From 1b344d7c4adc17484f53352ceef73e5a968ed8c2 Mon Sep 17 00:00:00 2001 From: Ignacio Sanchez Gines <863613+drhelius@users.noreply.github.com> Date: Wed, 4 Sep 2024 16:02:16 +0200 Subject: [PATCH] Avoid codesign and notarization in PR and forks --- .github/workflows/gearsystem.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/gearsystem.yml b/.github/workflows/gearsystem.yml index 8718bc7..4f54595 100644 --- a/.github/workflows/gearsystem.yml +++ b/.github/workflows/gearsystem.yml @@ -124,6 +124,7 @@ jobs: run: make dist working-directory: platforms/macos - name: Codesign app bundle + if: needs.pr-check.outputs.number == null && github.repository_owner == 'drhelius' env: MACOS_CERTIFICATE: ${{ secrets.PROD_MACOS_CERTIFICATE }} MACOS_CERTIFICATE_PWD: ${{ secrets.PROD_MACOS_CERTIFICATE_PWD }} @@ -145,6 +146,7 @@ jobs: codesign -v -vvv --deep "${{ env.NAME_UPPER }}.app" working-directory: platforms/macos - name: Notarize app bundle + if: needs.pr-check.outputs.number == null && github.repository_owner == 'drhelius' env: PROD_MACOS_NOTARIZATION_APPLE_ID: ${{ secrets.PROD_MACOS_NOTARIZATION_APPLE_ID }} PROD_MACOS_NOTARIZATION_TEAM_ID: ${{ secrets.PROD_MACOS_NOTARIZATION_TEAM_ID }} @@ -155,12 +157,12 @@ jobs: xcrun notarytool submit "notarization.zip" --keychain-profile "notarytool-profile" --wait xcrun stapler staple "${{ env.NAME_UPPER }}.app" spctl -a -vvv -t install "${{ env.NAME_UPPER }}.app" - ditto -c -k --keepParent "${{ env.NAME_UPPER }}.app" "${{ env.NAME_UPPER }}.app.zip" working-directory: platforms/macos - name: Prepare artifact directory run: | mkdir -p artifact cp platforms/README.txt artifact/ + ditto -c -k --keepParent "platforms/macos/${{ env.NAME_UPPER }}.app" "platforms/macos/${{ env.NAME_UPPER }}.app.zip" mv platforms/macos/${{ env.NAME_UPPER }}.app.zip artifact/ - name: Archive binary uses: actions/upload-artifact@v4