chore(ci): add step to detect code signing (#2245)

* chore(ci): add step to detect code signing * fix variable name and add changefile
2021-08-08 14:19:45 -07:00 · 2021-08-08 14:19:45 -07:00 · 44f6ee4cfd
parent 3574a911e6
commit 44f6ee4cfd
4 changed files with 27 additions and 4 deletions
--- a/.changes/cli-rs-macos-signing-id-env.md
+++ b/.changes/cli-rs-macos-signing-id-env.md
@ -0,0 +1,5 @@
+---
+"cli.rs": patch
+---
+
+Added `APPLE_SIGNING_IDENTITY` as supported environment variable for the bundler.
--- a/.github/workflows/artifacts-updater.yml
+++ b/.github/workflows/artifacts-updater.yml
@ -95,9 +95,16 @@ jobs:
      - name: build cli
        working-directory: ./tooling/cli.js
        run: yarn build
+      - name: Check whether code signing should be enabled
+        id: enablecodesigning
+        env:
+            ENABLE_CODE_SIGNING: ${{ secrets.APPLE_CERTIFICATE }}
+        run: |
+            echo "Enable code signing: ${{ env.ENABLE_CODE_SIGNING != '' }}"
+            echo "::set-output name=enabled::${{ env.ENABLE_CODE_SIGNING != '' }}"
      # run only on tauri-apps/tauri repo (require secrets)
      - name: build sample artifacts + code signing (updater)
-        if: github.repository == 'tauri-apps/tauri'
+        if: steps.enablecodesigning.outputs.enabled == 'true'
        working-directory: ./examples/updater
        run: |
          yarn install
@ -112,11 +119,12 @@ jobs:
          # Apple code signing testing
          APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }}
          APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }}
+          APPLE_SIGNING_IDENTITY: ${{ secrets.APPLE_SIGNING_IDENTITY }}
          # Updater signature is exposed here to make sure it works in PR's
          TAURI_PRIVATE_KEY: dW50cnVzdGVkIGNvbW1lbnQ6IHJzaWduIGVuY3J5cHRlZCBzZWNyZXQga2V5ClJXUlRZMEl5YTBGV3JiTy9lRDZVd3NkL0RoQ1htZmExNDd3RmJaNmRMT1ZGVjczWTBKZ0FBQkFBQUFBQUFBQUFBQUlBQUFBQWdMekUzVkE4K0tWQ1hjeGt1Vkx2QnRUR3pzQjVuV0ZpM2czWXNkRm9hVUxrVnB6TUN3K1NheHJMREhQbUVWVFZRK3NIL1VsMDBHNW5ET1EzQno0UStSb21nRW4vZlpTaXIwZFh5ZmRlL1lSN0dKcHdyOUVPclVvdzFhVkxDVnZrbHM2T1o4Tk1NWEU9Cg==
      # run on PRs and forks
      - name: build sample artifacts (updater)
-        if: github.repository != 'tauri-apps/tauri'
+        if: steps.enablecodesigning.outputs.enabled != 'true'
        working-directory: ./examples/updater
        run: |
          yarn install
--- a/examples/updater/src-tauri/tauri.conf.json
+++ b/examples/updater/src-tauri/tauri.conf.json
@ -28,7 +28,7 @@
        "useBootstrapper": false
      },
      "macOS": {
-        "signingIdentity": "Developer ID Application: David Lemarier (3KF8V3679C)",
+        "signingIdentity": null,
        "entitlements": "../entitlements.plist",
        "frameworks": [],
        "minimumSystemVersion": "",
--- a/tooling/cli.rs/src/interface/rust.rs
+++ b/tooling/cli.rs/src/interface/rust.rs
@ -390,6 +390,16 @@ fn tauri_config_to_bundle_settings(
    }
  }

+  let signing_identity = match std::env::var_os("APPLE_SIGNING_IDENTITY") {
+    Some(signing_identity) => Some(
+      signing_identity
+        .to_str()
+        .expect("failed to convert APPLE_SIGNING_IDENTITY to string")
+        .to_string(),
+    ),
+    None => config.macos.signing_identity,
+  };
+
  Ok(BundleSettings {
    identifier: config.identifier,
    icon: config.icon,
@ -424,7 +434,7 @@ fn tauri_config_to_bundle_settings(
      license: config.macos.license,
      use_bootstrapper: Some(config.macos.use_bootstrapper),
      exception_domain: config.macos.exception_domain,
-      signing_identity: config.macos.signing_identity,
+      signing_identity,
      entitlements: config.macos.entitlements,
    },
    windows: WindowsSettings {