# For most projects, this workflow file will not need changing; you simply need
# to commit it to your repository.
#
# You may wish to alter this file to override the set of languages analyzed,
# or to provide custom queries or build logic.
#
# ******** NOTE ********
# We have attempted to detect the languages in your repository. Please check
# the `language` matrix defined below to confirm you have the correct set of
# supported CodeQL languages.
#
name: "macOS build"

on:
  push:
    branches: [ main ]
    paths-ignore:
    - 'README.md'
    - 'SECURITY.md'
    - '.gitmodules'
    - '.gitignore'
    - 'LICENSE'
  schedule:
    - cron: '44 20 * * 1'

jobs:
  analyze:
    name: macOS build
    runs-on: macos-11
    permissions:
      actions: read
      contents: write
      security-events: write

    strategy:
      fail-fast: false
      matrix:
        language: [ 'javascript' ]
        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ]
        # Learn more:
        # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed

    steps:
    - uses: maxim-lobanov/setup-xcode@v1
      with:
        xcode-version: '12.4' 
        
    - name: Checkout repository
      uses: actions/checkout@v2
      with: 
        submodules: true

    # Initializes the CodeQL tools for scanning.
#     - name: Initialize CodeQL
#       uses: github/codeql-action/init@v1
#       with:
#         languages: ${{ matrix.language }}
        # If you wish to specify custom queries, you can do so here or in a config file.
        # By default, queries listed here will override any specified in a config file.
        # Prefix the list here with "+" to use these queries and those in the config file.
        # queries: ./path/to/local/query, your-org/your-repo/queries@main

    # ℹ️ Command-line programs to run using the OS shell.
    # 📚 https://git.io/JvXDl

    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
    #    and modify them (or add more) to build your code if your project
    #    uses a compiled language
    
#     - name : env
#       run: | 
#         export EVS_ACCOUNT_NAME=${{ secrets.EVS_ACCOUNT_NAME}} && export EVS_PASSWD=${{ secrets.EVS_PASSWD }} 
#         export CSC_LINK=${{ secrets.CSC_LINK }} && export CSC_KEY_PASSWORD=${{ secrets.CSC_KEY_PASSWORD }}    
#         export APPLEID=${{ secrets.APPLEID }}  && export APPLEIDPASS=${{ secrets.APPLEIDPASS }}   
    
    - name: Sign in to EVS
      run: |    
        python3 -m pip install --upgrade castlabs-evs
        python3 -m castlabs_evs.account refresh -A ${{ secrets.EVS_ACCOUNT_NAME }} -P ${{ secrets.EVS_PASSWD }} 
        
    - name : Build  
      env: 
        CSC_LINK: ${{ secrets.CSC_LINK }}
        CSC_KEY_PASSWORD: ${{ secrets.CSC_KEY_PASSWORD }} 
        APPLEID: ${{ secrets.APPLEID }}
        APPLEIDPASS: ${{ secrets.APPLEIDPASS }}
        APPLE_ID: ${{ secrets.APPLEID }}
        APPLE_ID_PASSWORD: ${{ secrets.APPLEIDPASS }}
        PSC_NAME: ${{ secrets.PSC_NAME }}
        DEVELOPER_DIR: /Applications/Xcode_12.4.app/Contents/Developer
      run: |
        rm cider-yarn.lock || true
        xcodebuild -version 
        brew install autoconf automake libtool
        yarn install
        cp resources/verror-types node_modules/@types/verror/index.d.ts
        cp resources/macPackager.js node_modules/app-builder-lib/out/macPackager.js 
        rm -r node_modules/pouchdb-node/node_modules/leveldown
        rm -r node_modules/pouchdb-adapter-leveldb/node_modules/leveldown
        rm -r /node_modules/leveldown/node_modules/node-gyp-build || true
        yarn dist:universalNotWorking -p never
#     - name: Perform CodeQL Analysis
#       uses: github/codeql-action/analyze@v1

    - name: Add license to dmg
      run: |
        npx dmg-license resources/license.json dist/*.dmg
    
    - name: Import 
      uses: apple-actions/import-codesign-certs@v1
      with: 
        p12-file-base64: ${{ secrets.CSC_LINK }}
        p12-password: ${{ secrets.CSC_KEY_PASSWORD }}

    - name: Create PKG manually  
      env: 
        CSC_LINK: ${{ secrets.CSC_LINK }}
        CSC_KEY_PASSWORD: ${{ secrets.CSC_KEY_PASSWORD }} 
        APPLEID: ${{ secrets.APPLEID }}
        APPLEIDPASS: ${{ secrets.APPLEIDPASS }}
      run: |
         pkgbuild --component dist/mac-universal/Cider.app --install-location /Applications dist/Cider.pkg --sign ${{ secrets.PSC_NAME }} 
         xcrun altool --notarize-app --primary-bundle-id com.ciderapp.cider -f dist/Cider.pkg  --username ${{ secrets.APPLEID }} --password ${{ secrets.APPLEIDPASS }}
         sleep 5m
         xcrun stapler staple dist/Cider.pkg || true
         mv dist/*.dmg dist/Cider.dmg

    - name: Upload a Build Artifact
      uses: actions/upload-artifact@v2.2.3
      with:
        # Artifact name
        name: macOS
        # A file, directory or wildcard pattern that describes what to upload
        path: |
          dist/*.dmg
          dist/*.pkg
        # The desired behavior if no files are found using the provided path.
    - name: Release
      uses: softprops/action-gh-release@v1
      with:
        files: |
          dist/Cider.dmg
          dist/Cider.pkg
        body: signed Develop MacOS Builds
        name: macOS builds  
        tag_name: macos-beta
        target_commitish: ${{ env.GITHUB_SHA }}
        prerelease: true
        generate_release_notes: true
        fail_on_unmatched_files: false