Attempt at macosx signing and notarizing via GHA

This commit is contained in:
aboyko
2023-07-06 14:52:20 -04:00
parent d7b46b48b8
commit 2fd49c8643

View File

@@ -31,12 +31,17 @@ jobs:
run: |
echo "${{ secrets.GPG_PRIVATE_KEY }}" > gpg.asc
echo "${{ secrets.GPG_PASSPHRASE }}" | gpg --batch --yes --passphrase-fd 0 --import gpg.asc
- name: Unlock login keychain for OSX signing
run: |
security unlock-keychain -p ${{ secrets.KEYCHAIN_PASSWORD }} ~/Library/Keychains/login.keychain-db
security set-keychain-settings -t 3600 ~/Library/Keychains/login.keychain-db
- name: Build Eclipse Distro
env:
tools_s3_access_key: ${{ secrets.TOOLS_S3_ACCESS_KEY }}
tools_s3_secret_key: ${{ secrets.TOOLS_S3_SECRET_KEY }}
gpg_passphrase: ${{ secrets.GPG_PASSPHRASE }}
gpg_keyname: ${{ secrets.GPG_KEYID }}
MACOS_CERTIFICATE_ID: ${{ secrets.MACOS_CERTIFICATE_ID }}
run: |
cd eclipse-distribution
./mvnw --batch-mode -U clean deploy -P${{ inputs.eclipse_profile }} -P${{ inputs.build_type }} -Pgitactions -Pgpg.sign -DbuildQualifier=${{ steps.timestamp.outputs.date }} -Dsigning.skip=true -Dmaven.repo.local=~/.m2/repository-signed -Dhttpclient.retry-max=20 -Dmaven.test.skip=true -Declipse.p2.mirrors=false -Dtycho.localArtifacts=ignore -Ds3service.https-only=true -Dp2.replaceQualifier=true -Dorg.eclipse.ecf.provider.filetransfer.httpclient.retrieve.readTimeout=1200000 -Dorg.eclipse.equinox.p2.transport.ecf.retry=5 -Dskip.eclipserun.proxies=false -Dskip.osx.signing=false -Dskip.win.signing=false -Dskip.osx.notarizing=false -Dtycho.equinox.resolver.uses=true