smallsolar
/
kiwix-build
mirror of https://github.com/kiwix/kiwix-build.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #527 from kiwix/issue-519

This commit is contained in:
Matthieu Gautier 2022-05-17 18:37:55 +02:00 committed by GitHub
parent 32a6e5b588 733a730877
commit d36d91e3be
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 11 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.github/scripts/build_projects.py vendored
View File

@ -9,7 +9,6 @@ from common import (
OS_NAME, OS_NAME,
PLATFORM_TARGET, PLATFORM_TARGET,
DESKTOP, DESKTOP,
notarize_macos_build,
) )
if PLATFORM_TARGET.startswith("android_"): if PLATFORM_TARGET.startswith("android_"):
@ -43,5 +42,4 @@ for target in TARGETS:
else: else:
if PLATFORM_TARGET == "native_mixed" and OS_NAME == "osx": if PLATFORM_TARGET == "native_mixed" and OS_NAME == "osx":
fix_macos_rpath(target) fix_macos_rpath(target)
notarize_macos_build(target)
make_archive(target, make_release=False) make_archive(target, make_release=False)

2
.github/scripts/common.py vendored
View File

@ -483,6 +483,8 @@ def notarize_macos_build(project):
for filepath in filepaths: for filepath in filepaths:
subprocess.check_call(["/usr/bin/codesign", "--force", "--sign", subprocess.check_call(["/usr/bin/codesign", "--force", "--sign",
os.getenv("SIGNING_IDENTITY", "no-signing-ident"), os.getenv("SIGNING_IDENTITY", "no-signing-ident"),
"--keychain",
os.getenv("KEYCHAIN", "no-keychain-path"),
str(filepath), "--deep", "--timestamp"], env=os.environ) str(filepath), "--deep", "--timestamp"], env=os.environ)
# create a zip of the dylibs and upload for notarization # create a zip of the dylibs and upload for notarization

16
.github/workflows/releaseNigthly.yml vendored
View File

@ -174,6 +174,7 @@ jobs:
SIGNING_IDENTITY: ${{ secrets.APPLE_SIGNING_IDENTITY }} SIGNING_IDENTITY: ${{ secrets.APPLE_SIGNING_IDENTITY }}
ALTOOL_USERNAME: ${{ secrets.APPLE_SIGNING_ALTOOL_USERNAME }} ALTOOL_USERNAME: ${{ secrets.APPLE_SIGNING_ALTOOL_USERNAME }}
ASC_PROVIDER: ${{ secrets.APPLE_SIGNING_TEAM }} ASC_PROVIDER: ${{ secrets.APPLE_SIGNING_TEAM }}
KEYCHAIN: /Users/runner/build.keychain-db
steps: steps:
- name: Checkout code - name: Checkout code
uses: actions/checkout@v1 uses: actions/checkout@v1
@ -197,15 +198,16 @@ jobs:
shell: bash shell: bash
run: | run: |
echo "${{ secrets.APPLE_SIGNING_CERTIFICATE }}" | base64 --decode -o $CERTIFICATE echo "${{ secrets.APPLE_SIGNING_CERTIFICATE }}" | base64 --decode -o $CERTIFICATE
security create-keychain -p mysecretpassword build.keychain security create-keychain -p mysecretpassword $KEYCHAIN
security default-keychain -s build.keychain security default-keychain -s $KEYCHAIN
security unlock-keychain -p mysecretpassword build.keychain security set-keychain-settings $KEYCHAIN
security import $CERTIFICATE -k build.keychain -P "${{ secrets.APPLE_SIGNING_P12_PASSWORD }}" -A security unlock-keychain -p mysecretpassword $KEYCHAIN
security import $CERTIFICATE -k $KEYCHAIN -P "${{ secrets.APPLE_SIGNING_P12_PASSWORD }}" -A -T "/usr/bin/codesign"
rm $CERTIFICATE rm $CERTIFICATE
security set-key-partition-list -S "apple-tool:,apple:" -s -k mysecretpassword build.keychain security set-key-partition-list -S apple-tool:,apple: -s -k mysecretpassword $KEYCHAIN
security find-identity -v security find-identity -v $KEYCHAIN
sudo sntp -sS -t 60 time4.google.com || true sudo sntp -sS -t 60 time4.google.com || true
xcrun altool --store-password-in-keychain-item "ALTOOL_PASSWORD" -u "$ALTOOL_USERNAME" -p "${{ secrets.APPLE_SIGNING_ALTOOL_PASSWORD }}" xcrun altool --keychain $KEYCHAIN --store-password-in-keychain-item "ALTOOL_PASSWORD" -u "$ALTOOL_USERNAME" -p "${{ secrets.APPLE_SIGNING_ALTOOL_PASSWORD }}"
- name: Ensure base deps - name: Ensure base deps
shell: bash shell: bash
run: | run: |