name: macOS Release Build permissions: contents: read on: workflow_call: inputs: build-version: description: 'The version to build' required: true type: string release-branch: description: 'The branch to build' required: true type: string MOZ_BUILD_DATE: type: string required: true default: '' use-sccache: description: 'Use sccache' required: true type: boolean default: false jobs: mac-build: name: Build macOS - ${{ matrix.arch }} runs-on: macos-26 strategy: fail-fast: false matrix: arch: [x86_64, aarch64] env: SCCACHE_GHA_ENABLED: ${{ inputs.use-sccache && 'true' || 'false' }} CARGO_TERM_COLOR: always RUSTC_WRAPPER: ${{ inputs.use-sccache && 'sccache' || '' }} CARGO_INCREMENTAL: 0 steps: - name: Checkout repository uses: actions/checkout@v4 with: submodules: recursive token: ${{ secrets.DEPLOY_KEY }} - name: Setup Node.js uses: actions/setup-node@v4 with: node-version-file: '.nvmrc' - name: Run sccache-cache uses: mozilla-actions/sccache-action@main if: ${{ inputs.use-sccache }} with: disable_annotations: true - name: Expose actions cache variables uses: actions/github-script@v6 with: script: | core.exportVariable('ACTIONS_CACHE_URL', process.env['ACTIONS_CACHE_URL']) core.exportVariable('ACTIONS_RUNTIME_TOKEN', process.env['ACTIONS_RUNTIME_TOKEN']) - name: Setup Python uses: actions/setup-python@v5 # note: This will use the version defined in '.python-version' by default - name: Setup Git run: | git config --global user.email "mauro-balades@users.noreply.github.com" git config --global user.name "mauro-balades" - name: Install system dependencies run: | brew update brew install cairo gnu-tar mercurial sudo pip install setuptools brew uninstall --ignore-dependencies python3.12 -f export PATH="$(python3 -m site --user-base)/bin":$PATH python3 -m pip install --user mercurial rm '/usr/local/bin/2to3-3.11' '/usr/local/bin/2to3-3.12' '/usr/local/bin/2to3' rm '/usr/local/bin/idle3.11' '/usr/local/bin/idle3.12' '/usr/local/bin/idle3' rm '/usr/local/bin/pydoc3.11' '/usr/local/bin/pydoc3.12' '/usr/local/bin/pydoc3' rm '/usr/local/bin/python3.11' '/usr/local/bin/python3.12' '/usr/local/bin/python3' rm '/usr/local/bin/python3.11-config' '/usr/local/bin/python3.12-config' '/usr/local/bin/python3-config' brew install watchman curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain $(cat .rust-toolchain) source $HOME/.cargo/env if test "${{ matrix.arch }}" = "aarch64"; then rustup target add aarch64-apple-darwin else rustup target add x86_64-apple-darwin fi - name: Force usage of gnu-tar run: | echo 'export PATH="/usr/local/opt/gnu-tar/libexec/gnubin:$PATH"' >> ~/.bash_profile echo 'export PATH="/usr/local/opt/gnu-tar/libexec/gnubin:$PATH"' >> ~/.zsh source ~/.bash_profile - name: Install dependencies run: | npm ci - name: Load surfer CI setup run: npm run surfer -- ci --brand ${{ inputs.release-branch }} --display-version ${{ inputs.build-version }} - name: Download Firefox source and dependencies run: npm run download - name: Import env: SURFER_COMPAT: ${{ matrix.arch }} run: npm run import -- --verbose - name: Bootstrap run: | cd engine export SURFER_PLATFORM="darwin" export PATH="$(python3 -m site --user-base)/bin":$PATH # Always exist with 0, even if bootstrap fails ./mach --no-interactive bootstrap --application-choice browser --no-system-changes --exclude macos-sdk || true cd .. - name: Build language packs run: sh scripts/download-language-packs.sh - name: Insert API Keys run: | mkdir -p ~/.zen-keys echo "${{ secrets.ZEN_SAFEBROWSING_API_KEY }}" > ~/.zen-keys/safebrowsing.dat - name: Build Zen env: SURFER_COMPAT: ${{ matrix.arch }} ZEN_RELEASE_BRANCH: ${{ inputs.release-branch }} run: | export SURFER_PLATFORM="darwin" if [[ -n ${{ inputs.MOZ_BUILD_DATE }} ]];then export MOZ_BUILD_DATE=${{ inputs.MOZ_BUILD_DATE }} fi bash .github/workflows/src/release-build.sh - name: Package env: SURFER_COMPAT: ${{ matrix.arch }} ZEN_GA_DISABLE_PGO: true run: | export SURFER_PLATFORM="darwin" export ZEN_RELEASE=1 npm run package - name: Remove API Keys run: | rm -rf ~/.zen-keys - name: Rename artifacts run: | echo "Tarballing DMG" set -ex mv ./dist/*.dmg ./zen-${{ matrix.arch }}-apple-darwin-dist.dmg mv ./engine/obj-${{ matrix.arch }}-apple-darwin/dist/host/bin/mar ./zen-macos-host-mar mv ./engine/obj-${{ matrix.arch }}-apple-darwin/dist/bin/platform.ini ./platform.ini - name: Upload dist dmg uses: actions/upload-artifact@v4 with: retention-days: 1 name: zen-${{ matrix.arch }}-apple-darwin-dist.dmg path: ./zen-${{ matrix.arch }}-apple-darwin-dist.dmg - name: Upload host mar uses: actions/upload-artifact@v4 if: matrix.arch == 'aarch64' with: retention-days: 1 name: zen-macos-host-mar path: ./zen-macos-host-mar - name: Upload platform.ini uses: actions/upload-artifact@v4 if: matrix.arch == 'x86_64' with: retention-days: 1 name: platform.ini path: ./platform.ini