diff --git a/.github/workflows/desktop-build.yml b/.github/workflows/desktop-build.yml index f6a0833e0..2645304e5 100644 --- a/.github/workflows/desktop-build.yml +++ b/.github/workflows/desktop-build.yml @@ -281,20 +281,11 @@ jobs: - name: Sign app bundle env: - MACOS_CERTIFICATE: ${{ secrets.PROD_MACOS_CERTIFICATE }} - MACOS_CERTIFICATE_PWD: ${{ secrets.PROD_MACOS_CERTIFICATE_PWD }} MACOS_CERTIFICATE_NAME: ${{ secrets.PROD_MACOS_CERTIFICATE_NAME }} MACOS_CI_KEYCHAIN_PWD: ${{ secrets.PROD_MACOS_CI_KEYCHAIN_PWD }} run: | security unlock-keychain -p "$MACOS_CI_KEYCHAIN_PWD" build.keychain - /usr/bin/codesign - --sign="$MACOS_CERTIFICATE_NAME" - --entitlements="../../.ci/macos.entitlements" - --options=runtime - --force - --deep - --timestamp - --verbose $(find . -name "*.dmg") + /usr/bin/codesign --sign="$MACOS_CERTIFICATE_NAME" --entitlements="../../.ci/macos.entitlements" --options=runtime --force --deep --timestamp --verbose ${{steps.build.outputs.path}} - name: Notarize app bundle env: @@ -304,10 +295,7 @@ jobs: run: | # Store the notarization credentials so that we can prevent a UI password dialog from blocking the CI echo "Create keychain profile" - xcrun notarytool store-credentials "notarytool-profile" - --apple-id "$PROD_MACOS_NOTARIZATION_APPLE_ID" - --team-id "$PROD_MACOS_NOTARIZATION_TEAM_ID" - --password "$PROD_MACOS_NOTARIZATION_PWD" + xcrun notarytool store-credentials "notarytool-profile" --apple-id "$PROD_MACOS_NOTARIZATION_APPLE_ID" --team-id "$PROD_MACOS_NOTARIZATION_TEAM_ID" --password "$PROD_MACOS_NOTARIZATION_PWD" # We can't notarize an app bundle directly, but we need to compress it as an archive. # Therefore, we create a zip file containing our app bundle, so that we can send it to the