godotengine/godot-cpp-template
1
0
Fork 0
mirror of https://github.com/godotengine/godot-cpp-template.git synced 2025-12-31 21:48:10 +03:00
Code Issues Packages Projects Releases Wiki Activity

Remove .framework folders and code signing for macOS and iOS

Browse Source
This commit is contained in:
unvermuthet
2025-02-19 11:52:20 +01:00
parent db25e65728
commit e4e73a26d7
7 changed files with 6 additions and 387 deletions
Download Patch File Download Diff File Expand all files Collapse all files

179
.github/actions/sign/action.yml vendored
View File

@@ -1,179 +0,0 @@
# This file incorporates work covered by the following copyright and permission notice:
#
# Copyright (c) Mikael Hermansson and Godot Jolt contributors.
# Copyright (c) Dragos Daian.
#
# Permission is hereby granted, free of charge, to any person obtaining a copy of
# this software and associated documentation files (the "Software"), to deal in
# the Software without restriction, including without limitation the rights to
# use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
# the Software, and to permit persons to whom the Software is furnished to do so,
# subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in all
# copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
# FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
# COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
# IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
name: GDExtension Sign
description: Sign Mac GDExtension
inputs:
FRAMEWORK_PATH:
description: The path of the artifact. Eg. bin/addons/my_addon/bin/libmy_addon.macos.template_release.universal.framework
required: true
SIGN_FLAGS:
description: The extra flags to use. Eg. --deep
required: false
APPLE_CERT_BASE64:
required: true
description: Base64 file from p12 certificate.
APPLE_CERT_PASSWORD:
required: true
description: Password set when creating p12 certificate from .cer certificate.
APPLE_DEV_PASSWORD:
required: true
description: Apple App-Specific Password. Eg. abcd-abcd-abcd-abcd
APPLE_DEV_ID:
required: true
description: Email used for Apple Id. Eg. email@provider.com
APPLE_DEV_TEAM_ID:
required: true
description: Apple Team Id. Eg. 1ABCD23EFG
APPLE_DEV_APP_ID:
required: true
description: |
Certificate name from get info -> Common name . Eg. Developer ID Application: Common Name (1ABCD23EFG)
outputs:
zip_path:
value: ${{ steps.sign.outputs.path }}
runs:
using: composite
steps:
- name: Sign
id: sign
shell: pwsh
run: |
#!/usr/bin/env pwsh
# Copyright (c) Mikael Hermansson and Godot Jolt contributors.
# Permission is hereby granted, free of charge, to any person obtaining a copy of
# this software and associated documentation files (the "Software"), to deal in
# the Software without restriction, including without limitation the rights to
# use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
# the Software, and to permit persons to whom the Software is furnished to do so,
# subject to the following conditions:
# The above copyright notice and this permission notice shall be included in all
# copies or substantial portions of the Software.
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
# FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
# COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
# IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
# Taken from https://github.com/godot-jolt/godot-jolt/blob/master/scripts/ci_sign_macos.ps1
Set-StrictMode -Version Latest
$ErrorActionPreference = "Stop"
$CodesignPath = Get-Command codesign | Resolve-Path
$CertificateBase64 = "${{inputs.APPLE_CERT_BASE64}}"
$CertificatePassword = "${{inputs.APPLE_CERT_PASSWORD}}"
$CertificatePath = [IO.Path]::ChangeExtension((New-TemporaryFile), "p12")
$Keychain = "ephemeral.keychain"
$KeychainPassword = (New-Guid).ToString().Replace("-", "")
$DevId = "${{ inputs.APPLE_DEV_ID }}"
$DevTeamId = "${{ inputs.APPLE_DEV_TEAM_ID }}"
$DevPassword = "${{ inputs.APPLE_DEV_PASSWORD }}"
$DeveloperIdApplication = "${{ inputs.APPLE_DEV_APP_ID }}"
if (!$CertificateBase64) { throw "No certificate provided" }
if (!$CertificatePassword) { throw "No certificate password provided" }
if (!$DevId) { throw "No Apple Developer ID provided" }
if (!$DeveloperIdApplication) { throw "No Apple Developer ID Application provided" }
if (!$DevTeamId) { throw "No Apple Team ID provided" }
if (!$DevPassword) { throw "No Apple Developer password provided" }
Write-Output "Decoding certificate..."
$Certificate = [Convert]::FromBase64String($CertificateBase64)
Write-Output "Writing certificate to disk..."
[IO.File]::WriteAllBytes($CertificatePath, $Certificate)
Write-Output "Creating keychain..."
security create-keychain -p $KeychainPassword $Keychain
Write-Output "Setting keychain as default..."
security default-keychain -s $Keychain
Write-Output "Importing certificate into keychain..."
security import $CertificatePath `
-k ~/Library/Keychains/$Keychain `
-P $CertificatePassword `
-T $CodesignPath
Write-Output "Check identities..."
security find-identity
Write-Output "Granting access to keychain..."
security set-key-partition-list -S "apple-tool:,apple:" -s -k $KeychainPassword $Keychain
$Framework = "${{ inputs.FRAMEWORK_PATH }}"
$SignFlags = "${{ inputs.SIGN_FLAGS }}"
$Archive = [IO.Path]::ChangeExtension((New-TemporaryFile), "zip")
Write-Output "Signing '$Framework'..."
& $CodesignPath --verify --timestamp --verbose "$SignFlags" --sign $DeveloperIdApplication "$Framework"
Write-Output "Verifying signing..."
& $CodesignPath --verify -dvvv "$Framework"
Get-ChildItem -Force -Recurse -Path "$Framework"
Write-Output "Archiving framework to '$Archive'..."
ditto -ck -rsrc --sequesterRsrc --keepParent "$Framework" "$Archive"
Write-Output "Submitting archive for notarization..."
$output = xcrun notarytool submit "$Archive" `
--apple-id $DevId `
--team-id $DevTeamId `
--password $DevPassword `
--wait
echo $output
$matches = $output -match '((\d|[a-z])+-(\d|[a-z])+-(\d|[a-z])+-(\d|[a-z])+-(\d|[a-z])+)'
if ($output) {
$id_res = $matches[0].Substring(6)
}
xcrun notarytool log $id_res `
--apple-id $DevId `
--team-id $DevTeamId `
--password $DevPassword `
developer_log.json
get-content developer_log.json
echo "path=$Archive" >> $env:GITHUB_OUTPUT

16
.github/workflows/builds.yml vendored
View File

@@ -83,22 +83,6 @@ jobs:
scons-cache: ${{ github.workspace }}/.scons-cache/
cache-name: ${{ matrix.target.platform }}_${{ matrix.target.arch }}_${{ matrix.float-precision }}_${{ matrix.target-type }}
# Sign the binary (macOS only)
- name: Mac Sign
# Disable sign if secrets are not set
if: ${{ matrix.target.platform == 'macos' && env.APPLE_CERT_BASE64 }}
env:
APPLE_CERT_BASE64: ${{ secrets.APPLE_CERT_BASE64 }}
uses: ./.github/actions/sign
with:
FRAMEWORK_PATH: bin/macos/macos.framework
APPLE_CERT_BASE64: ${{ secrets.APPLE_CERT_BASE64 }}
APPLE_CERT_PASSWORD: ${{ secrets.APPLE_CERT_PASSWORD }}
APPLE_DEV_PASSWORD: ${{ secrets.APPLE_DEV_PASSWORD }}
APPLE_DEV_ID: ${{ secrets.APPLE_DEV_ID }}
APPLE_DEV_TEAM_ID: ${{ secrets.APPLE_DEV_TEAM_ID }}
APPLE_DEV_APP_ID: ${{ secrets.APPLE_DEV_APP_ID }}
# Clean up compilation files
- name: Windows - Delete compilation files
if: ${{ matrix.target.platform == 'windows' }}

117
README.md
View File

@@ -6,7 +6,6 @@ This repository serves as a quickstart template for GDExtension development with
* godot-cpp as a submodule (`godot-cpp/`)
* GitHub Issues template (`.github/ISSUE_TEMPLATE.yml`)
* GitHub CI/CD workflows to publish your library packages when creating a release (`.github/workflows/builds.yml`)
* GitHub CI/CD actions to build (`.github/actions/build/action.yml`) and to sign Mac frameworks (`.github/actions/build/sign.yml`).
* preconfigured source files for C++ development of the GDExtension (`src/`)
* setup to automatically generate `.xml` files in a `doc_classes/` directory to be parsed by Godot as [GDExtension built-in documentation](https://docs.godotengine.org/en/stable/tutorials/scripting/gdextension/gdextension_docs_system.html)
@@ -28,119 +27,3 @@ For getting started after cloning your own copy to your local machine, you shoul
This repository comes with a GitHub action that builds the GDExtension for cross-platform use. It triggers automatically for each pushed change. You can find and edit it in [builds.yml](.github/workflows/builds.yml).
After a workflow run is complete, you can find the file `godot-cpp-template.zip` on the `Actions` tab on GitHub.
Note: for macos, you will have to build the binary as a `.dylib` in a `EXTENSION-NAME.framework` folder. The framework folder should also have a `Resources` folder with a file called `Info.plist`. Without this file, signing will fail.
Note: for iOS, the same should be as for MacOS, however the `Info.plist` file needs to be close to the `.dylib`, instead of in a `Resources` folder (If this is not done, the build will fail to upload to the App Store).
So, in our case, the builds should be:
```sh
bin/EXTENSION-NAME.macos.template_debug.framework/EXTENSION-NAME.macos.template_release
bin/EXTENSION-NAME.ios.template_debug.framework/EXTENSION-NAME.ios.template_release.arm64.dylib
Afterwards, you want to set in the `.gdextension` file the paths to the `.framework` folder, instead of the `.dylib` file (Note that for the `.dylib` binary, the extension is not needed, you could have a file without any extension and it would still work).
In the `name: Mac Sign` step, we are signing the generated mac binaries.
We are reusing the following action:
```yml
uses: godotengine/godot-cpp-template/.github/actions/sign@main
with:
FRAMEWORK_PATH: bin/macos/macos.framework
APPLE_CERT_BASE64: ${{ secrets.APPLE_CERT_BASE64 }}
APPLE_CERT_PASSWORD: ${{ secrets.APPLE_CERT_PASSWORD }}
APPLE_DEV_PASSWORD: ${{ secrets.APPLE_DEV_PASSWORD }}
APPLE_DEV_ID: ${{ secrets.APPLE_DEV_ID }}
APPLE_DEV_TEAM_ID: ${{ secrets.APPLE_DEV_TEAM_ID }}
APPLE_DEV_APP_ID: ${{ secrets.APPLE_DEV_APP_ID }}
```
As you can see, this action requires some secrets to be configured in order to run. Also, you need to tell it the path to the `.framework` folder, where you have both the binary (`.dylib` file) and the `Resources` folder with the `Info.plist` file.
## Configuration - Mac Signing Secrets
In order to sign the Mac binary, you need to configure the following secrets:
`APPLE_CERT_BASE64`, `APPLE_CERT_PASSWORD`, `APPLE_DEV_PASSWORD`, `APPLE_DEV_ID`, `APPLE_DEV_TEAM_ID`, `APPLE_DEV_APP_ID`. These secrets are stored in the example above in the Github secrets for repositories. The names of the secrets have to match the names of the secrets you use for your action. For more on this, read the [Creating secrets for a repository](https://docs.github.com/en/actions/security-guides/using-secrets-in-github-actions#creating-secrets-for-a-repository) article from Github.
These secrets are then passed down to the `godotengine/godot-cpp-template/.github/actions/sign@main` action that signs the binary.
In order to configure these secrets, you will need:
- A Mac
- An Apple ID enrolled in Apple Developer Program (99 USD per year)
- A `Resources/Info.plist` in the `framework` folder. Take the one in this project as an example. Be careful to set CFBundleExecutable to the **EXACT** lib name, otherwise it won't work. Also, don't put strange names in the CFBundleName and other such places. Try to only use letters and spaces. Errors will be extremly vague if not impossible to debug.
For the actions you will need to set the following inputs. Store them as secrets in GitHub:
- APPLE_CERT_BASE64
- APPLE_CERT_PASSWORD
- APPLE_DEV_ID
- APPLE_DEV_TEAM_ID
- APPLE_DEV_PASSWORD
- APPLE_DEV_APP_ID
You will find here a guide on how to create all of them. Go to [developer.apple.com](developer.apple.com):
- Create an Apple ID if you dont have one already.
- Use your Apple ID to register in the Apple Developer Program.
- Accept all agreements from the Apple Developer Page.
### APPLE_DEV_ID - Apple ID
- Your email used for your Apple ID.
- APPLE_DEV_ID = email@provider.com
### APPLE_DEV_TEAM_ID - Apple Team ID
- Go to [developer.apple.com](https://developer.apple.com). Go to account.
- Go to membership details. Copy Team ID.
- APPLE_DEV_TEAM_ID = `1ABCD23EFG`
### APPLE_DEV_PASSWORD - Apple App-Specific Password
- Create [Apple App-Specific Password](https://support.apple.com/en-us/102654). Copy the password.
- APPLE_DEV_PASSWORD = `abcd-abcd-abcd-abcd`
### APPLE_CERT_BASE64 and APPLE_CERT_PASSWORD and APPLE_DEV_APP_ID
- Go to [developer.apple.com](https://developer.apple.com). Go to account.
- Go to certificates.
- Click on + at Certificates tab. Create Developer ID Application. Click Continue.
- Leave profile type as is. [Create a certificate signing request from a mac](https://developer.apple.com/help/account/create-certificates/create-a-certificate-signing-request). You can use your own name and email address. Save the file to disk. You will get a file called `CertificateSigningRequest.certSigningRequest`. Upload it to the Developer ID Application request. Click Continue.
- Download the certificate. You will get a file `developerID_application.cer`.
- On a Mac, right click and select open. Add it to the login keychain. In the Keychain Access app that opened, login Keychain tab, go to Keys, sort by date modified, expand your key (the key should have name you entered at common name `Common Name`), right click the expanded certificate, get info, and copy the text at Details -> Subject Name -> Common Name.
Eg.
- APPLE_DEV_APP_ID = `Developer ID Application: Common Name (1ABCD23EFG)`
- Then, select the certificate, right click and click export. At file format select p12. When exporting, set a password for the certificate. This will be APPLE_CERT_PASSWORD. You will get a `Certificates.p12` file.
Eg.
- APPLE_CERT_PASSWORD = `<password_set_when_exporting_p12>`
- Then you need to make a base64 file out of it, by running:
```
base64 -i Certificates.p12 -o Certificates.base64
```
- Copy the contents of the generated file:
Eg.
- `APPLE_CERT_BASE64` = `...`(A long text file)
After these secrets are obtained, all that remains is to set them in Github secrets and then use them in the Github action, eg. in the above Github action usage example, this part:
```
- name: Mac Sign
if: ${{ matrix.platform == 'macos' && env.APPLE_CERT_BASE64 }}
env:
APPLE_CERT_BASE64: ${{ secrets.APPLE_CERT_BASE64 }}
uses: godotengine/godot-cpp-template/.github/actions/sign@main
with:
FRAMEWORK_PATH: bin/macos/macos.framework
APPLE_CERT_BASE64: ${{ secrets.APPLE_CERT_BASE64 }}
APPLE_CERT_PASSWORD: ${{ secrets.APPLE_CERT_PASSWORD }}
APPLE_DEV_PASSWORD: ${{ secrets.APPLE_DEV_PASSWORD }}
APPLE_DEV_ID: ${{ secrets.APPLE_DEV_ID }}
APPLE_DEV_TEAM_ID: ${{ secrets.APPLE_DEV_TEAM_ID }}
```

9
SConstruct
View File

@@ -46,19 +46,14 @@ if env["target"] in ["editor", "template_debug"]:
print("Not including class reference as we're targeting a pre-4.3 baseline.")
file = "{}{}{}".format(libname, env["suffix"], env["SHLIBSUFFIX"])
filepath = ""
if env["platform"] == "macos" or env["platform"] == "ios":
filepath = "{}.framework/".format(env["platform"])
file = "{}{}".format(libname, env["suffix"])
libraryfile = "bin/{}/{}{}".format(env["platform"], filepath, file)
libraryfile = "bin/{}/{}".format(env["platform"], file)
library = env.SharedLibrary(
libraryfile,
source=sources,
)
copy = env.InstallAs("{}/bin/{}/{}lib{}".format(projectdir, env["platform"], filepath, file), library)
copy = env.InstallAs("{}/bin/{}/lib{}".format(projectdir, env["platform"], file), library)
default_args = [library, copy]
Default(*default_args)

32
bin/ios/ios.framework/Info.plist
View File

@@ -1,32 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>CFBundleInfoDictionaryVersion</key>
<string>6.0</string>
<key>CFBundleDevelopmentRegion</key>
<string>en</string>
<key>CFBundleExecutable</key>
<string>libEXTENSION-NAME.ios.template_release.arm64</string>
<key>CFBundleName</key>
<string>Godot Template Cpp</string>
<key>CFBundleDisplayName</key>
<string>Godot Template Cpp</string>
<key>CFBundleIdentifier</key>
<string>org.godot.godot-template-cpp</string>
<key>NSHumanReadableCopyright</key>
<string>Unlicensed</string>
<key>CFBundleVersion</key>
<string>1.0.0</string>
<key>CFBundleShortVersionString</key>
<string>1.0.0</string>
<key>CFBundlePackageType</key>
<string>FMWK</string>
<key>CSResourcesFileMapped</key>
<true/>
<key>DTPlatformName</key>
<string>iphoneos</string>
<key>MinimumOSVersion</key>
<string>12.0</string>
</dict>
</plist>

32
bin/macos/macos.framework/Resources/Info.plist
View File

@@ -1,32 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>CFBundleInfoDictionaryVersion</key>
<string>6.0</string>
<key>CFBundleDevelopmentRegion</key>
<string>en</string>
<key>CFBundleExecutable</key>
<string>libEXTENSION-NAME.macos.template_release.universal</string>
<key>CFBundleName</key>
<string>Godot Cpp Template</string>
<key>CFBundleDisplayName</key>
<string>Godot Cpp Template</string>
<key>CFBundleIdentifier</key>
<string>org.godot.godot-template-cpp</string>
<key>NSHumanReadableCopyright</key>
<string>Unlicensed</string>
<key>CFBundleVersion</key>
<string>1.0.0</string>
<key>CFBundleShortVersionString</key>
<string>1.0.0</string>
<key>CFBundlePackageType</key>
<string>FMWK</string>
<key>CSResourcesFileMapped</key>
<true/>
<key>DTPlatformName</key>
<string>macosx</string>
<key>LSMinimumSystemVersion</key>
<string>10.12</string>
</dict>
</plist>

8
demo/bin/example.gdextension
View File

@@ -5,10 +5,10 @@ compatibility_minimum = "4.1"
[libraries]
; Relative paths ensure that our GDExtension can be placed anywhere in the project directory.
macos.debug = "./macos/macos.framework/libEXTENSION-NAME.macos.template_debug.universal"
macos.release = "./macos/macos.framework/libEXTENSION-NAME.macos.template_release.universal"
ios.debug = "./ios/ios.framework/libEXTENSION-NAME.ios.template_debug.arm64"
ios.release = "./ios/ios.framework/libEXTENSION-NAME.ios.template_release.arm64"
macos.debug = "./macos/libEXTENSION-NAME.macos.template_debug.universal.dylib"
macos.release = "./macos/libEXTENSION-NAME.macos.template_release.universal.dylib"
ios.debug = "./ios/libEXTENSION-NAME.ios.template_debug.arm64.dylib"
ios.release = "./ios/libEXTENSION-NAME.ios.template_release.arm64.dylib"
windows.debug.x86_32 = "./windows/libEXTENSION-NAME.windows.template_debug.x86_32.dll"
windows.release.x86_32 = "./windows/libEXTENSION-NAME.windows.template_release.x86_32.dll"
windows.debug.x86_64 = "./windows/libEXTENSION-NAME.windows.template_debug.x86_64.dll"