-
-
Notifications
You must be signed in to change notification settings - Fork 12
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
1 changed file
with
52 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,52 @@ | ||
| # CODESIGNING | ||
|
|
||
| To sign Processing on Mac OS we need a Apple Developer account and involves two steps: | ||
|
|
||
| Signing the Processing.app and the included JRE | ||
|
|
||
| This happens either by running `ant macos-dist` or in the Github actions | ||
|
|
||
| ## Setup Github Actions | ||
| To setup the Github Actions you need to be the Account Holder on your Apple Developer team. | ||
|
|
||
| ### Application Signing | ||
| We start by creating a .p12 file following the tutorial on the CodeSigning Action | ||
| https://github.com/Apple-Actions/import-codesign-certs | ||
|
|
||
| Currently this consists of following this tutorial: | ||
|
|
||
| https://calvium.com/how-to-make-a-p12-file/ | ||
| NOTE: In the create new certificate section, select `Developer ID Application` this allows the certificate to distribute outside the Mac App Store | ||
|
|
||
| Then take the certificate generated by the tutorial above and copy it to your clipboard as | ||
| ```bash | ||
| $ base64 -i CertificateFile.p12 | pbcopy | ||
| ``` | ||
|
|
||
| and set the secrets into the Github Repository. | ||
|
|
||
| This will allow the action to sign Processing and the JRE | ||
|
|
||
| ### Notarisation | ||
|
|
||
| To prevent the *this application is not recognised by Mac OS* error we need to setup the Github Action to upload the release to Apple for Notarisation | ||
|
|
||
| Go to https://developer.apple.com/account to find the team id in the membership details section and apply it to the `PROCESSING_TEAM_ID` secret | ||
|
|
||
| Enter your apple id email in the `PROCESSING_APPLE_ID` secret, this account does **not** need to be an account holder, ideally it is not anyone's personal apple id | ||
|
|
||
| Follow these instructions https://support.apple.com/en-us/102654 to setup an app-specific password for the apple id and enter that as `PROCESSING_APP_PASSWORD` | ||
|
|
||
| ### Release | ||
|
|
||
| Finally create a release to test the signing actions | ||
| ## Sign locally | ||
|
|
||
| - Be on a MacOS computer | ||
| - Be logged into your Apple ID | ||
| - Setup and Log into XCode | ||
| - cd into the repository | ||
|
|
||
| ```bash | ||
| $ PROCESSING_TEAM_ID=... PROCESSING_APPLE_ID=... PROCESSING_APP_PASSWORD=... ant macos-dist | ||
| ``` |