build: Add a workflow for signing the app bundle with a set of entitlements
This commit is contained in:
parent
cc3d4f7638
commit
c877bfe886
|
@ -204,6 +204,21 @@ jobs:
|
|||
mkdir package/Ruffle.app/Contents/Resources
|
||||
xcrun actool --compile package/Ruffle.app/Contents/Resources desktop/assets/Assets.xcassets --minimum-deployment-target 10.0 --platform macosx --warnings --errors --notices --include-all-app-icons
|
||||
|
||||
- name: Sign bundle
|
||||
continue-on-error: true
|
||||
env:
|
||||
APPLE_DEVELOPER_KEY: ${{ secrets.APPLE_DEVELOPER_KEY }}
|
||||
APPLE_DEVELOPER_KEY_PASSWORD: ${{ secrets.APPLE_DEVELOPER_KEY_PASSWORD }}
|
||||
run: |
|
||||
echo $APPLE_DEVELOPER_KEY | base64 -decode > certificate.p12
|
||||
security create-keychain -p correct-horse-battery-staple build.keychain
|
||||
security default-keychain -s build.keychain
|
||||
security unlock-keychain -p correct-horse-battery-staple build.keychain
|
||||
security import certificate.p12 -k build.keychain -P $APPLE_DEVELOPER_KEY_PASSWORD -T /usr/bin/codesign
|
||||
security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k correct-horse-battery-staple build.keychain
|
||||
codesign -s ${{ secrets.APPLE_DEVELOPER_IDENTITY }} -f --entitlements desktop/assets/macOSEntitlements.plist package/Ruffle.app
|
||||
codesign --verify -vvvv package/Ruffle.app
|
||||
|
||||
- name: Package macOS
|
||||
run: |
|
||||
# We must enter the package/ directory in order to create a flat tarball (i.e. without a directory in it).
|
||||
|
|
|
@ -0,0 +1,5 @@
|
|||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<plist version="1.0">
|
||||
<dict>
|
||||
</dict>
|
||||
</plist>
|
Loading…
Reference in New Issue