name: macOS CI # Controls when the workflow will run on: # Triggers the workflow on push or pull request events but only for the "master" branch push: branches: [ "master" ] pull_request: branches: [ "master" ] # Allows you to run this workflow manually from the Actions tab workflow_dispatch: # A workflow run is made up of one or more jobs that can run sequentially or in parallel jobs: # This workflow contains a single job called "build" build: # The type of runner that the job will run on runs-on: macos-latest # Steps represent a sequence of tasks that will be executed as part of the job steps: # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - uses: actions/checkout@v3 - uses: actions/setup-python@v4 with: python-version: "3.9" - name: Codesign executable env: MACOS_CERTIFICATE: ${{ secrets.MACOS_CERTIFICATE }} MACOS_CERTIFICATE_PWD: ${{ secrets.MACOS_CERTIFICATE_PWD }} run: | echo $MACOS_CERTIFICATE | base64 --decode > certificate.p12 security create-keychain -p 41random@123 build.keychain security default-keychain -s build.keychain security unlock-keychain -p 41random@123 build.keychain security import certificate.p12 -k build.keychain -P $MACOS_CERTIFICATE_PWD -T /usr/bin/codesign security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k 41random@123 build.keychain - name: Install upx run: | brew install upx - name: Package for macOS run: | pip install -r requirements.txt pyinstaller --add-data "assets:assets" --onefile --noconfirm --collect-data sv_ttk --icon assets/logo.jpeg --osx-bundle-identifier com.navanchauhan.gcpyramid --target-arch x86_64 --strip --windowed --codesign-identity 6BS49F3GLW --upx-dir /usr/local/bin/ --name GCPyramid main.py - uses: actions/upload-artifact@v3 with: name: pyramid-scheme path: dist/