LuckyRobots/LuckyWorld
15
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects 1 Releases 13 Wiki Activity

fix(actions): enhance macOS notarization workflow by adding request UUID extraction, improved status checking, and detailed logging for notarization process
Some checks failed
Test macOS Build Action / test-macos-build (push) Failing after 30m38s
Details

Browse Source
This commit is contained in:
Ozgur 2025-04-16 14:45:21 +02:00
parent 500a7dc1c3
commit 622b10e10d
No known key found for this signature in database
GPG Key ID: 66CDF27505A35546
1 changed files with 74 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

79
.gitea/workflows/test-macos-build.yml
View File

@ -516,24 +516,91 @@ jobs:
# Submit for notarization
debug_log "Submitting app for notarization..."
xcrun notarytool submit "$ZIP_PATH" \
# First submit the app to get the request UUID
SUBMIT_OUTPUT=$(xcrun notarytool submit "$ZIP_PATH" \
--key "$API_KEY_FILE" \
--key-id "${{ secrets.NOTARY_API_KEY_ID }}" \
--issuer "${{ secrets.NOTARY_API_KEY_ISSUER_ID }}")
echo "$SUBMIT_OUTPUT" | tee -a "$DEBUG_LOG_PATH"
# Extract the request UUID
REQUEST_UUID=$(echo "$SUBMIT_OUTPUT" | grep -o "id: [a-z0-9-]*" | cut -d' ' -f2)
if [ -z "$REQUEST_UUID" ]; then
debug_log "ERROR: Failed to extract request UUID"
echo "NOTARIZATION_RESULT=false" >> $GITHUB_ENV
exit 1
fi
debug_log "Notarization request submitted with UUID: $REQUEST_UUID"
debug_log "Waiting for notarization to complete (this may take several minutes)..."
# Wait for notarization to complete with verbose output
WAIT_COUNTER=1
while true; do
if [ $WAIT_COUNTER -gt 60 ]; then
debug_log "ERROR: Notarization wait timeout after 60 minutes"
echo "NOTARIZATION_RESULT=false" >> $GITHUB_ENV
exit 1
fi
# Sleep for 60 seconds between checks
if [ $WAIT_COUNTER -gt 1 ]; then
debug_log "Waiting 60 seconds before checking again (attempt $WAIT_COUNTER)..."
sleep 60
fi
INFO_OUTPUT=$(xcrun notarytool info "$REQUEST_UUID" \
--key "$API_KEY_FILE" \
--key-id "${{ secrets.NOTARY_API_KEY_ID }}" \
--issuer "${{ secrets.NOTARY_API_KEY_ISSUER_ID }}")
echo "$INFO_OUTPUT" | tee -a "$DEBUG_LOG_PATH"
# Extract status
REQUEST_STATUS=$(echo "$INFO_OUTPUT" | grep -o "status: [A-Za-z]*" | cut -d' ' -f2)
debug_log "Current notarization status: $REQUEST_STATUS"
if [ "$REQUEST_STATUS" == "Accepted" ]; then
debug_log "Notarization completed successfully!"
break
elif [ "$REQUEST_STATUS" == "Invalid" ] || [ "$REQUEST_STATUS" == "Rejected" ]; then
debug_log "ERROR: Notarization failed with status: $REQUEST_STATUS"
# Get log URL if available
LOG_URL=$(echo "$INFO_OUTPUT" | grep -o "LogFileURL: [^ ]*" | cut -d' ' -f2)
if [ -n "$LOG_URL" ]; then
debug_log "Downloading log file from: $LOG_URL"
curl -s "$LOG_URL" | tee "$WORK_DIR/notarization_log.json" | tee -a "$DEBUG_LOG_PATH"
fi
echo "NOTARIZATION_RESULT=false" >> $GITHUB_ENV
exit 1
fi
WAIT_COUNTER=$((WAIT_COUNTER+1))
done
# Get detailed logs at the end
xcrun notarytool log "$REQUEST_UUID" \
--key "$API_KEY_FILE" \
--key-id "${{ secrets.NOTARY_API_KEY_ID }}" \
--issuer "${{ secrets.NOTARY_API_KEY_ISSUER_ID }}" \
--wait > "$WORK_DIR/notarization_output.txt" 2>&1
"$WORK_DIR/notarization_details.json"
cat "$WORK_DIR/notarization_output.txt" | tee -a "$DEBUG_LOG_PATH"
debug_log "Detailed notarization log saved to $WORK_DIR/notarization_details.json"
cat "$WORK_DIR/notarization_details.json" | tee -a "$DEBUG_LOG_PATH"
# Check if notarization was successful
REQUEST_STATUS=$(grep -o "status: .*" "$WORK_DIR/notarization_output.txt" | cut -d ' ' -f2)
if [[ "$REQUEST_STATUS" == "Accepted" ]]; then
debug_log "Notarization successful"
echo "NOTARIZATION_RESULT=true" >> $GITHUB_ENV
else
debug_log "ERROR: Notarization failed or timed out"
debug_log "Notarization status: $REQUEST_STATUS"
cat "$WORK_DIR/notarization_output.txt"
echo "NOTARIZATION_RESULT=false" >> $GITHUB_ENV
exit 1
fi