Skip to content

Commit 5a718fa

Browse files
ann0seeann0see
committed
Rename certificate variables
1 parent f87bd6f commit 5a718fa

2 files changed

Lines changed: 19 additions & 19 deletions

File tree

.github/autobuild/mac.sh

Lines changed: 13 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -72,16 +72,16 @@ setup() {
7272

7373
prepare_signing() {
7474
## Certificate types in use:
75-
# - MACOS_CERTIFICATE - Developer ID Application - for codesigning for adhoc release
75+
# - MACOS_CERTIFICATE_DEV_ID_APPLICATION - Developer ID Application - for codesigning for adhoc release
7676
# - MAC_STORE_APP_CERT - Mac App Distribution - codesigning for App Store submission
77-
# - MAC_STORE_INST_CERT - Mac Installer Distribution - for signing installer pkg file for App Store submission
77+
# - MACOS_CERTIFICATE_INST_DISTRIBUTION - Mac Installer Distribution - for signing installer pkg file for App Store submission
7878

7979
[[ "${SIGN_IF_POSSIBLE:-0}" == "1" ]] || return 1
8080

8181
# Signing was requested, now check all prerequisites:
82-
[[ -n "${MACOS_CERTIFICATE:-}" ]] || return 1
83-
[[ -n "${MACOS_CERTIFICATE_ID:-}" ]] || return 1
84-
[[ -n "${MACOS_CERTIFICATE_PWD:-}" ]] || return 1
82+
[[ -n "${MACOS_CERTIFICATE_DEV_ID_APPLICATION:-}" ]] || return 1
83+
[[ -n "${MACOS_CERTIFICATE_DEV_ID_APPLICATION_ID:-}" ]] || return 1
84+
[[ -n "${MACOS_CERTIFICATE_DEV_ID_APPLICATION_PWD:-}" ]] || return 1
8585
[[ -n "${NOTARIZATION_PASSWORD:-}" ]] || return 1
8686
[[ -n "${KEYCHAIN_PASSWORD:-}" ]] || return 1
8787

@@ -97,7 +97,7 @@ prepare_signing() {
9797
echo "Signing was requested and all dependencies are satisfied"
9898

9999
## Put the certs to files
100-
echo "${MACOS_CERTIFICATE}" | base64 --decode > macos_certificate.p12
100+
echo "${MACOS_CERTIFICATE_DEV_ID_APPLICATION}" | base64 --decode > macos_certificate.p12
101101

102102
# If set, put the CA public key into a file
103103
if [[ -n "${MACOS_CA_PUBLICKEY}" ]]; then
@@ -110,7 +110,7 @@ prepare_signing() {
110110
# Remove default re-lock timeout to avoid codesign hangs:
111111
security set-keychain-settings build.keychain
112112
security unlock-keychain -p "${KEYCHAIN_PASSWORD}" build.keychain
113-
security import macos_certificate.p12 -k build.keychain -P "${MACOS_CERTIFICATE_PWD}" -A -T /usr/bin/codesign
113+
security import macos_certificate.p12 -k build.keychain -P "${MACOS_CERTIFICATE_DEV_ID_APPLICATION_PWD}" -A -T /usr/bin/codesign
114114
security set-key-partition-list -S apple-tool:,apple: -s -k "${KEYCHAIN_PASSWORD}" build.keychain
115115

116116
# Tell Github Workflow that we want signing
@@ -138,21 +138,21 @@ prepare_signing() {
138138
# MAC_STORE_APP_CERT already checked
139139
[[ -n "${MAC_STORE_APP_CERT_ID:-}" ]] || return 1
140140
[[ -n "${MAC_STORE_APP_CERT_PWD:-}" ]] || return 1
141-
[[ -n "${MAC_STORE_INST_CERT:-}" ]] || return 1
142-
[[ -n "${MAC_STORE_INST_CERT_ID:-}" ]] || return 1
143-
[[ -n "${MAC_STORE_INST_CERT_PWD:-}" ]] || return 1
141+
[[ -n "${MACOS_CERTIFICATE_INST_DISTRIBUTION:-}" ]] || return 1
142+
[[ -n "${MACOS_CERTIFICATE_INST_DISTRIBUTION_ID:-}" ]] || return 1
143+
[[ -n "${MACOS_CERTIFICATE_INST_DISTRIBUTION_PWD:-}" ]] || return 1
144144

145145
# Put the certs to files
146146
echo "${MAC_STORE_APP_CERT}" | base64 --decode > macapp_certificate.p12
147-
echo "${MAC_STORE_INST_CERT}" | base64 --decode > macinst_certificate.p12
147+
echo "${MACOS_CERTIFICATE_INST_DISTRIBUTION}" | base64 --decode > macinst_certificate.p12
148148

149149
echo "App Store distribution dependencies are satisfied, proceeding..."
150150

151151
# Add additional certs to the keychain
152152
security set-keychain-settings build.keychain
153153
security unlock-keychain -p "${KEYCHAIN_PASSWORD}" build.keychain
154154
security import macapp_certificate.p12 -k build.keychain -P "${MAC_STORE_APP_CERT_PWD}" -A -T /usr/bin/codesign
155-
security import macinst_certificate.p12 -k build.keychain -P "${MAC_STORE_INST_CERT_PWD}" -A -T /usr/bin/productbuild
155+
security import macinst_certificate.p12 -k build.keychain -P "${MACOS_CERTIFICATE_INST_DISTRIBUTION_PWD}" -A -T /usr/bin/productbuild
156156
security set-key-partition-list -S apple-tool:,apple: -s -k "${KEYCHAIN_PASSWORD}" build.keychain
157157

158158
# Tell Github Workflow that we are building for store submission
@@ -170,7 +170,7 @@ build_app_as_dmg_installer() {
170170
# Mac's bash version considers BUILD_ARGS unset without at least one entry:
171171
BUILD_ARGS=("")
172172
if prepare_signing; then
173-
BUILD_ARGS=("-s" "${MACOS_CERTIFICATE_ID}" "-a" "${MAC_STORE_APP_CERT_ID}" "-i" "${MAC_STORE_INST_CERT_ID}" "-k" "${KEYCHAIN_PASSWORD}")
173+
BUILD_ARGS=("-s" "${MACOS_CERTIFICATE_DEV_ID_APPLICATION_ID}" "-a" "${MAC_STORE_APP_CERT_ID}" "-i" "${MACOS_CERTIFICATE_INST_DISTRIBUTION_ID}" "-k" "${KEYCHAIN_PASSWORD}")
174174
fi
175175
TARGET_ARCHS="${TARGET_ARCHS}" ./mac/deploy_mac.sh "${BUILD_ARGS[@]}"
176176
}

.github/workflows/autobuild.yml

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -368,12 +368,12 @@ jobs:
368368
# For every certificate, export it as base64 encoded string with `base64 -i certificate.p12`
369369
# Set the certificates based on the variables below
370370
JAMULUS_BUILD_VERSION: ${{ needs.create_release.outputs.build_version }}
371-
MACOS_CERTIFICATE: ${{ secrets.MACOS_CERT }} # Base64 encoded Developer ID Application certificate. See https://help.apple.com/xcode/mac/current/#/dev154b28f09
372-
MACOS_CERTIFICATE_PWD: ${{ secrets.MACOS_CERT_PWD }} # Password protecting secrets.MACOS_CERTIFICATE
373-
MACOS_CERTIFICATE_ID: ${{ secrets.MACOS_CERT_ID }} # Certificate ID of secrets.MACOS_CERTIFICATE. If unknown, import secrets.MACOS_CERT into keychain and get the hash via "security find-identity -v"
374-
MAC_STORE_INST_CERT: ${{ secrets.MACAPP_INST_CERT }} # Base64 encoded Mac Installer Distribution certificate
375-
MAC_STORE_INST_CERT_PWD: ${{ secrets.MACAPP_INST_CERT_PWD }}
376-
MAC_STORE_INST_CERT_ID: ${{ secrets.MACAPP_INST_CERT_ID }}
371+
MACOS_CERTIFICATE_DEV_ID_APPLICATION: ${{ secrets.MACOS_CERT }} # Base64 encoded Developer ID Application certificate. See https://help.apple.com/xcode/mac/current/#/dev154b28f09
372+
MACOS_CERTIFICATE_DEV_ID_APPLICATION_PWD: ${{ secrets.MACOS_CERT_PWD }} # Password protecting secrets.MACOS_CERTIFICATE_DEV_ID_APPLICATION
373+
MACOS_CERTIFICATE_DEV_ID_APPLICATION_ID: ${{ secrets.MACOS_CERT_ID }} # Certificate ID of secrets.MACOS_CERTIFICATE_DEV_ID_APPLICATION. If unknown, import secrets.MACOS_CERT into keychain and get the hash via "security find-identity -v"
374+
MACOS_CERTIFICATE_INST_DISTRIBUTION: ${{ secrets.MACAPP_INST_CERT }} # Base64 encoded Mac Installer Distribution certificate
375+
MACOS_CERTIFICATE_INST_DISTRIBUTION_PWD: ${{ secrets.MACAPP_INST_CERT_PWD }}
376+
MACOS_CERTIFICATE_INST_DISTRIBUTION_ID: ${{ secrets.MACAPP_INST_CERT_ID }}
377377
MAC_STORE_APP_CERT: ${{ secrets.MACAPP_CERT }} # Base64 encoded Mac App Distribution certificate
378378
MAC_STORE_APP_CERT_PWD: ${{ secrets.MACAPP_CERT_PWD }}
379379
MAC_STORE_APP_CERT_ID: ${{ secrets.MACAPP_CERT_ID }}

0 commit comments

Comments
 (0)