From 335467362a96eec3e0ff6514a27006dfccaa7b62 Mon Sep 17 00:00:00 2001
From: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
Date: Fri, 6 Sep 2024 15:08:47 -0300
Subject: [PATCH] ci: sign & notarize macos binaries (#111)

signs and notarizes macos binaries when releasing
---
 .github/workflows/goreleaser.yml | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/.github/workflows/goreleaser.yml b/.github/workflows/goreleaser.yml
index 536c46a..97115bc 100644
--- a/.github/workflows/goreleaser.yml
+++ b/.github/workflows/goreleaser.yml
@@ -1,3 +1,5 @@
+# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
+
 name: goreleaser
 
 on:
@@ -21,6 +23,11 @@ jobs:
       fury_token: ${{ secrets.FURY_TOKEN }}
       nfpm_gpg_key: ${{ secrets.NFPM_GPG_KEY }}
       nfpm_passphrase: ${{ secrets.NFPM_PASSPHRASE }}
+      macos_sign_p12: ${{ secrets.MACOS_SIGN_P12 }}
+      macos_sign_password: ${{ secrets.MACOS_SIGN_PASSWORD }}
+      macos_notary_issuer_id: ${{ secrets.MACOS_NOTARY_ISSUER_ID }}
+      macos_notary_key_id: ${{ secrets.MACOS_NOTARY_KEY_ID }}
+      macos_notary_key: ${{ secrets.MACOS_NOTARY_KEY }}
   homebrew:
     name: Bump Homebrew formula
     runs-on: ubuntu-latest