168,3 +168,4 @@ cython_debug/
 .idea/
 
 cli-agent.iml
+macos/notes.txt