Skip to content

Commit

Permalink
ci: code signing of mac releases
Browse files Browse the repository at this point in the history
  • Loading branch information
mattyg committed Nov 6, 2024
1 parent a8363b5 commit 6f6807a
Showing 1 changed file with 30 additions and 1 deletion.
31 changes: 30 additions & 1 deletion .github/workflows/release-tauri-app.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -173,6 +173,11 @@ jobs:
# - platform: 'ubuntu-22.04'

runs-on: ${{ matrix.platform }}

env:
APPLE_ID: ${{ secrets.APPLE_ID }}
APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }}

steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
# Checks out a copy of your repository on the ubuntu-latest machine
Expand All @@ -199,10 +204,34 @@ jobs:
npm install
npm run setup:happ-release
- name: build the app
- name: Import Apple Developer Certificate
env:
APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }}
APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }}
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
run: |
echo $APPLE_CERTIFICATE | base64 --decode > certificate.p12
security create-keychain -p "$KEYCHAIN_PASSWORD" build.keychain
security default-keychain -s build.keychain
security unlock-keychain -p "$KEYCHAIN_PASSWORD" build.keychain
security import certificate.p12 -k build.keychain -P "$APPLE_CERTIFICATE_PASSWORD" -T /usr/bin/codesign
security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k "$KEYCHAIN_PASSWORD" build.keychain
security find-identity -v -p codesigning build.keychain
- name: Verify Apple Developer Certificate
run: |
CERT_INFO=$(security find-identity -v -p codesigning build.keychain | grep "Apple Development")
CERT_ID=$(echo "$CERT_INFO" | awk -F'"' '{print $2}')
echo "CERT_ID=$CERT_ID" >> $GITHUB_ENV
echo "Certificate imported."
- name: Build the App
uses: tauri-apps/tauri-action@v0
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }}
APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }}
APPLE_SIGNING_IDENTITY: ${{ env.CERT_ID }}
with:
tagName: Relay-v__VERSION__ # the action automatically replaces \_\_VERSION\_\_ with the app version.
releaseName: 'Relay v__VERSION__'
Expand Down

0 comments on commit 6f6807a

Please sign in to comment.