From 91b65602febe5d10a61577190bb6b3159307e68c Mon Sep 17 00:00:00 2001 From: Max Goedjen Date: Fri, 26 Sep 2025 00:52:40 -0700 Subject: [PATCH] Release --- .github/workflows/nightly.yml | 24 +++++++++++++----------- .github/workflows/release.yml | 14 ++++++++------ 2 files changed, 21 insertions(+), 17 deletions(-) diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index 95a0cd4..3ee2a43 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -36,22 +36,24 @@ jobs: sed -i '' -e "s/GITHUB_BUILD_URL/https:\/\/github.com\/maxgoedjen\/secretive\/actions\/runs\/$RUN_ID/g" Sources/Config/Config.xcconfig - name: Build run: xcrun xcodebuild -project Sources/Secretive.xcodeproj -scheme Secretive -configuration Release -archivePath Archive.xcarchive archive - - name: Create ZIP - run: | - ditto -c -k --sequesterRsrc --keepParent Archive.xcarchive/Products/Applications/Secretive.app ./Secretive.zip - - name: Notarize - env: - APPLE_API_KEY_ID: ${{ secrets.APPLE_API_KEY_ID }} - APPLE_API_ISSUER: ${{ secrets.APPLE_API_ISSUER }} - run: xcrun notarytool submit --key ~/.private_keys/AuthKey_$APPLE_API_KEY_ID.p8 --key-id $APPLE_API_KEY_ID --issuer $APPLE_API_ISSUER Secretive.zip - - name: Remove SecretAgent artifact - run: rm -r Archive.xcarchive/Products/Applications/SecretAgent.app + - name: Move to Artifact Folder + run: mkdir Artifact; cp Archive.xcarchive/Products/Applications/Secretive.app - name: Upload App to Artifacts id: upload uses: actions/upload-artifact@v4 with: name: Secretive.zip - path: Archive.xcarchive/Products/Applications + path: Artifact + - name: Download Zipped Artifact + id: download + uses: actions/download-artifact@v5 + with: + artifact-ids: {{ steps.upload.outputs.artifact-id }} + - name: Notarize + env: + APPLE_API_KEY_ID: ${{ secrets.APPLE_API_KEY_ID }} + APPLE_API_ISSUER: ${{ secrets.APPLE_API_ISSUER }} + run: xcrun notarytool submit --key ~/.private_keys/AuthKey_$APPLE_API_KEY_ID.p8 --key-id $APPLE_API_KEY_ID --issuer $APPLE_API_ISSUER Secretive.zip - name: Attest id: attest uses: actions/attest-build-provenance@v2 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 11a6fd5..a653717 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -58,28 +58,30 @@ jobs: sed -i '' -e "s/GITHUB_BUILD_URL/github.com\/maxgoedjen\/secretive\/actions\/runs\/$RUN_ID/g" Sources/Config/Config.xcconfig - name: Build run: xcrun xcodebuild -project Sources/Secretive.xcodeproj -scheme Secretive -configuration Release -archivePath Archive.xcarchive archive + - name: Move to Artifact Folder + run: mkdir Artifact; cp Archive.xcarchive/Products/Applications/Secretive.app - name: Upload App to Artifacts id: upload uses: actions/upload-artifact@v4 with: name: Secretive.zip - path: Secretive.zip + path: Artifact - name: Download Zipped Artifact id: download uses: actions/download-artifact@v5 with: artifact-ids: {{ steps.upload.outputs.artifact-id }} + - name: Notarize + env: + APPLE_API_KEY_ID: ${{ secrets.APPLE_API_KEY_ID }} + APPLE_API_ISSUER: ${{ secrets.APPLE_API_ISSUER }} + run: xcrun notarytool submit --key ~/.private_keys/AuthKey_$APPLE_API_KEY_ID.p8 --key-id $APPLE_API_KEY_ID --issuer $APPLE_API_ISSUER Secretive.zip - name: Attest id: attest uses: actions/attest-build-provenance@v2 with: subject-name: "Secretive.zip" subject-digest: sha256:${{ steps.upload.outputs.artifact-digest }} - - name: Notarize - env: - APPLE_API_KEY_ID: ${{ secrets.APPLE_API_KEY_ID }} - APPLE_API_ISSUER: ${{ secrets.APPLE_API_ISSUER }} - run: xcrun notarytool submit --key ~/.private_keys/AuthKey_$APPLE_API_KEY_ID.p8 --key-id $APPLE_API_KEY_ID --issuer $APPLE_API_ISSUER Secretive.zip - name: Create Release run: | sed -i.tmp "s/RUN_ID/$RUN_ID/g" .github/templates/release.md