codesigning done during build by fix-machos.rb (#1154)

* codesigning done during build by fix-machos.rb

* align names
This commit is contained in:
Jacob Heider 2023-03-31 10:12:12 -04:00 committed by GitHub
parent 91e05e5e88
commit 0b160b2013
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -45,11 +45,19 @@ jobs:
if: fromJson(needs.get-platform.outputs.build-os) == 'macos-11' if: fromJson(needs.get-platform.outputs.build-os) == 'macos-11'
run: sudo mv /usr/local/bin/* /tmp/ run: sudo mv /usr/local/bin/* /tmp/
# setup macOS codesigning
- uses: teaxyz/brewkit/actions/setup-codesign@v0
if: startsWith(inputs.platform, 'darwin+') && github.event.pull_request.head.repo.full_name == github.event.pull_request.base.repo.full_name
with:
p12-file-base64: ${{ secrets.APPLE_CERTIFICATE_P12 }}
p12-password: ${{ secrets.APPLE_CERTIFICATE_P12_PASSWORD }}
- run: pkg build ${{ inputs.projects }} - run: pkg build ${{ inputs.projects }}
id: build id: build
env: env:
GITHUB_TOKEN: ${{ github.token }} GITHUB_TOKEN: ${{ github.token }}
FORCE_UNSAFE_CONFIGURE: 1 # some configure scripts refuse to run as root FORCE_UNSAFE_CONFIGURE: 1 # some configure scripts refuse to run as root
APPLE_IDENTITY: ${{ secrets.APPLE_IDENTITY }}
- run: | - run: |
ABS_PATHS=$(echo $PATHS | tr ' ' '\n' | sed -e "s_^_$TEA_PREFIX/_" | tr '\n' ' ') ABS_PATHS=$(echo $PATHS | tr ' ' '\n' | sed -e "s_^_$TEA_PREFIX/_" | tr '\n' ' ')
@ -60,15 +68,6 @@ jobs:
PATHS: ${{ steps.build.outputs.relative-paths }} PATHS: ${{ steps.build.outputs.relative-paths }}
TEA_PREFIX: ${{ steps.tea.outputs.prefix }} TEA_PREFIX: ${{ steps.tea.outputs.prefix }}
# sign macOS binaries
- uses: teaxyz/brewkit/actions/codesign@v0
if: startsWith(inputs.platform, 'darwin+') && github.event.pull_request.head.repo.full_name == github.event.pull_request.base.repo.full_name
with:
p12-file-base64: ${{ secrets.APPLE_CERTIFICATE_P12 }}
p12-password: ${{ secrets.APPLE_CERTIFICATE_P12_PASSWORD }}
identity: "Developer ID Application: Tea Inc. (7WV56FL599)"
paths: ${{ steps.absolute-paths.outputs.paths }}
# cache data we'll need in the bottling job # cache data we'll need in the bottling job
- name: assemble artifact metadata - name: assemble artifact metadata
run: | run: |