mirror of
https://github.com/desktop/desktop
synced 2024-10-30 17:25:09 +00:00
Merge pull request #17576 from desktop/notary-public
Notarize using notarytool instead of altool
This commit is contained in:
commit
a023a562ec
2 changed files with 16 additions and 15 deletions
2
.github/workflows/ci.yml
vendored
2
.github/workflows/ci.yml
vendored
|
@ -26,6 +26,7 @@ on:
|
|||
DESKTOP_OAUTH_CLIENT_SECRET:
|
||||
APPLE_ID:
|
||||
APPLE_ID_PASSWORD:
|
||||
APPLE_TEAM_ID:
|
||||
APPLE_APPLICATION_CERT:
|
||||
APPLE_APPLICATION_CERT_PASSWORD:
|
||||
WINDOWS_CERT_PFX:
|
||||
|
@ -101,6 +102,7 @@ jobs:
|
|||
${{ secrets.DESKTOP_OAUTH_CLIENT_SECRET }}
|
||||
APPLE_ID: ${{ secrets.APPLE_ID }}
|
||||
APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }}
|
||||
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
|
||||
APPLE_APPLICATION_CERT: ${{ secrets.APPLE_APPLICATION_CERT }}
|
||||
KEY_PASSWORD: ${{ secrets.APPLE_APPLICATION_CERT_PASSWORD }}
|
||||
npm_config_arch: ${{ matrix.arch }}
|
||||
|
|
|
@ -146,14 +146,13 @@ function packageApp() {
|
|||
}
|
||||
|
||||
// get notarization deets, unless we're not going to publish this
|
||||
const notarizationCredentials = isPublishableBuild
|
||||
? getNotarizationCredentials()
|
||||
: undefined
|
||||
const osxNotarize = isPublishableBuild ? getNotarizationOptions() : undefined
|
||||
|
||||
if (
|
||||
isPublishableBuild &&
|
||||
isGitHubActions() &&
|
||||
process.platform === 'darwin' &&
|
||||
notarizationCredentials === undefined
|
||||
osxNotarize === undefined
|
||||
) {
|
||||
// we can't publish a mac build without these
|
||||
throw new Error(
|
||||
|
@ -198,7 +197,7 @@ function packageApp() {
|
|||
identity: isDevelopmentBuild ? '-' : undefined,
|
||||
identityValidation: !isDevelopmentBuild,
|
||||
},
|
||||
osxNotarize: notarizationCredentials,
|
||||
osxNotarize,
|
||||
protocols: [
|
||||
{
|
||||
name: getBundleID(),
|
||||
|
@ -426,14 +425,14 @@ ${licenseText}`
|
|||
rmSync(chooseALicense, { recursive: true, force: true })
|
||||
}
|
||||
|
||||
function getNotarizationCredentials(): OsxNotarizeOptions | undefined {
|
||||
const appleId = process.env.APPLE_ID
|
||||
const appleIdPassword = process.env.APPLE_ID_PASSWORD
|
||||
if (appleId === undefined || appleIdPassword === undefined) {
|
||||
return undefined
|
||||
}
|
||||
return {
|
||||
appleId,
|
||||
appleIdPassword,
|
||||
}
|
||||
function getNotarizationOptions(): OsxNotarizeOptions | undefined {
|
||||
const {
|
||||
APPLE_ID: appleId,
|
||||
APPLE_ID_PASSWORD: appleIdPassword,
|
||||
APPLE_TEAM_ID: teamId,
|
||||
} = process.env
|
||||
|
||||
return appleId && appleIdPassword && teamId
|
||||
? { tool: 'notarytool', appleId, appleIdPassword, teamId }
|
||||
: undefined
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue