Update script to use a p12

SRGSSR · Nov 21, 2024 · faa127e · faa127e
1 parent 0f69a34
commit faa127e
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 8 deletions.
diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml
@@ -52,8 +52,9 @@ jobs:
 
       - name: Add Apple certificate
         run: |
-          Scripts/add-apple-certificate.sh \
-          '${{ secrets.SRGSSR_APPLE_DEV_CERTIFICATE_B64 }}'
+          base64 --decode --input \
+          ${{ secrets.SRGSSR_APPLE_DEV_CERTIFICATE_B64 }} > /tmp/certificate.p12
+          Scripts/add-apple-certificate.sh /tmp/certificate.p12
 
       - name: Archive the demo
         run: sleep 3600 #make archive-demo-${{ matrix.platform }}
diff --git a/Scripts/add-apple-certificate.sh b/Scripts/add-apple-certificate.sh
@@ -4,19 +4,15 @@ apple_certificate="$1"
 
 if [[ -z $apple_certificate ]]
 then
-    echo "[!] Usage: $0 <apple_certificate_encoded (base64)>"
+    echo "[!] Usage: $0 <apple_certificate (.p12)>"
     exit 1
 fi
 
 apple_certificate_password=""
-apple_certificate_decoded_path="/tmp/apple_certificate_decoded.p12"
-
 keychain_password="admin"
 keychain_path="$HOME/Library/Keychains/login.keychain-db"
 
-base64 --decode --input "$apple_certificate" > $apple_certificate_decoded_path 
-
 # Import certificate
-security import "$apple_certificate_decoded_path" -k "$keychain_path" -P "$apple_certificate_password" -T /usr/bin/security -T /usr/bin/codesign
+security import "$apple_certificate" -k "$keychain_path" -P "$apple_certificate_password" -T /usr/bin/security -T /usr/bin/codesign
 # Authorize access to certificate private key
 security set-key-partition-list -S apple-tool:,apple: -s -k "$keychain_password" "$keychain_path"