From 02478b9cdace12ed0340692ee4295f8bcca49890 Mon Sep 17 00:00:00 2001 From: TechUp24 Date: Thu, 15 Jan 2026 10:06:02 +0500 Subject: [PATCH 01/38] added percenatge and status with sgnus connection, and also remove the email from create banxa order as it is not required --- lib/banxa/banaxa_api_services.dart | 4 +- lib/banxa/banxa_order/create_order_cubit.dart | 1 - lib/bloc/app_bloc.dart | 26 ++++-- lib/bloc/app_state.dart | 8 +- .../overlay/responsive_overlay.dart | 87 ++++++------------- .../sgnus/sgnus_connection_widget.dart | 32 +++++++ lib/components/wallet_information.g.dart | 4 +- lib/components/wallets_overview.g.dart | 4 + 8 files changed, 93 insertions(+), 73 deletions(-) diff --git a/lib/banxa/banaxa_api_services.dart b/lib/banxa/banaxa_api_services.dart index 77fde214..2ac0c2c3 100644 --- a/lib/banxa/banaxa_api_services.dart +++ b/lib/banxa/banaxa_api_services.dart @@ -13,7 +13,7 @@ class BanxaApiService { static const String _partnerCode = 'gnus'; static const String _apiKey = 'b8282030faffa2dc15fbf428142be5bdb1d4e346'; static const String _baseUrl = - 'https://api.banxa.com/$_partnerCode/v2'; // Sandbox URL + 'https://api.banxa.com/$_partnerCode/v2'; static const redirectUrl = 'geniuswallet://banxa/callback'; static const String banxaKycUrl = 'https://$_partnerCode.banxa-sandbox.com'; @@ -134,7 +134,6 @@ class BanxaApiService { required String cryptoAmount, String? fiatAmount, String? externalCustomerId, - String? email, String? metadata, String? subPartnerId, }) async { @@ -158,7 +157,6 @@ class BanxaApiService { 'redirectUrl': redirectUrl, 'cryptoAmount': cryptoAmount, if (fiatAmount != null) 'fiatAmount': fiatAmount, - if (email != null) 'email': email, if (externalCustomerId != null) 'externalCustomerId': externalCustomerId, 'externalOrderId': extOrderId, if (metadata != null) 'metadata': metadata, diff --git a/lib/banxa/banxa_order/create_order_cubit.dart b/lib/banxa/banxa_order/create_order_cubit.dart index 7612e220..6ad82133 100644 --- a/lib/banxa/banxa_order/create_order_cubit.dart +++ b/lib/banxa/banxa_order/create_order_cubit.dart @@ -201,7 +201,6 @@ class MakeOrderCubit extends Cubit { cryptoAmount: state.quote!.cryptoAmount, fiatAmount: state.quote!.fiatAmount, externalCustomerId: 'my_id_${DateTime.now().millisecondsSinceEpoch}', - email: 'ammarajeeb567@gmail.com', metadata: 'real', subPartnerId: 'macOS-app', ); diff --git a/lib/bloc/app_bloc.dart b/lib/bloc/app_bloc.dart index a09e8bba..625361fb 100644 --- a/lib/bloc/app_bloc.dart +++ b/lib/bloc/app_bloc.dart @@ -77,37 +77,47 @@ class AppBloc extends Bloc { subscribeToWalletStatus: AppStatus.loaded, )); } - - void _startProcessingPolling() { +void _startProcessingPolling() { _processingTimer?.cancel(); + int pollingInterval = + state.processingPercentage != null && state.processingPercentage! < 50.0 + ? 500 + : 1000; + _processingTimer = Timer.periodic( - const Duration(seconds: 1), + Duration(milliseconds: pollingInterval), (_) { add(ProcessingStatusTicked()); }, ); } + + FutureOr _onProcessingStatusTicked( ProcessingStatusTicked event, Emitter emit, - ) { + ) async { try { final statusInfo = api.getProcessingStatus(); - final isProcessing = - statusInfo.status == GeniusProcessingStatus.GENIUS_PR_STATUS_PROCESSING; + final isProcessing = statusInfo.status == + GeniusProcessingStatus.GENIUS_PR_STATUS_PROCESSING; if (state.isProcessing != isProcessing) { emit(state.copyWith(isProcessing: isProcessing)); } + + if (isProcessing) { + double percentage = statusInfo.percentage; + emit(state.copyWith(processingPercentage: percentage)); + } } catch (_) { _processingTimer?.cancel(); - emit(state.copyWith(isProcessing: false)); + emit(state.copyWith(isProcessing: false, processingPercentage: 0.0)); } } - Future _onFetchAccount( FetchAccount event, Emitter emit, diff --git a/lib/bloc/app_state.dart b/lib/bloc/app_state.dart index df780c6b..ecd2e16c 100644 --- a/lib/bloc/app_state.dart +++ b/lib/bloc/app_state.dart @@ -19,6 +19,7 @@ class AppState extends Equatable { final AppStatus accountStatus; final bool isProcessing; + final double? processingPercentage; const AppState( {this.wallets = const [], @@ -29,6 +30,7 @@ class AppState extends Equatable { this.testWallet, this.isProcessing = false, this.account, + this.processingPercentage, this.accountStatus = AppStatus.initial}); AppState copyWith( @@ -40,6 +42,7 @@ class AppState extends Equatable { Pointer? testWallet, bool? isProcessing, Account? account, + double? processingPercentage, AppStatus? accountStatus}) { return AppState( wallets: wallets ?? this.wallets, @@ -50,6 +53,8 @@ class AppState extends Equatable { ffiString: ffiString ?? this.ffiString, testWallet: testWallet, account: account ?? this.account, + processingPercentage: + processingPercentage ?? this.processingPercentage, isProcessing: isProcessing ?? this.isProcessing, accountStatus: accountStatus ?? this.accountStatus); } @@ -64,7 +69,8 @@ class AppState extends Equatable { testWallet, account, accountStatus, - isProcessing + isProcessing, + processingPercentage ]; } diff --git a/lib/components/overlay/responsive_overlay.dart b/lib/components/overlay/responsive_overlay.dart index 1d62b237..dfb1c6df 100644 --- a/lib/components/overlay/responsive_overlay.dart +++ b/lib/components/overlay/responsive_overlay.dart @@ -1,9 +1,7 @@ import 'package:flutter/material.dart'; import 'package:flutter_bloc/flutter_bloc.dart'; -import 'package:genius_wallet/bloc/app_bloc.dart'; import 'package:genius_wallet/bloc/overlay/navigation_overlay_cubit.dart'; import 'package:genius_wallet/bloc/overlay/navigation_overlay_state.dart'; -import 'package:genius_wallet/components/loading/loading.dart'; import 'package:genius_wallet/squid_router/swap_screen.dart'; import 'package:genius_wallet/utils/breakpoints.dart'; import 'package:genius_wallet/components/overlay/desktop_overlay.dart'; @@ -24,64 +22,35 @@ class ResponsiveOverlay extends StatelessWidget { context.read().navigationTapped(selectedScreen!); } - return BlocBuilder( - builder: (context, appState) { - return BlocBuilder( - builder: (context, navState) { - final platform = GeniusBreakpoints.getPlaform(context); - - final screenMap = { - NavigationScreen.dashboard: const DashboardScreen(), - NavigationScreen.transactions: const TransactionsScreen(), - NavigationScreen.swap: const SwapScreen(), - NavigationScreen.news: const CryptoNewsScreen(), - NavigationScreen.markets: const MarketsScreen(), - NavigationScreen.web: - const WebViewScreen(url: "https://app.uniswap.org"), - }; - - final selected = navState.selectedScreen; - final currentIndex = screenMap.keys.toList().indexOf(selected); - - final content = IndexedStack( - index: currentIndex, - children: screenMap.values.toList(), - ); - - final overlay = (!GeniusBreakpoints.useDesktopOverlay(context) || - platform == Platforms.mobile) - ? MobileOverlay(child: content) - : DesktopOverlay(child: content); - - return Stack( - children: [ - overlay, - if (appState.isProcessing) - Positioned.fill( - child: AbsorbPointer( - absorbing: true, - child: Container( - color: Colors.black.withAlpha(115), - child: const Center( - child: Column( - mainAxisSize: MainAxisSize.min, - children: [ - Loading(), - SizedBox(height: 12), - Text( - 'Genius Wallet is processing…', - - ), - ], - ), - ), - ), - ), - ), - ], - ); - }, + return BlocBuilder( + builder: (context, state) { + final platform = GeniusBreakpoints.getPlaform(context); + + // Map screen enum to actual widget + final screenMap = { + NavigationScreen.dashboard: const DashboardScreen(), + NavigationScreen.transactions: const TransactionsScreen(), + NavigationScreen.swap: const SwapScreen(), + NavigationScreen.news: const CryptoNewsScreen(), + NavigationScreen.markets: const MarketsScreen(), + NavigationScreen.web: + const WebViewScreen(url: "https://app.uniswap.org"), + }; + + final selected = state.selectedScreen; + final currentIndex = screenMap.keys.toList().indexOf(selected); + + final child = IndexedStack( + index: currentIndex, + children: screenMap.values.toList(), ); + + if (!GeniusBreakpoints.useDesktopOverlay(context) || + platform == Platforms.mobile) { + return MobileOverlay(child: child); + } else { + return DesktopOverlay(child: child); + } }, ); } diff --git a/lib/components/sgnus/sgnus_connection_widget.dart b/lib/components/sgnus/sgnus_connection_widget.dart index 8c2a1172..5a2530c0 100644 --- a/lib/components/sgnus/sgnus_connection_widget.dart +++ b/lib/components/sgnus/sgnus_connection_widget.dart @@ -4,8 +4,10 @@ import 'package:flutter_bloc/flutter_bloc.dart'; import 'package:genius_api/genius_api.dart'; import 'package:genius_api/models/sgnus_connection.dart'; +import 'package:genius_wallet/bloc/app_bloc.dart'; import 'package:genius_wallet/components/animation/checkmark_animation.dart'; import 'package:genius_wallet/components/animation/x_animation.dart'; +import 'package:genius_wallet/components/loading/loading.dart'; import 'package:go_router/go_router.dart'; class SGNUSConnectionWidget extends StatefulWidget { @@ -103,3 +105,33 @@ class SGNUSConnectionMobileState extends State { ); } } +class SGNUSConnectionStatusWidget extends StatelessWidget { + const SGNUSConnectionStatusWidget({Key? key}) : super(key: key); + + @override + Widget build(BuildContext context) { + return BlocBuilder( + builder: (context, appState) { + if (!appState.isProcessing) { + return const SizedBox.shrink(); + } + + return Row( + mainAxisAlignment: MainAxisAlignment.start, + children: [ + const Loading(text: "processing",), + const SizedBox(width: 8), + Text( + '${appState.processingPercentage?.toStringAsFixed(2)}%', + style: const TextStyle( + fontSize: 14, + fontWeight: FontWeight.bold, + color: Colors.white, + ), + ), + ], + ); + }, + ); + } +} diff --git a/lib/components/wallet_information.g.dart b/lib/components/wallet_information.g.dart index 4b2958b6..2f18f876 100644 --- a/lib/components/wallet_information.g.dart +++ b/lib/components/wallet_information.g.dart @@ -98,6 +98,8 @@ class WalletInformationState extends State { ), const SizedBox(height: 8), const SGNUSConnectionMobileWidget(), + const SizedBox(height: 8), + SGNUSConnectionStatusWidget() ], ), const SizedBox(height: 20), @@ -197,7 +199,7 @@ class WalletInformationState extends State { final connection = snapshot.data; return SubmitJobButton( onPressed: () { - Navigator.of(context).pop(); // closes drawer + Navigator.of(context).pop(); }, walletDetailsCubit: walletDetailsCubit, walletAddress: state.selectedWallet?.address ?? "", diff --git a/lib/components/wallets_overview.g.dart b/lib/components/wallets_overview.g.dart index 1ffa18e4..aadeaf3e 100644 --- a/lib/components/wallets_overview.g.dart +++ b/lib/components/wallets_overview.g.dart @@ -110,6 +110,10 @@ class WalletsOverviewState extends State { ), Column(crossAxisAlignment: CrossAxisAlignment.end, children: [ const Row(children: [Flexible(child: SGNUSConnectionWidget())]), + SizedBox( + height: 8, + ), + SGNUSConnectionStatusWidget(), BlocBuilder( builder: (context, state) { if (state.selectedWallet != null) { From f65ca4d865c6b933825b4ee0a2ad4abef0e208d5 Mon Sep 17 00:00:00 2001 From: itsafuu Date: Thu, 15 Jan 2026 21:12:37 -0500 Subject: [PATCH 02/38] Adjust to processing percentage --- lib/bloc/app_bloc.dart | 11 ++++------- lib/components/sgnus/sgnus_connection_widget.dart | 12 ++++++------ 2 files changed, 10 insertions(+), 13 deletions(-) diff --git a/lib/bloc/app_bloc.dart b/lib/bloc/app_bloc.dart index 625361fb..831f58cb 100644 --- a/lib/bloc/app_bloc.dart +++ b/lib/bloc/app_bloc.dart @@ -2,6 +2,7 @@ import 'dart:async'; import 'dart:ffi'; import 'package:equatable/equatable.dart'; +import 'package:flutter/foundation.dart'; import 'package:flutter_bloc/flutter_bloc.dart'; import 'package:genius_api/ffi/genius_api_ffi.dart'; @@ -80,13 +81,8 @@ class AppBloc extends Bloc { void _startProcessingPolling() { _processingTimer?.cancel(); - int pollingInterval = - state.processingPercentage != null && state.processingPercentage! < 50.0 - ? 500 - : 1000; - _processingTimer = Timer.periodic( - Duration(milliseconds: pollingInterval), + const Duration(milliseconds: 1000), (_) { add(ProcessingStatusTicked()); }, @@ -103,7 +99,7 @@ void _startProcessingPolling() { final statusInfo = api.getProcessingStatus(); final isProcessing = statusInfo.status == - GeniusProcessingStatus.GENIUS_PR_STATUS_PROCESSING; + GeniusProcessingStatus.GENIUS_PR_STATUS_PROCESSING.value; if (state.isProcessing != isProcessing) { emit(state.copyWith(isProcessing: isProcessing)); @@ -117,6 +113,7 @@ void _startProcessingPolling() { _processingTimer?.cancel(); emit(state.copyWith(isProcessing: false, processingPercentage: 0.0)); } + } Future _onFetchAccount( FetchAccount event, diff --git a/lib/components/sgnus/sgnus_connection_widget.dart b/lib/components/sgnus/sgnus_connection_widget.dart index 5a2530c0..b83f5a16 100644 --- a/lib/components/sgnus/sgnus_connection_widget.dart +++ b/lib/components/sgnus/sgnus_connection_widget.dart @@ -112,17 +112,17 @@ class SGNUSConnectionStatusWidget extends StatelessWidget { Widget build(BuildContext context) { return BlocBuilder( builder: (context, appState) { - if (!appState.isProcessing) { - return const SizedBox.shrink(); - } + final statusText = appState.isProcessing + ? '${appState.processingPercentage?.toStringAsFixed(2)}%' + : 'idle'; return Row( mainAxisAlignment: MainAxisAlignment.start, children: [ - const Loading(text: "processing",), - const SizedBox(width: 8), + if (appState.isProcessing) const Loading(text: "processing"), + if (appState.isProcessing) const SizedBox(width: 8), Text( - '${appState.processingPercentage?.toStringAsFixed(2)}%', + statusText, style: const TextStyle( fontSize: 14, fontWeight: FontWeight.bold, From 1dc92307c10183328554b8b2a71d62a6cd052953 Mon Sep 17 00:00:00 2001 From: TechUp24 Date: Fri, 16 Jan 2026 10:01:04 +0500 Subject: [PATCH 03/38] fixed alignment and text styling for processing --- lib/components/loading/loading.dart | 2 +- .../sgnus/sgnus_connection_widget.dart | 65 ++++++++++++++----- lib/components/wallet_information.g.dart | 6 +- 3 files changed, 52 insertions(+), 21 deletions(-) diff --git a/lib/components/loading/loading.dart b/lib/components/loading/loading.dart index d7f10aec..c6cccff8 100644 --- a/lib/components/loading/loading.dart +++ b/lib/components/loading/loading.dart @@ -20,7 +20,7 @@ class Loading extends StatelessWidget { ), AutoSizeText( text ?? "", - style: const TextStyle(fontSize: 24), + style: const TextStyle(fontSize: 14), ) ]); } diff --git a/lib/components/sgnus/sgnus_connection_widget.dart b/lib/components/sgnus/sgnus_connection_widget.dart index 5a2530c0..45a961a7 100644 --- a/lib/components/sgnus/sgnus_connection_widget.dart +++ b/lib/components/sgnus/sgnus_connection_widget.dart @@ -105,31 +105,60 @@ class SGNUSConnectionMobileState extends State { ); } } + class SGNUSConnectionStatusWidget extends StatelessWidget { - const SGNUSConnectionStatusWidget({Key? key}) : super(key: key); + final bool? isSmallScreen; + + const SGNUSConnectionStatusWidget({ + Key? key, + this.isSmallScreen, + }) : super(key: key); @override Widget build(BuildContext context) { + final alignment = + isSmallScreen == true ? Alignment.center : Alignment.centerRight; + return BlocBuilder( builder: (context, appState) { - if (!appState.isProcessing) { - return const SizedBox.shrink(); - } + final isProcessing = appState.isProcessing; + final percentage = appState.processingPercentage; - return Row( - mainAxisAlignment: MainAxisAlignment.start, - children: [ - const Loading(text: "processing",), - const SizedBox(width: 8), - Text( - '${appState.processingPercentage?.toStringAsFixed(2)}%', - style: const TextStyle( - fontSize: 14, - fontWeight: FontWeight.bold, - color: Colors.white, - ), - ), - ], + return Align( + alignment: alignment, + child: Row( + mainAxisSize: MainAxisSize.min, + children: [ + if (isProcessing) ...[ + const Loading(text: "PROCESSING"), + const SizedBox(width: 8), + SizedBox( + width: 60, + child: AutoSizeText( + '${percentage?.toStringAsFixed(2) ?? "0.00"}%', + maxLines: 1, + textAlign: TextAlign.right, + overflow: TextOverflow.ellipsis, + style: const TextStyle( + fontSize: 14, + fontWeight: FontWeight.bold, + color: Colors.white, + ), + ), + ), + ] else ...[ + const AutoSizeText( + 'IDLE', + maxLines: 1, + style: TextStyle( + fontSize: 14, + fontWeight: FontWeight.bold, + color: Colors.white70, + ), + ), + ], + ], + ), ); }, ); diff --git a/lib/components/wallet_information.g.dart b/lib/components/wallet_information.g.dart index 2f18f876..4cc8929a 100644 --- a/lib/components/wallet_information.g.dart +++ b/lib/components/wallet_information.g.dart @@ -99,7 +99,9 @@ class WalletInformationState extends State { const SizedBox(height: 8), const SGNUSConnectionMobileWidget(), const SizedBox(height: 8), - SGNUSConnectionStatusWidget() + SGNUSConnectionStatusWidget( + isSmallScreen: true, + ) ], ), const SizedBox(height: 20), @@ -199,7 +201,7 @@ class WalletInformationState extends State { final connection = snapshot.data; return SubmitJobButton( onPressed: () { - Navigator.of(context).pop(); + Navigator.of(context).pop(); }, walletDetailsCubit: walletDetailsCubit, walletAddress: state.selectedWallet?.address ?? "", From 1e6ceee334e2f7456daf33381b05df771c7f2556 Mon Sep 17 00:00:00 2001 From: itsafuu Date: Fri, 16 Jan 2026 21:34:11 -0500 Subject: [PATCH 04/38] Cmake find libsecret on linux --- cmake/CommonBuildParameters.cmake | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/cmake/CommonBuildParameters.cmake b/cmake/CommonBuildParameters.cmake index 8908b5b3..02d54956 100755 --- a/cmake/CommonBuildParameters.cmake +++ b/cmake/CommonBuildParameters.cmake @@ -342,6 +342,11 @@ if(NOT CMAKE_SKIP_THIRD_PARTY) set(nlohmann_json_DIR "${THIRDPARTY_BUILD_DIR}/json/share/cmake/nlohmann_json") find_package(nlohmann_json CONFIG REQUIRED) + if(LINUX) + find_package(PkgConfig) + pkg_check_modules(LIBSECRET REQUIRED IMPORTED_TARGET libsecret-1>=0.18.4) + endif() + # -------------------------------------------------------- # Set config of crypto3 add_library(crypto3::algebra INTERFACE IMPORTED) From 2d16d68094ec82ed8ed58d27f7141aefddf9f2d1 Mon Sep 17 00:00:00 2001 From: itsafuu Date: Tue, 27 Jan 2026 15:57:43 -0500 Subject: [PATCH 05/38] Update for new ABI naming setup --- .github/workflows/build.yml | 43 ++++++++++---------------------- cmake/DownloadDependencies.cmake | 32 ++++++++++++++++-------- 2 files changed, 35 insertions(+), 40 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 2501f075..ea377e39 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -672,43 +672,21 @@ jobs: fi shell: bash - - name: Wait for primary release creation - if: (github.ref_name == 'main' || github.ref_name == 'develop') && (matrix.target == 'Linux' && matrix.abi == 'aarch64') && env.IS_TAG != 'true' - working-directory: ${{github.workspace}} - run: | - RELEASE_TAG='${{matrix.target}}-${{github.ref_name}}-${{matrix.build-type}}' - - echo "RELEASE_TAG=${RELEASE_TAG}" >> $GITHUB_ENV - echo "Waiting for primary job to create/update release: $RELEASE_TAG" - - # Wait up to 120 minutes for the release to be created/updated - ATTEMPT=1 - MAX_ATTEMPTS=720 - while [ $ATTEMPT -le $MAX_ATTEMPTS ]; do - if gh release view $RELEASE_TAG >/dev/null 2>&1; then - echo "Release found!" - # Check if it's at the correct commit - if gh release view $RELEASE_TAG | grep -q "${{ github.sha }}"; then - echo "Release is at correct commit" - break - fi - fi - echo "Waiting for release... (attempt $ATTEMPT/$MAX_ATTEMPTS)" - sleep 10 - ATTEMPT=$((ATTEMPT + 1)) - done - shell: bash - - name: Create release of GeniusWallet working-directory: ${{github.workspace}} - if: (github.ref_name == 'main' || github.ref_name == 'develop' || env.IS_TAG == 'true') && (env.IS_TAG == 'true' || !(matrix.target == 'Linux' && matrix.abi == 'aarch64')) + if: github.ref_name == 'main' || github.ref_name == 'develop' || env.IS_TAG == 'true' shell: bash run: | if ${{github.event_name == 'workflow_dispatch'}} && [ '${{ github.event.inputs.tag }}' ]; then RELEASE_TAG="${{ github.event.inputs.tag }}" IS_TAG_RELEASE="true" else - RELEASE_TAG='${{matrix.target}}-${{github.ref_name}}-${{matrix.build-type}}' + # Include ABI in release tag if defined + if [ '${{matrix.abi}}' ]; then + RELEASE_TAG='${{matrix.target}}-${{matrix.abi}}-${{github.ref_name}}-${{matrix.build-type}}' + else + RELEASE_TAG='${{matrix.target}}-${{github.ref_name}}-${{matrix.build-type}}' + fi IS_TAG_RELEASE="false" fi @@ -766,7 +744,12 @@ jobs: if ${{github.event_name == 'workflow_dispatch'}} && [ '${{ github.event.inputs.tag }}' ]; then RELEASE_TAG="${{ github.event.inputs.tag }}" else - RELEASE_TAG='${{matrix.target}}-${{github.ref_name}}-${{matrix.build-type}}' + # Include ABI in release tag if defined + if [ '${{matrix.abi}}' ]; then + RELEASE_TAG='${{matrix.target}}-${{matrix.abi}}-${{github.ref_name}}-${{matrix.build-type}}' + else + RELEASE_TAG='${{matrix.target}}-${{github.ref_name}}-${{matrix.build-type}}' + fi fi echo "Upload step using RELEASE_TAG: $RELEASE_TAG" diff --git a/cmake/DownloadDependencies.cmake b/cmake/DownloadDependencies.cmake index 71da7063..72fe95a7 100644 --- a/cmake/DownloadDependencies.cmake +++ b/cmake/DownloadDependencies.cmake @@ -154,16 +154,6 @@ function(download_dependency DEP_NAME) # Get platform name get_platform_dir_name(PLATFORM_NAME) - - # Determine the release tag format - if(DEFINED BRANCH_IS_TAG AND BRANCH_IS_TAG) - # For tags, use the tag name directly - set(RELEASE_TAG "${ARG_BRANCH}") - message(STATUS "Using Git tag format: ${ARG_BRANCH}") - else() - # For branches, use the platform-branch-buildtype format - set(RELEASE_TAG "${PLATFORM_NAME}-${ARG_BRANCH}-${ARG_BUILD_TYPE}") - endif() # GitHub repository information set(GITHUB_REPO "GeniusVentures/${DEP_NAME}") @@ -194,6 +184,15 @@ function(download_dependency DEP_NAME) continue() endif() + # Determine the release tag format for this ABI + if(DEFINED BRANCH_IS_TAG AND BRANCH_IS_TAG) + # For tags, use the tag name directly + set(RELEASE_TAG "${ARG_BRANCH}") + else() + # For branches, use the platform-ABI-branch-buildtype format + set(RELEASE_TAG "${PLATFORM_NAME}-${ABI}-${ARG_BRANCH}-${ARG_BUILD_TYPE}") + endif() + set(ARCHIVE_NAME "${PLATFORM_NAME}-${ABI}-${ARG_BUILD_TYPE}.tar.gz") set(RELEASE_URL "https://github.com/${GITHUB_REPO}/releases/download/${RELEASE_TAG}/${ARCHIVE_NAME}") set(ARCHIVE_PATH "${CMAKE_BINARY_DIR}/${DEP_NAME}-${ARCHIVE_NAME}") @@ -241,6 +240,19 @@ function(download_dependency DEP_NAME) endforeach() else() # Non-Android download logic + + # Determine the release tag format + if(DEFINED BRANCH_IS_TAG AND BRANCH_IS_TAG) + # For tags, use the tag name directly + set(RELEASE_TAG "${ARG_BRANCH}") + elseif(CMAKE_SYSTEM_NAME STREQUAL "Linux" AND ARCH) + # For Linux with ARCH, include ARCH in the release tag + set(RELEASE_TAG "${PLATFORM_NAME}-${ARCH}-${ARG_BRANCH}-${ARG_BUILD_TYPE}") + else() + # For other platforms, use the platform-branch-buildtype format + set(RELEASE_TAG "${PLATFORM_NAME}-${ARG_BRANCH}-${ARG_BUILD_TYPE}") + endif() + if(CMAKE_SYSTEM_NAME STREQUAL "Linux" AND ARCH) set(ARCHIVE_NAME "${PLATFORM_NAME}-${ARCH}-${ARG_BUILD_TYPE}.tar.gz") else() From ed76a5545a479c537aeea42571555f481ab6145c Mon Sep 17 00:00:00 2001 From: itsafuu Date: Tue, 3 Feb 2026 18:51:00 -0500 Subject: [PATCH 06/38] Several adjustments for self hosted runner --- .github/workflows/build.yml | 138 ++++++++++++++++++++++++------------ 1 file changed, 93 insertions(+), 45 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index ea377e39..8a20a081 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -66,10 +66,11 @@ jobs: abi: [""] include: - target: Linux - host: ubuntu-22.04 + host: sg-ubuntu-linux flutter-platform: linux abi: x86_64 build-type: Release + container: ghcr.io/geniusventures/debian-bullseye:latest - target: Linux host: ubuntu-24.04-arm flutter-platform: linux @@ -77,13 +78,13 @@ jobs: build-type: Release container: ghcr.io/geniusventures/debian-bullseye:latest - target: Windows - host: windows-latest + host: SG-WIN11 flutter-platform: windows - target: OSX - host: macos-latest + host: gv-OSX-Large flutter-platform: macos - target: Android - host: ubuntu-latest + host: sg-ubuntu-linux flutter-platform: apk - target: iOS host: macos-latest @@ -92,6 +93,65 @@ jobs: - target: Linux abi: "" steps: + - name: Clean workspace (self-hosted runners) + if: ${{ runner.environment == 'self-hosted' }} + run: | + echo "=== PRE-CLEANUP DEBUG ===" + echo "Current working directory: $(pwd)" + echo "Workspace: ${{github.workspace}}" + + if [ -d "${{github.workspace}}" ]; then + cd "${{github.workspace}}" + echo "Changed to workspace directory: $(pwd)" + echo "Contents:" + ls -la + + if [ -d ".git" ]; then + echo "Git repository detected, performing deep clean..." + # Remove stale lock files first + echo "Removing stale git lock files..." + find . -name "index.lock" -type f -delete 2>/dev/null || true + find . -name "*.lock" -path "*/.git/*" -type f -delete 2>/dev/null || true + + git clean -xfd + git submodule foreach --recursive git clean -xfd + git reset --hard + git submodule foreach --recursive git reset --hard + echo "Git clean completed" + else + echo "Not a git repository, skipping git clean" + fi + else + echo "Workspace directory does not exist yet, skipping cleanup" + fi + + echo "=== CLEANUP ARTIFACTS ===" + # Clean up artifacts from previous runs (self-hosted runners only) + if [ -d "thirdparty" ]; then + echo "Removing thirdparty directory..." + rm -rf thirdparty + fi + if [ -d "zkLLVM" ]; then + echo "Removing zkLLVM directory..." + rm -rf zkLLVM + fi + if [ -d "SuperGenius" ]; then + echo "Removing SuperGenius directory..." + rm -rf SuperGenius + fi + if [ -d "GeniusSDK" ]; then + echo "Removing GeniusSDK directory..." + rm -rf GeniusSDK + fi + + echo "=== POST-CLEANUP DEBUG ===" + if [ -d "${{github.workspace}}" ]; then + cd "${{github.workspace}}" + echo "Final workspace contents:" + ls -la + fi + shell: bash + - name: Configure Linux host if: ${{ runner.os == 'Linux'}} run: | @@ -118,9 +178,20 @@ jobs: - name: Configure macOS host if: ${{ runner.os == 'macOS' }} run: | - brew install ccache ninja bash gnu-tar - PATH="$HOMEBREW_PREFIX/opt/gnu-tar/libexec/gnubin:$PATH" - echo "PATH=$PATH" >> $GITHUB_ENV + brew install ninja bash gnu-tar + + # Ensure GNU tar is first in PATH - check both possible Homebrew locations + if [ -d "/opt/homebrew/opt/gnu-tar/libexec/gnubin" ]; then + echo "PATH=/opt/homebrew/opt/gnu-tar/libexec/gnubin:$PATH" >> $GITHUB_ENV + echo "Using GNU tar from /opt/homebrew" + elif [ -d "/usr/local/opt/gnu-tar/libexec/gnubin" ]; then + echo "PATH=/usr/local/opt/gnu-tar/libexec/gnubin:$PATH" >> $GITHUB_ENV + echo "Using GNU tar from /usr/local" + else + echo "WARNING: GNU tar installation not found in expected locations" + echo "Available tar: $(which tar)" + fi + echo "CMAKE_GENERATOR=Ninja" >> $GITHUB_ENV - name: Setup Flutter @@ -693,48 +764,25 @@ jobs: echo "RELEASE_TAG=${RELEASE_TAG}" >> $GITHUB_ENV echo "Checking if release $RELEASE_TAG exists..." - set +e - gh release view "$RELEASE_TAG" - releaseFound=$? - set -e - - if [[ $releaseFound -eq 0 ]]; then - if [[ "$IS_TAG_RELEASE" == "false" ]]; then - echo "Deleting existing branch-based release + tag..." - gh release delete "$RELEASE_TAG" --yes + if gh release view "$RELEASE_TAG" >/dev/null 2>&1; then + if [ "$IS_TAG_RELEASE" == "false" ]; then + echo "Deleting existing release/tag $RELEASE_TAG..." + gh release delete "$RELEASE_TAG" --yes || true git push origin ":refs/tags/$RELEASE_TAG" || true - else - echo "Tag release $RELEASE_TAG already exists, skipping creation" - exit 0 + git tag -d "$RELEASE_TAG" || true fi fi - RELEASE_TYPE="--draft" - - if [[ "$IS_TAG_RELEASE" == "true" ]]; then - # For tag releases, just create the release (tag already exists) - RELEASE_TITLE="${{ github.event.inputs.tag }} build artifacts" - RELEASE_NOTES="Build artifacts for tag ${{ github.event.inputs.tag }}" - echo "Creating release for existing tag: $RELEASE_TAG" - gh release create "$RELEASE_TAG" \ - --draft \ - -t "$RELEASE_TITLE" \ - -n "$RELEASE_NOTES" - else - # For branch releases, create and push tag first - echo "Tagging commit ${{ github.sha }} as $RELEASE_TAG" - git tag -f "$RELEASE_TAG" "${{ github.sha }}" - git push --force origin "$RELEASE_TAG" - - RELEASE_TITLE="${{ matrix.target }} ${{ github.ref_name }} ${{ matrix.build-type }} build" - RELEASE_NOTES="Branch: ${{ github.ref_name }} | SHA: ${{ github.sha }}" - echo "Creating release for branch build" - gh release create "$RELEASE_TAG" \ - --target "${{ github.sha }}" \ - -t "$RELEASE_TITLE" \ - -n "$RELEASE_NOTES" \ - ${RELEASE_TYPE} - fi + echo "Creating new tag $RELEASE_TAG..." + git tag -f "$RELEASE_TAG" "${{ github.sha }}" + git push origin "$RELEASE_TAG" --force + + echo "Creating GitHub release $RELEASE_TAG..." + gh release create "$RELEASE_TAG" \ + --target "${{ github.sha }}" \ + -t "${{ matrix.target }} ${{ github.ref_name }} ${{ matrix.build-type }} build" \ + -n "Branch: ${{ github.ref_name }} | SHA: ${{ github.sha }}" \ + $( [ "$IS_TAG_RELEASE" = "true" ] && echo "" || echo "--prerelease" ) - name: Upload file if: github.ref_name == 'main' || github.ref_name == 'develop' || env.IS_TAG == 'true' From 8813d7b49104d402a321fb9a7947ae2b6fc86262 Mon Sep 17 00:00:00 2001 From: itsafuu Date: Tue, 3 Feb 2026 20:42:21 -0500 Subject: [PATCH 07/38] Include zkllvm directories. Added ndk/sdk step for android --- .github/workflows/build.yml | 39 +++++++++++++++++++++++++++++++ cmake/CommonBuildParameters.cmake | 1 + 2 files changed, 40 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 8a20a081..08392365 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -363,6 +363,45 @@ jobs: run: | flutter pub get + - name: Setup Android SDK and NDK + if: ${{ matrix.target == 'Android' }} + run: | + # Download and setup Android SDK + ANDROID_SDK_ROOT="$HOME/android-sdk" + if [ ! -d "$ANDROID_SDK_ROOT" ]; then + echo "Downloading Android command-line tools..." + mkdir -p "$ANDROID_SDK_ROOT/cmdline-tools" + wget https://dl.google.com/android/repository/commandlinetools-linux-11076708_latest.zip -O cmdline-tools.zip + unzip -q cmdline-tools.zip -d "$ANDROID_SDK_ROOT/cmdline-tools" + mv "$ANDROID_SDK_ROOT/cmdline-tools/cmdline-tools" "$ANDROID_SDK_ROOT/cmdline-tools/latest" + rm cmdline-tools.zip + + # Install required SDK components + yes | "$ANDROID_SDK_ROOT/cmdline-tools/latest/bin/sdkmanager" --licenses || true + "$ANDROID_SDK_ROOT/cmdline-tools/latest/bin/sdkmanager" "platform-tools" "platforms;android-34" "build-tools;34.0.0" + else + echo "Android SDK already exists at $ANDROID_SDK_ROOT" + fi + + echo "ANDROID_HOME=$ANDROID_SDK_ROOT" >> $GITHUB_ENV + echo "ANDROID_SDK_ROOT=$ANDROID_SDK_ROOT" >> $GITHUB_ENV + echo "$ANDROID_SDK_ROOT/platform-tools" >> $GITHUB_PATH + echo "$ANDROID_SDK_ROOT/cmdline-tools/latest/bin" >> $GITHUB_PATH + + # Download and setup Android NDK + NDK_VERSION="r27b" + NDK_DIR="$HOME/android-ndk-$NDK_VERSION" + if [ ! -d "$NDK_DIR" ]; then + echo "Downloading Android NDK $NDK_VERSION..." + wget https://dl.google.com/android/repository/android-ndk-$NDK_VERSION-linux.zip -O ndk.zip + unzip -q ndk.zip -d $HOME + rm ndk.zip + else + echo "Android NDK already exists at $NDK_DIR, skipping download" + fi + echo "ANDROID_NDK_HOME=$NDK_DIR" >> $GITHUB_ENV + shell: bash + - name: Setup CMake Arguments run: | CMAKE_ARGS="-DCMAKE_BUILD_TYPE=${{matrix.build-type}}" diff --git a/cmake/CommonBuildParameters.cmake b/cmake/CommonBuildParameters.cmake index 02d54956..aab8373e 100755 --- a/cmake/CommonBuildParameters.cmake +++ b/cmake/CommonBuildParameters.cmake @@ -408,6 +408,7 @@ if(NOT CMAKE_SKIP_THIRD_PARTY) ) # zkLLVM set(zkLLVM_INCLUDE_DIR "${ZKLLVM_BUILD_DIR}/zkLLVM/include") + include_directories(${zkLLVM_INCLUDE_DIR}) # Set config of llvm set(LLVM_DIR "${ZKLLVM_BUILD_DIR}/zkLLVM/lib/cmake/llvm") From a2f3f1c29694bf5d2bc63695bca7b695d25b61a3 Mon Sep 17 00:00:00 2001 From: itsafuu Date: Tue, 3 Feb 2026 21:05:22 -0500 Subject: [PATCH 08/38] OSX PCH changes, android home definitions --- .github/workflows/build.yml | 38 ++++++++++++++++++++++++++++--------- 1 file changed, 29 insertions(+), 9 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 08392365..58786388 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -366,28 +366,38 @@ jobs: - name: Setup Android SDK and NDK if: ${{ matrix.target == 'Android' }} run: | - # Download and setup Android SDK + # Setup Android SDK ANDROID_SDK_ROOT="$HOME/android-sdk" - if [ ! -d "$ANDROID_SDK_ROOT" ]; then + + # Download command-line tools if not present + if [ ! -d "$ANDROID_SDK_ROOT/cmdline-tools/latest" ]; then echo "Downloading Android command-line tools..." mkdir -p "$ANDROID_SDK_ROOT/cmdline-tools" wget https://dl.google.com/android/repository/commandlinetools-linux-11076708_latest.zip -O cmdline-tools.zip unzip -q cmdline-tools.zip -d "$ANDROID_SDK_ROOT/cmdline-tools" mv "$ANDROID_SDK_ROOT/cmdline-tools/cmdline-tools" "$ANDROID_SDK_ROOT/cmdline-tools/latest" rm cmdline-tools.zip - - # Install required SDK components - yes | "$ANDROID_SDK_ROOT/cmdline-tools/latest/bin/sdkmanager" --licenses || true - "$ANDROID_SDK_ROOT/cmdline-tools/latest/bin/sdkmanager" "platform-tools" "platforms;android-34" "build-tools;34.0.0" else - echo "Android SDK already exists at $ANDROID_SDK_ROOT" + echo "Android command-line tools already exist" fi + # Always accept licenses and install/update required SDK components + echo "Installing/updating Android SDK components..." + yes | "$ANDROID_SDK_ROOT/cmdline-tools/latest/bin/sdkmanager" --licenses || true + "$ANDROID_SDK_ROOT/cmdline-tools/latest/bin/sdkmanager" "platform-tools" "platforms;android-34" "build-tools;34.0.0" + + # Set environment variables echo "ANDROID_HOME=$ANDROID_SDK_ROOT" >> $GITHUB_ENV echo "ANDROID_SDK_ROOT=$ANDROID_SDK_ROOT" >> $GITHUB_ENV echo "$ANDROID_SDK_ROOT/platform-tools" >> $GITHUB_PATH echo "$ANDROID_SDK_ROOT/cmdline-tools/latest/bin" >> $GITHUB_PATH - + + # Verify SDK installation + echo "=== Android SDK Setup ===" + echo "ANDROID_HOME: $ANDROID_SDK_ROOT" + echo "SDK contents:" + ls -la "$ANDROID_SDK_ROOT" + # Download and setup Android NDK NDK_VERSION="r27b" NDK_DIR="$HOME/android-ndk-$NDK_VERSION" @@ -397,9 +407,14 @@ jobs: unzip -q ndk.zip -d $HOME rm ndk.zip else - echo "Android NDK already exists at $NDK_DIR, skipping download" + echo "Android NDK already exists at $NDK_DIR" fi echo "ANDROID_NDK_HOME=$NDK_DIR" >> $GITHUB_ENV + + echo "=== Environment Summary ===" + echo "ANDROID_HOME=$ANDROID_SDK_ROOT" + echo "ANDROID_SDK_ROOT=$ANDROID_SDK_ROOT" + echo "ANDROID_NDK_HOME=$NDK_DIR" shell: bash - name: Setup CMake Arguments @@ -427,6 +442,11 @@ jobs: # Add verbose output for debugging CMAKE_ARGS="$CMAKE_ARGS -DCMAKE_VERBOSE_MAKEFILE=ON" + # macOS universal binary: disable precompiled headers (incompatible with multi-arch) + if [ "${{ matrix.target }}" = "OSX" ]; then + CMAKE_ARGS="$CMAKE_ARGS -DCMAKE_DISABLE_PRECOMPILE_HEADERS=ON" + fi + # Windows-specific: ensure message output if [ "${{ matrix.target }}" = "Windows" ]; then CMAKE_ARGS="$CMAKE_ARGS -DCMAKE_MESSAGE_LOG_LEVEL=STATUS" From 4b2c80e00dec1b0980db9b890654ff80fde271b9 Mon Sep 17 00:00:00 2001 From: itsafuu Date: Fri, 6 Feb 2026 17:39:21 -0500 Subject: [PATCH 09/38] Draft release tag builds --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 58786388..2d482348 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -841,7 +841,7 @@ jobs: --target "${{ github.sha }}" \ -t "${{ matrix.target }} ${{ github.ref_name }} ${{ matrix.build-type }} build" \ -n "Branch: ${{ github.ref_name }} | SHA: ${{ github.sha }}" \ - $( [ "$IS_TAG_RELEASE" = "true" ] && echo "" || echo "--prerelease" ) + $( [ "$IS_TAG_RELEASE" = "true" ] && echo "--draft" || echo "--prerelease" ) - name: Upload file if: github.ref_name == 'main' || github.ref_name == 'develop' || env.IS_TAG == 'true' From 7fb778713b541ea7b6da979e514b222b1239fdeb Mon Sep 17 00:00:00 2001 From: itsafuu Date: Fri, 6 Feb 2026 17:50:37 -0500 Subject: [PATCH 10/38] Attempt to fix tag release --- .github/workflows/build.yml | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 2d482348..c3dbed1d 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -52,6 +52,7 @@ jobs: env: GRPC_BUILD_ENABLE_CCACHE: "ON" GH_TOKEN: ${{ secrets.GNUS_TOKEN_1 }} + RELEASE_TAG_INPUT: ${{ github.event.inputs.tag }} runs-on: ${{matrix.host}} container: image: ${{matrix.container}} @@ -807,8 +808,8 @@ jobs: if: github.ref_name == 'main' || github.ref_name == 'develop' || env.IS_TAG == 'true' shell: bash run: | - if ${{github.event_name == 'workflow_dispatch'}} && [ '${{ github.event.inputs.tag }}' ]; then - RELEASE_TAG="${{ github.event.inputs.tag }}" + if [ -n "${RELEASE_TAG_INPUT}" ]; then + RELEASE_TAG="${RELEASE_TAG_INPUT}" IS_TAG_RELEASE="true" else # Include ABI in release tag if defined @@ -821,6 +822,7 @@ jobs: fi echo "RELEASE_TAG=${RELEASE_TAG}" >> $GITHUB_ENV + echo "IS_TAG_RELEASE=${IS_TAG_RELEASE}" >> $GITHUB_ENV echo "Checking if release $RELEASE_TAG exists..." if gh release view "$RELEASE_TAG" >/dev/null 2>&1; then @@ -848,8 +850,8 @@ jobs: working-directory: ${{github.workspace}} run: | # Ensure RELEASE_TAG is set for upload step - if ${{github.event_name == 'workflow_dispatch'}} && [ '${{ github.event.inputs.tag }}' ]; then - RELEASE_TAG="${{ github.event.inputs.tag }}" + if [ -n "${RELEASE_TAG_INPUT}" ]; then + RELEASE_TAG="${RELEASE_TAG_INPUT}" else # Include ABI in release tag if defined if [ '${{matrix.abi}}' ]; then From fe8908387a73b722978d46bdf9d9b1a54471644b Mon Sep 17 00:00:00 2001 From: itsafuu Date: Fri, 6 Feb 2026 17:51:19 -0500 Subject: [PATCH 11/38] Fix tab --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index c3dbed1d..72c5a268 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -808,7 +808,7 @@ jobs: if: github.ref_name == 'main' || github.ref_name == 'develop' || env.IS_TAG == 'true' shell: bash run: | - if [ -n "${RELEASE_TAG_INPUT}" ]; then + if [ -n "${RELEASE_TAG_INPUT}" ]; then RELEASE_TAG="${RELEASE_TAG_INPUT}" IS_TAG_RELEASE="true" else From 6538032773c436d3c5b6e12181524430d7888e78 Mon Sep 17 00:00:00 2001 From: itsafuu Date: Fri, 6 Feb 2026 18:10:51 -0500 Subject: [PATCH 12/38] Don't crease new releases, also use tag as name --- .github/workflows/build.yml | 41 ++++++++++++++++++++++--------------- 1 file changed, 25 insertions(+), 16 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 72c5a268..b530114a 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -824,26 +824,35 @@ jobs: echo "RELEASE_TAG=${RELEASE_TAG}" >> $GITHUB_ENV echo "IS_TAG_RELEASE=${IS_TAG_RELEASE}" >> $GITHUB_ENV - echo "Checking if release $RELEASE_TAG exists..." - if gh release view "$RELEASE_TAG" >/dev/null 2>&1; then + echo "Checking if release $RELEASE_TAG exists..." + if gh release view "$RELEASE_TAG" >/dev/null 2>&1; then if [ "$IS_TAG_RELEASE" == "false" ]; then - echo "Deleting existing release/tag $RELEASE_TAG..." - gh release delete "$RELEASE_TAG" --yes || true - git push origin ":refs/tags/$RELEASE_TAG" || true - git tag -d "$RELEASE_TAG" || true + echo "Deleting existing release/tag $RELEASE_TAG..." + gh release delete "$RELEASE_TAG" --yes || true + git push origin ":refs/tags/$RELEASE_TAG" || true + git tag -d "$RELEASE_TAG" || true + else + echo "Release $RELEASE_TAG already exists. Skipping create." + exit 0 fi - fi + fi - echo "Creating new tag $RELEASE_TAG..." - git tag -f "$RELEASE_TAG" "${{ github.sha }}" - git push origin "$RELEASE_TAG" --force + echo "Creating new tag $RELEASE_TAG..." + git tag -f "$RELEASE_TAG" "${{ github.sha }}" + git push origin "$RELEASE_TAG" --force + + if [ "$IS_TAG_RELEASE" = "true" ]; then + RELEASE_TITLE="$RELEASE_TAG" + else + RELEASE_TITLE="${{ matrix.target }} ${{ github.ref_name }} ${{ matrix.build-type }} build" + fi - echo "Creating GitHub release $RELEASE_TAG..." - gh release create "$RELEASE_TAG" \ - --target "${{ github.sha }}" \ - -t "${{ matrix.target }} ${{ github.ref_name }} ${{ matrix.build-type }} build" \ - -n "Branch: ${{ github.ref_name }} | SHA: ${{ github.sha }}" \ - $( [ "$IS_TAG_RELEASE" = "true" ] && echo "--draft" || echo "--prerelease" ) + echo "Creating GitHub release $RELEASE_TAG..." + gh release create "$RELEASE_TAG" \ + --target "${{ github.sha }}" \ + -t "$RELEASE_TITLE" \ + -n "Branch: ${{ github.ref_name }} | SHA: ${{ github.sha }}" \ + $( [ "$IS_TAG_RELEASE" = "true" ] && echo "--draft" || echo "--prerelease" ) - name: Upload file if: github.ref_name == 'main' || github.ref_name == 'develop' || env.IS_TAG == 'true' From 7d7bb51843c93ac77b1601b06e3f23971379b7d9 Mon Sep 17 00:00:00 2001 From: itsafuu Date: Fri, 6 Feb 2026 18:22:43 -0500 Subject: [PATCH 13/38] Try to fix osx artifact generation --- .github/workflows/build.yml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index b530114a..3e487140 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -488,7 +488,7 @@ jobs: fi - name: Sign and package macOS app - if: ${{ matrix.target == 'OSX' && (github.ref_name == 'main' || github.ref_name == 'develop') }} + if: ${{ matrix.target == 'OSX' && (github.ref_name == 'main' || github.ref_name == 'develop' || env.IS_TAG == 'true') }} env: APPLE_ID: ${{ secrets.WALLET_NOTARIZE_APPLE_ID }} APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} @@ -712,7 +712,11 @@ jobs: cd build/macos/Build/Products/${{matrix.build-type}} # Copy the signed packages - cp -r *.pkg ../../../../../artifacts/ || true + if ls *.pkg >/dev/null 2>&1; then + cp -r *.pkg ../../../../../artifacts/ + else + echo "No macOS .pkg files found to upload" + fi # Create a README explaining the different packages cat > ../../../../../artifacts/README.txt << EOF From edc4d2a12143c0fdccc20f62f4b356d48b0a832b Mon Sep 17 00:00:00 2001 From: itsafuu Date: Fri, 6 Feb 2026 18:32:44 -0500 Subject: [PATCH 14/38] Intermediate certs for osx runner --- .github/workflows/build.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 3e487140..a6d42d7b 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -289,6 +289,14 @@ jobs: security import $DEVELOPER_ID_INSTALLER_CERT_PATH -P "$DEVELOPER_ID_P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH + # Ensure Apple root and intermediate certificates are present in the temp keychain + APPLE_ROOT_CA_PATH=$RUNNER_TEMP/apple_root_ca.cer + APPLE_WWDR_CA_PATH=$RUNNER_TEMP/apple_wwdr_ca.cer + curl -sS -o "$APPLE_ROOT_CA_PATH" https://www.apple.com/certificateauthority/AppleRootCA-G2.cer + curl -sS -o "$APPLE_WWDR_CA_PATH" https://www.apple.com/certificateauthority/AppleWWDRCAG4.cer + security import "$APPLE_ROOT_CA_PATH" -A -t cert -k $KEYCHAIN_PATH + security import "$APPLE_WWDR_CA_PATH" -A -t cert -k $KEYCHAIN_PATH + security set-key-partition-list -S apple-tool:,apple: -k "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH security list-keychains -d user -s $KEYCHAIN_PATH From 368a094c2f04ba025a594f99a3d4979d228a3d1f Mon Sep 17 00:00:00 2001 From: itsafuu Date: Fri, 6 Feb 2026 20:00:06 -0500 Subject: [PATCH 15/38] Try normal runner --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index a6d42d7b..454e1ea0 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -82,7 +82,7 @@ jobs: host: SG-WIN11 flutter-platform: windows - target: OSX - host: gv-OSX-Large + host: macos-latest flutter-platform: macos - target: Android host: sg-ubuntu-linux From be1e1bc692bda9d4520223c47a69347c7714ae49 Mon Sep 17 00:00:00 2001 From: itsafuu Date: Fri, 6 Feb 2026 20:21:30 -0500 Subject: [PATCH 16/38] Debugging --- .github/workflows/build.yml | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 454e1ea0..673c246e 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -82,7 +82,7 @@ jobs: host: SG-WIN11 flutter-platform: windows - target: OSX - host: macos-latest + host: gv-OSX-Large flutter-platform: macos - target: Android host: sg-ubuntu-linux @@ -265,10 +265,19 @@ jobs: echo -n "$DEV_DISTRIBUTION_MAC_PROVISION_BASE64" | base64 --decode -o $APP_STORE_PP_PATH # Developer ID certificates and provisioning profile + if [ -z "$DEVELOPER_ID_APP_CERT_BASE64" ] || [ -z "$DEVELOPER_ID_INSTALLER_CERT_BASE64" ]; then + echo "ERROR: Developer ID certificate secrets are missing or empty" + exit 1 + fi echo -n "$DEVELOPER_ID_APP_CERT_BASE64" | base64 --decode -o $DEVELOPER_ID_APP_CERT_PATH echo -n "$DEVELOPER_ID_INSTALLER_CERT_BASE64" | base64 --decode -o $DEVELOPER_ID_INSTALLER_CERT_PATH echo -n "$DEVELOPER_ID_PROVISION_BASE64" | base64 --decode -o $DEVELOPER_ID_PP_PATH + echo "Developer ID cert files:" + ls -la "$DEVELOPER_ID_APP_CERT_PATH" "$DEVELOPER_ID_INSTALLER_CERT_PATH" + file "$DEVELOPER_ID_APP_CERT_PATH" || true + file "$DEVELOPER_ID_INSTALLER_CERT_PATH" || true + # create temporary keychain security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH security set-keychain-settings -lut 21600 $KEYCHAIN_PATH @@ -306,6 +315,11 @@ jobs: echo "=== Searching for specific certificate types ===" security find-identity -v -p codesigning + if ! security find-identity -v -p codesigning | grep -q "Developer ID Application"; then + echo "ERROR: Developer ID Application identity not found in keychain" + exit 1 + fi + echo "=== All certificates in keychain ===" security dump-keychain $KEYCHAIN_PATH | grep -A 5 -B 5 "Developer\|3rd Party" From 73808991f06831c220bee7b23242271f815dc52c Mon Sep 17 00:00:00 2001 From: itsafuu Date: Fri, 6 Feb 2026 20:39:51 -0500 Subject: [PATCH 17/38] Back to gh runner for test --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 673c246e..572b4663 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -82,7 +82,7 @@ jobs: host: SG-WIN11 flutter-platform: windows - target: OSX - host: gv-OSX-Large + host: macos-latest flutter-platform: macos - target: Android host: sg-ubuntu-linux From ca7459858c022aa1c01defcf8ac6361cf5d30258 Mon Sep 17 00:00:00 2001 From: itsafuu Date: Fri, 6 Feb 2026 20:46:08 -0500 Subject: [PATCH 18/38] Add system keychain to search --- .github/workflows/build.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 572b4663..fd502b2e 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -82,7 +82,7 @@ jobs: host: SG-WIN11 flutter-platform: windows - target: OSX - host: macos-latest + host: gv-OSX-Large flutter-platform: macos - target: Android host: sg-ubuntu-linux @@ -307,7 +307,8 @@ jobs: security import "$APPLE_WWDR_CA_PATH" -A -t cert -k $KEYCHAIN_PATH security set-key-partition-list -S apple-tool:,apple: -k "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH - security list-keychains -d user -s $KEYCHAIN_PATH + # Add both temp keychain and system keychain to search list for chain validation + security list-keychains -d user -s $KEYCHAIN_PATH $(security list-keychains -d user | grep -v "$KEYCHAIN_PATH" | xargs) echo "=== Available identities in keychain ===" security find-identity -v From 5bd60e98b216e07b61452c4f07400e499dfa2b27 Mon Sep 17 00:00:00 2001 From: itsafuu Date: Fri, 6 Feb 2026 21:02:20 -0500 Subject: [PATCH 19/38] Debug logging whether there is a conflict with system keychain --- .github/workflows/build.yml | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index fd502b2e..6435abab 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -287,7 +287,20 @@ jobs: security import $DEV_DISTRIBUTION_SIGNER_CERT_PATH -P "$DEV_DISTRIBUTION_P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH security import $DEV_DISTRIBUTION_INSTALLER_CERT_PATH -P "$DEV_DISTRIBUTION_P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH - # Import Developer ID certificates - handle different formats + # Check if Developer ID certificates already exist in system keychains (self-hosted runners) + echo "=== Checking for existing Developer ID certificates ===" + if security find-identity -v -p codesigning | grep -q "Developer ID Application"; then + echo "NOTE: Developer ID Application certificate already exists in system keychain" + else + echo "Developer ID Application certificate not found in system keychain" + fi + if security find-identity -v -p codesigning | grep -q "Developer ID Installer"; then + echo "NOTE: Developer ID Installer certificate already exists in system keychain" + else + echo "Developer ID Installer certificate not found in system keychain" + fi + + # Import Developer ID certificates if [[ "$DEVELOPER_ID_APP_CERT_PATH" == *.cer ]]; then # .cer file doesn't need password security import $DEVELOPER_ID_APP_CERT_PATH -A -t cert -k $KEYCHAIN_PATH @@ -307,7 +320,6 @@ jobs: security import "$APPLE_WWDR_CA_PATH" -A -t cert -k $KEYCHAIN_PATH security set-key-partition-list -S apple-tool:,apple: -k "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH - # Add both temp keychain and system keychain to search list for chain validation security list-keychains -d user -s $KEYCHAIN_PATH $(security list-keychains -d user | grep -v "$KEYCHAIN_PATH" | xargs) echo "=== Available identities in keychain ===" From 35835c66e135383f4b8673450753fa08abe7ab89 Mon Sep 17 00:00:00 2001 From: itsafuu Date: Fri, 6 Feb 2026 21:05:23 -0500 Subject: [PATCH 20/38] Yet more debug logging --- .github/workflows/build.yml | 25 ++++++++++++++++++++++--- 1 file changed, 22 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 6435abab..d1654215 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -301,15 +301,31 @@ jobs: fi # Import Developer ID certificates + echo "=== Importing Developer ID certificates ===" if [[ "$DEVELOPER_ID_APP_CERT_PATH" == *.cer ]]; then # .cer file doesn't need password - security import $DEVELOPER_ID_APP_CERT_PATH -A -t cert -k $KEYCHAIN_PATH + echo "Importing Developer ID Application certificate (without password)..." + if security import $DEVELOPER_ID_APP_CERT_PATH -A -t cert -k $KEYCHAIN_PATH; then + echo "✓ Developer ID Application certificate import succeeded" + else + echo "✗ Developer ID Application certificate import FAILED with exit code $?" + fi else # .p12 file needs password - security import $DEVELOPER_ID_APP_CERT_PATH -P "$DEVELOPER_ID_P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH + echo "Importing Developer ID Application p12 (with password)..." + if security import $DEVELOPER_ID_APP_CERT_PATH -P "$DEVELOPER_ID_P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH; then + echo "✓ Developer ID Application p12 import succeeded" + else + echo "✗ Developer ID Application p12 import FAILED with exit code $?" + fi fi - security import $DEVELOPER_ID_INSTALLER_CERT_PATH -P "$DEVELOPER_ID_P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH + echo "Importing Developer ID Installer certificate..." + if security import $DEVELOPER_ID_INSTALLER_CERT_PATH -P "$DEVELOPER_ID_P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH; then + echo "✓ Developer ID Installer certificate import succeeded" + else + echo "✗ Developer ID Installer certificate import FAILED with exit code $?" + fi # Ensure Apple root and intermediate certificates are present in the temp keychain APPLE_ROOT_CA_PATH=$RUNNER_TEMP/apple_root_ca.cer @@ -319,6 +335,9 @@ jobs: security import "$APPLE_ROOT_CA_PATH" -A -t cert -k $KEYCHAIN_PATH security import "$APPLE_WWDR_CA_PATH" -A -t cert -k $KEYCHAIN_PATH + echo "=== Certificates in temp keychain ===" + security find-identity -v -p codesigning $KEYCHAIN_PATH + security set-key-partition-list -S apple-tool:,apple: -k "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH security list-keychains -d user -s $KEYCHAIN_PATH $(security list-keychains -d user | grep -v "$KEYCHAIN_PATH" | xargs) From 863733b96eacafd136647693958b2166b099a63c Mon Sep 17 00:00:00 2001 From: itsafuu Date: Fri, 6 Feb 2026 21:05:57 -0500 Subject: [PATCH 21/38] Only osx for now --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index d1654215..06fcf3a5 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -62,7 +62,7 @@ jobs: strategy: fail-fast: false matrix: - target: [Android, iOS, OSX, Linux, Windows] + target: [OSX] build-type: [Release] abi: [""] include: From 37c113a94acf97653b9d4d10d943361bb10a88a9 Mon Sep 17 00:00:00 2001 From: itsafuu Date: Mon, 9 Feb 2026 15:59:23 -0500 Subject: [PATCH 22/38] List keychains before and after, plus macos version --- .github/workflows/build.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 06fcf3a5..0ef8af81 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -339,7 +339,17 @@ jobs: security find-identity -v -p codesigning $KEYCHAIN_PATH security set-key-partition-list -S apple-tool:,apple: -k "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH + + echo "=== Keychain search list BEFORE modification ===" + security list-keychains -d user + security list-keychains -d user -s $KEYCHAIN_PATH $(security list-keychains -d user | grep -v "$KEYCHAIN_PATH" | xargs) + + echo "=== Keychain search list AFTER modification ===" + security list-keychains -d user + + echo "=== macOS version ===" + sw_vers echo "=== Available identities in keychain ===" security find-identity -v From 9c847f69f88f4196ac6187275dafc86cb6428398 Mon Sep 17 00:00:00 2001 From: itsafuu Date: Mon, 9 Feb 2026 16:04:07 -0500 Subject: [PATCH 23/38] Purge temp keychain --- .github/workflows/build.yml | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 0ef8af81..8a64d744 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -282,6 +282,16 @@ jobs: security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH security set-keychain-settings -lut 21600 $KEYCHAIN_PATH security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH + + # Clean up any old app-signing keychains from previous runs (self-hosted only) + echo "=== Cleaning up old app-signing keychains ===" + security list-keychains -d user | grep "app-signing.keychain-db" | grep -v "$KEYCHAIN_PATH" | while read old_keychain; do + old_keychain=$(echo "$old_keychain" | tr -d '"' | xargs) + if [ -f "$old_keychain" ]; then + echo "Deleting old keychain: $old_keychain" + security delete-keychain "$old_keychain" 2>/dev/null || true + fi + done # import certificates to keychain security import $DEV_DISTRIBUTION_SIGNER_CERT_PATH -P "$DEV_DISTRIBUTION_P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH @@ -343,7 +353,8 @@ jobs: echo "=== Keychain search list BEFORE modification ===" security list-keychains -d user - security list-keychains -d user -s $KEYCHAIN_PATH $(security list-keychains -d user | grep -v "$KEYCHAIN_PATH" | xargs) + # Only add the new temp keychain and system keychain (not all the old ones) + security list-keychains -d user -s $KEYCHAIN_PATH "/Library/Keychains/System.keychain" echo "=== Keychain search list AFTER modification ===" security list-keychains -d user From 32180179d10082bd8eff51c34ef69b6779d01bee Mon Sep 17 00:00:00 2001 From: itsafuu Date: Mon, 9 Feb 2026 16:09:56 -0500 Subject: [PATCH 24/38] Disable other platforms again. Fix cleanup step hopefully --- .github/workflows/build.yml | 44 ++++++++++++++++++------------------- 1 file changed, 22 insertions(+), 22 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 8a64d744..f6639c2e 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -66,30 +66,30 @@ jobs: build-type: [Release] abi: [""] include: - - target: Linux - host: sg-ubuntu-linux - flutter-platform: linux - abi: x86_64 - build-type: Release - container: ghcr.io/geniusventures/debian-bullseye:latest - - target: Linux - host: ubuntu-24.04-arm - flutter-platform: linux - abi: aarch64 - build-type: Release - container: ghcr.io/geniusventures/debian-bullseye:latest - - target: Windows - host: SG-WIN11 - flutter-platform: windows + # - target: Linux + # host: sg-ubuntu-linux + # flutter-platform: linux + # abi: x86_64 + # build-type: Release + # container: ghcr.io/geniusventures/debian-bullseye:latest + # - target: Linux + # host: ubuntu-24.04-arm + # flutter-platform: linux + # abi: aarch64 + # build-type: Release + # container: ghcr.io/geniusventures/debian-bullseye:latest + # - target: Windows + # host: SG-WIN11 + # flutter-platform: windows - target: OSX host: gv-OSX-Large flutter-platform: macos - - target: Android - host: sg-ubuntu-linux - flutter-platform: apk - - target: iOS - host: macos-latest - flutter-platform: ios + # - target: Android + # host: sg-ubuntu-linux + # flutter-platform: apk + # - target: iOS + # host: macos-latest + # flutter-platform: ios exclude: - target: Linux abi: "" @@ -291,7 +291,7 @@ jobs: echo "Deleting old keychain: $old_keychain" security delete-keychain "$old_keychain" 2>/dev/null || true fi - done + done || true # import certificates to keychain security import $DEV_DISTRIBUTION_SIGNER_CERT_PATH -P "$DEV_DISTRIBUTION_P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH From f1d6f93b14ef5f77bb6c218e3f8cc87177e2fe7d Mon Sep 17 00:00:00 2001 From: itsafuu Date: Mon, 9 Feb 2026 16:20:07 -0500 Subject: [PATCH 25/38] Enable other platforms again --- .github/workflows/build.yml | 42 ++++++++++++++++++------------------- 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index f6639c2e..0c686f64 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -66,30 +66,30 @@ jobs: build-type: [Release] abi: [""] include: - # - target: Linux - # host: sg-ubuntu-linux - # flutter-platform: linux - # abi: x86_64 - # build-type: Release - # container: ghcr.io/geniusventures/debian-bullseye:latest - # - target: Linux - # host: ubuntu-24.04-arm - # flutter-platform: linux - # abi: aarch64 - # build-type: Release - # container: ghcr.io/geniusventures/debian-bullseye:latest - # - target: Windows - # host: SG-WIN11 - # flutter-platform: windows + - target: Linux + host: sg-ubuntu-linux + flutter-platform: linux + abi: x86_64 + build-type: Release + container: ghcr.io/geniusventures/debian-bullseye:latest + - target: Linux + host: ubuntu-24.04-arm + flutter-platform: linux + abi: aarch64 + build-type: Release + container: ghcr.io/geniusventures/debian-bullseye:latest + - target: Windows + host: SG-WIN11 + flutter-platform: windows - target: OSX host: gv-OSX-Large flutter-platform: macos - # - target: Android - # host: sg-ubuntu-linux - # flutter-platform: apk - # - target: iOS - # host: macos-latest - # flutter-platform: ios + - target: Android + host: sg-ubuntu-linux + flutter-platform: apk + - target: iOS + host: macos-latest + flutter-platform: ios exclude: - target: Linux abi: "" From 6fe7f533ff2886f095c915ca35831ca5e26d77d6 Mon Sep 17 00:00:00 2001 From: itsafuu Date: Mon, 9 Feb 2026 16:30:34 -0500 Subject: [PATCH 26/38] Second ran failed to back to debug --- .github/workflows/build.yml | 54 +++++++++++++++++++++---------------- 1 file changed, 31 insertions(+), 23 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 0c686f64..c564fdf6 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -66,30 +66,30 @@ jobs: build-type: [Release] abi: [""] include: - - target: Linux - host: sg-ubuntu-linux - flutter-platform: linux - abi: x86_64 - build-type: Release - container: ghcr.io/geniusventures/debian-bullseye:latest - - target: Linux - host: ubuntu-24.04-arm - flutter-platform: linux - abi: aarch64 - build-type: Release - container: ghcr.io/geniusventures/debian-bullseye:latest - - target: Windows - host: SG-WIN11 - flutter-platform: windows + # - target: Linux + # host: sg-ubuntu-linux + # flutter-platform: linux + # abi: x86_64 + # build-type: Release + # container: ghcr.io/geniusventures/debian-bullseye:latest + # - target: Linux + # host: ubuntu-24.04-arm + # flutter-platform: linux + # abi: aarch64 + # build-type: Release + # container: ghcr.io/geniusventures/debian-bullseye:latest + # - target: Windows + # host: SG-WIN11 + # flutter-platform: windows - target: OSX host: gv-OSX-Large flutter-platform: macos - - target: Android - host: sg-ubuntu-linux - flutter-platform: apk - - target: iOS - host: macos-latest - flutter-platform: ios + # - target: Android + # host: sg-ubuntu-linux + # flutter-platform: apk + # - target: iOS + # host: macos-latest + # flutter-platform: ios exclude: - target: Linux abi: "" @@ -277,6 +277,13 @@ jobs: ls -la "$DEVELOPER_ID_APP_CERT_PATH" "$DEVELOPER_ID_INSTALLER_CERT_PATH" file "$DEVELOPER_ID_APP_CERT_PATH" || true file "$DEVELOPER_ID_INSTALLER_CERT_PATH" || true + + # Check if Developer ID App cert is .cer (certificate only) vs .p12 (with private key) + if [[ "$DEVELOPER_ID_APP_CERT_PATH" == *.cer ]]; then + echo "WARNING: Developer ID Application certificate is a .cer file (certificate only, no private key)" + echo "This will not work for code signing. You need a .p12 file with the private key." + echo "Please regenerate the secret with a .p12 file exported from Keychain Access." + fi # create temporary keychain security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH @@ -353,8 +360,9 @@ jobs: echo "=== Keychain search list BEFORE modification ===" security list-keychains -d user - # Only add the new temp keychain and system keychain (not all the old ones) - security list-keychains -d user -s $KEYCHAIN_PATH "/Library/Keychains/System.keychain" + # Only use the temp keychain (not system keychain to avoid duplicates) + security list-keychains -d user -s $KEYCHAIN_PATH + security default-keychain -s $KEYCHAIN_PATH echo "=== Keychain search list AFTER modification ===" security list-keychains -d user From 0f62b4a9b53679d7c7867520d277633ced3d6513 Mon Sep 17 00:00:00 2001 From: itsafuu Date: Mon, 9 Feb 2026 16:38:50 -0500 Subject: [PATCH 27/38] Debug logs --- .github/workflows/build.yml | 21 ++++++++++----------- 1 file changed, 10 insertions(+), 11 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index c564fdf6..cdc9afe4 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -277,13 +277,6 @@ jobs: ls -la "$DEVELOPER_ID_APP_CERT_PATH" "$DEVELOPER_ID_INSTALLER_CERT_PATH" file "$DEVELOPER_ID_APP_CERT_PATH" || true file "$DEVELOPER_ID_INSTALLER_CERT_PATH" || true - - # Check if Developer ID App cert is .cer (certificate only) vs .p12 (with private key) - if [[ "$DEVELOPER_ID_APP_CERT_PATH" == *.cer ]]; then - echo "WARNING: Developer ID Application certificate is a .cer file (certificate only, no private key)" - echo "This will not work for code signing. You need a .p12 file with the private key." - echo "Please regenerate the secret with a .p12 file exported from Keychain Access." - fi # create temporary keychain security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH @@ -352,7 +345,7 @@ jobs: security import "$APPLE_ROOT_CA_PATH" -A -t cert -k $KEYCHAIN_PATH security import "$APPLE_WWDR_CA_PATH" -A -t cert -k $KEYCHAIN_PATH - echo "=== Certificates in temp keychain ===" + echo "=== Certificates in temp keychain ONLY ===" security find-identity -v -p codesigning $KEYCHAIN_PATH security set-key-partition-list -S apple-tool:,apple: -k "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH @@ -360,9 +353,9 @@ jobs: echo "=== Keychain search list BEFORE modification ===" security list-keychains -d user - # Only use the temp keychain (not system keychain to avoid duplicates) - security list-keychains -d user -s $KEYCHAIN_PATH + # Try using ONLY the temp keychain (no system keychain) security default-keychain -s $KEYCHAIN_PATH + security list-keychains -d user -s $KEYCHAIN_PATH echo "=== Keychain search list AFTER modification ===" security list-keychains -d user @@ -370,11 +363,17 @@ jobs: echo "=== macOS version ===" sw_vers - echo "=== Available identities in keychain ===" + echo "=== Available identities with temp keychain only ===" security find-identity -v echo "=== Searching for specific certificate types ===" security find-identity -v -p codesigning + + echo "=== Checking which keychains contain each identity ===" + for keychain in $(security list-keychains -d user | tr -d '"'); do + echo "Keychain: $keychain" + security find-identity -v -p codesigning "$keychain" 2>/dev/null || echo " (no codesigning identities)" + done if ! security find-identity -v -p codesigning | grep -q "Developer ID Application"; then echo "ERROR: Developer ID Application identity not found in keychain" From 5c4d0b5f15abf6cd2e5c9c1b871eba5318d60d1f Mon Sep 17 00:00:00 2001 From: itsafuu Date: Mon, 9 Feb 2026 16:46:01 -0500 Subject: [PATCH 28/38] Don't need pass for cer file --- .github/workflows/build.yml | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index cdc9afe4..83578791 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -293,9 +293,16 @@ jobs: fi done || true - # import certificates to keychain + # import certificates to keychain - handle .cer and .p12 differently + echo "=== Importing App Store/TestFlight certificates ===" + + # DEV_DISTRIBUTION_SIGNER_CERT_PATH is .p12 (needs password) + echo "Importing Distribution Signer certificate (.p12)..." security import $DEV_DISTRIBUTION_SIGNER_CERT_PATH -P "$DEV_DISTRIBUTION_P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH - security import $DEV_DISTRIBUTION_INSTALLER_CERT_PATH -P "$DEV_DISTRIBUTION_P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH + + # DEV_DISTRIBUTION_INSTALLER_CERT_PATH is .cer (no password needed) + echo "Importing Distribution Installer certificate (.cer)..." + security import $DEV_DISTRIBUTION_INSTALLER_CERT_PATH -A -t cert -k $KEYCHAIN_PATH # Check if Developer ID certificates already exist in system keychains (self-hosted runners) echo "=== Checking for existing Developer ID certificates ===" From 26baeeef1066def0dd32becc7abd945220ce8ad5 Mon Sep 17 00:00:00 2001 From: itsafuu Date: Mon, 9 Feb 2026 16:50:29 -0500 Subject: [PATCH 29/38] Cer is actually p12? --- .github/workflows/build.yml | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 83578791..2c6da172 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -293,16 +293,19 @@ jobs: fi done || true - # import certificates to keychain - handle .cer and .p12 differently + # import certificates to keychain - let macOS auto-detect formats echo "=== Importing App Store/TestFlight certificates ===" # DEV_DISTRIBUTION_SIGNER_CERT_PATH is .p12 (needs password) echo "Importing Distribution Signer certificate (.p12)..." security import $DEV_DISTRIBUTION_SIGNER_CERT_PATH -P "$DEV_DISTRIBUTION_P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH - # DEV_DISTRIBUTION_INSTALLER_CERT_PATH is .cer (no password needed) - echo "Importing Distribution Installer certificate (.cer)..." - security import $DEV_DISTRIBUTION_INSTALLER_CERT_PATH -A -t cert -k $KEYCHAIN_PATH + # DEV_DISTRIBUTION_INSTALLER_CERT_PATH - try with password first (auto-detect format), then without + echo "Importing Distribution Installer certificate..." + if ! security import $DEV_DISTRIBUTION_INSTALLER_CERT_PATH -P "$DEV_DISTRIBUTION_P12_PASSWORD" -A -t cert -k $KEYCHAIN_PATH 2>/dev/null; then + echo " Failed with password, trying without password..." + security import $DEV_DISTRIBUTION_INSTALLER_CERT_PATH -A -t cert -k $KEYCHAIN_PATH + fi # Check if Developer ID certificates already exist in system keychains (self-hosted runners) echo "=== Checking for existing Developer ID certificates ===" From fc154a96ce5072f22d7462c74563fea3f500b8e2 Mon Sep 17 00:00:00 2001 From: itsafuu Date: Mon, 9 Feb 2026 16:58:45 -0500 Subject: [PATCH 30/38] Return to a very basic setup with cleanup --- .github/workflows/build.yml | 106 ++++-------------------------------- 1 file changed, 12 insertions(+), 94 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 2c6da172..295762c2 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -265,24 +265,10 @@ jobs: echo -n "$DEV_DISTRIBUTION_MAC_PROVISION_BASE64" | base64 --decode -o $APP_STORE_PP_PATH # Developer ID certificates and provisioning profile - if [ -z "$DEVELOPER_ID_APP_CERT_BASE64" ] || [ -z "$DEVELOPER_ID_INSTALLER_CERT_BASE64" ]; then - echo "ERROR: Developer ID certificate secrets are missing or empty" - exit 1 - fi echo -n "$DEVELOPER_ID_APP_CERT_BASE64" | base64 --decode -o $DEVELOPER_ID_APP_CERT_PATH echo -n "$DEVELOPER_ID_INSTALLER_CERT_BASE64" | base64 --decode -o $DEVELOPER_ID_INSTALLER_CERT_PATH echo -n "$DEVELOPER_ID_PROVISION_BASE64" | base64 --decode -o $DEVELOPER_ID_PP_PATH - echo "Developer ID cert files:" - ls -la "$DEVELOPER_ID_APP_CERT_PATH" "$DEVELOPER_ID_INSTALLER_CERT_PATH" - file "$DEVELOPER_ID_APP_CERT_PATH" || true - file "$DEVELOPER_ID_INSTALLER_CERT_PATH" || true - - # create temporary keychain - security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH - security set-keychain-settings -lut 21600 $KEYCHAIN_PATH - security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH - # Clean up any old app-signing keychains from previous runs (self-hosted only) echo "=== Cleaning up old app-signing keychains ===" security list-keychains -d user | grep "app-signing.keychain-db" | grep -v "$KEYCHAIN_PATH" | while read old_keychain; do @@ -293,102 +279,34 @@ jobs: fi done || true - # import certificates to keychain - let macOS auto-detect formats - echo "=== Importing App Store/TestFlight certificates ===" - - # DEV_DISTRIBUTION_SIGNER_CERT_PATH is .p12 (needs password) - echo "Importing Distribution Signer certificate (.p12)..." - security import $DEV_DISTRIBUTION_SIGNER_CERT_PATH -P "$DEV_DISTRIBUTION_P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH - - # DEV_DISTRIBUTION_INSTALLER_CERT_PATH - try with password first (auto-detect format), then without - echo "Importing Distribution Installer certificate..." - if ! security import $DEV_DISTRIBUTION_INSTALLER_CERT_PATH -P "$DEV_DISTRIBUTION_P12_PASSWORD" -A -t cert -k $KEYCHAIN_PATH 2>/dev/null; then - echo " Failed with password, trying without password..." - security import $DEV_DISTRIBUTION_INSTALLER_CERT_PATH -A -t cert -k $KEYCHAIN_PATH - fi + # create temporary keychain + security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH + security set-keychain-settings -lut 21600 $KEYCHAIN_PATH + security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH - # Check if Developer ID certificates already exist in system keychains (self-hosted runners) - echo "=== Checking for existing Developer ID certificates ===" - if security find-identity -v -p codesigning | grep -q "Developer ID Application"; then - echo "NOTE: Developer ID Application certificate already exists in system keychain" - else - echo "Developer ID Application certificate not found in system keychain" - fi - if security find-identity -v -p codesigning | grep -q "Developer ID Installer"; then - echo "NOTE: Developer ID Installer certificate already exists in system keychain" - else - echo "Developer ID Installer certificate not found in system keychain" - fi + # import certificates to keychain + security import $DEV_DISTRIBUTION_SIGNER_CERT_PATH -P "$DEV_DISTRIBUTION_P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH + security import $DEV_DISTRIBUTION_INSTALLER_CERT_PATH -P "$DEV_DISTRIBUTION_P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH - # Import Developer ID certificates - echo "=== Importing Developer ID certificates ===" + # Import Developer ID certificates - handle different formats if [[ "$DEVELOPER_ID_APP_CERT_PATH" == *.cer ]]; then # .cer file doesn't need password - echo "Importing Developer ID Application certificate (without password)..." - if security import $DEVELOPER_ID_APP_CERT_PATH -A -t cert -k $KEYCHAIN_PATH; then - echo "✓ Developer ID Application certificate import succeeded" - else - echo "✗ Developer ID Application certificate import FAILED with exit code $?" - fi + security import $DEVELOPER_ID_APP_CERT_PATH -A -t cert -k $KEYCHAIN_PATH else # .p12 file needs password - echo "Importing Developer ID Application p12 (with password)..." - if security import $DEVELOPER_ID_APP_CERT_PATH -P "$DEVELOPER_ID_P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH; then - echo "✓ Developer ID Application p12 import succeeded" - else - echo "✗ Developer ID Application p12 import FAILED with exit code $?" - fi - fi - - echo "Importing Developer ID Installer certificate..." - if security import $DEVELOPER_ID_INSTALLER_CERT_PATH -P "$DEVELOPER_ID_P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH; then - echo "✓ Developer ID Installer certificate import succeeded" - else - echo "✗ Developer ID Installer certificate import FAILED with exit code $?" + security import $DEVELOPER_ID_APP_CERT_PATH -P "$DEVELOPER_ID_P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH fi - # Ensure Apple root and intermediate certificates are present in the temp keychain - APPLE_ROOT_CA_PATH=$RUNNER_TEMP/apple_root_ca.cer - APPLE_WWDR_CA_PATH=$RUNNER_TEMP/apple_wwdr_ca.cer - curl -sS -o "$APPLE_ROOT_CA_PATH" https://www.apple.com/certificateauthority/AppleRootCA-G2.cer - curl -sS -o "$APPLE_WWDR_CA_PATH" https://www.apple.com/certificateauthority/AppleWWDRCAG4.cer - security import "$APPLE_ROOT_CA_PATH" -A -t cert -k $KEYCHAIN_PATH - security import "$APPLE_WWDR_CA_PATH" -A -t cert -k $KEYCHAIN_PATH - - echo "=== Certificates in temp keychain ONLY ===" - security find-identity -v -p codesigning $KEYCHAIN_PATH + security import $DEVELOPER_ID_INSTALLER_CERT_PATH -P "$DEVELOPER_ID_P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH security set-key-partition-list -S apple-tool:,apple: -k "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH - - echo "=== Keychain search list BEFORE modification ===" - security list-keychains -d user - - # Try using ONLY the temp keychain (no system keychain) - security default-keychain -s $KEYCHAIN_PATH security list-keychains -d user -s $KEYCHAIN_PATH - - echo "=== Keychain search list AFTER modification ===" - security list-keychains -d user - - echo "=== macOS version ===" - sw_vers - echo "=== Available identities with temp keychain only ===" + echo "=== Available identities in keychain ===" security find-identity -v echo "=== Searching for specific certificate types ===" security find-identity -v -p codesigning - - echo "=== Checking which keychains contain each identity ===" - for keychain in $(security list-keychains -d user | tr -d '"'); do - echo "Keychain: $keychain" - security find-identity -v -p codesigning "$keychain" 2>/dev/null || echo " (no codesigning identities)" - done - - if ! security find-identity -v -p codesigning | grep -q "Developer ID Application"; then - echo "ERROR: Developer ID Application identity not found in keychain" - exit 1 - fi echo "=== All certificates in keychain ===" security dump-keychain $KEYCHAIN_PATH | grep -A 5 -B 5 "Developer\|3rd Party" From aa8ce83322a5a2c5004904457b861178fd192884 Mon Sep 17 00:00:00 2001 From: itsafuu Date: Mon, 9 Feb 2026 17:12:57 -0500 Subject: [PATCH 31/38] Simplify keychain cleanup --- .github/workflows/build.yml | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 295762c2..620c0df1 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -269,15 +269,12 @@ jobs: echo -n "$DEVELOPER_ID_INSTALLER_CERT_BASE64" | base64 --decode -o $DEVELOPER_ID_INSTALLER_CERT_PATH echo -n "$DEVELOPER_ID_PROVISION_BASE64" | base64 --decode -o $DEVELOPER_ID_PP_PATH - # Clean up any old app-signing keychains from previous runs (self-hosted only) - echo "=== Cleaning up old app-signing keychains ===" - security list-keychains -d user | grep "app-signing.keychain-db" | grep -v "$KEYCHAIN_PATH" | while read old_keychain; do - old_keychain=$(echo "$old_keychain" | tr -d '"' | xargs) - if [ -f "$old_keychain" ]; then - echo "Deleting old keychain: $old_keychain" - security delete-keychain "$old_keychain" 2>/dev/null || true - fi - done || true + # Clean up old keychain from previous run (self-hosted runners reuse $RUNNER_TEMP) + if [ -f "$KEYCHAIN_PATH" ]; then + echo "Cleaning up existing keychain: $KEYCHAIN_PATH" + security delete-keychain "$KEYCHAIN_PATH" 2>/dev/null || true + rm -f "$KEYCHAIN_PATH" 2>/dev/null || true + fi # create temporary keychain security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH From e92c939c64b81c51d4af832fadbb60e912f4e841 Mon Sep 17 00:00:00 2001 From: itsafuu Date: Mon, 9 Feb 2026 17:19:46 -0500 Subject: [PATCH 32/38] Check keychain search paths --- .github/workflows/build.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 620c0df1..74ace04f 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -298,6 +298,9 @@ jobs: security set-key-partition-list -S apple-tool:,apple: -k "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH security list-keychains -d user -s $KEYCHAIN_PATH + + echo "=== Keychain search list after configuration ===" + security list-keychains -d user echo "=== Available identities in keychain ===" security find-identity -v @@ -502,6 +505,13 @@ jobs: NOTARIZATION_PASSWORD: ${{ secrets.WALLET_NOTARIZATION_PASSWORD }} run: | cd build/macos/Build/Products/${{matrix.build-type}} + + # Re-ensure temp keychain is the only one in search list + KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db + security list-keychains -d user -s $KEYCHAIN_PATH + + echo "=== Keychain search list at signing step ===" + security list-keychains -d user # First, let's see what certificates are available echo "=== Available signing identities ===" From 4d5a8a1fbc2cc147077f967506071fd308c9466a Mon Sep 17 00:00:00 2001 From: itsafuu Date: Mon, 9 Feb 2026 17:25:52 -0500 Subject: [PATCH 33/38] I guess this finally works even though the output is strange --- .github/workflows/build.yml | 42 ++++++++++++++++++------------------- 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 74ace04f..cb9489db 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -66,30 +66,30 @@ jobs: build-type: [Release] abi: [""] include: - # - target: Linux - # host: sg-ubuntu-linux - # flutter-platform: linux - # abi: x86_64 - # build-type: Release - # container: ghcr.io/geniusventures/debian-bullseye:latest - # - target: Linux - # host: ubuntu-24.04-arm - # flutter-platform: linux - # abi: aarch64 - # build-type: Release - # container: ghcr.io/geniusventures/debian-bullseye:latest - # - target: Windows - # host: SG-WIN11 - # flutter-platform: windows + - target: Linux + host: sg-ubuntu-linux + flutter-platform: linux + abi: x86_64 + build-type: Release + container: ghcr.io/geniusventures/debian-bullseye:latest + - target: Linux + host: ubuntu-24.04-arm + flutter-platform: linux + abi: aarch64 + build-type: Release + container: ghcr.io/geniusventures/debian-bullseye:latest + - target: Windows + host: SG-WIN11 + flutter-platform: windows - target: OSX host: gv-OSX-Large flutter-platform: macos - # - target: Android - # host: sg-ubuntu-linux - # flutter-platform: apk - # - target: iOS - # host: macos-latest - # flutter-platform: ios + - target: Android + host: sg-ubuntu-linux + flutter-platform: apk + - target: iOS + host: macos-latest + flutter-platform: ios exclude: - target: Linux abi: "" From cf2c7dabb4d17d786ebb4696975f227020a15e06 Mon Sep 17 00:00:00 2001 From: itsafuu Date: Mon, 9 Feb 2026 18:20:37 -0500 Subject: [PATCH 34/38] Cleanup changes --- .github/workflows/build.yml | 33 ++++++--------------------------- 1 file changed, 6 insertions(+), 27 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index cb9489db..f48c7b50 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -62,7 +62,7 @@ jobs: strategy: fail-fast: false matrix: - target: [OSX] + target: [Android, iOS, OSX, Linux, Windows] build-type: [Release] abi: [""] include: @@ -100,34 +100,13 @@ jobs: echo "=== PRE-CLEANUP DEBUG ===" echo "Current working directory: $(pwd)" echo "Workspace: ${{github.workspace}}" - - if [ -d "${{github.workspace}}" ]; then - cd "${{github.workspace}}" - echo "Changed to workspace directory: $(pwd)" - echo "Contents:" - ls -la - - if [ -d ".git" ]; then - echo "Git repository detected, performing deep clean..." - # Remove stale lock files first - echo "Removing stale git lock files..." - find . -name "index.lock" -type f -delete 2>/dev/null || true - find . -name "*.lock" -path "*/.git/*" -type f -delete 2>/dev/null || true - - git clean -xfd - git submodule foreach --recursive git clean -xfd - git reset --hard - git submodule foreach --recursive git reset --hard - echo "Git clean completed" - else - echo "Not a git repository, skipping git clean" - fi - else - echo "Workspace directory does not exist yet, skipping cleanup" - fi - + echo "=== CLEANUP ARTIFACTS ===" # Clean up artifacts from previous runs (self-hosted runners only) + if [ -d "GeniusWallet" ]; then + echo "Removing GeniusWallet directory..." + rm -rf GeniusWallet + fi if [ -d "thirdparty" ]; then echo "Removing thirdparty directory..." rm -rf thirdparty From 1da51bc496fc1077f5b79c9e543c40f8d5d4621b Mon Sep 17 00:00:00 2001 From: itsafuu Date: Mon, 9 Feb 2026 18:23:12 -0500 Subject: [PATCH 35/38] Use workspace directory --- .github/workflows/build.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index f48c7b50..80353c4a 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -96,11 +96,12 @@ jobs: steps: - name: Clean workspace (self-hosted runners) if: ${{ runner.environment == 'self-hosted' }} + working-directory: ${{github.workspace}} run: | echo "=== PRE-CLEANUP DEBUG ===" echo "Current working directory: $(pwd)" echo "Workspace: ${{github.workspace}}" - + echo "=== CLEANUP ARTIFACTS ===" # Clean up artifacts from previous runs (self-hosted runners only) if [ -d "GeniusWallet" ]; then From f3f45d52eb4f0dd5856a76721ce2e1f5a89bf746 Mon Sep 17 00:00:00 2001 From: itsafuu Date: Mon, 9 Feb 2026 18:27:43 -0500 Subject: [PATCH 36/38] Hopefully correct directory --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 80353c4a..c21b7ff6 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -96,7 +96,7 @@ jobs: steps: - name: Clean workspace (self-hosted runners) if: ${{ runner.environment == 'self-hosted' }} - working-directory: ${{github.workspace}} + working-directory: ${{runner.workspace}} run: | echo "=== PRE-CLEANUP DEBUG ===" echo "Current working directory: $(pwd)" From aa807051d5dc34c2bd632028a7c67fe4113c4830 Mon Sep 17 00:00:00 2001 From: itsafuu Date: Mon, 9 Feb 2026 18:34:03 -0500 Subject: [PATCH 37/38] Don't fully delete main directory --- .github/workflows/build.yml | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index c21b7ff6..40bdaea8 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -100,14 +100,20 @@ jobs: run: | echo "=== PRE-CLEANUP DEBUG ===" echo "Current working directory: $(pwd)" - echo "Workspace: ${{github.workspace}}" + echo "Runner workspace: ${{runner.workspace}}" + echo "GitHub workspace: ${{github.workspace}}" echo "=== CLEANUP ARTIFACTS ===" # Clean up artifacts from previous runs (self-hosted runners only) + + # Clean contents of GeniusWallet directory but keep the directory itself if [ -d "GeniusWallet" ]; then - echo "Removing GeniusWallet directory..." - rm -rf GeniusWallet + echo "Cleaning GeniusWallet directory contents..." + rm -rf GeniusWallet/* GeniusWallet/.* 2>/dev/null || true + echo "GeniusWallet directory cleaned (kept the directory)" fi + + # Delete sibling dependency directories completely if [ -d "thirdparty" ]; then echo "Removing thirdparty directory..." rm -rf thirdparty @@ -126,10 +132,11 @@ jobs: fi echo "=== POST-CLEANUP DEBUG ===" - if [ -d "${{github.workspace}}" ]; then - cd "${{github.workspace}}" - echo "Final workspace contents:" - ls -la + echo "Runner workspace contents:" + ls -la + if [ -d "GeniusWallet" ]; then + echo "GeniusWallet directory exists and contains:" + ls -la GeniusWallet/ 2>/dev/null || echo " (empty)" fi shell: bash From c1e5f04a277da561ce80a324a05c87a3c4d9a466 Mon Sep 17 00:00:00 2001 From: itsafuu Date: Tue, 10 Feb 2026 13:13:38 -0500 Subject: [PATCH 38/38] Switch to GH runner to not corrupt keychain on gv osx large until we have some sort of alternative --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 40bdaea8..11e50cf2 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -82,7 +82,7 @@ jobs: host: SG-WIN11 flutter-platform: windows - target: OSX - host: gv-OSX-Large + host: macos-latest flutter-platform: macos - target: Android host: sg-ubuntu-linux