.github/workflows/macos.yml

name: macOS

on:
  workflow_call:
  workflow_dispatch:

jobs:
  # This job is mainly to make sure Notes will compile with Qt from homebrew's repository.
  # So it doesn't make much sense to have different build types other than 'debug' here.
  # The release dmg is built using aqtinstall instead (the job below this one).
  build-homebrew:
    name: Build (${{ matrix.build-type }}, homebrew (qt6), ${{ matrix.os }})
    runs-on: ${{ matrix.os }}
    strategy:
      fail-fast: false
      matrix:
        include:
          - os: macos-13
            build-type: debug
    steps:
      - name: Checkout code
        uses: actions/checkout@v4
        with:
          submodules: recursive

      - name: Install Qt 6 (homebrew)
        run: |
          brew install ninja qt@6 

      - name: Setup CLang problem matcher
        # Technically, this action only supports GCC, but it seems to work well for Clang too.
        if: matrix.build-type == 'debug'
        uses: ammaraskar/gcc-problem-matcher@0.3.0

      - name: Build (${{ matrix.build-type }})
        env:
          VERBOSE: 1
        run: |
          export CMAKE_BUILD_PARALLEL_LEVEL=$(sysctl -n hw.logicalcpu)
          cmake . --warn-uninitialized --warn-unused-vars \
              -G Ninja -B build \
              -DCMAKE_BUILD_TYPE=${{ matrix.build-type }} \
              -DCMAKE_PREFIX_PATH="$(brew --prefix qt@6)" \
              -DPRO_VERSION=OFF
          cmake --build build

  # NOTE: This job uses a fixed Qt version (set in the 'qt-version' key below)!
  # So, remember to keep it updated whenever a new Qt version is available on aqtinstall.
  dmg-aqtinstall:
    name: dmg (${{ matrix.build-type }}, Qt ${{ matrix.qt-version }}, ${{ matrix.os }})
    runs-on: ${{ matrix.os }}
    strategy:
      fail-fast: false
      matrix:
        include:
          - os: macos-13
            qt-version: 6.5.2
            build-type: release
    steps:
      - name: Checkout code
        uses: actions/checkout@v4
        with:
          submodules: recursive

      - name: Setup variables
        id: vars
        run: |
          set -x
          version=$(grep -Em1 '\bAPP_VERSION' CMakeLists.txt | sed -r 's/.*APP_VERSION +//; s/ *)//')
          if [ -z "${version}" ]
          then
              echo 'Failed to extract app version from CMakeLists.txt.'
              exit 1
          fi
          if [ '${{ github.ref_type }}' != 'tag' ]
          then
              version="${version}+g${GITHUB_SHA::7}"
          fi
          arches='x86_64-arm64'
          artifact_name="Notes_${version}-Qt${{ matrix.qt-version }}-${arches}"
          if [ '${{ matrix.build-type }}' == 'debug' ]
          then
              file_name="${artifact_name}-debug.dmg"
          else
              file_name="${artifact_name}.dmg"
          fi
          echo "version=${version}" >> "${GITHUB_OUTPUT}"
          echo "artifact_name=${artifact_name}" >> "${GITHUB_OUTPUT}"
          echo "file_name=${file_name}" >> "${GITHUB_OUTPUT}"

      - name: Install Qt ${{ matrix.qt-version }} (aqtinstall)
        uses: jurplel/install-qt-action@v4
        with:
          version: ${{ matrix.qt-version }}
          cache: true

      - name: Install dependencies
        run: |
          brew install create-dmg ninja

      - name: Build (${{ matrix.build-type }})
        env:
          TARGET_ARCH: x86_64;arm64
          VERBOSE: 1
        run: |
          export CMAKE_BUILD_PARALLEL_LEVEL=$(sysctl -n hw.logicalcpu)
          cmake . --warn-uninitialized --warn-unused-vars \
              -B build -G Ninja \
              -DCMAKE_OSX_DEPLOYMENT_TARGET=11.0 \
              -DCMAKE_BUILD_TYPE=${{ matrix.build-type }} \
              -DGIT_REVISION=${{ github.ref_type != 'tag' && 'ON' || 'OFF' }} \
              -DCMAKE_OSX_ARCHITECTURES='x86_64;arm64' \
              -DPRO_VERSION=OFF
          cmake --build build

      - name: (FIXME) Run qmllint
        run: |
          cmake --build build --target all_qmllint || true

      - name: Install (${{ matrix.build-type }})
        run: |
          cmake --install build --prefix .

      - name: Deploy (${{ matrix.build-type }})
        run: |
          cd build
          plutil -insert NSRequiresAquaSystemAppearance -bool true Notes.app/Contents/Info.plist
          # Rename the app folder to "Notes Better", so it doesn't conflict with macOS' "Notes" app.
          mv Notes.app 'Notes Better.app'
          macdeployqt 'Notes Better.app' -qmldir=../src/qml -appstore-compliant

      - name: Import signing certificate
        if: github.repository == 'nuttyartist/notes' && github.event_name != 'pull_request'
        run: |
          openssl base64 -d -out cert.p12 <<< '${{ secrets.MACOS_CERTIFICATE }}'
          security create-keychain -p '${{ secrets.KEYCHAIN_PWD }}' nuttyartist/notes
          security default-keychain -s nuttyartist/notes
          security unlock-keychain -p '${{ secrets.KEYCHAIN_PWD }}' nuttyartist/notes
          security -q import cert.p12 -f pkcs12 -k nuttyartist/notes -P '${{ secrets.MACOS_CERTIFICATE_PWD }}' -T /usr/bin/codesign -x
          security set-key-partition-list -S 'apple-tool:,apple:' -s -k '${{ secrets.KEYCHAIN_PWD }}' nuttyartist/notes

      - name: Sign
        if: github.repository == 'nuttyartist/notes' && github.event_name != 'pull_request'
        run: |
          codesign --deep --force --verify --verbose --sign Mamistvalove --options runtime 'build/Notes Better.app'

      - name: Build dmg (${{ matrix.build-type }})
        run: |
          set -x
          cd build
          # FIXME: Undo this overengineered crap once the following issue gets figured out:
          #        https://github.com/actions/runner-images/issues/7522
          max_tries=10
          i=0
          until create-dmg \
                  --no-internet-enable \
                  --format ULFO \
                  --background ../packaging/macos/dmg-background.png \
                  --hide-extension 'Notes Better.app' \
                  --icon 'Notes Better.app' 180 170 \
                  --icon-size 160 \
                  --text-size 12 \
                  --volname Notes \
                  --volicon ../src/images/notes_icon.icns \
                  --window-size 660 400 \
                  --app-drop-link 480 170 \
                  '${{ steps.vars.outputs.file_name }}' \
                  'Notes Better.app'
          do
              if [ $i -eq $max_tries ]
              then
                  echo 'Error: create-dmg did not succeed even after 10 tries.'
                  exit 1
              fi
              i=$((i+1))
          done

      - name: Notarize
        if: github.repository == 'nuttyartist/notes' && github.event_name != 'pull_request'
        run: |
          xcrun notarytool submit \
              --apple-id '${{ secrets.NOTARIZATION_USERNAME }}' \
              --password '${{ secrets.NOTARIZATION_PASSWORD }}' \
              --team-id '${{ secrets.NOTARIZATION_TEAM }}' \
              --wait \
              'build/${{ steps.vars.outputs.file_name }}'

      - name: Staple
        if: github.repository == 'nuttyartist/notes' && github.event_name != 'pull_request'
        run: |
          xcrun stapler staple 'build/${{ steps.vars.outputs.file_name }}'

      - name: Upload dmg artifact (${{ matrix.build-type }})
        uses: actions/upload-artifact@v4
        with:
          if-no-files-found: error
          name: ${{ steps.vars.outputs.artifact_name }}-${{ runner.os }}-${{ matrix.build-type }}
          path: build/${{ steps.vars.outputs.file_name }}