Merge pull request #136 from bcmi-labs/per1234/sign-in-gh-hosted-runner

Use GitHub hosted macOS GitHub Actions runner instead of self hosted runner
This commit is contained in:
Akos Kitta 2020-08-19 10:47:46 +02:00 committed by GitHub
commit 84016f4e1e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -20,10 +20,13 @@ jobs:
config:
- os: windows-2016
- os: ubuntu-latest
- os: turin-macmini # self-hosted macOS
- os: macos-latest
# - os: rsora-rpi-arm # self-hosted armhf
runs-on: ${{ matrix.config.os }}
timeout-minutes: 30
env:
CERTIFICATE_PATH: /tmp/macos_signing_certificate.p12
steps:
- name: Checkout
uses: actions/checkout@v2
@ -39,12 +42,12 @@ jobs:
with:
python-version: '2.7'
- name: Update Keychain [macOS]
- name: Generate signing certificate file [macOS]
if: runner.OS == 'macOS'
run: |
echo "${{ secrets.KEYCHAIN }}" | base64 --decode > ~/Library/Keychains/apple-developer.keychain-db
security list-keychains -s ~/Library/Keychains/apple-developer.keychain-db
security unlock-keychain -p "${{ secrets.KEYCHAIN_PASSWORD }}" ~/Library/Keychains/apple-developer.keychain-db
# APPLE_SIGNING_CERTIFICATE_P12 secret was produced by following the procedure from:
# https://www.kencochrane.com/2020/08/01/build-and-sign-golang-binaries-for-macos-with-github-actions/#exporting-the-developer-certificate
echo "${{ secrets.APPLE_SIGNING_CERTIFICATE_P12 }}" | base64 --decode > "${{ env.CERTIFICATE_PATH }}"
- name: Package
shell: bash
@ -58,6 +61,12 @@ jobs:
IS_NIGHTLY: ${{ github.event_name == 'schedule' }}
IS_RELEASE: ${{ startsWith(github.ref, 'refs/tags/') }}
run: |
# electron-builder will try to sign during the Windows job if these environment variables are defined
if [ "${{ runner.OS }}" = "macOS" ]; then
# See: https://www.electron.build/code-signing
export CSC_LINK="${{ env.CERTIFICATE_PATH }}"
export CSC_KEY_PASSWORD="${{ secrets.KEYCHAIN_PASSWORD }}"
fi
yarn --cwd ./electron/packager/
yarn --cwd ./electron/packager/ package