Set up signed, notarized macOS packaging#4
Open
seankearon wants to merge 3 commits into
Open
Conversation
Configure src/Fido.parcel and add a macOS release workflow so the app installs cleanly on macOS (no Gatekeeper warnings): - Icon: point AppIcon at the 1024px PNG (was a Windows .ico) so Parcel generates a proper .icns for the bundle. - Bundle identifier: com.shineforms.fido (was the placeholder). - Signing/notarization: switch from AdHoc to Developer ID + Apple notary, with all credentials referenced by env-var name only (nothing committed). - Fix Version wiring: it referenced PARCEL_LICENSE_KEY, which would have leaked the Avalonia licence key into the bundle Info.plist; now FIDO_VERSION. - Add .github/workflows/release-macos.yml: builds on macos-latest (Native AOT can't cross-compile), signs, notarizes, attaches the .dmg to the release. - Document the release process and required secrets in build.md. - Ignore stray Parcel pack logs (assets/*.log). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Notarization rejected every binary with "not signed with a valid Developer ID certificate" even though rcodesign signed successfully. Parcel signs via rcodesign, which embeds only the certificates present in the .p12 (unlike Apple's codesign, it won't pull the intermediate from a keychain). A Keychain-exported .p12 typically omits the "Developer ID Certification Authority" intermediate, so the signature can't chain to the Apple root and notarization fails. Rebuild the decoded .p12 to include Apple's full chain (Developer ID G2/G1 intermediates + Apple Root CA) before handing it to Parcel, and fail fast with the cert subject if the leaf isn't a Developer ID Application cert (a wrong cert type can't be fixed in CI). Document the requirement and a local inspection command in build.md. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Sets up the
Fido.parcelproject so the app installs cleanly on macOS — proper icon, code signing, and Apple notarization — built on a macOS CI runner.Changes
AppIconnow points atassets/png/fido-icon-1024.png(was a Windows.ico, which can't produce a proper Mac icon). Parcel auto-generates the.icnsfrom it.com.shineforms.fido(was the placeholdercom.CompanyName.Fido).AdHocto a Developer ID + Apple notary setup. All five credentials are referenced by env-var name only; nothing secret is committed.Versionwas wired toPARCEL_LICENSE_KEY, which would have stamped the Avalonia licence key into the bundleInfo.plistand shipped it to users. Now readsFIDO_VERSION..github/workflows/release-macos.yml— new job that builds onmacos-latest(Native AOT can't cross-compile, which is why packing failed on Windows), signs, notarizes, and attaches the.dmgto the release. Triggers on av*tag or manual dispatch.build.md— full "Packaging the macOS app" section: every required secret and step-by-step Developer ID certificate creation..gitignore— ignore strayassets/*.logpack logs.Before this can run
Add these 6 repository secrets (see
build.mdfor how to obtain each):PARCEL_LICENSE_KEY,APPLE_DEVELOPER_ID_P12_BASE64,APPLE_DEVELOPER_ID_P12_PASSWORD,APPLE_NOTARY_APPLE_ID,APPLE_NOTARY_PASSWORD,APPLE_TEAM_IDThen push a
v*tag (or run the workflow manually) to produce a notarized.dmg. Once notarized, macOS shows Shine Forms as the verified developer.Notes
osx-arm64only; add-r osx-x64to the workflow to also cover Intel Macs.🤖 Generated with Claude Code