Skip to content

Commit f5e1580

Browse files
ErikBjareErikBjare
authored
ci(macos): skip codesigning if required secrets not set (#757)
1 parent 539e282 commit f5e1580

File tree

3 files changed

+22
-11
lines changed

3 files changed

+22
-11
lines changed

.github/workflows/build.yml

Lines changed: 17 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -147,21 +147,29 @@ jobs:
147147
if: startsWith(runner.os, 'macOS')
148148
run: |
149149
# Load certificates
150-
# TODO: Only load key & sign if env vars for signing exists
151-
./scripts/ci/import-macos-p12.sh
150+
# Only load key & sign if env vars for signing exists
151+
if [ -n "$APPLE_EMAIL" ]; then
152+
./scripts/ci/import-macos-p12.sh
153+
fi
152154
153155
# Build .app and .dmg
154156
source venv/bin/activate
155157
make dist/ActivityWatch.dmg
156-
codesign --verbose -s ${APPLE_PERSONALID} dist/ActivityWatch.dmg
157158
158-
# Run prechecks
159-
brew install akeru-inc/tap/xcnotary
160-
xcnotary precheck dist/ActivityWatch.app
161-
xcnotary precheck dist/ActivityWatch.dmg
159+
# codesign dmg
160+
if [ -n "$APPLE_EMAIL" ]; then
161+
codesign --verbose -s ${APPLE_PERSONALID} dist/ActivityWatch.dmg
162+
fi
163+
164+
if [ -n "$APPLE_EMAIL" ]; then
165+
# Run prechecks
166+
brew install akeru-inc/tap/xcnotary
167+
xcnotary precheck dist/ActivityWatch.app
168+
xcnotary precheck dist/ActivityWatch.dmg
162169
163-
# Notarize
164-
make dist/notarize
170+
# Notarize
171+
make dist/notarize
172+
fi
165173
mv dist/ActivityWatch.dmg dist/activitywatch-$(scripts/package/getversion.sh)-macos-x86_64.dmg
166174
env:
167175
APPLE_EMAIL: ${{ secrets.APPLE_EMAIL }}

aw.spec

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -18,8 +18,8 @@ current_release = subprocess.run(
1818
print("bundling activitywatch version " + current_release)
1919

2020
entitlements_file = Path(".") / "scripts" / "package" / "entitlements.plist"
21-
codesign_identity = os.environ.get("APPLE_PERSONALID")
22-
if codesign_identity is None:
21+
codesign_identity = os.environ.get("APPLE_PERSONALID", "").strip()
22+
if not codesign_identity:
2323
print("Environment variable APPLE_PERSONALID not set. Releases won't be signed.")
2424

2525
aw_core_path = Path(os.path.dirname(aw_core.__file__))

scripts/ci/import-macos-p12.sh

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,7 @@
11
#!/bin/sh
2+
3+
set -e
4+
25
# Source: https://www.update.rocks/blog/osx-signing-with-travis/
36
export KEY_CHAIN=build.keychain
47
export CERTIFICATE_P12=aw_certificate.p12

0 commit comments

Comments
 (0)