Ozgur Ersoy
30b3e678ca
Some checks failed
Test Local Signing / test-local-signing (push) Failing after 2s
117 lines
4.0 KiB
YAML
117 lines
4.0 KiB
YAML
name: Test Local Signing
|
|
|
|
on:
|
|
workflow_dispatch: # Manual trigger
|
|
push:
|
|
branches: [ozgur/build]
|
|
|
|
jobs:
|
|
test-local-signing:
|
|
runs-on: macos
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v3
|
|
|
|
- name: Create Test Entitlements
|
|
run: |
|
|
echo "📝 Creating entitlements file..."
|
|
cat > LuckyWorld.entitlements << EOF
|
|
<?xml version="1.0" encoding="UTF-8"?>
|
|
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
|
|
<plist version="1.0">
|
|
<dict>
|
|
<key>com.apple.security.cs.allow-jit</key>
|
|
<true/>
|
|
<key>com.apple.security.cs.allow-unsigned-executable-memory</key>
|
|
<true/>
|
|
<key>com.apple.security.cs.disable-library-validation</key>
|
|
<true/>
|
|
<key>com.apple.security.cs.allow-dyld-environment-variables</key>
|
|
<true/>
|
|
<key>com.apple.security.device.audio-input</key>
|
|
<true/>
|
|
<key>com.apple.security.device.camera</key>
|
|
<true/>
|
|
</dict>
|
|
</plist>
|
|
EOF
|
|
|
|
echo "✅ Created entitlements file"
|
|
cat LuckyWorld.entitlements
|
|
shell: bash
|
|
|
|
- name: Create Test App Bundle
|
|
run: |
|
|
echo "📦 Creating test app bundle..."
|
|
|
|
# Create test app bundle structure
|
|
TEST_APP_DIR="TestApp.app"
|
|
mkdir -p "$TEST_APP_DIR/Contents/MacOS"
|
|
|
|
# Create a simple test executable
|
|
echo '#!/bin/bash
|
|
echo "Hello from TestApp!"' > "$TEST_APP_DIR/Contents/MacOS/TestApp"
|
|
chmod +x "$TEST_APP_DIR/Contents/MacOS/TestApp"
|
|
|
|
# Create Info.plist
|
|
cat > "$TEST_APP_DIR/Contents/Info.plist" << EOF
|
|
<?xml version="1.0" encoding="UTF-8"?>
|
|
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
|
|
<plist version="1.0">
|
|
<dict>
|
|
<key>CFBundleExecutable</key>
|
|
<string>TestApp</string>
|
|
<key>CFBundleIdentifier</key>
|
|
<string>com.luckyworld.testapp</string>
|
|
<key>CFBundleName</key>
|
|
<string>TestApp</string>
|
|
<key>CFBundlePackageType</key>
|
|
<string>APPL</string>
|
|
<key>CFBundleShortVersionString</key>
|
|
<string>1.0</string>
|
|
<key>LSMinimumSystemVersion</key>
|
|
<string>10.10</string>
|
|
</dict>
|
|
</plist>
|
|
EOF
|
|
|
|
echo "✅ Created test app bundle"
|
|
echo "APP_PATH=$TEST_APP_DIR" >> "$GITHUB_ENV"
|
|
|
|
# Verify app bundle exists
|
|
if [ ! -d "$TEST_APP_DIR" ]; then
|
|
echo "❌ Error: App bundle not found at $TEST_APP_DIR"
|
|
exit 1
|
|
fi
|
|
|
|
echo "🔍 App bundle contents:"
|
|
ls -la "$TEST_APP_DIR"
|
|
shell: bash
|
|
|
|
- name: Install App Store Connect API Key
|
|
run: |
|
|
mkdir -p private_keys/
|
|
echo '${{ secrets.APPLE_NOTARY_API_KEY }}' > private_keys/AuthKey_${{ secrets.APPLE_NOTARY_API_KEY_ID }}.p8
|
|
shell: bash
|
|
|
|
- name: Sign and Notarize App
|
|
uses: indygreg/apple-code-sign-action@v1
|
|
with:
|
|
input_path: TestApp.app
|
|
output_path: TestApp.app
|
|
notarize: true
|
|
staple: true
|
|
p12_file: certificate.p12
|
|
p12_password: ${{ secrets.MACOS_CERTIFICATE_PWD }}
|
|
app_store_connect_api_issuer: ${{ secrets.APPLE_NOTARY_API_ISSUER_ID }}
|
|
app_store_connect_api_key: ${{ secrets.APPLE_NOTARY_API_KEY_ID }}
|
|
entitlements: LuckyWorld.entitlements
|
|
|
|
- name: Cleanup
|
|
if: always()
|
|
run: |
|
|
echo "🧹 Cleaning up..."
|
|
rm -rf TestApp.app || true
|
|
rm -rf private_keys || true
|
|
echo "✅ Cleanup complete"
|
|
shell: bash |