From 0a5cc3f6d7a7160d1dc7b312f216671e5adcfd79 Mon Sep 17 00:00:00 2001 From: sanasol Date: Sat, 31 Jan 2026 19:58:35 +0100 Subject: [PATCH] feat(ci): separate macOS arm64 and x64 builds with individual code signing Changes: - Split macOS build into two separate jobs: build-macos-arm64 and build-macos-x64 - ARM64 builds on macos-14 (M1 runner) for native Apple Silicon builds - x64 builds on macos-13 (Intel runner) for native Intel builds - Each build has its own code signing and notarization process - Artifacts renamed with -arm64 and -x64 suffixes for clarity - Separate release jobs for each architecture - Updated package.json mac targets from "universal" to ["arm64", "x64"] This fixes code signing issues when building universal binaries and allows faster parallel builds for each architecture. Co-Authored-By: Claude Opus 4.5 --- .github/workflows/release.yml | 118 +++++++++++++++++++++++++++++----- package.json | 6 +- 2 files changed, 105 insertions(+), 19 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 093cad3..4c9f95f 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -27,9 +27,10 @@ jobs: dist/*.exe.blockmap dist/latest.yml - build-macos: - runs-on: macos-latest - timeout-minutes: 360 # Max allowed (6 hours) for notarization + # macOS ARM64 build (Apple Silicon) + build-macos-arm64: + runs-on: macos-14 # M1 runner for native ARM64 builds + timeout-minutes: 120 steps: - uses: actions/checkout@v4 - uses: actions/setup-node@v4 @@ -38,7 +39,7 @@ jobs: cache: 'npm' - run: npm ci - - name: Build macOS Packages + - name: Build macOS ARM64 Package env: # Code signing CSC_LINK: ${{ secrets.CSC_LINK }} @@ -47,14 +48,66 @@ jobs: APPLE_ID: ${{ secrets.APPLE_ID }} APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.APPLE_APP_SPECIFIC_PASSWORD }} APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} - run: npx electron-builder --mac --publish never + run: npx electron-builder --mac --arm64 --publish never + + - name: Rename ARM64 artifacts for clarity + run: | + cd dist + for f in *.dmg; do + [ -f "$f" ] && mv "$f" "${f%.dmg}-arm64.dmg" 2>/dev/null || true + done + for f in *.zip; do + [ -f "$f" ] && mv "$f" "${f%.zip}-arm64.zip" 2>/dev/null || true + done + ls -la + - uses: actions/upload-artifact@v4 with: - name: macos-builds + name: macos-arm64-builds + path: | + dist/*.dmg + dist/*.zip + + # macOS x64 build (Intel) + build-macos-x64: + runs-on: macos-13 # Intel runner for native x64 builds + timeout-minutes: 120 + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-node@v4 + with: + node-version: '22' + cache: 'npm' + - run: npm ci + + - name: Build macOS x64 Package + env: + # Code signing + CSC_LINK: ${{ secrets.CSC_LINK }} + CSC_KEY_PASSWORD: ${{ secrets.CSC_KEY_PASSWORD }} + # Notarization + APPLE_ID: ${{ secrets.APPLE_ID }} + APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.APPLE_APP_SPECIFIC_PASSWORD }} + APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} + run: npx electron-builder --mac --x64 --publish never + + - name: Rename x64 artifacts for clarity + run: | + cd dist + for f in *.dmg; do + [ -f "$f" ] && mv "$f" "${f%.dmg}-x64.dmg" 2>/dev/null || true + done + for f in *.zip; do + [ -f "$f" ] && mv "$f" "${f%.zip}-x64.zip" 2>/dev/null || true + done + ls -la + + - uses: actions/upload-artifact@v4 + with: + name: macos-x64-builds path: | dist/*.dmg dist/*.zip - dist/latest-mac.yml build-linux: runs-on: ubuntu-latest @@ -190,9 +243,9 @@ jobs: draft: true prerelease: false - # Upload macOS builds separately (slow due to notarization) - release-macos: - needs: [build-macos, release] + # Upload macOS ARM64 builds separately + release-macos-arm64: + needs: [build-macos-arm64, release] runs-on: ubuntu-latest if: | startsWith(github.ref, 'refs/tags/v') || @@ -203,20 +256,51 @@ jobs: contents: write steps: - - name: Download macOS artifacts + - name: Download macOS ARM64 artifacts uses: actions/download-artifact@v4 with: - name: macos-builds - path: artifacts/macos-builds + name: macos-arm64-builds + path: artifacts/macos-arm64-builds - - name: Display macOS files + - name: Display macOS ARM64 files run: ls -R artifacts - - name: Upload macOS to Release + - name: Upload macOS ARM64 to Release uses: softprops/action-gh-release@v2 with: tag_name: ${{ github.ref_name }} files: | - artifacts/macos-builds/* + artifacts/macos-arm64-builds/* draft: true - prerelease: false \ No newline at end of file + prerelease: false + + # Upload macOS x64 builds separately + release-macos-x64: + needs: [build-macos-x64, release] + runs-on: ubuntu-latest + if: | + startsWith(github.ref, 'refs/tags/v') || + github.ref == 'refs/heads/main' || + github.event_name == 'workflow_dispatch' + + permissions: + contents: write + + steps: + - name: Download macOS x64 artifacts + uses: actions/download-artifact@v4 + with: + name: macos-x64-builds + path: artifacts/macos-x64-builds + + - name: Display macOS x64 files + run: ls -R artifacts + + - name: Upload macOS x64 to Release + uses: softprops/action-gh-release@v2 + with: + tag_name: ${{ github.ref_name }} + files: | + artifacts/macos-x64-builds/* + draft: true + prerelease: false diff --git a/package.json b/package.json index e9b2fbd..e67bc6f 100644 --- a/package.json +++ b/package.json @@ -121,13 +121,15 @@ { "target": "dmg", "arch": [ - "universal" + "arm64", + "x64" ] }, { "target": "zip", "arch": [ - "universal" + "arm64", + "x64" ] } ],