From 5c0b12eaa76d2657555a3dd19e901b4bd5fd1346 Mon Sep 17 00:00:00 2001 From: Nathan LeClaire Date: Mon, 25 Jul 2022 14:59:01 -0700 Subject: [PATCH] Add scripts and docs for release notarization on OSX (#298) Closes #297 --- README.md | 15 ++++++++++----- bin/notarize.js | 34 ++++++++++++++++++++++++++++++++++ 2 files changed, 44 insertions(+), 5 deletions(-) create mode 100644 bin/notarize.js diff --git a/README.md b/README.md index 63f9fad8..00962d98 100644 --- a/README.md +++ b/README.md @@ -93,7 +93,7 @@ Now you're working with Workbench! The project is currently in a migratory phase from Bootstrap to Tailwind. Do not write new code using Bootstrap layouting. Instead, opt for using Tailwind's atomic CSS system instead. The goal is to eventually be able to fully remove bootstrap from the codebase. -## building a release +## Building A Release On each platform (OSX, Windows, Linux), run: @@ -104,10 +104,15 @@ npm install npm run package ``` ->> TODO: add the signing steps for each platform. +To sign and notarize the OSX artifacts: -then copy the appimage/dmg/exe to a staging dir, and run +1. You must have the correct certificates from developer.apple.com installed on the build computer. +2. Signing will occur automatically during `npm run package`. +3. Notarization requires three environment variables to be set: + 1. `APPLE_NOTARIZATION=1` -- Indicate that the builds should be notarized + 2. `APPLE_ID` -- The email address associated with the developer Apple account + 3. `APPLE_ID_PASS` -- The [app specific password](https://support.apple.com/en-us/HT204397) for the app. This is different from the Apple ID's main password and set in the developer portal. -``` +>> TODO: Add the signing steps for Windows. -``` +Then upload binaries and `latest*.yml` files to the Github release. diff --git a/bin/notarize.js b/bin/notarize.js new file mode 100644 index 00000000..98ce35f0 --- /dev/null +++ b/bin/notarize.js @@ -0,0 +1,34 @@ +const { notarize } = require('electron-notarize'); +const { build } = require('../package.json'); + +exports.default = async function notarizeMacos(context) { + const { electronPlatformName, appOutDir } = context; + if (electronPlatformName !== 'darwin') { + return; + } + + if (!process.env.APPLE_NOTARIZE) { + console.warn( + 'Skipping notarizing step. APPLE_NOTARIZE environment variable is not set' + ); + return; + } + + if (!('APPLE_ID' in process.env && 'APPLE_ID_PASS' in process.env)) { + console.warn( + 'Skipping notarizing step. APPLE_ID and APPLE_ID_PASS env variables must be set' + ); + return; + } + + const appName = context.packager.appInfo.productFilename; + + console.info('Notarizing Apple DMGs'); + + await notarize({ + appBundleId: build.appId, + appPath: `${appOutDir}/${appName}.app`, + appleId: process.env.APPLE_ID, + appleIdPassword: process.env.APPLE_ID_PASS, + }); +};