import cert #57
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: build | |
| on: | |
| push: | |
| branches: [ main ] | |
| jobs: | |
| build: | |
| runs-on: windows-2022 | |
| environment: prod | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Build | |
| shell: powershell | |
| env: | |
| SPC_B64: ${{ secrets.SPC_B64 }} | |
| run: | | |
| $bytes = [System.Convert]::FromBase64String($env:SPC_B64) | |
| Set-Content -Path .\StefanMattingSPC.pfx -Value $bytes -Encoding Byte | |
| Import-PfxCertificate -FilePath .\StefanMattingSPC.pfx -CertStoreLocation 'Cert:\CurrentUser\My' | |
| Remove-Item .\StefanMattingSPC.pfx | |
| # choco install python310 > $null | |
| # choco install innosetup | |
| # | |
| # Remove-Item -Force -Recurse -ErrorAction SilentlyContinue venv | |
| # | |
| # C:\hostedtoolcache\windows\Python\3.10.11\x64\python.exe --version | |
| # C:\hostedtoolcache\windows\Python\3.10.11\x64\python.exe -m venv venv | |
| # cd .\venv\Scripts | |
| # ./Activate.ps1 | |
| # cd ..\..\ | |
| # | |
| # python -m pip install -r requirements.txt | |
| # python -m pip install -r requirements-stage2.txt | |
| # | |
| # & .\scripts\build.ps1 | |
| # jobs: | |
| # build: | |
| # runs-on: macos-11 | |
| # environment: prod | |
| # steps: | |
| # - name: Checkout | |
| # uses: actions/checkout@v4 | |
| # | |
| # - name: Import certs | |
| # shell: bash | |
| # env: | |
| # CERTS_P12: ${{ secrets.CERTS_P12 }} | |
| # CERTS_P12_PASSWORD: ${{ secrets.CERTS_P12_PASSWORD }} | |
| # run: | | |
| # set -eo pipefail | |
| # # https://github.com/Apple-Actions/import-codesign-certs/blob/master/src/security.ts | |
| # | |
| # CERTS_PATH=$RUNNER_TEMP/bundle.p12 | |
| # echo -n "$CERTS_P12" | base64 -d -o "$CERTS_PATH" | |
| # KEYCHAIN_PATH=$RUNNER_TEMP/app-signing | |
| # KEYCHAIN_PASSWORD=foo | |
| # | |
| # # create temporary keychain | |
| # security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH | |
| # security set-keychain-settings -lut 21600 $KEYCHAIN_PATH | |
| # security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH | |
| # | |
| # # import and allow all applications to use it | |
| # security import "$CERTS_PATH" -k $KEYCHAIN_PATH -f pkcs12 -A -T /usr/bin/codesign -T /usr/bin/security -P "$CERTS_P12_PASSWORD" | |
| # | |
| # # magic incantation that is necessary | |
| # security set-key-partition-list -S apple-tool:,apple: -k "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH | |
| # | |
| # # also necessary, this command actually sets things (even though the name). | |
| # security list-keychains -d user -s $KEYCHAIN_PATH login.keychain | |
| # | |
| # # check that we have a valid codesigning cert | |
| # security find-identity -vp codesigning $KEYCHAIN_PATH | |
| # | |
| # - uses: actions/setup-python@v5 | |
| # with: | |
| # python-version: '3.10' | |
| # | |
| # - shell: bash | |
| # env: | |
| # POINTER_CC_VERSION: ${{ vars.POINTER_CC_VERSION }} | |
| # run: | | |
| # python3 --version | |
| # python3 -m venv venv | |
| # source venv/bin/activate | |
| # pip install -r requirements.txt | |
| # pip install -r requirements-stage2.txt | |
| # ./scripts/build.sh | |
| # ./scripts/package-mac.sh | |
| # | |
| # - name: Upload Artifacts | |
| # uses: actions/upload-artifact@v2 | |
| # with: | |
| # name: disk-image | |
| # path: dist/*.dmg |