building intel mac app (#878)

Co-authored-by: Max Novich <mnovich@squareup.com>

.github/workflows/bundle-desktop-intel.yml

@@ -0,0 +1,258 @@
+# This is a **reuseable** workflow that bundles the Desktop App for Intel macOS.
+# It doesn't get triggered on its own. It gets used in multiple workflows:
+#  - release.yml
+#  - canary.yml
+#  - pr-comment-bundle-desktop.yml
+on:
+  workflow_call:
+    inputs:
+      version:
+        description: 'Version to set for the build'
+        required: false
+        default: ""
+        type: string
+      signing:
+        description: 'Whether to perform signing and notarization'
+        required: false
+        default: false
+        type: boolean
+      quick_test:
+        description: 'Whether to perform the quick launch test'
+        required: false
+        default: true
+        type: boolean
+    secrets:
+      CERTIFICATE_OSX_APPLICATION:
+        description: 'Certificate for macOS application signing'
+        required: false
+      CERTIFICATE_PASSWORD:
+        description: 'Password for the macOS certificate'
+        required: false
+      APPLE_ID:
+        description: 'Apple ID for notarization'
+        required: false
+      APPLE_ID_PASSWORD:
+        description: 'Password for the Apple ID'
+        required: false
+      APPLE_TEAM_ID:
+        description: 'Apple Team ID'
+        required: false
+
+name: Reusable workflow to bundle desktop app for Intel Mac
+
+jobs:
+  bundle-desktop-intel:
+    runs-on: macos-latest
+    name: Bundle Desktop App on Intel macOS
+    steps:
+      # Check initial disk space
+      - name: Check initial disk space
+        run: df -h
+
+      # Validate Signing Secrets if signing is enabled
+      - name: Validate Signing Secrets
+        if: ${{ inputs.signing }}
+        run: |
+          if [[ -z "${{ secrets.CERTIFICATE_OSX_APPLICATION }}" ]]; then
+            echo "Error: CERTIFICATE_OSX_APPLICATION secret is required for signing."
+            exit 1
+          fi
+          if [[ -z "${{ secrets.CERTIFICATE_PASSWORD }}" ]]; then
+            echo "Error: CERTIFICATE_PASSWORD secret is required for signing."
+            exit 1
+          fi
+          if [[ -z "${{ secrets.APPLE_ID }}" ]]; then
+            echo "Error: APPLE_ID secret is required for signing."
+            exit 1
+          fi
+          if [[ -z "${{ secrets.APPLE_ID_PASSWORD }}" ]]; then
+            echo "Error: APPLE_ID_PASSWORD secret is required for signing."
+            exit 1
+          fi
+          if [[ -z "${{ secrets.APPLE_TEAM_ID }}" ]]; then
+            echo "Error: APPLE_TEAM_ID secret is required for signing."
+            exit 1
+          fi
+          echo "All required signing secrets are present."
+
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      # Update versions before build
+      - name: Update versions
+        if: ${{ inputs.version != '' }}
+        run: |
+          # Update version in Cargo.toml
+          sed -i.bak 's/^version = ".*"/version = "'${{ inputs.version }}'"/' Cargo.toml
+          rm -f Cargo.toml.bak
+          
+          # Update version in package.json 
+          cd ui/desktop
+          npm version ${{ inputs.version }} --no-git-tag-version --allow-same-version
+
+      - name: Setup Rust
+        uses: dtolnay/rust-toolchain@stable
+        with:
+          toolchain: stable
+          targets: x86_64-apple-darwin
+
+      # Pre-build cleanup to ensure enough disk space
+      - name: Pre-build cleanup
+        run: |
+          echo "Performing pre-build cleanup..."
+          # Clean npm cache
+          npm cache clean --force || true
+          # Clean any previous build artifacts
+          rm -rf target || true
+          # Clean Homebrew cache
+          brew cleanup || true
+          # Remove unnecessary large directories
+          rm -rf ~/Library/Caches/* || true
+          # Check disk space after cleanup
+          df -h
+
+      - name: Cache Cargo registry
+        uses: actions/cache@v3
+        with:
+          path: ~/.cargo/registry
+          key: ${{ runner.os }}-intel-cargo-registry-${{ hashFiles('**/Cargo.lock') }}
+          restore-keys: |
+            ${{ runner.os }}-intel-cargo-registry-
+
+      - name: Cache Cargo index
+        uses: actions/cache@v3
+        with:
+          path: ~/.cargo/index
+          key: ${{ runner.os }}-intel-cargo-index
+          restore-keys: |
+            ${{ runner.os }}-intel-cargo-index
+
+      - name: Cache Cargo build
+        uses: actions/cache@v3
+        with:
+          path: target
+          key: ${{ runner.os }}-intel-cargo-build-${{ hashFiles('**/Cargo.lock') }}
+          restore-keys: |
+            ${{ runner.os }}-intel-cargo-build-
+
+      # Build specifically for Intel architecture
+      - name: Build goosed for Intel
+        run: cargo build --release -p goose-server --target x86_64-apple-darwin
+
+      # Post-build cleanup to free space
+      - name: Post-build cleanup
+        run: |
+          echo "Performing post-build cleanup..."
+          # Remove debug artifacts
+          rm -rf target/debug || true
+          rm -rf target/x86_64-apple-darwin/debug || true
+          # Keep only what's needed for the next steps
+          rm -rf target/x86_64-apple-darwin/release/deps || true
+          rm -rf target/x86_64-apple-darwin/release/build || true
+          rm -rf target/x86_64-apple-darwin/release/incremental || true
+          # Check disk space after cleanup
+          df -h
+
+      - name: Copy binary into Electron folder
+        run: cp target/x86_64-apple-darwin/release/goosed ui/desktop/src/bin/goosed
+
+      - name: Add MacOS certs for signing and notarization
+        if: ${{ inputs.signing }}
+        run: ./scripts/add-macos-cert.sh
+        working-directory: ui/desktop
+        env:
+          CERTIFICATE_OSX_APPLICATION: ${{ secrets.CERTIFICATE_OSX_APPLICATION }}
+          CERTIFICATE_PASSWORD: ${{ secrets.CERTIFICATE_PASSWORD }}
+
+      - name: Set up Node.js
+        uses: actions/setup-node@v2
+        with:
+          node-version: 'lts/*'
+
+      - name: Install dependencies
+        run: npm ci
+        working-directory: ui/desktop
+
+      # Configure Electron builder for Intel architecture
+      - name: Configure for Intel build
+        run: |
+          # Set the architecture to x64 for Intel Mac build
+          jq '.build.mac.target[0].arch = "x64"' package.json > package.json.tmp && mv package.json.tmp package.json
+        working-directory: ui/desktop
+
+      # Check disk space before bundling
+      - name: Check disk space before bundling
+        run: df -h
+
+      - name: Make Unsigned App
+        if: ${{ !inputs.signing }}
+        run: |
+          attempt=0
+          max_attempts=2
+          until [ $attempt -ge $max_attempts ]; do
+            npm run bundle:default && break
+            attempt=$((attempt + 1))
+            echo "Attempt $attempt failed. Retrying..."
+            sleep 5
+          done
+          if [ $attempt -ge $max_attempts ]; then
+            echo "Action failed after $max_attempts attempts."
+            exit 1
+          fi
+        working-directory: ui/desktop
+
+      - name: Make Signed App
+        if: ${{ inputs.signing }}
+        run: |
+          attempt=0
+          max_attempts=2
+          until [ $attempt -ge $max_attempts ]; do
+            npm run bundle:default && break
+            attempt=$((attempt + 1))
+            echo "Attempt $attempt failed. Retrying..."
+            sleep 5
+          done
+          if [ $attempt -ge $max_attempts ]; then
+            echo "Action failed after $max_attempts attempts."
+            exit 1
+          fi
+        working-directory: ui/desktop
+        env:
+          APPLE_ID: ${{ secrets.APPLE_ID }}
+          APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }}
+          APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
+
+      - name: Final cleanup before artifact upload
+        run: |
+          echo "Performing final cleanup..."
+          # Remove build artifacts that are no longer needed
+          rm -rf target || true
+          # Check disk space after cleanup
+          df -h
+
+      - name: Upload Desktop artifact
+        uses: actions/upload-artifact@v4
+        with:
+          name: Goose-darwin-x64
+          path: ui/desktop/out/Goose-darwin-x64/Goose.zip
+
+      - name: Quick launch test (macOS)
+        if: ${{ inputs.quick_test }}
+        run: |
+          # Ensure no quarantine attributes (if needed)
+          xattr -cr "ui/desktop/out/Goose-darwin-x64/Goose.app"
+          echo "Opening Goose.app..."
+          open -g "ui/desktop/out/Goose-darwin-x64/Goose.app"
+
+          # Give the app a few seconds to start and write logs
+          sleep 5
+
+          # Check if it's running
+          if pgrep -f "Goose.app/Contents/MacOS/Goose" > /dev/null; then
+            echo "App appears to be running."
+          else
+            echo "App did not stay open. Possible crash or startup error."
+            exit 1
+          fi
+          # Kill the app to clean up
+          pkill -f "Goose.app/Contents/MacOS/Goose"

.github/workflows/bundle-desktop.yml

@@ -45,6 +45,10 @@ jobs:
     runs-on: macos-latest
     name: Bundle Desktop App on macOS
     steps:
+      # Check initial disk space
+      - name: Check initial disk space
+        run: df -h
+
       # Validate Signing Secrets if signing is enabled
       - name: Validate Signing Secrets
         if: ${{ inputs.signing }}
@@ -86,6 +90,21 @@ jobs:
           cd ui/desktop
           npm version ${{ inputs.version }} --no-git-tag-version --allow-same-version
 
+      # Pre-build cleanup to ensure enough disk space
+      - name: Pre-build cleanup
+        run: |
+          echo "Performing pre-build cleanup..."
+          # Clean npm cache
+          npm cache clean --force || true
+          # Clean any previous build artifacts
+          rm -rf target || true
+          # Clean Homebrew cache
+          brew cleanup || true
+          # Remove unnecessary large directories
+          rm -rf ~/Library/Caches/* || true
+          # Check disk space after cleanup
+          df -h
+
       - name: Setup Rust
         uses: dtolnay/rust-toolchain@stable
         with:
@@ -115,10 +134,23 @@ jobs:
           restore-keys: |
             ${{ runner.os }}-cargo-build-
 
-      # Rest of the workflow remains the same...
+      # Build the project
       - name: Build goosed
         run: cargo build --release -p goose-server
 
+      # Post-build cleanup to free space
+      - name: Post-build cleanup
+        run: |
+          echo "Performing post-build cleanup..."
+          # Remove debug artifacts
+          rm -rf target/debug || true
+          # Keep only what's needed for the next steps
+          rm -rf target/release/deps || true
+          rm -rf target/release/build || true
+          rm -rf target/release/incremental || true
+          # Check disk space after cleanup
+          df -h
+
       - name: Copy binary into Electron folder
         run: cp target/release/goosed ui/desktop/src/bin/goosed
 
@@ -139,6 +171,10 @@ jobs:
         run: npm ci
         working-directory: ui/desktop
 
+      # Check disk space before bundling
+      - name: Check disk space before bundling
+        run: df -h
+
       - name: Make Unsigned App
         if: ${{ !inputs.signing }}
         run: |
@@ -177,6 +213,14 @@ jobs:
           APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }}
           APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
 
+      - name: Final cleanup before artifact upload
+        run: |
+          echo "Performing final cleanup..."
+          # Remove build artifacts that are no longer needed
+          rm -rf target || true
+          # Check disk space after cleanup
+          df -h
+
       - name: Upload Desktop artifact
         uses: actions/upload-artifact@v4
         with:
@@ -202,4 +246,4 @@ jobs:
             exit 1
           fi
           # Kill the app to clean up
-          pkill -f "Goose.app/Contents/MacOS/Goose"
+          pkill -f "Goose.app/Contents/MacOS/Goose"

.github/workflows/ci.yml

@@ -76,6 +76,31 @@ jobs:
           cargo test
         working-directory: crates
 
+      # Add disk space cleanup before linting
+      - name: Check disk space before cleanup
+        run: df -h
+
+      - name: Clean up disk space
+        run: |
+          echo "Cleaning up disk space..."
+          # Remove debug artifacts that are no longer needed after tests
+          rm -rf target/debug/deps
+          rm -rf target/debug/build
+          rm -rf target/debug/incremental
+          # Clean npm cache if it exists
+          npm cache clean --force || true
+          # Clean apt cache
+          sudo apt-get clean
+          # Remove unnecessary large directories
+          rm -rf ~/.cargo/registry/index || true
+          # Remove docker images if any
+          docker system prune -af || true
+          # Remove unused packages
+          sudo apt-get autoremove -y || true
+
+      - name: Check disk space after cleanup
+        run: df -h
+
       - name: Lint
         run: cargo clippy -- -D warnings
 
@@ -104,4 +129,4 @@ jobs:
     uses: ./.github/workflows/bundle-desktop.yml
     if: github.event_name == 'pull_request'
     with:
-      signing: false
+      signing: false