Skip to content

Commit

Permalink
Accept multiple files. (#9)
Browse files Browse the repository at this point in the history
  • Loading branch information
@floitsch
floitsch authored Jun 21, 2024
1 parent 3bd9807 commit c671f3a
Show file tree
Hide file tree
Showing 2 changed files with 56 additions and 6 deletions.
39 changes: 37 additions & 2 deletions .github/workflows/ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,11 +14,27 @@ jobs:
- name: Checkout
uses: actions/checkout@v4

- name: Build executable
- name: Build executables
run: |
echo "int main() { return 0; }" > main.c
CURRENT_SECS=$(date +%s)
echo "int main() { return $CURRENT_SECS; }" > main.c
gcc main.c -o main
((CURRENT_SECS++))
echo "int main() { return $CURRENT_SECS; }" > main.c
mkdir multi1
gcc main.c -o multi1/main
((CURRENT_SECS++))
echo "int main() { return $CURRENT_SECS; }" > main.c
mkdir multi2
gcc main.c -o multi2/main
((CURRENT_SECS++))
echo "int main() { return $CURRENT_SECS; }" > main.c
mkdir multi3
gcc main.c -o "multi3/main with space"
- name: Sign the executable
uses: ./
with:
Expand All @@ -32,3 +48,22 @@ jobs:
- name: Check signature
run: |
codesign -dvvv main
- name: Sign several executables
uses: ./
with:
certificate: ${{ secrets.MACOS_CERTIFICATE }}
certificate-password: ${{ secrets.MACOS_CERTIFICATE_PWD }}
username: ${{ secrets.AC_USERNAME }}
password: ${{ secrets.AC_PASSWORD }}
apple-team-id: 33DS2ZRDST
app-path: |
multi1/main
multi2/main
multi3/main with space
- name: Check signatures
run: |
codesign -dvvv multi1/main
codesign -dvvv multi2/main
codesign -dvvv "multi3/main with space"
23 changes: 19 additions & 4 deletions action.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ inputs:
description: "The Apple Team ID to use for signing and notarization."
required: true
app-path:
description: "The path to the application to sign and notarize."
description: "The paths to the application to sign and notarize. One on each line."
required: true
entitlements-path:
description: "The path to the entitlements file to use for signing."
Expand Down Expand Up @@ -86,7 +86,12 @@ runs:
shell: bash
run: |
security find-identity -v signing_temp.keychain | grep "${{ inputs.apple-team-id }}" | grep "Developer ID Application"
codesign --keychain signing_temp.keychain --force --deep --sign "${{ inputs.apple-team-id }}" ${{ env.entitlements_arg }} "${{ inputs.app-path }}" --options=runtime
PATHS=$(cat << APP-PATH-DELIMITER-95654260
${{ inputs.app-path }}
APP-PATH-DELIMITER-95654260
)
echo "$PATHS" | tr '\n' '\0' | xargs -0 -r \
codesign --keychain signing_temp.keychain --force --deep --sign "${{ inputs.apple-team-id }}" ${{ env.entitlements_arg }} --options=runtime
- name: Create a tmp directory
id: tmp
Expand All @@ -100,7 +105,12 @@ runs:
run: |
TMP=${{ steps.tmp.outputs.path }}
ZIP_PATH="$TMP/app.zip"
zip -j "$ZIP_PATH" "${{ inputs.app-path }}"
PATHS=$(cat << APP-PATH-DELIMITER-95654260
${{ inputs.app-path }}
APP-PATH-DELIMITER-95654260
)
echo "$PATHS" | tr '\n' '\0' | xargs -0 -r \
zip "$ZIP_PATH"
echo "zip_path=$ZIP_PATH" >> $GITHUB_OUTPUT
- name: Notarize
Expand All @@ -121,7 +131,12 @@ runs:
shell: bash
run: |
# See https://developer.apple.com/forums/thread/130560
codesign -vvvv -R="notarized" --check-notarization "${{ inputs.app-path }}"
PATHS=$(cat << APP-PATH-DELIMITER-95654260
${{ inputs.app-path }}
APP-PATH-DELIMITER-95654260
)
echo "$PATHS" | tr '\n' '\0' | xargs -0 -r \
codesign -vvvv -R="notarized" --check-notarization
- name: Cleanup keychain
if: always() # Always run this step to ensure the keychain is properly disposed of.
Expand Down

0 comments on commit c671f3a

Please sign in to comment.