Skip to content

Add Intel macOS artifacts to Tauri release matrix #215

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
H-Chris233 merged 2 commits into from
May 3, 2026
Merged

Add Intel macOS artifacts to Tauri release matrix #215

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
fbcddc4
Add Intel macOS artifacts to Tauri release matrix
H-Chris233 May 3, 2026
c8ccff0
Avoid macOS updater asset collisions across architectures
H-Chris233 May 3, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
42 changes: 29 additions & 13 deletions .github/workflows/release-tauri.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ name: Release Tauri (cross-platform)
# - 手动 dispatch(用于测试构建,不发版)
#
# 输出:
# macOS arm64 .dmg + Windows x64 .msi/.exe + Linux x64 .deb/.rpm/.AppImage,自动作为 GitHub Release 资产上传。
# macOS arm64/x64 .dmg + Windows x64 .msi/.exe + Linux x64 .deb/.rpm/.AppImage,自动作为 GitHub Release 资产上传。
#
# macOS 分发:
# - 配好 APPLE_CERTIFICATE / APPLE_CERTIFICATE_PASSWORD / APPLE_ID /
Expand Down Expand Up @@ -32,6 +32,10 @@ jobs:
rust-target: aarch64-apple-darwin
updater-target: darwin
updater-arch: aarch64
- platform: macos-13
rust-target: x86_64-apple-darwin
updater-target: darwin
updater-arch: x86_64
Comment on lines +35 to +38
Copy link
Copy Markdown

@chatgpt-codex-connector chatgpt-codex-connector Bot May 3, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 Badge Disambiguate macOS updater bundle filenames by architecture

Adding the new macos-13 lane creates two macOS jobs that each publish macos/*.app.tar.gz under the same asset name (OpenLess.app.tar.gz). In this workflow, each matrix job calls softprops/action-gh-release@v2, which overwrites same-named assets by default, so whichever macOS job finishes last replaces the other binary. Because write-updater-manifest.mjs derives each per-arch manifest URL from basename(artifact) (macos/OpenLess.app.tar.gz), both latest-darwin-aarch64.json and latest-darwin-x86_64.json can point to the same release asset, causing one architecture to download the wrong bundle/signature pair.

Useful? React with 👍 / 👎.

- platform: windows-latest
rust-target: x86_64-pc-windows-msvc
updater-target: windows
Expand Down Expand Up @@ -97,7 +101,7 @@ jobs:
fi

- name: Check Apple signing availability
if: matrix.platform == 'macos-latest' && startsWith(github.ref, 'refs/tags/v') && endsWith(github.ref, '-tauri')
if: startsWith(matrix.platform, 'macos') && startsWith(github.ref, 'refs/tags/v') && endsWith(github.ref, '-tauri')
shell: bash
env:
APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }}
Expand All @@ -117,7 +121,7 @@ jobs:
fi

- name: Import Apple Developer ID certificate
if: matrix.platform == 'macos-latest'
if: startsWith(matrix.platform, 'macos')
shell: bash
env:
APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }}
Expand Down Expand Up @@ -158,7 +162,7 @@ jobs:
echo "Imported Apple signing identity: $CERT_ID"

- name: Configure Apple notarization
if: matrix.platform == 'macos-latest'
if: startsWith(matrix.platform, 'macos')
shell: bash
env:
APPLE_ID: ${{ secrets.APPLE_ID }}
Expand All @@ -175,7 +179,7 @@ jobs:

# ── macOS:用我们自己的 build-mac.sh,统一处理签名、公证和 artifact 清理 ──
- name: Build (macOS)
if: matrix.platform == 'macos-latest'
if: startsWith(matrix.platform, 'macos')
working-directory: 'openless-all/app'
env:
INSTALL: '0' # CI 不要装到 /Applications,也不要 reset TCC
Expand Down Expand Up @@ -213,6 +217,18 @@ jobs:
npm run tauri -- build --bundles deb,rpm,appimage
fi

- name: Disambiguate macOS updater bundle filename
if: startsWith(matrix.platform, 'macos') && env.TAURI_SIGNING_PRIVATE_KEY != ''
shell: bash
working-directory: 'openless-all/app/src-tauri/target/release/bundle/macos'
run: |
if [ -f OpenLess.app.tar.gz ]; then
mv OpenLess.app.tar.gz "OpenLess_${{ matrix.updater-arch }}.app.tar.gz"
fi
if [ -f OpenLess.app.tar.gz.sig ]; then
mv OpenLess.app.tar.gz.sig "OpenLess_${{ matrix.updater-arch }}.app.tar.gz.sig"
fi

- name: Write updater manifest
if: env.TAURI_SIGNING_PRIVATE_KEY != ''
shell: bash
Expand All @@ -237,7 +253,7 @@ jobs:
# 让"云端 artifact 一定干净"成为可验证的承诺。用户下载后再被本地浏览器
# 加 quarantine 时,按 release notes 的 `xattr -cr` 一行即可消除。
- name: Strip xattr / quarantine on macOS bundles
if: matrix.platform == 'macos-latest'
if: startsWith(matrix.platform, 'macos')
shell: bash
working-directory: 'openless-all/app/src-tauri/target/release/bundle'
run: |
Expand All @@ -250,24 +266,24 @@ jobs:
done

- name: Upload macOS artifacts
if: matrix.platform == 'macos-latest'
if: startsWith(matrix.platform, 'macos')
uses: actions/upload-artifact@v4
with:
name: openless-macos-arm64
name: openless-macos-${{ matrix.updater-arch }}
path: |
openless-all/app/src-tauri/target/release/bundle/dmg/*.dmg
if-no-files-found: error

- name: Upload macOS updater artifacts
if: matrix.platform == 'macos-latest' && env.TAURI_SIGNING_PRIVATE_KEY != ''
if: startsWith(matrix.platform, 'macos') && env.TAURI_SIGNING_PRIVATE_KEY != ''
uses: actions/upload-artifact@v4
with:
name: openless-macos-arm64-updater
name: openless-macos-${{ matrix.updater-arch }}-updater
path: |
openless-all/app/src-tauri/target/release/bundle/macos/*.app.tar.gz
openless-all/app/src-tauri/target/release/bundle/macos/*.app.tar.gz.sig
openless-all/app/src-tauri/target/release/bundle/latest-darwin-aarch64.json
openless-all/app/src-tauri/target/release/bundle/latest-darwin-aarch64-mirror.json
openless-all/app/src-tauri/target/release/bundle/latest-darwin-${{ matrix.updater-arch }}.json
openless-all/app/src-tauri/target/release/bundle/latest-darwin-${{ matrix.updater-arch }}-mirror.json
if-no-files-found: error

- name: Upload Windows artifacts
Expand Down Expand Up @@ -325,7 +341,7 @@ jobs:
prerelease: false
# Matrix jobs all upload assets to the same release. Generate notes once
# so macOS, Windows, and Linux jobs do not duplicate the release body.
generate_release_notes: ${{ matrix.platform == 'macos-latest' }}
generate_release_notes: ${{ matrix.updater-target == 'darwin' && matrix.updater-arch == 'aarch64' }}
files: |
openless-all/app/src-tauri/target/release/bundle/dmg/*.dmg
openless-all/app/src-tauri/target/release/bundle/macos/*.app.tar.gz
Expand Down
5 changes: 4 additions & 1 deletion openless-all/app/scripts/write-updater-manifest.mjs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,10 @@ const packageJson = JSON.parse(readFileSync(new URL('../package.json', import.me
const bundleDir = fileURLToPath(new URL('../src-tauri/target/release/bundle/', import.meta.url));

const candidatesByTarget = {
darwin: ['macos/OpenLess.app.tar.gz'],
darwin: [
`macos/OpenLess_${arch}.app.tar.gz`,
'macos/OpenLess.app.tar.gz',
],
windows: ['nsis/OpenLess_*_x64-setup.exe', 'nsis/OpenLess*_x64-setup.exe'],
linux: ['appimage/OpenLess_*.AppImage', 'appimage/OpenLess*.AppImage'],
};
Expand Down
Loading