Skip to content

Commit fa5c59c

Browse files
jaberjaber23jaberjaber23
committed
Fix signing
1 parent 6aae785 commit fa5c59c

File tree

2 files changed

+29
-8
lines changed

2 files changed

+29
-8
lines changed

.github/workflows/release.yml

Lines changed: 26 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -65,19 +65,38 @@ jobs:
6565
with:
6666
key: desktop-${{ matrix.platform.rust_target }}
6767

68+
- name: Import macOS signing certificate
69+
if: runner.os == 'macOS'
70+
env:
71+
MAC_CERT_BASE64: ${{ secrets.MAC_CERT_BASE64 }}
72+
MAC_CERT_PASSWORD: ${{ secrets.MAC_CERT_PASSWORD }}
73+
run: |
74+
echo "$MAC_CERT_BASE64" | base64 --decode > $RUNNER_TEMP/certificate.p12
75+
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
76+
KEYCHAIN_PASSWORD=$(openssl rand -base64 32)
77+
security create-keychain -p "$KEYCHAIN_PASSWORD" "$KEYCHAIN_PATH"
78+
security set-keychain-settings -lut 21600 "$KEYCHAIN_PATH"
79+
security unlock-keychain -p "$KEYCHAIN_PASSWORD" "$KEYCHAIN_PATH"
80+
security import $RUNNER_TEMP/certificate.p12 -P "$MAC_CERT_PASSWORD" \
81+
-A -t cert -f pkcs12 -k "$KEYCHAIN_PATH"
82+
security list-keychain -d user -s "$KEYCHAIN_PATH"
83+
security set-key-partition-list -S apple-tool:,apple:,codesign: \
84+
-s -k "$KEYCHAIN_PASSWORD" "$KEYCHAIN_PATH"
85+
IDENTITY=$(security find-identity -v -p codesigning "$KEYCHAIN_PATH" | grep "Developer ID Application" | head -1 | awk -F'"' '{print $2}')
86+
echo "Using signing identity: $IDENTITY"
87+
echo "APPLE_SIGNING_IDENTITY=$IDENTITY" >> $GITHUB_ENV
88+
rm -f $RUNNER_TEMP/certificate.p12
89+
6890
- name: Build and bundle Tauri desktop app
6991
uses: tauri-apps/tauri-action@v0
7092
env:
7193
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
7294
TAURI_SIGNING_PRIVATE_KEY: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY }}
7395
TAURI_SIGNING_PRIVATE_KEY_PASSWORD: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY_PASSWORD }}
74-
# macOS code signing (optional — set these secrets for signed builds)
75-
APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }}
76-
APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }}
77-
APPLE_SIGNING_IDENTITY: ${{ secrets.APPLE_SIGNING_IDENTITY }}
78-
APPLE_ID: ${{ secrets.APPLE_ID }}
79-
APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
80-
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
96+
APPLE_SIGNING_IDENTITY: ${{ env.APPLE_SIGNING_IDENTITY }}
97+
APPLE_ID: ${{ secrets.MAC_NOTARIZE_APPLE_ID }}
98+
APPLE_PASSWORD: ${{ secrets.MAC_NOTARIZE_PASSWORD }}
99+
APPLE_TEAM_ID: ${{ secrets.MAC_NOTARIZE_TEAM_ID }}
81100
with:
82101
tagName: ${{ github.ref_name }}
83102
releaseName: "OpenFang ${{ github.ref_name }}"

crates/openfang-cli/src/main.rs

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,9 @@ use clap::{Parser, Subcommand};
1919
use colored::Colorize;
2020
use std::io::{self, BufRead, Write};
2121
use std::path::PathBuf;
22-
use std::sync::atomic::{AtomicBool, Ordering};
22+
use std::sync::atomic::AtomicBool;
23+
#[cfg(windows)]
24+
use std::sync::atomic::Ordering;
2325

2426
/// Global flag set by the Ctrl+C handler.
2527
static CTRLC_PRESSED: AtomicBool = AtomicBool::new(false);

0 commit comments

Comments
 (0)