winfunc
diff --git a/‎.github/workflows/build-macos.yml‎
Lines changed: 149 additions & 0 deletions b/‎.github/workflows/build-macos.yml‎
Lines changed: 149 additions & 0 deletions
diff --git a/‎src-tauri/Cargo.lock‎
Lines changed: 10 additions & 0 deletions b/‎src-tauri/Cargo.lock‎
Lines changed: 10 additions & 0 deletions
@@ -0,0 +1,149 @@
+name: Build macOS
+
+on:
+  workflow_dispatch:
+  push:
+    branches: [main, test-macos-workflow]
+
+jobs:
+  build:
+    name: Build macOS Universal
+    runs-on: macos-latest
+    
+    steps:
+      - uses: actions/checkout@v4
+      
+      - name: Setup Rust
+        uses: dtolnay/rust-toolchain@stable
+        with:
+          targets: aarch64-apple-darwin,x86_64-apple-darwin
+      
+      - name: Setup Rust cache
+        uses: Swatinem/rust-cache@v2
+        with:
+          workspaces: src-tauri
+      
+      - name: Setup Bun
+        uses: oven-sh/setup-bun@v2
+      
+      - name: Install dependencies
+        run: bun install
+      
+      - name: Import Apple certificates
+        env:
+          APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }}
+          APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }}
+          KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
+        run: |
+          # Create variables
+          CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
+          KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
+          
+          # Import certificate from secrets
+          echo -n "$APPLE_CERTIFICATE" | base64 --decode -o $CERTIFICATE_PATH
+          
+          # Create temporary keychain
+          security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
+          security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
+          security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
+          
+          # Import certificate to keychain
+          security import $CERTIFICATE_PATH -P "$APPLE_CERTIFICATE_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
+          security set-key-partition-list -S apple-tool:,apple: -k "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
+          security list-keychain -d user -s $KEYCHAIN_PATH
+      
+      - name: Build for ARM64
+        run: bun run tauri build -- --target aarch64-apple-darwin
+      
+      - name: Build for x86_64
+        run: bun run tauri build -- --target x86_64-apple-darwin
+      
+      - name: Create universal binary
+        run: |
+          mkdir -p src-tauri/target/universal-apple-darwin/release
+          lipo -create -output src-tauri/target/universal-apple-darwin/release/claudia \
+            src-tauri/target/aarch64-apple-darwin/release/claudia \
+            src-tauri/target/x86_64-apple-darwin/release/claudia
+          
+          echo "✅ Universal binary created"
+          lipo -info src-tauri/target/universal-apple-darwin/release/claudia
+      
+      - name: Prepare app bundle with universal binary
+        run: |
+          # Create temp directory
+          mkdir -p dmg_temp
+          
+          # Copy the app bundle from one of the builds
+          cp -R src-tauri/target/release/bundle/macos/Claudia.app dmg_temp/
+          
+          # Replace the binary with universal binary
+          rm -f dmg_temp/Claudia.app/Contents/MacOS/claudia
+          cp src-tauri/target/universal-apple-darwin/release/claudia dmg_temp/Claudia.app/Contents/MacOS/claudia
+      
+      - name: Sign app bundle
+        env:
+          APPLE_SIGNING_IDENTITY: ${{ secrets.APPLE_SIGNING_IDENTITY }}
+        run: |
+          codesign --sign "$APPLE_SIGNING_IDENTITY" \
+            --timestamp \
+            --options runtime \
+            --force \
+            --deep \
+            --entitlements src-tauri/entitlements.plist \
+            dmg_temp/Claudia.app
+      
+      - name: Create DMG
+        run: |
+          hdiutil create -volname "Claudia Installer" \
+            -srcfolder dmg_temp \
+            -ov -format UDZO Claudia.dmg
+      
+      - name: Sign DMG
+        env:
+          APPLE_SIGNING_IDENTITY: ${{ secrets.APPLE_SIGNING_IDENTITY }}
+        run: |
+          codesign --sign "$APPLE_SIGNING_IDENTITY" \
+            --timestamp \
+            --force Claudia.dmg
+      
+      - name: Notarize DMG
+        env:
+          APPLE_ID: ${{ secrets.APPLE_ID }}
+          APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
+          APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
+        run: |
+          # Store notarization credentials
+          xcrun notarytool store-credentials "notarytool-profile" \
+            --apple-id "$APPLE_ID" \
+            --team-id "$APPLE_TEAM_ID" \
+            --password "$APPLE_PASSWORD"
+          
+          # Submit for notarization
+          xcrun notarytool submit Claudia.dmg \
+            --keychain-profile "notarytool-profile" \
+            --wait
+      
+      - name: Staple notarization
+        run: xcrun stapler staple Claudia.dmg
+      
+      - name: Verify DMG
+        run: |
+          spctl -a -t open -vvv --context context:primary-signature Claudia.dmg
+          echo "✅ DMG verification complete"
+      
+      - name: Create artifacts directory
+        run: |
+          mkdir -p dist/macos-universal
+          cp Claudia.dmg dist/macos-universal/
+          
+          # Also save the app bundle
+          cd dmg_temp && zip -r ../dist/macos-universal/Claudia.app.zip Claudia.app && cd ..
+          
+          # Generate checksum
+          shasum -a 256 dist/macos-universal/* > dist/macos-universal/checksums.txt
+      
+      - name: Upload artifacts
+        uses: actions/upload-artifact@v4
+        with:
+          name: macos-universal
+          path: dist/macos-universal/*