Open JasonGross opened 4 months ago
Perhaps we should sign & notarize the MacOS binaries for ease of use?
ChatGPT suggests that the steps are:
Without a Mac, you can still handle code signing and notarization using GitHub Actions. Here’s a step-by-step approach:
Apple Developer Account: Ensure that you have an Apple Developer account, as you'll need certificates and credentials for signing and notarization.
Create and Export Signing Certificate:
.p12
Add Secrets to GitHub:
Install and Configure xcnotary:
xcnotary
Import Certificate:
Sign the Universal Binary:
lipo
Notarize the Binary:
Staple the Notarization:
Make sure your secrets are stored securely within GitHub Actions. This setup allows you to automate signing and notarization entirely through GitHub Actions without direct access to a Mac.
Perhaps we should sign & notarize the MacOS binaries for ease of use?
ChatGPT suggests that the steps are:
Without a Mac, you can still handle code signing and notarization using GitHub Actions. Here’s a step-by-step approach:
Apple Developer Account: Ensure that you have an Apple Developer account, as you'll need certificates and credentials for signing and notarization.
Create and Export Signing Certificate:
.p12
file.Add Secrets to GitHub:
.p12
file and add it as a GitHub Actions secret, along with the certificate password and your Apple Developer account credentials.Install and Configure
xcnotary
:xcnotary
, a third-party tool that supports notarizing applications via CI, which works well with GitHub Actions.xcnotary
in your GitHub Actions workflow by adding:Import Certificate:
.p12
file in your CI workflow using:Sign the Universal Binary:
lipo
, sign it with:Notarize the Binary:
xcnotary
to notarize your signed binary:Staple the Notarization:
Make sure your secrets are stored securely within GitHub Actions. This setup allows you to automate signing and notarization entirely through GitHub Actions without direct access to a Mac.