andrei/amnezia-client
1
0
Fork 0
mirror of https://github.com/amnezia-vpn/amnezia-client.git synced 2026-06-23 02:00:20 +07:00
Code Issues Packages Projects Releases 10 Wiki Activity
Files
d81c1e5c1af99dd6378a35dc701e9c2a2ec7300d
amnezia-client/.github/actions/setup-keychain/action.yml
T
Yaroslav Gurov d81c1e5c1a feat: rework CI/CD for macos
2026-04-16 01:57:25 +02:00

57 lines
2.2 KiB
YAML
Raw Blame History

# .github/actions/setup-keychain/action.yml
name: Setup apple keychain
description: Creates and configures a temporary build keychain
inputs:
keychain-path:
description: Name of the keychain
required: true
keychain-password:
description: Temporary keychain password
required: true
app-cert-base64:
description: Base64-encoded P12 app certificate
required: true
app-cert-password:
description: Application certificate password
required: true
installer-cert-base64:
description: Base64-encoded P12 installer certificate
required: true
installer-cert-password:
description: Installer certificate password
required: true
runs:
using: composite
steps:
- name: Create keychain
shell: bash
env:
KEYCHAIN_PATH: ${{ inputs.keychain-path }}
KEYCHAIN_PASSWORD: ${{ inputs.keychain-password }}
APP_CERT_BASE64: ${{ inputs.app-cert-base64 }}
APP_CERT_PASSWORD: ${{ inputs.app-cert-password }}
INSTALLER_CERT_BASE64: ${{ inputs.installer-cert-base64 }}
INSTALLER_CERT_PASSWORD: ${{ inputs.installer-cert-password }}
run: |
set -e
APP_CERT_PATH=$RUNNER_TEMP/DeveloperIdApplicationCertificate.p12
INSTALLER_CERT_PATH=$RUNNER_TEMP/DeveloperIdInstallerCertificate.p12
echo -n "$APP_CERT_BASE64" | base64 --decode -o "$APP_CERT_PATH"
echo -n "$INSTALLER_CERT_BASE64" | base64 --decode -o "$INSTALLER_CERT_PATH"
security create-keychain -p "$KEYCHAIN_PASSWORD" "$KEYCHAIN_PATH"
security default-keychain -s "$KEYCHAIN_PATH"
security set-keychain-settings -lut 21600 "$KEYCHAIN_PATH"
security unlock-keychain -p "$KEYCHAIN_PASSWORD" "$KEYCHAIN_PATH"
security import "${{ github.action_path }}/DeveloperIDG2CA.cer" -k "$KEYCHAIN_PATH" -A
security import "$APP_CERT_PATH" -k "$KEYCHAIN_PATH" -P "$APP_CERT_PASSWORD" -A -t cert -f pkcs12
security import "$INSTALLER_CERT_PATH" -k "$KEYCHAIN_PATH" -P "$INSTALLER_CERT_PASSWORD" -A -t cert -f pkcs12
security set-key-partition-list -S apple-tool:,apple:,codesign: -k "$KEYCHAIN_PASSWORD" "$KEYCHAIN_PATH"
security list-keychain -d user -s "$KEYCHAIN_PATH"
Reference in New Issue View Git Blame Copy Permalink