Skip to content
Desktop App Release

feat: Hardened runtime and notarization #1

Sign in to view logs

feat: Hardened runtime and notarization

feat: Hardened runtime and notarization #1

Workflow file for this run

.github/workflows/desktop-app-release.yaml at 06a8242
name: Desktop App Release
on:
push:
branches:
- v1.0
pull_request:
branches:
- v1.0 #remove this before committing!
jobs:
## todo - add just release/copy to get binary in place first...
bundle:
runs-on: macos-latest
steps:
- name: Checkout repository
uses: actions/checkout@v2
- name: Add MacOS certs for signing and notarization
run: ./add-osx-cert.sh
env:
CERTIFICATE_OSX_APPLICATION: ${{ secrets.CERTIFICATE_OSX_APPLICATION }}
CERTIFICATE_PASSWORD: ${{ secrets.CERTIFICATE_PASSWORD }}
- name: Set up Node.js
uses: actions/setup-node@v2
with:
node-version: 'lts/*'
- name: Install dependencies
run: npm ci
working-directory: ui/desktop
- name: Make default Goose App
run: npm run bundle:default
working-directory: ui/desktop
env:
APPLE_ID: ${{ secrets.APPLE_ID }}
APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }}
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
- name: Upload default
uses: actions/upload-artifact@v3
with:
name: Goose.zip
path: ui/desktop/out/Goose-darwin-arm64/Goose.zip
- name: Make preconfigured Goose App
run: npm run bundle:preconfigured
working-directory: ui/desktop
env:
APPLE_ID: ${{ secrets.APPLE_ID }}
APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }}
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
GOOSE_BUNDLE_HOST: ${{ secrets.APPLE_TEAM_ID }}
GOOSE_BUNDLE_MODEL: ${{ secrets.GOOSE_BUNDLE_MODEL }}
GOOSE_BUNDLE_TYPE: ${{ secrets.GOOSE_BUNDLE_TYPE }}
- name: Upload preconfigured
uses: actions/upload-artifact@v3
with:
name: Goose-preconfigured.app
path: ui/desktop/out/Goose-darwin-arm64/Goose.zip
- name: Upload preconfigured
uses: actions/upload-artifact@v3
with:
name: Goose-preconfigured.zip
path: ui/desktop/out/Goose-darwin-arm64/Goose.zip