GitHub-Proxy/OrcaSlicer
1
0
Fork 0
mirror of https://git.mirrors.martin98.com/https://github.com/SoftFever/OrcaSlicer.git synced 2025-08-12 19:49:06 +08:00
Code Issues Packages Projects Releases Wiki Activity

sign mac app

Browse Source
This commit is contained in:
SoftFever 2023-03-15 23:51:42 +08:00
parent 25f2dd6ebb
commit 3570b93d65
3 changed files with 73 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
.github/workflows/build_mac_arm64.yml vendored
View File

@ -50,6 +50,41 @@ jobs:
working-directory: ${{ github.workspace }} working-directory: ${{ github.workspace }}
run: ./build_release_macos.sh -s -n -a arm64 run: ./build_release_macos.sh -s -n -a arm64
- name: Sign app
working-directory: ${{ github.workspace }}
env:
BUILD_CERTIFICATE_BASE64: ${{ secrets.BUILD_CERTIFICATE_BASE64 }}
P12_PASSWORD: ${{ secrets.P12_PASSWORD }}
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
CERTIFICATE_ID: ${{ secrets.MACOS_CERTIFICATE_ID }}
run: |
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode --output $CERTIFICATE_PATH
security create-keychain -p $KEYCHAIN_PASSWORD $KEYCHAIN_PATH
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
security unlock-keychain -p $KEYCHAIN_PASSWORD $KEYCHAIN_PATH
security import $CERTIFICATE_PATH -P $P12_PASSWORD -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
security list-keychain -d user -s $KEYCHAIN_PATH
security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k $P12_PASSWORD $KEYCHAIN_PATH
codesign --deep --force --verbose --sign "$CERTIFICATE_ID" ${{ github.workspace }}/build_arm64/OrcaSlicer_arm64/OrcaSlicer.app
- name: pack app
working-directory: ${{ github.workspace }}
run: |
export ver=$(grep '^#define SoftFever_VERSION' ./src/libslic3r/libslic3r_version.h | cut -d ' ' -f3)
ver="_V${ver//\"}"
zip -FSr OrcaSlicer${ver}_nightly_Mac_AppleSilicon.zip ${{ github.workspace }}/build_arm64/OrcaSlicer_arm64/OrcaSlicer.app
# (wip: staple failed, error 65)
# - name: Notarize the app
# run: |
# xcrun notarytool store-credentials "notarytool-profile" --apple-id "${{ secrets.APPLE_DEV_ACCOUNT }}" --team-id "${{ secrets.TEAM_ID }}" --password "${{ secrets.APP_PWD }}"
# ditto -c -k --keepParent "OrcaSlicer.app" "OrcaSlicer.zip"
# xcrun notarytool submit "OrcaSlicer.zip" --keychain-profile "notarytool-profile" --wait
# xcrun stapler staple OrcaSlicer.app
# zip -FSrq OrcaSlicer_Mac_notarized.zip OrcaSlicer.app
- name: Upload artifacts - name: Upload artifacts
uses: actions/upload-artifact@v3 uses: actions/upload-artifact@v3
with: with:

35
.github/workflows/build_mac_x64.yml vendored
View File

@ -51,6 +51,41 @@ jobs:
working-directory: ${{ github.workspace }} working-directory: ${{ github.workspace }}
run: ./build_release_macos.sh -s -n -a x86_64 run: ./build_release_macos.sh -s -n -a x86_64
- name: Sign app
working-directory: ${{ github.workspace }}
env:
BUILD_CERTIFICATE_BASE64: ${{ secrets.BUILD_CERTIFICATE_BASE64 }}
P12_PASSWORD: ${{ secrets.P12_PASSWORD }}
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
CERTIFICATE_ID: ${{ secrets.MACOS_CERTIFICATE_ID }}
run: |
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode --output $CERTIFICATE_PATH
security create-keychain -p $KEYCHAIN_PASSWORD $KEYCHAIN_PATH
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
security unlock-keychain -p $KEYCHAIN_PASSWORD $KEYCHAIN_PATH
security import $CERTIFICATE_PATH -P $P12_PASSWORD -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
security list-keychain -d user -s $KEYCHAIN_PATH
security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k $P12_PASSWORD $KEYCHAIN_PATH
codesign --deep --force --verbose --sign "$CERTIFICATE_ID" ${{ github.workspace }}/build_x86_64/OrcaSlicer_x86_64/OrcaSlicer.app
- name: pack app
working-directory: ${{ github.workspace }}
run: |
export ver=$(grep '^#define SoftFever_VERSION' ./src/libslic3r/libslic3r_version.h | cut -d ' ' -f3)
ver="_V${ver//\"}"
zip -FSr OrcaSlicer${ver}_nightly_Mac_Intel.zip ${{ github.workspace }}/build_x86_64/OrcaSlicer_x86_64/OrcaSlicer.app
# (wip: staple failed, error 65)
# - name: Notarize the app
# run: |
# xcrun notarytool store-credentials "notarytool-profile" --apple-id "${{ secrets.APPLE_DEV_ACCOUNT }}" --team-id "${{ secrets.TEAM_ID }}" --password "${{ secrets.APP_PWD }}"
# ditto -c -k --keepParent "OrcaSlicer.app" "OrcaSlicer.zip"
# xcrun notarytool submit "OrcaSlicer.zip" --keychain-profile "notarytool-profile" --wait
# xcrun stapler staple OrcaSlicer.app
# zip -FSrq OrcaSlicer_Mac_notarized.zip OrcaSlicer.app
- name: Upload artifacts - name: Upload artifacts
uses: actions/upload-artifact@v3 uses: actions/upload-artifact@v3
with: with:

6
build_release_macos.sh
View File

@ -88,12 +88,12 @@ cp -R $resources_path ./OrcaSlicer.app/Contents/Resources
# delete .DS_Store file # delete .DS_Store file
find ./OrcaSlicer.app/ -name '.DS_Store' -delete find ./OrcaSlicer.app/ -name '.DS_Store' -delete
# extract version # extract version
export ver="_dev" export ver=$(grep '^#define SoftFever_VERSION' ../src/libslic3r/libslic3r_version.h | cut -d ' ' -f3)
ver="_V${ver//\"}"
echo $PWD echo $PWD
if [ "1." != "$NIGHTLY_BUILD". ]; if [ "1." != "$NIGHTLY_BUILD". ];
then then
ver=$(grep '^#define SoftFever_VERSION' ../src/libslic3r/libslic3r_version.h | cut -d ' ' -f3) ver=${ver}_dev
ver="_V${ver//\"}"
fi fi