Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Sign and notarize macos app and installer #1281

Merged
merged 1 commit into from
Dec 7, 2023
Merged

Sign and notarize macos app and installer #1281

merged 1 commit into from
Dec 7, 2023

Conversation

Thykof
Copy link
Contributor

@Thykof Thykof commented Dec 4, 2023

Delivery Quality Checklist

  • Breaking Changes in API:
    Does this PR introduce breaking changes in the API?

    • If yes, have you considered making it backward compatible?
    • If backward compatibility is not considered, set the "breaking-change" label.
  • Changelog:

    • For bugfix PR, set the "bugfix" label
    • If this change should not appear in changelog, use "ignore-for-changelog" label
  • Version Update Handling:
    Have you ensured that the version update by user is handled correctly?

  • PR Dependency:
    Does this PR depend on another PR?

    • If yes, is it necessary for the dependency to be released prior to merging this one?
  • Documentation:

    • Are any necessary changes made to user-facing documentation?
    • Confirm that API documentation is updated with any relevant changes.
    • Check that README and other documentation files are accurate and current.

Copy link

codecov bot commented Dec 4, 2023

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (8ed54ff) 25.46% compared to head (cbbafa3) 25.46%.

❗ Current head cbbafa3 differs from pull request most recent head d0dca83. Consider uploading reports for the commit d0dca83 to get more accurate results

Additional details and impacted files
@@           Coverage Diff           @@
##             main    #1281   +/-   ##
=======================================
  Coverage   25.46%   25.46%           
=======================================
  Files          25       25           
  Lines        1547     1547           
=======================================
  Hits          394      394           
  Misses       1140     1140           
  Partials       13       13           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@Thykof Thykof force-pushed the 1019-2-sign-macos branch from 86ab23e to 037c93b Compare December 4, 2023 18:31
@Thykof Thykof linked an issue Dec 4, 2023 that may be closed by this pull request
@Thykof Thykof force-pushed the 1019-2-sign-macos branch 7 times, most recently from f932876 to af49969 Compare December 6, 2023 14:17
@Thykof Thykof marked this pull request as ready for review December 6, 2023 14:35
@Thykof Thykof changed the title Sign macos pkg Sign macos app and installer Dec 6, 2023
@Thykof Thykof changed the title Sign macos app and installer Sign and notarize macos app and installer Dec 6, 2023
Copy link
Member

@thomas-senechal thomas-senechal left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Did you tried to run the create_pkg.sh script from your computer without the Dev IDs ?
What happens in that case ?

If packaging fails or if the installer does not work, I think we need to add an handling of building with and without the Dev IDs. Otherwise, we won't be able to build from our computers and will require to push, wait for 15min, to then check if it's working. And it's not a viable way of working IMO

installer/macos/create_pkg.sh Show resolved Hide resolved
@Thykof
Copy link
Contributor Author

Thykof commented Dec 6, 2023

Did you tried to run the create_pkg.sh script from your computer without the Dev IDs ? What happens in that case ?

If packaging fails or if the installer does not work, I think we need to add an handling of building with and without the Dev IDs. Otherwise, we won't be able to build from our computers and will require to push, wait for 15min, to then check if it's working. And it's not a viable way of working IMO

I modifier the script, you can now run ./macos/create_pkg.sh amd64 "Developer ID Application: Massa Labs (9X8NWA3JHQ)" "Developer ID Installer: Massa Labs (9X8NWA3JHQ)" or ./macos/create_pkg.sh amd64

@Thykof Thykof linked an issue Dec 6, 2023 that may be closed by this pull request
3 tasks
CI: try to sign macos pkg

inherit secrets

CI: debug

CI: change mac os sign secrets

CI: fix call to create_pkg.sh

ci: try to sign macos

ci try

CI: mac os notarize

CI: export version

CI: fix notarize

CI: skip stapler

CI: debug

CI: sign pkg with codesign

sign the .app for macos

CI: uncomment

create pkg now can be run without signing
@Thykof Thykof force-pushed the 1019-2-sign-macos branch from 56c440f to cbbafa3 Compare December 6, 2023 21:48
@Thykof Thykof removed a link to an issue Dec 6, 2023
3 tasks
@Thykof Thykof force-pushed the 1019-2-sign-macos branch from cbbafa3 to d0dca83 Compare December 6, 2023 21:52
Copy link
Member

@thomas-senechal thomas-senechal left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good job !
Only a non blocking comment

installer/macos/create_pkg.sh Show resolved Hide resolved
@Thykof
Copy link
Contributor Author

Thykof commented Dec 7, 2023

QA on amr64 and amd64 OK

@Thykof Thykof merged commit 67b0544 into main Dec 7, 2023
17 checks passed
@Thykof Thykof deleted the 1019-2-sign-macos branch December 7, 2023 17:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Register Massa Labs as Apple dev to remove installation warning
3 participants