Configure macOS code signing and notarization

[Furisto]

Add support for signing and notarizing the CLI binary for macOS distribution:

• Create entitlements.xml with necessary permissions for network, file access, and process execution
• Configure code signing in GoReleaser using Developer ID certificate
• Add notarization configuration to submit binaries to Apple's notarization service
• Update release workflow to pass signing and notarization credentials
• Set 20-minute timeout to allow Apple's scanning process to complete

[coderabbitai]

Walkthrough

This pull request introduces macOS code signing and notarization infrastructure to the release workflow. Changes include adding five new environment variables (MACOS_SIGN_P12, MACOS_SIGN_PASSWORD, MACOS_NOTARY_ISSUER_ID, MACOS_NOTARY_KEY_ID, MACOS_NOTARY_KEY) to the existing release workflow step. A new test-release workflow is added to validate the release process via workflow_dispatch. The GoReleaser configuration is updated with notarization blocks for macOS builds. An entitlements.xml file is created defining macOS sandbox permissions for network access, file I/O, and unsigned executable memory.

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Free

📥 Commits

Reviewing files that changed from the base of the PR and between a0f240b and aff7252.

📒 Files selected for processing (4)

• .github/workflows/release.yml (1 hunks)
• .github/workflows/test-release.yml (1 hunks)
• .goreleaser.yml (1 hunks)
• entitlements.xml (1 hunks)

Tip

📝 Customizable high-level summaries are now available in beta!

You can now customize how CodeRabbit generates the high-level summary in your pull requests — including its content, structure, tone, and formatting.

• Provide your own instructions using the high_level_summary_instructions setting.
• Format the summary however you like (bullet lists, tables, multi-section layouts, contributor stats, etc.).
• Use high_level_summary_in_walkthrough to move the summary from the description to the walkthrough section.

Example instruction:

"Divide the high-level summary into five sections:

1. 📝 Description — Summarize the main change in 50–60 words, explaining what was done.
2. 📓 References — List relevant issues, discussions, documentation, or related PRs.
3. 📦 Dependencies & Requirements — Mention any new/updated dependencies, environment variable changes, or configuration updates.
4. 📊 Contributor Summary — Include a Markdown table showing contributions:
   | Contributor | Lines Added | Lines Removed | Files Changed |
5. ✔️ Additional Notes — Add any extra reviewer context.
   Keep each section concise (under 200 words) and use bullet or numbered lists for clarity."

Note: This feature is currently in beta for Pro-tier users, and pricing will be announced later.

---

Note

🎁 Summarized by CodeRabbit Free

Your organization is on the Free plan. CodeRabbit will generate a high-level summary and a walkthrough for each pull request. For a comprehensive line-by-line review, please upgrade your subscription to CodeRabbit Pro by visiting https://app.coderabbit.ai/login.

_{Comment @coderabbitai help to get the list of available commands and usage tips.}