diff --git a/.github/workflows/deployment.yml b/.github/workflows/deployment.yml
index 3974737aae7..e866eea1163 100644
--- a/.github/workflows/deployment.yml
+++ b/.github/workflows/deployment.yml
@@ -110,6 +110,19 @@ jobs:
run: |
shopt -s failglob
script/sign dist/gh_*_macOS_*.zip
+ - name: Build universal macOS pkg installer
+ if: inputs.environment != 'production'
+ env:
+ TAG_NAME: ${{ inputs.tag_name }}
+ run: script/pkgmacos "$TAG_NAME"
+ - name: Build & notarize universal macOS pkg installer
+ if: inputs.environment == 'production'
+ env:
+ TAG_NAME: ${{ inputs.tag_name }}
+ APPLE_DEVELOPER_INSTALLER_ID: ${{ vars.APPLE_DEVELOPER_INSTALLER_ID }}
+ run: |
+ shopt -s failglob
+ script/pkgmacos "$TAG_NAME"
- uses: actions/upload-artifact@v3
with:
name: macos
@@ -118,6 +131,7 @@ jobs:
path: |
dist/*.tar.gz
dist/*.zip
+ dist/*.pkg
windows:
runs-on: windows-latest
diff --git a/.goreleaser.yml b/.goreleaser.yml
index f441156e3fb..7e742429213 100644
--- a/.goreleaser.yml
+++ b/.goreleaser.yml
@@ -10,7 +10,7 @@ before:
- >-
{{ if eq .Runtime.Goos "windows" }}echo{{ end }} make manpages GH_VERSION={{.Version}}
- >-
- {{ if ne .Runtime.Goos "linux" }}echo{{ end }} make completions
+ {{ if ne .Runtime.Goos "windows" }}echo{{ end }} make completions
builds:
- id: macos #build:macos
diff --git a/build/macOS/distribution.xml b/build/macOS/distribution.xml
new file mode 100644
index 00000000000..35f14d930f0
--- /dev/null
+++ b/build/macOS/distribution.xml
@@ -0,0 +1,19 @@
+
+
+ Github Cli
+
+
+
+
+
+
+
+
+
+
+
+ #com.github.cli.pkg
+
+
+
+
diff --git a/script/pkgmacos b/script/pkgmacos
new file mode 100755
index 00000000000..3659123b1db
--- /dev/null
+++ b/script/pkgmacos
@@ -0,0 +1,104 @@
+#!/bin/zsh
+set -e
+
+print_help() {
+ cat <
+
+To build and sign set APPLE_DEVELOPER_INSTALLER_ID environment variable before.
+For example, if you have a signing identity with the identifier
+"Developer ID Installer: Your Name (ABC123DEF)" set it in the variable.
+EOF
+}
+
+if [ $# -eq 0 ]; then
+ print_help >&2
+ exit 1
+fi
+
+tag_name=""
+
+while [ $# -gt 0 ]; do
+ case "$1" in
+ -h | --help )
+ print_help
+ exit 0
+ ;;
+ -* )
+ printf "unrecognized flag: %s\n" "$1" >&2
+ exit 1
+ ;;
+ * )
+ tag_name="$1"
+ shift 1
+ ;;
+ esac
+done
+
+# gh-binary paths
+bin_path="/bin/gh"
+arm64_bin="dist/macos_darwin_arm64$bin_path"
+amd64_bin="dist/macos_darwin_amd64_v1$bin_path"
+# payload paths
+payload_root="pkg_payload"
+payload_local_bin="${payload_root}/usr/local/bin"
+payload_zsh_site_functions="${payload_root}/usr/local/share/zsh/site-functions"
+payload_man1="${pkg_payload}/usr/local/share/man/man1"
+
+merge_binaries() {
+ lipo -create -output "${payload_local_bin}/gh" "$arm64_bin" "$amd64_bin"
+}
+
+build_pkg() {
+ # setup payload
+ mkdir -p "${payload_local_bin}"
+ mkdir -p "${payload_man1}"
+ mkdir -p "${payload_zsh_site_functions}"
+
+ # copy man pages
+ for file in "./share/man/man1/gh*.1"; do
+ cp "$file" "${payload_man1}"
+ done
+ # Include only Zsh completions,
+ # the recommended/only option on macOS since Catalina for default shell.
+ cp "./share/zsh/site-functions/_gh" "${payload_zsh_site_functions}"
+
+ # merge binaries
+ merge_binaries
+
+ # build pkg
+ pkgbuild \
+ --root "$payload_root" \
+ --identifier "com.github.cli" \
+ --version "$tag_name" \
+ --install-location "/" \
+ "dist/com.github.cli.pkg"
+
+ # setup resources
+ mkdir "build/macOS/resources"
+ cp "LICENSE" "build/macOS/resources"
+
+ # build distribution
+ if [ -n "$APPLE_DEVELOPER_INSTALLER_ID" ]; then
+ # build and sign production package with license
+ productbuild \
+ --distribution "./build/macOS/distribution.xml" \
+ --resources "./build/macOS/resources" \
+ --package-path "./dist" \
+ --timestamp \
+ --sign "${APPLE_DEVELOPER_INSTALLER_ID?}" \
+ "./dist/gh_${tag_name}_macOS_universal.pkg"
+ else
+ echo "skipping macOS pkg code-signing; APPLE_DEVELOPER_INSTALLER_ID not set" >&2
+
+ # build production package with license without signing
+ productbuild \
+ --distribution "./build/macOS/distribution.xml" \
+ --resources "./build/macOS/resources" \
+ --package-path "./dist" \
+ "./dist/gh_${tag_name}_macOS_universal.pkg"
+ fi
+}
+
+build_pkg