Skip to content

Add the disable-library-validation entitlement. #137

Add the disable-library-validation entitlement.

Add the disable-library-validation entitlement. #137

Workflow file for this run

name: macOS
on: [push]
jobs:
build_app:
name: Build macOS application bundle
runs-on: macos-13
steps:
- name: Checkout repo
uses: actions/checkout@v3
- name: Use Python 3.12
uses: actions/setup-python@v4
with:
python-version: 3.12
- name: Install the Apple certificate and provisioning profile
env:
BUILD_CERTIFICATE_BASE64: ${{ secrets.BUILD_CERTIFICATE_BASE64 }}
P12_PASSWORD: ${{ secrets.P12_PASSWORD }}
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
DEV_ID: ${{ secrets.DEV_ID }}
DEV_USERNAME: ${{ secrets.NOTARIZE_USERNAME }}
DEV_PASSWORD: ${{ secrets.NOTARIZE_PASSWORD }}
run: |
# create variables
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
PP_PATH=$RUNNER_TEMP/build_pp.mobileprovision
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
# import certificate and provisioning profile from secrets
touch $CERTIFICATE_PATH
echo -n "$BUILD_CERTIFICATE_BASE64" | base64 -d -o $CERTIFICATE_PATH
# create temporary keychain
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
# import certificate to keychain
security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
security list-keychain -d user -s $KEYCHAIN_PATH
# Create config file needed by release.py
echo "IDENTITY=$DEV_ID" >> macOS/IDs.sh
echo "USERNAME=$DEV_USERNAME" >> macOS/IDs.sh
echo "PASSWORD=$DEV_PASSWORD" >> macOS/IDs.sh
- name: install bundle-app
run: |
python3 -m pip install bundle-app
- name: assemble bundle
run: |
bash build-mac-app.sh
- uses: actions/upload-artifact@v3
with:
name: SnapPy.dmg
path: ./macOS/dmg-maker/SnapPy.dmg