From 30b3e678cac41693a505971845b7c064fa4a8279 Mon Sep 17 00:00:00 2001 From: Ozgur Ersoy Date: Mon, 14 Apr 2025 14:28:18 +0200 Subject: [PATCH] fix(workflows): update local signing workflow to include App Store Connect API key handling and improve notarization process --- .gitea/workflows/test-local-signing.yml | 26 ++++++++++++++++--------- 1 file changed, 17 insertions(+), 9 deletions(-) diff --git a/.gitea/workflows/test-local-signing.yml b/.gitea/workflows/test-local-signing.yml index 46840e11..3134c1e0 100644 --- a/.gitea/workflows/test-local-signing.yml +++ b/.gitea/workflows/test-local-signing.yml @@ -88,22 +88,30 @@ jobs: ls -la "$TEST_APP_DIR" shell: bash + - name: Install App Store Connect API Key + run: | + mkdir -p private_keys/ + echo '${{ secrets.APPLE_NOTARY_API_KEY }}' > private_keys/AuthKey_${{ secrets.APPLE_NOTARY_API_KEY_ID }}.p8 + shell: bash + - name: Sign and Notarize App - uses: lando/code-sign-action@v3 + uses: indygreg/apple-code-sign-action@v1 with: - file: TestApp.app - certificate-data: ${{ secrets.MACOS_CERTIFICATE }} - certificate-password: ${{ secrets.MACOS_CERTIFICATE_PWD }} - apple-team-id: ${{ secrets.APPLE_TEAM_ID }} - apple-notary-user: ${{ secrets.APPLE_NOTARY_USER }} - apple-notary-password: ${{ secrets.APPLE_NOTARY_PASSWORD }} - apple-product-id: com.luckyworld.testapp - options: --options runtime --entitlements LuckyWorld.entitlements + input_path: TestApp.app + output_path: TestApp.app + notarize: true + staple: true + p12_file: certificate.p12 + p12_password: ${{ secrets.MACOS_CERTIFICATE_PWD }} + app_store_connect_api_issuer: ${{ secrets.APPLE_NOTARY_API_ISSUER_ID }} + app_store_connect_api_key: ${{ secrets.APPLE_NOTARY_API_KEY_ID }} + entitlements: LuckyWorld.entitlements - name: Cleanup if: always() run: | echo "🧹 Cleaning up..." rm -rf TestApp.app || true + rm -rf private_keys || true echo "✅ Cleanup complete" shell: bash \ No newline at end of file