From 3d625832923c391cd9ea595b1c49464b9f56c9a4 Mon Sep 17 00:00:00 2001 From: umbynos Date: Mon, 7 Nov 2022 17:27:33 +0100 Subject: [PATCH] use this fork (https://github.com/darkvertex/gon/tree/deep_sign_support) to use deep notarization, since this is not yet merged https://github.com/mitchellh/gon/pull/42 --- .github/workflows/release.yml | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 9225fdac..15d990db 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -218,6 +218,8 @@ jobs: notarize-macos: name: Notarize bundle runs-on: macos-12 + env: + GON_PATH: ${{ github.workspace }}/gon needs: create-macos-bundle steps: @@ -249,9 +251,18 @@ jobs: "${{ env.KEYCHAIN }}" - name: Install gon for code signing and app notarization + uses: actions/checkout@v3 + with: + repository: darkvertex/gon #this fork has support for --deep notarization + path: ${{ env.GON_PATH }} + ref: deep_sign_support + + - name: Build gon + working-directory: ${{ env.GON_PATH }}/cmd/gon/ run: | - wget -q https://github.com/mitchellh/gon/releases/download/v0.2.3/gon_macos.zip - unzip gon_macos.zip -d /usr/local/bin + ls -lah + go build + mv gon /usr/local/bin - name: Write gon config to file # gon does not allow env variables in config file (https://github.com/mitchellh/gon/issues/20) @@ -263,6 +274,7 @@ jobs: sign { application_identity = "Developer ID Application: ARDUINO SA (7KT7ZWMCJT)" + deep = true } # Ask Gon for zip output to force notarization process to take place. @@ -434,7 +446,7 @@ jobs: - name: Install gon for code signing and app notarization run: | - wget -q https://github.com/mitchellh/gon/releases/download/v0.2.3/gon_macos.zip + wget -q https://github.com/mitchellh/gon/releases/download/v0.2.5/gon_macos.zip unzip gon_macos.zip -d /usr/local/bin - name: Write gon config to file