From 993f0c22d559e7c1100809067398b8b06b626c10 Mon Sep 17 00:00:00 2001
From: Mykola Grymalyuk <khronokernel@icloud.com>
Date: Thu, 4 May 2023 10:39:39 -0600
Subject: [PATCH] CI: Implement cert check

Allows for easier swapping between self-hosted and Github-provided runners
---
 .github/workflows/build-app-wxpython.yml | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/build-app-wxpython.yml b/.github/workflows/build-app-wxpython.yml
index 858a32e61..9dd7012d9 100644
--- a/.github/workflows/build-app-wxpython.yml
+++ b/.github/workflows/build-app-wxpython.yml
@@ -30,12 +30,12 @@ jobs:
       - name: Build Binary
         run: /Library/Frameworks/Python.framework/Versions/3.10/bin/python3 Build-Binary.command --reset_binaries --branch "${{ env.branch }}" --commit "${{ env.commiturl }}" --commit_date "${{ env.commitdate }}" --key "${{ env.ANALYTICS_KEY }}" --site "${{ env.ANALYTICS_SITE }}"
 
-      # Uncomment when using Github Runners or first run on self-hosted
-      # - name: Import Certificate
-      #   uses: apple-actions/import-codesign-certs@v1
-      #   with:
-      #     p12-file-base64: ${{ secrets.MAC_CODESIGN_CERT }}
-      #     p12-password: ${{ secrets.MAC_NOTARIZATION_PASSWORD }}
+      - name: Import Certificate
+        if: !test -f ~/Library/Keychains/login.keychain-db || !security find-certificate -c "${{ env.MAC_CODESIGN_IDENTITY }}" ~/Library/Keychains/login.keychain-db
+        uses: apple-actions/import-codesign-certs@v1
+        with:
+          p12-file-base64: ${{ secrets.MAC_CODESIGN_CERT }}
+          p12-password: ${{ secrets.MAC_NOTARIZATION_PASSWORD }}
 
       - name: Codesign Binary
         run: 'codesign -s "${{ env.MAC_CODESIGN_IDENTITY }}" -v --force --deep --timestamp --entitlements ./payloads/entitlements.plist -o runtime "dist/OpenCore-Patcher.app"'