From a636da38a89b59307ff1a74c4b6672a56fcc4304 Mon Sep 17 00:00:00 2001 From: Walid Kayhal <3347810+waliid@users.noreply.github.com> Date: Thu, 21 Nov 2024 14:13:28 +0100 Subject: [PATCH] Provide a way to decode an encoded Apple certificate --- .github/workflows/pull-request.yml | 79 ++++++++++++++++-------------- Scripts/add-apple-certificate.sh | 22 +++++++++ 2 files changed, 64 insertions(+), 37 deletions(-) create mode 100755 Scripts/add-apple-certificate.sh diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml index 78b5d716..5359a76e 100644 --- a/.github/workflows/pull-request.yml +++ b/.github/workflows/pull-request.yml @@ -4,42 +4,42 @@ name: Pull Request on: [push] jobs: - check-quality: - name: "๐Ÿ”Ž Check quality" - runs-on: tart - steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: Run the quality check - run: make check-quality - - build-documentation: - name: "๐Ÿ“š Build documentation" - runs-on: tart - steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: Build the documentation - run: make doc - - tests: - name: "๐Ÿงช Tests" - runs-on: tart - strategy: - matrix: - platform: [ios, tvos] - steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: Authorize microphone access for simulator - run: Scripts/bypass-simulator-trampoline.sh - - - name: Run tests - run: make test-${{ matrix.platform }} - + # check-quality: + # name: "๐Ÿ”Ž Check quality" + # runs-on: tart + # steps: + # - name: Checkout code + # uses: actions/checkout@v4 + + # - name: Run the quality check + # run: make check-quality + + # build-documentation: + # name: "๐Ÿ“š Build documentation" + # runs-on: tart + # steps: + # - name: Checkout code + # uses: actions/checkout@v4 + + # - name: Build the documentation + # run: make doc + + # tests: + # name: "๐Ÿงช Tests" + # runs-on: tart + # strategy: + # matrix: + # platform: [ios, tvos] + # steps: + # - name: Checkout code + # uses: actions/checkout@v4 + + # - name: Authorize microphone access for simulator + # run: Scripts/bypass-simulator-trampoline.sh + + # - name: Run tests + # run: make test-${{ matrix.platform }} + # archive-demos: name: "๐Ÿ“ฆ Archives" runs-on: tart @@ -50,5 +50,10 @@ jobs: - name: Checkout code uses: actions/checkout@v4 + - name: Add Apple certificate + run: | + Scripts/add-apple-certificate.sh \ + ${{ secrets.SRGSSR_APPLE_DEV_CERTIFICATE_B64 }} + - name: Archive the demo - run: make archive-demo-${{ matrix.platform }} + run: sleep 3600 #make archive-demo-${{ matrix.platform }} diff --git a/Scripts/add-apple-certificate.sh b/Scripts/add-apple-certificate.sh new file mode 100755 index 00000000..d647ea0c --- /dev/null +++ b/Scripts/add-apple-certificate.sh @@ -0,0 +1,22 @@ +#!/bin/bash + +apple_certificate_b64="$1" + +if [[ -z $apple_certificate_b64 ]] +then + echo "[!] Usage: $0 " + exit 1 +fi + +apple_certificate_password="" +apple_certificate_decoded_path="/tmp/certificate.p12" + +keychain_password="admin" +keychain_path="$HOME/Library/Keychains/login.keychain-db" + +echo "$apple_certificate_b64" | base64 --decode > "$apple_certificate_decoded_path" + +# Import certificate +security import "$apple_certificate_decoded_path" -k "$keychain_path" -P "$apple_certificate_password" -T /usr/bin/security -T /usr/bin/codesign +# Authorize access to certificate private key +security set-key-partition-list -S apple-tool:,apple: -s -k "$keychain_password" "$keychain_path" \ No newline at end of file