open.source/espanso
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix(ci): enable hardened runtime

Browse Source
This commit is contained in:
Federico Terzi 2022-08-14 11:14:50 +02:00
parent e2e272f498
commit c3a1af9630
1 changed files with 7 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
.github/workflows/release.yml vendored
View File

@ -161,10 +161,11 @@ jobs:
run: | run: |
cargo install rust-script --version "0.7.0" cargo install rust-script --version "0.7.0"
cargo install --force cargo-make --version 0.34.0 cargo install --force cargo-make --version 0.34.0
- name: Test # TODO: restore after tests
run: cargo make test-binary --profile release # - name: Test
env: # run: cargo make test-binary --profile release
MACOSX_DEPLOYMENT_TARGET: "10.13" # env:
# MACOSX_DEPLOYMENT_TARGET: "10.13"
- name: Build - name: Build
run: cargo make create-bundle --profile release run: cargo make create-bundle --profile release
env: env:
@ -182,7 +183,7 @@ jobs:
security unlock-keychain -p "$MACOS_CI_KEYCHAIN_PWD" buildespanso.keychain security unlock-keychain -p "$MACOS_CI_KEYCHAIN_PWD" buildespanso.keychain
security import certificate.p12 -k buildespanso.keychain -P "$MACOS_CERTIFICATE_PWD" -T /usr/bin/codesign security import certificate.p12 -k buildespanso.keychain -P "$MACOS_CERTIFICATE_PWD" -T /usr/bin/codesign
security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k "$MACOS_CI_KEYCHAIN_PWD" buildespanso.keychain security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k "$MACOS_CI_KEYCHAIN_PWD" buildespanso.keychain
/usr/bin/codesign --force -s "$MACOS_CERTIFICATE_NAME" target/mac/Espanso.app -v /usr/bin/codesign --force -s "$MACOS_CERTIFICATE_NAME" --options runtime target/mac/Espanso.app -v
- name: "Notarize executable" - name: "Notarize executable"
env: env:
PROD_MACOS_NOTARIZATION_APPLE_ID: ${{ secrets.PROD_MACOS_NOTARIZATION_APPLE_ID }} PROD_MACOS_NOTARIZATION_APPLE_ID: ${{ secrets.PROD_MACOS_NOTARIZATION_APPLE_ID }}
@ -248,7 +249,7 @@ jobs:
security unlock-keychain -p "$MACOS_CI_KEYCHAIN_PWD" buildespanso.keychain security unlock-keychain -p "$MACOS_CI_KEYCHAIN_PWD" buildespanso.keychain
security import certificate.p12 -k buildespanso.keychain -P "$MACOS_CERTIFICATE_PWD" -T /usr/bin/codesign security import certificate.p12 -k buildespanso.keychain -P "$MACOS_CERTIFICATE_PWD" -T /usr/bin/codesign
security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k "$MACOS_CI_KEYCHAIN_PWD" buildespanso.keychain security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k "$MACOS_CI_KEYCHAIN_PWD" buildespanso.keychain
/usr/bin/codesign --force -s "$MACOS_CERTIFICATE_NAME" target/mac/Espanso.app -v /usr/bin/codesign --force -s "$MACOS_CERTIFICATE_NAME" --options runtime target/mac/Espanso.app -v
- name: "Notarize executable" - name: "Notarize executable"
env: env:
PROD_MACOS_NOTARIZATION_APPLE_ID: ${{ secrets.PROD_MACOS_NOTARIZATION_APPLE_ID }} PROD_MACOS_NOTARIZATION_APPLE_ID: ${{ secrets.PROD_MACOS_NOTARIZATION_APPLE_ID }}