✨ feat: 优化导入签名公证的方法

arvinxx · Feb 2, 2021 · 4128e93 · 4128e93 · arvinxx · Feb 2, 2021
1 parent eae8ee8
commit 4128e93
Showing 1 changed file with 9 additions and 11 deletions.
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -76,24 +76,22 @@ jobs:
         run: |
           npx npe version ${{ needs.check.outputs.version }}
 
-      # 这一步用于导入签名
-      # 有了签名可以保证 electron 在需要授权时使用的是同一个环境
-      - name: Add key to single keychain
+      - name: Build artifact on macOS
         if: runner.os == 'macOS'
-        # developer-id-app-certs.p12 文件是需要通过
-        run: security import ./build/developer-id-app-certs.p12 -P ${{ secrets.APPLE_APP_CERTS_PASSWORD }}
-
-      - name: Check macOS security identities
-        if: runner.os == 'macOS'
-        run: security find-identity -v
-
-      - name: Build artifact
         run: yarn build --publish never # 不使用发包配置 https://www.electron.build/configuration/publish#how-to-publish
         env:
+          # 导入证书环境 有了签名可以保证 electron 在需要授权时使用的是同一个身份 id
+          # Ref https://www.electron.build/code-signing
+          CSC_LINK: ./build/developer-id-app-certs.p12
+          CSC_KEY_PASSWORD: ${{ secrets.APPLE_APP_CERTS_PASSWORD }}
           # 针对 macOS 提供 APPLE_ID 和 APPLE_ID_PASSWORD 进行 DMG 公证
           APPLE_ID: ${{ secrets.APPLE_ID }}
           APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }}
 
+      - name: Build artifact on other Platform
+        if: runner.os != 'macOS'
+        run: yarn build --publish never # 不使用发包配置 https://www.electron.build/configuration/publish#how-to-publish
+
       - name: Upload artifact
         uses: actions/upload-artifact@v2
         with: