mirror of
https://github.com/JFormDesigner/FlatLaf.git
synced 2025-12-06 22:10:54 +03:00
GitHub Actions: natives.yml: sign Windows and macOS native libraries
Some checks failed
CI / build (11) (push) Has been cancelled
Native Libraries / Natives (macos-latest) (push) Has been cancelled
Native Libraries / Natives (ubuntu-24.04-arm) (push) Has been cancelled
Native Libraries / Natives (ubuntu-latest) (push) Has been cancelled
Native Libraries / Natives (windows-latest) (push) Has been cancelled
CI / build-on (17, ) (push) Has been cancelled
CI / build-on (21, ) (push) Has been cancelled
CI / build-on (23, ) (push) Has been cancelled
CI / build-on (8, ) (push) Has been cancelled
CI / snapshot (push) Has been cancelled
CI / release (push) Has been cancelled
Some checks failed
CI / build (11) (push) Has been cancelled
Native Libraries / Natives (macos-latest) (push) Has been cancelled
Native Libraries / Natives (ubuntu-24.04-arm) (push) Has been cancelled
Native Libraries / Natives (ubuntu-latest) (push) Has been cancelled
Native Libraries / Natives (windows-latest) (push) Has been cancelled
CI / build-on (17, ) (push) Has been cancelled
CI / build-on (21, ) (push) Has been cancelled
CI / build-on (23, ) (push) Has been cancelled
CI / build-on (8, ) (push) Has been cancelled
CI / snapshot (push) Has been cancelled
CI / release (push) Has been cancelled
This commit is contained in:
Karl Tauber
38
.github/workflows/natives.yml
vendored
38
.github/workflows/natives.yml
vendored
@@ -66,6 +66,44 @@ jobs:
|
||||
# tar.exe: Couldn't open ~/.gradle/caches/modules-2/modules-2.lock: Permission denied
|
||||
run: ./gradlew build-natives --no-daemon
|
||||
|
||||
- name: Sign Windows DLLs
|
||||
if: matrix.os == 'windows-latest'
|
||||
uses: skymatic/code-sign-action@v3
|
||||
with:
|
||||
certificate: '${{ secrets.CODE_SIGN_CERT_BASE64 }}'
|
||||
password: '${{ secrets.CODE_SIGN_CERT_PASSWORD }}'
|
||||
certificatesha1: '${{ secrets.CODE_SIGN_CERT_SHA1 }}'
|
||||
folder: 'flatlaf-core/src/main/resources/com/formdev/flatlaf/natives'
|
||||
|
||||
- name: Sign macOS natives
|
||||
if: matrix.os == 'macos-latest'
|
||||
env:
|
||||
CERT_BASE64: ${{ secrets.CODE_SIGN_CERT_BASE64 }}
|
||||
CERT_PASSWORD: ${{ secrets.CODE_SIGN_CERT_PASSWORD }}
|
||||
CERT_IDENTITY: ${{ secrets.CODE_SIGN_CERT_IDENTITY }}
|
||||
run: |
|
||||
# https://docs.github.com/en/actions/use-cases-and-examples/deploying/installing-an-apple-certificate-on-macos-runners-for-xcode-development
|
||||
# create variables
|
||||
CERTIFICATE_PATH=$RUNNER_TEMP/cert.p12
|
||||
KEYCHAIN_PATH=$RUNNER_TEMP/signing.keychain-db
|
||||
KEYCHAIN_PASSWORD=$CERT_PASSWORD
|
||||
# decode certificate
|
||||
printenv CERT_BASE64 | base64 --decode > $CERTIFICATE_PATH
|
||||
# create temporary keychain
|
||||
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
|
||||
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
|
||||
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
|
||||
# import certificate to keychain
|
||||
security import $CERTIFICATE_PATH -P "$CERT_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
|
||||
security set-key-partition-list -S apple-tool:,apple: -k "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
|
||||
security list-keychains -d user -s $KEYCHAIN_PATH
|
||||
# sign code
|
||||
codesign -s "$CERT_IDENTITY" -fv --timestamp \
|
||||
flatlaf-core/src/main/resources/com/formdev/flatlaf/natives/libflatlaf-macos-*.dylib
|
||||
codesign -d --verbose=4 flatlaf-core/src/main/resources/com/formdev/flatlaf/natives/libflatlaf-macos-*.dylib
|
||||
# cleanup
|
||||
security delete-keychain $KEYCHAIN_PATH
|
||||
|
||||
- name: Set artifacts pattern
|
||||
shell: bash
|
||||
run: |
|
||||
|
||||
Reference in New Issue
Block a user