feat: macOS ICU build #79

Workflow file for this run

	name: Build and publish

	on:
	push:
	branches: [ main ]
	pull_request:
	branches: [ main ]

	env:
	ICU_SOURCE_ZIP_URL: https://github.com/unicode-org/icu/archive/refs/tags/release-77-1.zip

	jobs:
	build_unoicu:
	runs-on: ubuntu-latest
	strategy:
	matrix:
	EMSCRIPTEN_VERSION: [ '3.1.12','3.1.34','3.1.56' ]
	steps:
	- uses: actions/checkout@v2

	- name: Build unoicu.a
	run: \|
	pushd src/unoicu
	docker build --build-arg EMSCRIPTEN_VERSION=${{ matrix.EMSCRIPTEN_VERSION }} --output type=local,dest=./out .
	popd

	- name: Upload unoicu.a
	uses: actions/upload-artifact@v4
	with:
	name: unoicu-${{ matrix.EMSCRIPTEN_VERSION }}
	path: ./src/unoicu/out

	build_icudt:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v2

	- name: Build icudt.dat
	run: \|
	pushd src/cldr_data
	docker build --build-arg ICU_SOURCE_ZIP_URL=${ICU_SOURCE_ZIP_URL} --output type=local,dest=. .
	popd

	- name: Upload icudt.dat
	uses: actions/upload-artifact@v4
	with:
	name: icudt.dat
	path: ./src/cldr_data/icudt.dat

	build_libicu_darwin:
	strategy:
	matrix:
	arch: [ 'x86_64','arm64' ]
	runs-on: ${{ matrix.arch == 'x86_64' && 'macos-15-intel' \|\| 'macos-15' }}
	steps:
	- uses: actions/checkout@v2

	- name: Build icudt.dat
	run: \|
	curl -L -o icu.zip ${ICU_SOURCE_ZIP_URL}
	mkdir icu
	unzip -d icu icu.zip
	pushd icu/$(ls icu)/icu4c/source
	export ICU_DATA_FILTER_FILE="$PWD/src/cldr_data/filters_macosios.json"
	./runConfigureICU macOS
	make -j $(sysctl -n hw.physicalcpu)
	popd
	mkdir artifacts
	cp icu/$(ls icu)/icu4c/source/lib/libicuuc.dylib icu/$(ls icu)/icu4c/source/lib/libicudata.dylib artifacts

	- name: Upload binaries
	uses: actions/upload-artifact@v4
	with:
	name: libicu-darwin-${{ matrix.arch }}
	path: ./artifacts

	build_libicu_darwin_universal:
	needs: [build_libicu_darwin]
	runs-on: 'macos-15'
	steps:
	- name: Merge libicu binaries
	uses: actions/upload-artifact/merge@v4
	with:
	name: libicu-darwin-merged
	pattern: 'libicu-darwin-*'
	separate-directories: true

	- name: Download merged libicu binaries
	uses: actions/download-artifact@v4
	with:
	name: libicu-darwin-merged
	path: ./libicu-darwin-merged

	- name: Create universal libicu binaries
	run: \|
	mkdir libicu_darwin_universal
	lipo -create libicu-darwin-merged/**/libicuuc.dylib -output libicu_darwin_universal/libicuuc.dylib
	lipo -create libicu-darwin-merged/**/libicudata.dylib -output libicu_darwin_universal/libicudata.dylib

	- name: Upload universal libicu binaries
	uses: actions/upload-artifact@v4
	with:
	name: libicu_darwin_universal
	path: ./libicu_darwin_universal/*

	package:
	needs: [build_unoicu, build_icudt, build_libicu_darwin_universal]
	runs-on: windows-latest

	steps:
	- uses: actions/checkout@v4
	with:
	fetch-depth: 0

	- name: Download universal libicu binaries
	uses: actions/download-artifact@v4
	with:
	name: libicu_darwin_universal
	path: .

	- name: List files
	run: \|
	Get-ChildItem -Recurse .

	- name: Move binaries to correct locations
	shell: bash
	run: \|
	mkdir nuget/uno.icu-macos/libicu
	mv {libicuuc,libicudata}.dylib ./nuget/uno.icu-macos/libicu

	- name: List files
	run: \|
	Get-ChildItem -Recurse .

	- name: Merge unoicu.a artifacts
	uses: actions/upload-artifact/merge@v4
	with:
	name: unoicu-merged
	pattern: 'unoicu-*'
	separate-directories: true

	- name: Download merged unoicu.a artifacts
	uses: actions/download-artifact@v4
	with:
	name: unoicu-merged
	path: ./merged-artifacts

	- name: Download icudt.dat
	uses: actions/download-artifact@v4
	with:
	name: icudt.dat
	path: ./merged-artifacts/icudt.dat

	- uses: dotnet/nbgv@f088059084cb5d872e9d1a994433ca6440c2bf72 # v0.4.2
	id: nbgv
	with:
	toolVersion: 3.6.139
	setAllVars: true

	- name: List files
	run: \|
	Get-ChildItem -Recurse .

	- name: Move downloaded artifacts to correct locations
	shell: bash
	run: \|
	mv ./merged-artifacts/icudt.dat/icudt.dat ./nuget/uno.icu-wasm/build

	mkdir -p ./nuget/uno.icu-wasm/buildTransitive/native/unoicu.a
	pushd merged-artifacts
	for dir in unoicu-*; do
	new_name="${dir#unoicu-}"
	mkdir -p ../nuget/uno.icu-wasm/buildTransitive/native/unoicu.a/"$new_name"/st
	cp -r "$dir"/unoicu.a ../nuget/uno.icu-wasm/buildTransitive/native/unoicu.a/"$new_name"/st/unoicu.a
	done
	popd

	- name: List files
	run: \|
	Get-ChildItem -Recurse .

	- name: Setup .NET SDK
	uses: actions/[email protected]
	with:
	dotnet-version: 8.0.100

	- name: Build nuget
	run: \|
	pushd nuget
	.\nuget.exe pack uno.icu-wasm/uno.icu-wasm.nuspec -version ${{ steps.nbgv.outputs.SemVer2 }}
	.\nuget.exe pack uno.icu-macos/uno.icu-macos.nuspec -version ${{ steps.nbgv.outputs.SemVer2 }}
	popd

	- uses: actions/upload-artifact@v4
	with:
	name: nuget
	path: ./nuget/*.nupkg

	sign:
	name: Sign Package
	if: ${{ github.event_name == 'push' && (github.ref == 'refs/heads/main' \|\| startsWith(github.ref, 'refs/heads/release/')) }}
	runs-on: windows-latest
	environment: PackageSign

	permissions:
	id-token: write # Required for requesting the JWT

	needs:
	- package

	steps:
	- name: Checkout
	uses: actions/checkout@v2

	- name: Download Artifacts
	uses: actions/download-artifact@v4
	with:
	name: nuget
	path: artifacts\NuGet

	- name: Setup .NET SDK
	uses: actions/setup-dotnet@v1
	with:
	dotnet-version: '9.0.x'

	# Install the code signing tool
	- name: Install Sign CLI tool
	run: dotnet tool install --tool-path . sign --version 0.9.1-beta.25278.1

	# Login to Azure using a ServicePrincipal configured to authenticate agaist a GitHub Action
	- name: 'Az CLI login'
	uses: azure/login@v1
	with:
	allow-no-subscriptions: true
	client-id: ${{ secrets.SIGN_AZURE_CLIENT_ID }}
	tenant-id: ${{ secrets.SIGN_AZURE_TENANT_ID }}
	subscription-id: ${{ secrets.SIGN_AZURE_SUBSCRIPTION_ID }}

	- name: List files
	run: \|
	Get-ChildItem -Recurse .

	# Run the signing command
	- name: Sign artifacts
	shell: pwsh
	run: >
	./sign code azure-key-vault
	artifacts\NuGet\*.nupkg
	--publisher-name "Uno Platform"
	--description "uno.icu"
	--description-url "https://github.com/${{ env.GITHUB_REPOSITORY }}"
	--azure-key-vault-managed-identity true
	--azure-key-vault-url "${{ secrets.SIGN_KEY_VAULT_URL }}"
	--azure-key-vault-certificate "${{ secrets.SIGN_KEY_VAULT_CERTIFICATE_ID }}"
	--verbosity information

	- name: Upload Signed Artifacts
	uses: actions/upload-artifact@v4
	with:
	name: NuGet-Signed
	path: .\artifacts\NuGet

	publish_dev:
	name: Publish Dev
	if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }}
	runs-on: windows-latest

	needs:
	- sign

	steps:
	- name: Download Artifacts
	uses: actions/download-artifact@v4
	with:
	name: NuGet-Signed
	path: artifacts

	- name: NuGet Push
	shell: pwsh
	run: \|
	dotnet nuget push artifacts\*.nupkg -s https://api.nuget.org/v3/index.json -k "${{ secrets.NUGET_ORG_API_KEY }}"

	publish_prod:
	name: Publish Production
	if: ${{ github.event_name == 'push' && startsWith(github.ref, 'refs/heads/release/') }}
	runs-on: windows-latest
	environment: Production
	needs:
	- sign

	permissions:
	contents: write # allow pushing tags

	steps:
	- name: Checkout
	uses: actions/checkout@v4
	with:
	fetch-depth: 0

	- name: Download Artifacts
	uses: actions/download-artifact@v4
	with:
	name: NuGet-Signed
	path: artifacts

	- name: NuGet Push
	shell: pwsh
	run: \|
	dotnet nuget push artifacts\*.nupkg -s https://api.nuget.org/v3/index.json -k "${{ secrets.NUGET_ORG_API_KEY }}"

	- name: Tag Release
	uses: ./.github/workflows/actions/tag-release

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

feat: macOS ICU build #79

Workflow file

feat: macOS ICU build #79

Uh oh!

Jobs

Run details

Workflow file for this run