Skip to content

Commit

Permalink
ci: notarize set default keychain
Browse files Browse the repository at this point in the history
  • Loading branch information
@n8maninger
n8maninger committed Mar 31, 2023
1 parent 8803ece commit cf861ee
Showing 1 changed file with 4 additions and 3 deletions.
7 changes: 4 additions & 3 deletions .github/workflows/publish.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -131,12 +131,13 @@ jobs:
# create temp keychain
security create-keychain -p "$APPLE_KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security default-keychain -s $KEYCHAIN_PATH
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
security unlock-keychain -p "$APPLE_KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
# import keychain
security import $APPLE_CERT_PATH -P $APPLE_CERT_PASSWORD -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
security list-keychain -d user -s $KEYCHAIN_PATH
security find-identity $KEYCHAIN_PATH
security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k $APPLE_KEYCHAIN_PASSWORD $KEYCHAIN_PATH
- name: Build amd64
env:
Expand All @@ -149,7 +150,7 @@ jobs:
mkdir -p release
go build -tags='netgo' -trimpath -o bin/ -a -ldflags '-s -w' ./cmd/hostd
cp README.md LICENSE api/openapi.yml bin/
codesign --deep -f -v --timestamp -o runtime,library -s $APPLE_CERT_ID bin/hostd
/usr/bin/codesign --deep -f -v --timestamp -o runtime,library -s $APPLE_CERT_ID bin/hostd
ditto -ck bin $ZIP_OUTPUT
xcrun notarytool submit -k ~/private_keys/AuthKey_$APPLE_API_KEY.p8 -d $APPLE_API_KEY -i $APPLE_API_ISSUER --wait --timeout 10m $ZIP_OUTPUT
- name: Build arm64
Expand All @@ -163,7 +164,7 @@ jobs:
mkdir -p release
go build -tags='netgo' -trimpath -o bin/ -a -ldflags '-s -w' ./cmd/hostd
cp README.md LICENSE api/openapi.yml bin/
codesign --deep -f -v --timestamp -o runtime,library -s $APPLE_CERT_ID bin/hostd
/usr/bin/codesign --deep -f -v --timestamp -o runtime,library -s $APPLE_CERT_ID bin/hostd
ditto -ck bin $ZIP_OUTPUT
xcrun notarytool submit -k ~/private_keys/AuthKey_$APPLE_API_KEY.p8 -d $APPLE_API_KEY -i $APPLE_API_ISSUER --wait --timeout 10m $ZIP_OUTPUT
- uses: actions/upload-artifact@v3
Expand Down

0 comments on commit cf861ee

Please sign in to comment.