Skip to content

Commit

Permalink
ci: remove mac OSX artifact signing job
Browse files Browse the repository at this point in the history
  • Loading branch information
supershal authored and faiq committed Sep 14, 2023
1 parent 096c294 commit a5f74f6
Showing 1 changed file with 0 additions and 84 deletions.
84 changes: 0 additions & 84 deletions .github/workflows/release-kib.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -76,87 +76,3 @@ jobs:
commit-message: "fix: bump kib to ${{ github.ref_name }}"
path: cluster-api-provider-preprovisioned
title: "fix: bump kib to ${{ github.ref_name }}"

sign-macos-binary:
needs: release-to-github
runs-on: macos-latest
env:
KEYCHAIN: job-${{ github.job }}-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }}
steps:
- name: Checkout konvoy-image-builder repository
uses: actions/checkout@v3
with:
ref: main
fetch-depth: 0

- uses: dsaltares/fetch-gh-release-asset@1.1.1
with:
version: "tags/${{ github.ref_name }}"
file: "konvoy-image-bundle-${{ github.ref_name }}_darwin_amd64.tar.gz"

- name: Create directory to extract the pulled file into
run: mkdir "konvoy-image-bundle_darwin_amd64"

- name: Extract the pulled file
run: tar -xvzf "konvoy-image-bundle-${{ github.ref_name }}_darwin_amd64.tar.gz" -C "konvoy-image-bundle_darwin_amd64"

- name: Remove original downloaded file
run: rm "konvoy-image-bundle-${{ github.ref_name }}_darwin_amd64.tar.gz"

- name: Import Code-Signing Certificates
uses: Apple-Actions/import-codesign-certs@v2
with:
keychain: ${{ env.KEYCHAIN }}
# The certificates in a PKCS12 file encoded as a base64 string
p12-file-base64: ${{ secrets.D2IQ_APPLE_DEVELOPER_CERTIFICATE_P12_BASE64 }}
# The password used to import the PKCS12 file.
p12-password: ${{ secrets.D2IQ_APPLE_DEVELOPER_CERTIFICATE_PASSWORD }}

- name: Install required binaries
run: |
brew tap mitchellh/gon
brew install mitchellh/gon/gon
brew install coreutils
- name: Run Gon to notarize
env:
GITHUB_TOKEN: ${{ secrets.MESOSPHERECI_USER_TOKEN }}
AC_USERNAME: ${{ secrets.D2IQ_APPLE_DEVELOPER_USERNAME }}
AC_PASSWORD: ${{ secrets.D2IQ_APPLE_DEVELOPER_PASSWORD }}
run: |
gon -log-level=info -log-json gon.hcl
- name: Tar signed bundle
run: |
unzip -o konvoy-image.zip
mv konvoy-image konvoy-image-bundle_darwin_amd64
mv konvoy-image-bundle_darwin_amd64 konvoy-image-bundle-${{ github.ref_name }}_darwin_amd64
tar czf konvoy-image-bundle-${{ github.ref_name }}_darwin_amd64.tar.gz konvoy-image-bundle-${{ github.ref_name }}_darwin_amd64
- name: Delete keychain
if: always()
run: |
security delete-keychain "${{ env.KEYCHAIN }}".keychain
- name: Get checksum file
uses: dsaltares/fetch-gh-release-asset@1.1.1
with:
version: "tags/${{ github.ref_name }}"
file: "konvoy-image-builder_${{ github.ref_name }}_checksums.txt"

- name: Calculate checksum
run: |
cat konvoy-image-builder_${{ github.ref_name }}_checksums.txt | grep darwin | xargs -I{} sed -i'.bak' s/{}//g konvoy-image-builder_${{ github.ref_name }}_checksums.txt
sed -i'.bak' '/^[[:space:]]*$/d' konvoy-image-builder_${{ github.ref_name }}_checksums.txt
sha256sum konvoy-image-bundle-${{ github.ref_name}}_darwin_amd64.tar.gz >> konvoy-image-builder_${{ github.ref_name }}_checksums.txt
- name: Replace release artifact
uses: ncipollo/release-action@v1
with:
tag: "${{ github.ref_name }}"
artifacts: konvoy-image-bundle-${{ github.ref_name }}_darwin_amd64.tar.gz,konvoy-image-builder_${{ github.ref_name }}_checksums.txt
replacesArtifacts: true
token: ${{ secrets.MESOSPHERECI_USER_TOKEN }}
artifactErrorsFailBuild: true
allowUpdates: true

0 comments on commit a5f74f6

Please sign in to comment.