Skip to content

Commit

Permalink
chore: support codesign macos package
Browse files Browse the repository at this point in the history
  • Loading branch information
LucasXu0 committed Aug 15, 2023
1 parent 00ee4be commit 5e40538
Show file tree
Hide file tree
Showing 5 changed files with 60 additions and 7 deletions.
11 changes: 11 additions & 0 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -174,6 +174,17 @@ jobs:
flutter config --enable-macos-desktop
dart ./scripts/flutter_release_build/build_flowy.dart . ${{ github.ref_name }}
- name: Sign binary
uses: lando/code-sign-action@v2
with:
file: ${{ env.MACOS_APP_RELEASE_PATH }}/AppFlowy.app
certificate-data: ${{ secrets.MACOS_CERTIFICATE }}
certificate-password: ${{ secrets.MACOS_CERTIFICATE_PWD }}
apple-team-id: ${{ secrets.MACOS_TEAM_ID }}
apple-notary-user: ${{ secrets.MACOS_NOTARY_USER }}
apple-notary-password: ${{ secrets.MACOS_NOTARY_PWD }}
apple-product-id: ${{ secrets.MACOS_PRODUCT_ID }}

- name: Create macOS dmg
run: |
brew install create-dmg
Expand Down
40 changes: 40 additions & 0 deletions .github/workflows/sign.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
name: Sign

on:
workflow_dispatch:

jobs:
build:
runs-on: macos-latest
steps:
- name: Download
run: curl -L https://github.com/LucasXu0/AppFlowy/releases/download/0.2.9/AppFlowy.zip -o AppFlowy.zip
- name: Unzip
run: unzip AppFlowy.zip
- name: Codesign executable
run: |
echo ${{ secrets.MACOS_CERTIFICATE }} | base64 --decode > certificate.p12
security create-keychain -p action build.keychain
security default-keychain -s build.keychain
security unlock-keychain -p action build.keychain
security import certificate.p12 -k build.keychain -P ${{ secrets.MACOS_CERTIFICATE_PWD }} -T /usr/bin/codesign
security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k action build.keychain
/usr/bin/codesign --force --options runtime --deep --sign "Developer ID Application: APPFLOWY PTE. LTD (VHB67HRSZG)" AppFlowy.app -v
- name: Create macOS dmg
run: |
brew install create-dmg
create-dmg \
--volname AppFlowy.dmg \
--hide-extension "AppFlowy.app" \
--window-size 600 450 \
--app-drop-link 458 249 \
"AppFlowy.dmg" \
"AppFlowy.app"
- name: notarytool
run: |
xcrun notarytool submit AppFlowy.dmg --apple-id ${{ secrets.MACOS_NOTARY_USER }} --team-id ${{ secrets.MACOS_TEAM_ID }} --password ${{ secrets.MACOS_NOTARY_PWD }} -v -f "json" --wait
- name: Upload
uses: actions/upload-artifact@v3
with:
name: AppFlowy
path: AppFlowy.dmg
14 changes: 9 additions & 5 deletions frontend/appflowy_flutter/macos/Runner.xcodeproj/project.pbxproj
Original file line number Diff line number Diff line change
Expand Up @@ -421,12 +421,13 @@
isa = XCBuildConfiguration;
baseConfigurationReference = 33E5194F232828860026EE4D /* AppInfo.xcconfig */;
buildSettings = {
ARCHS = "$(ARCHS_STANDARD)";
ARCHS = x86_64;
ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon;
CLANG_ENABLE_MODULES = YES;
CODE_SIGN_ENTITLEMENTS = Runner/DebugProfile.entitlements;
CODE_SIGN_STYLE = Automatic;
COMBINE_HIDPI_IMAGES = YES;
ENABLE_HARDENED_RUNTIME = YES;
EXCLUDED_ARCHS = "";
INFOPLIST_FILE = Runner/Info.plist;
INFOPLIST_KEY_CFBundleDisplayName = AppFlowy;
Expand All @@ -435,7 +436,7 @@
"@executable_path/../Frameworks",
);
MACOSX_DEPLOYMENT_TARGET = 10.14;
ONLY_ACTIVE_ARCH = YES;
ONLY_ACTIVE_ARCH = false;
PRODUCT_BUNDLE_IDENTIFIER = com.appflowy.appflowy.flutter;
PRODUCT_NAME = AppFlowy;
PROVISIONING_PROFILE_SPECIFIER = "";
Expand Down Expand Up @@ -557,12 +558,13 @@
isa = XCBuildConfiguration;
baseConfigurationReference = 33E5194F232828860026EE4D /* AppInfo.xcconfig */;
buildSettings = {
ARCHS = "$(ARCHS_STANDARD)";
ARCHS = x86_64;
ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon;
CLANG_ENABLE_MODULES = YES;
CODE_SIGN_ENTITLEMENTS = Runner/DebugProfile.entitlements;
CODE_SIGN_STYLE = Automatic;
COMBINE_HIDPI_IMAGES = YES;
ENABLE_HARDENED_RUNTIME = YES;
EXCLUDED_ARCHS = "";
INFOPLIST_FILE = Runner/Info.plist;
INFOPLIST_KEY_CFBundleDisplayName = AppFlowy;
Expand All @@ -571,6 +573,7 @@
"@executable_path/../Frameworks",
);
MACOSX_DEPLOYMENT_TARGET = 10.14;
ONLY_ACTIVE_ARCH = false;
PRODUCT_BUNDLE_IDENTIFIER = com.appflowy.appflowy.flutter;
PRODUCT_NAME = AppFlowy;
PROVISIONING_PROFILE_SPECIFIER = "";
Expand All @@ -584,12 +587,13 @@
isa = XCBuildConfiguration;
baseConfigurationReference = 33E5194F232828860026EE4D /* AppInfo.xcconfig */;
buildSettings = {
ARCHS = "$(ARCHS_STANDARD)";
ARCHS = x86_64;
ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon;
CLANG_ENABLE_MODULES = YES;
CODE_SIGN_ENTITLEMENTS = Runner/Release.entitlements;
CODE_SIGN_STYLE = Automatic;
COMBINE_HIDPI_IMAGES = YES;
ENABLE_HARDENED_RUNTIME = YES;
EXCLUDED_ARCHS = "";
INFOPLIST_FILE = Runner/Info.plist;
INFOPLIST_KEY_CFBundleDisplayName = AppFlowy;
Expand All @@ -598,7 +602,7 @@
"@executable_path/../Frameworks",
);
MACOSX_DEPLOYMENT_TARGET = 10.14;
ONLY_ACTIVE_ARCH = YES;
ONLY_ACTIVE_ARCH = false;
PRODUCT_BUNDLE_IDENTIFIER = com.appflowy.appflowy.flutter;
PRODUCT_NAME = AppFlowy;
PROVISIONING_PROFILE_SPECIFIER = "";
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,6 @@
<dict>
<key>com.apple.security.app-sandbox</key>
<true/>
<key>com.apple.security.cs.allow-jit</key>
<true/>
<key>com.apple.security.files.downloads.read-write</key>
<true/>
<key>com.apple.security.files.user-selected.read-write</key>
Expand Down
Empty file.

0 comments on commit 5e40538

Please sign in to comment.