fix(workflows): update local signing workflow to include App Store Connect API key handling and improve notarization process

2025-04-14 14:28:18 +02:00 · 2025-04-14 14:28:18 +02:00 · 30b3e678ca
commit 30b3e678ca
parent 24d51f2c40
1 changed files with 17 additions and 9 deletions
--- a/.gitea/workflows/test-local-signing.yml
+++ b/.gitea/workflows/test-local-signing.yml
@ -88,22 +88,30 @@ jobs:
          ls -la "$TEST_APP_DIR"
        shell: bash
      - name: Install App Store Connect API Key
        run: |
          mkdir -p private_keys/
          echo '${{ secrets.APPLE_NOTARY_API_KEY }}' > private_keys/AuthKey_${{ secrets.APPLE_NOTARY_API_KEY_ID }}.p8
        shell: bash
      - name: Sign and Notarize App
-        uses: lando/code-sign-action@v3
+        uses: indygreg/apple-code-sign-action@v1
        with:
-          file: TestApp.app
+          input_path: TestApp.app
-          certificate-data: ${{ secrets.MACOS_CERTIFICATE }}
+          output_path: TestApp.app
-          certificate-password: ${{ secrets.MACOS_CERTIFICATE_PWD }}
+          notarize: true
-          apple-team-id: ${{ secrets.APPLE_TEAM_ID }}
+          staple: true
-          apple-notary-user: ${{ secrets.APPLE_NOTARY_USER }}
+          p12_file: certificate.p12
-          apple-notary-password: ${{ secrets.APPLE_NOTARY_PASSWORD }}
+          p12_password: ${{ secrets.MACOS_CERTIFICATE_PWD }}
-          apple-product-id: com.luckyworld.testapp
+          app_store_connect_api_issuer: ${{ secrets.APPLE_NOTARY_API_ISSUER_ID }}
-          options: --options runtime --entitlements LuckyWorld.entitlements
+          app_store_connect_api_key: ${{ secrets.APPLE_NOTARY_API_KEY_ID }}
          entitlements: LuckyWorld.entitlements
      - name: Cleanup
        if: always()
        run: |
          echo "🧹 Cleaning up..."
          rm -rf TestApp.app || true
          rm -rf private_keys || true
          echo "✅ Cleanup complete"
        shell: bash