timamsk/vscodium
1
0
Fork 0
mirror of https://github.com/VSCodium/vscodium.git synced 2026-04-11 16:27:18 +10:00
Code Issues Packages Projects Releases Wiki Activity

feat(1.90): update patches and notarize macos (#1864)

Browse Source
This commit is contained in:
Baptiste Augrain
2024-06-01 18:31:12 +02:00
committed by GitHub
parent 0d28b4dfb7
commit b6411b1af1
8 changed files with 195 additions and 177 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
prepare_assets.sh
View File

@@ -19,32 +19,46 @@ mkdir -p assets
if [[ "${OS_NAME}" == "osx" ]]; then
if [[ "${CI_BUILD}" != "no" ]]; then
cd "VSCode-darwin-${VSCODE_ARCH}"
CERTIFICATE_P12="${APP_NAME}.p12"
KEYCHAIN="${RUNNER_TEMP}/build.keychain"
KEYCHAIN="${RUNNER_TEMP}/buildagent.keychain"
echo "${CERTIFICATE_OSX_P12}" | base64 --decode > "${CERTIFICATE_P12}"
echo "AGENT_TEMPDIRECTORY: ${AGENT_TEMPDIRECTORY}"
echo "RUNNER_TEMP: ${RUNNER_TEMP}"
echo "${CERTIFICATE_OSX_P12_DATA}" | base64 --decode > "${CERTIFICATE_P12}"
echo "+ create temporary keychain"
security create-keychain -p mysecretpassword "${KEYCHAIN}"
security create-keychain -p pwd "${KEYCHAIN}"
security set-keychain-settings -lut 21600 "${KEYCHAIN}"
security unlock-keychain -p mysecretpassword "${KEYCHAIN}"
security list-keychains -s "$(security list-keychains | xargs)" "${KEYCHAIN}"
# security list-keychains -d user
# security show-keychain-info ${KEYCHAIN}
security unlock-keychain -p pwd "${KEYCHAIN}"
security show-keychain-info "${KEYCHAIN}"
echo "+ import certificate to keychain"
security import "${CERTIFICATE_P12}" -k "${KEYCHAIN}" -P "${CERTIFICATE_OSX_PASSWORD}" -T /usr/bin/codesign
security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k mysecretpassword "${KEYCHAIN}" > /dev/null
# security find-identity "${KEYCHAIN}"
security import "${CERTIFICATE_P12}" -k "${KEYCHAIN}" -P "${CERTIFICATE_OSX_P12_PASSWORD}" -T /usr/bin/codesign
CODESIGN_IDENTITY="$( security find-identity -v -p codesigning "${KEYCHAIN}" | grep -oEi "([0-9A-F]{40})" | head -n 1 )"
export CODESIGN_IDENTITY
security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k pwd "${KEYCHAIN}" > /dev/null
security find-identity "${KEYCHAIN}"
echo "+ signing"
if [[ "${VSCODE_QUALITY}" == "insider" ]]; then
codesign --deep --force --verbose --sign "${CERTIFICATE_OSX_ID}" "${APP_NAME} - Insiders.app"
else
codesign --deep --force --verbose --sign "${CERTIFICATE_OSX_ID}" "${APP_NAME}.app"
fi
DEBUG="electron-osx-sign*" node vscode/build/darwin/sign.js "$( pwd )"
echo "+ notarize"
cd "VSCode-darwin-${VSCODE_ARCH}"
ZIP_FILE="./${APP_NAME}-darwin-${VSCODE_ARCH}-${RELEASE_VERSION}.zip"
zip -r -X -y "${ZIP_FILE}" ./*.app
xcrun notarytool store-credentials "notarytool-profile" --apple-id "${CERTIFICATE_OSX_ID}" --password "${CERTIFICATE_OSX_APP_PASSWORD}"
xcrun notarytool submit "${ZIP_FILE}" ---keychain-profile "notarytool-profile" --wait
echo "+ attach staple"
xcrun stapler staple ./*.app
rm "${ZIP_FILE}"
cd ..
fi