Closed abulka closed 2 years ago
abulka
commented
2 years ago See this repositories own mac build action dmg:
Tried opening and running it and got the same error as my own repo's build. I am running on Mac Mojave (just in case that matters).
wiverson
commented
2 years ago Sigh, yeah, just got the same thing. I'm on Monterey 12.1 and probably can't dig into it until after the holidays. LMK if you figure anything out. :P
abulka
commented
2 years ago Turns out that copying the app out of the .dmg then
sudo xattr -rd com.apple.quarantine TestApp.appfixes the problem. The app can then be run by double clicking on it.
It seems that under Mac OS, browsers, unarchivers etc. automatically add the com.apple.quarantine extended attribute to .app files, which prevents them from being run - see this explanation. This is meant to stop unsigned (and potential malware) apps from running. The proper fix is to sign the app using an Apple Developer ID certificate (unfortunately a $99 developer account is required) and notarise the disk image.
These signing steps can be automated in GitHub Actions according to
wiverson
commented
2 years ago There is now a workflow and documentation for adding signing, notarization, and stapling! Check the README.md in the root of the template.
It seems that the build action on GitHub builds an app that cannot be double clicked on to run. I get the popup error
“TestApp” is damaged and can’t be opened. You should move it to the Bin.However when I run it from the terminal, it runs OKI initially thought it was a permissions issue, as GitHub actions has a 'bug' where artifacts lose their permissions but the above file seems ok
-rwxr-xr-x 1 andy 150864 Dec 17 10:35 ./TestApp.app/Contents/MacOS/TestApp.