Skip to content

Commit

Permalink
Step 15
Browse files Browse the repository at this point in the history
  • Loading branch information
@vprus
vprus committed Jan 29, 2024
1 parent ba68a5e commit e874f31
Showing 1 changed file with 35 additions and 0 deletions.
35 changes: 35 additions & 0 deletions .github/workflows/storage-advisor-release.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,3 +58,38 @@ jobs:
with:
version: tags/${{ steps.release-id.outputs.RELEASE_TAG }}
file: storage-advisor-${{ steps.release-id.outputs.RELEASE_TAG }}-darwin-amd64.tar.gz
- name: Sign
env: # Or as an environment variable
DEVELOPER_ID_APPLICATION_P12: ${{ secrets.DEVELOPER_ID_APPLICATION_P12 }}
DEVELOPER_ID_APPLICATION_P12_PWD: ${{ secrets.DEVELOPER_ID_APPLICATION_P12_PWD }}
run: |
tar -xzf storage-advisor-${{ steps.release-id.outputs.RELEASE_TAG }}-darwin-amd64.tar.gz
KEYCHAIN_NAME=\$(cat /dev/random | LC_CTYPE=C tr -dc "[:alpha:]" | head -c 16)
KEYCHAIN_PASSWORD=\$(cat /dev/random | LC_CTYPE=C tr -dc "[:alpha:]" | head -c 16)
security create-keychain -p "\${KEYCHAIN_PASSWORD}" "\${KEYCHAIN_NAME}"
security unlock-keychain -p "\${KEYCHAIN_PASSWORD}" "\${KEYCHAIN_NAME}"
curl -O https://www.apple.com/appleca/AppleIncRootCertificate.cer
security import AppleIncRootCertificate.cer -t cert -k "\${KEYCHAIN_NAME}" -T /usr/bin/codesign -T /usr/bin/xcodebuild
curl -O https://www.apple.com/certificateauthority/DeveloperIDCA.cer
security import DeveloperIDCA.cer -t cert -k "\${KEYCHAIN_NAME}" -T /usr/bin/codesign -T /usr/bin/xcodebuild
rm AppleIncRootCertificate.cer DeveloperIDC
echo "$DEVELOPER_ID_APPLICATION_P12" | base64 -d > signing_cert.p12
security import signing_cert.p12 -P "$DEVELOPER_ID_APPLICATION_P12_PWD" -k "\${KEYCHAIN_NAME}" -T /usr/bin/codesign -T /usr/bin/xcodebuild
rm signing_cer
security set-keychain-settings \$KEYCHAIN_NAME
security set-key-partition-list -S apple-tool:,apple: -s -k "\${KEYCHAIN_PASSWORD}" "\${KEYCHAIN_N
# we need to add our new keychain to user search list to use the certificate
keychainNames=();
for keychain in \$(security list-keychains -d user)
do
basename=\$(basename "\$keychain")
keychainName=\${basename::\${#basename}-4}
keychainNames+=("\$keychainName")
done
security -v list-keychains -s "\${keychainNames[@]}" \$KEYCHAIN_NAME
codesign -s 98A9FF12B0FCCCEEDE752C824A2A7E189B5AEEAE -o runtime -v storage-advisor
security -v delete-keychain \$KEYCHAIN_NAME

0 comments on commit e874f31

Please sign in to comment.