fix(workflows): update local signing workflow to use new code signing action and improve notarization options

2025-04-14 14:29:58 +02:00 · 2025-04-14 14:29:58 +02:00 · 3711f6db96
commit 3711f6db96
parent 30b3e678ca
1 changed files with 9 additions and 17 deletions
--- a/.gitea/workflows/test-local-signing.yml
+++ b/.gitea/workflows/test-local-signing.yml
@ -88,30 +88,22 @@ jobs:
          ls -la "$TEST_APP_DIR"
        shell: bash
        
-      - name: Install App Store Connect API Key
-        run: |
-          mkdir -p private_keys/
-          echo '${{ secrets.APPLE_NOTARY_API_KEY }}' > private_keys/AuthKey_${{ secrets.APPLE_NOTARY_API_KEY_ID }}.p8
-        shell: bash
-        
      - name: Sign and Notarize App
-        uses: indygreg/apple-code-sign-action@v1
+        uses: lando/code-sign-action@v3
        with:
-          input_path: TestApp.app
-          output_path: TestApp.app
-          notarize: true
-          staple: true
-          p12_file: certificate.p12
-          p12_password: ${{ secrets.MACOS_CERTIFICATE_PWD }}
-          app_store_connect_api_issuer: ${{ secrets.APPLE_NOTARY_API_ISSUER_ID }}
-          app_store_connect_api_key: ${{ secrets.APPLE_NOTARY_API_KEY_ID }}
-          entitlements: LuckyWorld.entitlements
+          file: TestApp.app
+          certificate-data: ${{ secrets.MACOS_CERTIFICATE }}
+          certificate-password: ${{ secrets.MACOS_CERTIFICATE_PWD }}
+          apple-team-id: ${{ secrets.APPLE_TEAM_ID }}
+          apple-notary-user: ${{ secrets.APPLE_NOTARY_USER }}
+          apple-notary-password: ${{ secrets.APPLE_NOTARY_PASSWORD }}
+          apple-product-id: com.luckyworld.testapp
+          options: --options runtime --entitlements LuckyWorld.entitlements
        
      - name: Cleanup
        if: always()
        run: |
          echo "🧹 Cleaning up..."
          rm -rf TestApp.app || true
-          rm -rf private_keys || true
          echo "✅ Cleanup complete"
        shell: bash