add osx_certs

2023-01-21 12:03:13 +01:00 · 2023-01-21 12:03:13 +01:00 · 1d14f51854
parent da6dd1f045
commit 1d14f51854
2 changed files with 29 additions and 0 deletions
--- a/.github/workflows/build_multiplatform.yml
+++ b/.github/workflows/build_multiplatform.yml
@ -299,6 +299,12 @@ jobs:
      #   with:
      #     path: tnc/lib/codec2

+      - name: Add MacOS certs
+        if: ${{startsWith(matrix.os, 'macos')}}
+        run: chmod +x add-osx-cert.sh && ./add-osx-cert.sh
+        env:
+          CERTIFICATE_OSX_APPLICATION: ${{ secrets.CERTIFICATE_OSX_APPLICATION }}
+          CERTIFICATE_PASSWORD: ${{ secrets.CERTIFICATE_PASSWORD }}

      - name: Build binaries macOS
        if: ${{startsWith(matrix.os, 'macos')}}
--- a/add-osx-cert.sh
+++ b/add-osx-cert.sh
@ -0,0 +1,23 @@
+#!/usr/bin/env sh
+
+KEY_CHAIN=build.keychain
+CERTIFICATE_P12=certificate.p12
+
+# Recreate the certificate from the secure environment variable
+echo $CERTIFICATE_OSX_APPLICATION | base64 --decode > $CERTIFICATE_P12
+
+#create a keychain
+security create-keychain -p actions $KEY_CHAIN
+
+# Make the keychain the default so identities are found
+security default-keychain -s $KEY_CHAIN
+
+# Unlock the keychain
+security unlock-keychain -p actions $KEY_CHAIN
+
+security import $CERTIFICATE_P12 -k $KEY_CHAIN -P $CERTIFICATE_PASSWORD -T /usr/bin/codesign;
+
+security set-key-partition-list -S apple-tool:,apple: -s -k actions $KEY_CHAIN
+
+# remove certs
+rm -fr *.p12