YuuMJ1997/mihomo-party
1
0
Fork 0
mirror of https://gh.catmak.name/https://github.com/mihomo-party-org/mihomo-party synced 2025-12-27 05:00:30 +08:00
Code Issues Packages Projects Releases Wiki Activity

try to sign pkg

Browse Source
This commit is contained in:
Pompurin404 2025-01-12 21:02:54 +08:00
parent e6b5cd8d72
commit 1d7e907c87
No known key found for this signature in database
1 changed files with 38 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
.github/workflows/build.yml vendored
View File

@ -209,12 +209,29 @@ jobs:
APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.APPLE_APP_SPECIFIC_PASSWORD }} APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.APPLE_APP_SPECIFIC_PASSWORD }}
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
CSC_LINK: ${{ secrets.CSC_LINK }} CSC_LINK: ${{ secrets.CSC_LINK }}
CSC_INSTALLER_LINK: ${{ secrets.CSC_LINK }}
CSC_KEY_PASSWORD: ${{ secrets.CSC_KEY_PASSWORD }} CSC_KEY_PASSWORD: ${{ secrets.CSC_KEY_PASSWORD }}
CSC_INSTALLER_KEY_PASSWORD: ${{ secrets.CSC_KEY_PASSWORD }}
run: | run: |
chmod +x build/pkg-scripts/postinstall chmod +x build/pkg-scripts/postinstall
pnpm build:mac --${{ matrix.arch }} pnpm build:mac --${{ matrix.arch }}
- name: Setup temporary installer signing keychain
uses: apple-actions/import-codesign-certs@v3
with:
p12-file-base64: ${{ secrets.CSC_LINK }}
p12-password: ${{ secrets.CSC_KEY_PASSWORD }}
- name: Sign the Apple pkg
run: |
for pkg_name in $(ls -1 dist/*.pkg); do
pkg_name=$(ls -1 dist/*.pkg)
mv $pkg_name Unsigned-Workbench.pkg
productsign --sign "Developer ID Installer: Prometheus Advertising Corp (489PDK5LP3)" Unsigned-Workbench.pkg $pkg_name
rm -f Unsigned-Workbench.pkg
xcrun notarytool submit $pkg_name --apple-id $APPLE_ID --team-id $APPLE_TEAM_ID --password $APPLE_APP_SPECIFIC_PASSWORD --wait
done
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.APPLE_APP_SPECIFIC_PASSWORD }}
APPLE_ID: ${{ secrets.APPLE_ID }}
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
- name: Generate checksums - name: Generate checksums
run: pnpm checksum .pkg run: pnpm checksum .pkg
- name: Upload Artifacts - name: Upload Artifacts
@ -276,6 +293,25 @@ jobs:
sed -i "" -e "s/macos/catalina/" electron-builder.yml sed -i "" -e "s/macos/catalina/" electron-builder.yml
chmod +x build/pkg-scripts/postinstall chmod +x build/pkg-scripts/postinstall
pnpm build:mac --${{ matrix.arch }} pnpm build:mac --${{ matrix.arch }}
- name: Setup temporary installer signing keychain
uses: apple-actions/import-codesign-certs@v3
with:
p12-file-base64: ${{ secrets.CSC_LINK }}
p12-password: ${{ secrets.CSC_KEY_PASSWORD }}
- name: Sign the Apple pkg
run: |
for pkg_name in $(ls -1 dist/*.pkg); do
pkg_name=$(ls -1 dist/*.pkg)
mv $pkg_name Unsigned-Workbench.pkg
productsign --sign "Developer ID Installer: Prometheus Advertising Corp (489PDK5LP3)" Unsigned-Workbench.pkg $pkg_name
rm -f Unsigned-Workbench.pkg
xcrun notarytool submit $pkg_name --apple-id $APPLE_ID --team-id $APPLE_TEAM_ID --password $APPLE_APP_SPECIFIC_PASSWORD --wait
done
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.APPLE_APP_SPECIFIC_PASSWORD }}
APPLE_ID: ${{ secrets.APPLE_ID }}
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
- name: Generate checksums - name: Generate checksums
run: pnpm checksum .pkg run: pnpm checksum .pkg
- name: Upload Artifacts - name: Upload Artifacts