Skip to content

Commit

Permalink
try to use api key instead
Browse files Browse the repository at this point in the history
to notarize
  • Loading branch information
mifi committed Nov 1, 2023
1 parent 99b3494 commit cc72fad
Show file tree
Hide file tree
Showing 3 changed files with 53 additions and 10 deletions.
10 changes: 3 additions & 7 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -92,13 +92,9 @@ jobs:
# windows_certs: ${{ secrets.windows_certs }}
# windows_certs_password: ${{ secrets.windows_certs_password }}
env:
# https://github.com/electron-userland/electron-builder/issues/7683
APPLE_ID: ${{ secrets.apple_id }}
APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.apple_app_specific_password }}
# TODO use appleApiKey, appleApiKeyId and appleApiIssuer from https://github.com/electron/notarize
# once electron-builder supports those: https://github.com/electron-userland/electron-builder/blob/7c7db837bdf650228594a30114975f1581c37130/packages/app-builder-lib/src/macPackager.ts#L489
#API_KEY_ID: ${{ secrets.api_key_id }}
#API_KEY_ISSUER_ID: ${{ secrets.api_key_issuer_id }}
APPLE_API_KEY: ${{ secrets.api_key }}
APPLE_API_KEY_ID: ${{ secrets.api_key_id }}
APPLE_API_KEY_ISSUER: ${{ secrets.api_key_issuer_id }}

- name: Upload to Mac App Store
if: startsWith(matrix.os, 'macos') && env.is_tag == 'true'
Expand Down
49 changes: 48 additions & 1 deletion .yarn/patches/app-builder-lib-npm-24.8.0-51e1f5cd3f.patch
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
diff --git a/out/macPackager.js b/out/macPackager.js
index 30787ba358acb9277a63df05c839a0caeea8ad91..aa131c6397d274486117f7693d409729ba4d3ca1 100644
index 30787ba358acb9277a63df05c839a0caeea8ad91..726c7fe36637ca351ecfce363f564a8e87bf351a 100644
--- a/out/macPackager.js
+++ b/out/macPackager.js
@@ -276,7 +276,7 @@ class MacPackager extends platformPackager_1.PlatformPackager {
Expand All @@ -11,3 +11,50 @@ index 30787ba358acb9277a63df05c839a0caeea8ad91..aa131c6397d274486117f7693d409729
return true;
}
async getOptionsForFile(appPath, isMas, customSignOptions) {
@@ -407,24 +407,36 @@ class MacPackager extends platformPackager_1.PlatformPackager {
builder_util_1.log.info({ reason: "`notarizeOptions` is explicitly set to false" }, "skipped macOS notarization");
return;
}
+
+ let options;
+ // option 1: app-specific password
const appleId = process.env.APPLE_ID;
const appleIdPassword = process.env.APPLE_APP_SPECIFIC_PASSWORD;
- if (!appleId && !appleIdPassword) {
+ // option 2: API key
+ const appleApiKey = process.env.APPLE_API_KEY;
+ const appleApiKeyId = process.env.APPLE_API_KEY_ID;
+ const appleApiIssuer = process.env.APPLE_API_ISSUER;
+ if (appleId || appleIdPassword) {
+ if (!appleId) {
+ throw new builder_util_1.InvalidConfigurationError(`APPLE_ID env var needs to be set`);
+ }
+ if (!appleIdPassword) {
+ throw new builder_util_1.InvalidConfigurationError(`APPLE_APP_SPECIFIC_PASSWORD env var needs to be set`);
+ }
+
+ options = this.generateNotarizeOptions({ appPath, appleId, appleIdPassword });
+ } else if (appleApiKey || appleApiKeyId || appleApiIssuer) {
+ options = this.generateNotarizeOptions({ appleApiKey, appleApiKeyId, appleApiIssuer });
+ } else {
// if no credentials provided, skip silently
return;
}
- if (!appleId) {
- throw new builder_util_1.InvalidConfigurationError(`APPLE_ID env var needs to be set`);
- }
- if (!appleIdPassword) {
- throw new builder_util_1.InvalidConfigurationError(`APPLE_APP_SPECIFIC_PASSWORD env var needs to be set`);
- }
- const options = this.generateNotarizeOptions(appPath, appleId, appleIdPassword);
await (0, notarize_1.notarize)(options);
+
builder_util_1.log.info(null, "notarization successful");
}
- generateNotarizeOptions(appPath, appleId, appleIdPassword) {
- const baseOptions = { appPath, appleId, appleIdPassword };
+ generateNotarizeOptions({ appPath, appleId, appleIdPassword, appleApiKey, appleApiKeyId, appleApiIssuer }) {
+ const baseOptions = { appPath, appleId, appleIdPassword, appleApiKey, appleApiKeyId, appleApiIssuer };
const options = this.platformSpecificBuildOptions.notarize;
if (typeof options === "boolean") {
const proj = {
4 changes: 2 additions & 2 deletions yarn.lock
Original file line number Diff line number Diff line change
Expand Up @@ -1998,7 +1998,7 @@ __metadata:

"app-builder-lib@patch:app-builder-lib@npm%3A24.8.0#./.yarn/patches/app-builder-lib-npm-24.8.0-51e1f5cd3f.patch::locator=lossless-cut%40workspace%3A.":
version: 24.8.0
resolution: "app-builder-lib@patch:app-builder-lib@npm%3A24.8.0#./.yarn/patches/app-builder-lib-npm-24.8.0-51e1f5cd3f.patch::version=24.8.0&hash=ed7dfa&locator=lossless-cut%40workspace%3A."
resolution: "app-builder-lib@patch:app-builder-lib@npm%3A24.8.0#./.yarn/patches/app-builder-lib-npm-24.8.0-51e1f5cd3f.patch::version=24.8.0&hash=6f8a5c&locator=lossless-cut%40workspace%3A."
dependencies:
7zip-bin: ~5.1.1
"@develar/schema-utils": ~2.6.5
Expand Down Expand Up @@ -2028,7 +2028,7 @@ __metadata:
semver: ^7.3.8
tar: ^6.1.12
temp-file: ^3.4.0
checksum: 955974c64fc49f3b67f764be76b977eaf5f0ac7231ae7886a47f1b2b45789cb56c6592999422d8b2f25430496f66332f77d2ef08a1986b71274694d37c91c773
checksum: 3ce09b3cb8425ecbab5911c0d73f4efe61d0f98267d0e63883a480e8a202f89fa2dbb8577e31809676ed1bf11c75a22694054601a76b7ba8477fbf624d824f32
languageName: node
linkType: hard

Expand Down

0 comments on commit cc72fad

Please sign in to comment.