Skip to content
This repository has been archived by the owner on Dec 18, 2024. It is now read-only.

Commit

Permalink
Update build.yaml to import Apple Certificate for MacOS
Browse files Browse the repository at this point in the history
  • Loading branch information
royshil committed Apr 29, 2024
1 parent b545e5c commit cfdb700
Showing 1 changed file with 18 additions and 18 deletions.
36 changes: 18 additions & 18 deletions .github/workflows/build.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -58,24 +58,24 @@ jobs:
python -m pip install -r requirements.txt
# - name: Import Apple Certificate
# if: matrix.os == 'macos-latest' || matrix.os == 'macos-latest-xlarge' && github.runner != 'self-hosted'
# run: |
# if security list-keychains | grep -q "github_build.keychain"; then
# security delete-keychain github_build.keychain
# fi
# security create-keychain -p "" github_build.keychain
# security default-keychain -s github_build.keychain
# security set-keychain-settings -lut 21600 github_build.keychain
# echo "${{ secrets.APPLE_CERTIFICATE }}" | base64 --decode > apple_certificate.p12
# security import apple_certificate.p12 -k github_build.keychain -P "${{ secrets.APPLE_CERTIFICATE_PASSWORD }}" \
# -t cert -f pkcs12 -T /usr/bin/codesign -T /usr/bin/security -T /usr/bin/xcrun
# security unlock-keychain -p "" github_build.keychain
# security set-key-partition-list -S 'apple-tool:,apple:' -s -k "" github_build.keychain
# security list-keychain -d user -s github_build.keychain 'login-keychain'
# env:
# APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }}
# APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }}
- name: Import Apple Certificate
if: matrix.os == 'macos-latest' || matrix.os == 'macos-latest-xlarge' && github.runner != 'self-hosted'
run: |
if security list-keychains | grep -q "github_build.keychain"; then
security delete-keychain github_build.keychain
fi
security create-keychain -p "" github_build.keychain
security default-keychain -s github_build.keychain
security set-keychain-settings -lut 21600 github_build.keychain
echo "${{ secrets.APPLE_CERTIFICATE }}" | base64 --decode > apple_certificate.p12
security import apple_certificate.p12 -k github_build.keychain -P "${{ secrets.APPLE_CERTIFICATE_PASSWORD }}" \
-t cert -f pkcs12 -T /usr/bin/codesign -T /usr/bin/security -T /usr/bin/xcrun
security unlock-keychain -p "" github_build.keychain
security set-key-partition-list -S 'apple-tool:,apple:' -s -k "" github_build.keychain
security list-keychain -d user -s github_build.keychain 'login-keychain'
env:
APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }}
APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }}

- name: Unlock keychain on Mac
if: matrix.os == 'macos-latest' || matrix.os == 'macos-latest-xlarge'
Expand Down

0 comments on commit cfdb700

Please sign in to comment.