karaggeorge / electron-builder-notarize-pkg Goto Github PK
View Code? Open in Web Editor NEWLicense: MIT License
License: MIT License
Hi,
I'm using this package to sign and notarize my pkg installer but following exception is thrown which is weird because the code specifically checks for the equality to in progress
and recursively waits for the next time.
What could be the issue here?
Thanks
electron-builder version=22.6.0 os=19.4.0
• loaded configuration file=package.json ("build" field)
• loaded parent configuration file=/path/node_modules/electron-webpack/out/electron-builder.js
• writing effective config file=dist/builder-effective-config.yaml
• packaging platform=darwin arch=x64 electron=8.2.5 appOutDir=dist/mac
after build; disable sandbox
• signing file=dist/mac/app.app identityName=Developer ID Application: Name (ID) identityHash=some_hash provisioningProfile=none
• building target=pkg arch=x64 file=dist/installer.pkg
Signing /path/dist/installer.pkg...
Notarizing /path/dist/installer.pkg...
⨯ Unrecognized notarization status: "in progress" stackTrace=
Error: Unrecognized notarization status: "in progress"
at waitForNotarize (/path/node_modules/electron-builder-notarize-pkg/index.js:186:11)
at processTicksAndRejections (internal/process/task_queues.js:97:5)
at waitForNotarize (/path/node_modules/electron-builder-notarize-pkg/index.js:174:5)
at waitForNotarize (/path/node_modules/electron-builder-notarize-pkg/index.js:174:5)
at waitForNotarize (/path/node_modules/electron-builder-notarize-pkg/index.js:174:5)
at waitForNotarize (/path/node_modules/electron-builder-notarize-pkg/index.js:174:5)
at module.exports (/path/node_modules/electron-builder-notarize-pkg/index.js:261:3)
at path/node_modules/app-builder-lib/src/index.ts:64:38
at executeFinally (/path/node_modules/builder-util/src/promise.ts:12:14)
error Command failed with exit code 1.
info Visit https://yarnpkg.com/en/docs/cli/run for documentation about this command.
Hi,
I'm using https://github.com/samuelmeuli/action-electron-builder as the action to build my app with pkg
installer and I'm signing and notarizing both the app and the installer.
I exported an application and an installer certificate in a single p12
file and then set an ENV variable as the action requires.
I have "afterSign": "electron-builder-notarize"
and "afterAllArtifactBuild": "electron-builder-notarize-pkg"
.
I also provide an API key file, API_KEY_ID and API_KEY_ISSUER_ID and PSC_NAME ENV variables as this package requires in the action.
I tested this locally and both app and installer were signed and notarized successfully. However, I couldn't sign the installer with the action on GitHub. I provide everything as secret and then provide ENV variables in the action.
Building the Electron app…
yarn run v1.22.4
$ /Users/runner/work/path/node_modules/.bin/electron-builder --mac -c.publish.provider=generic -c.publish.url=url
• electron-builder version=22.6.0 os=19.6.0
• artifacts will be published if draft release exists reason=CI detected
• loaded configuration file=package.json ("build" field)
• loaded parent configuration file=/Users/runner/work/path/node_modules/electron-webpack/out/electron-builder.js
• packaging platform=darwin arch=x64 electron=8.2.5 appOutDir=dist/mac
• downloading url=https://github.com/electron/electron/releases/download/v8.2.5/electron-v8.2.5-darwin-x64.zip size=66 MB parts=8
• downloaded url=https://github.com/electron/electron/releases/download/v8.2.5/electron-v8.2.5-darwin-x64.zip duration=938ms
• signing file=dist/mac/app.app identityName=Developer ID Application: Name (ID) identityHash=6A0830E69974A4AD816360C951A70CECCAD26C2A provisioningProfile=none
Notarizing com.company.app found at /Users/runner/work/path/dist/mac/app.app
Done notarizing com.company.app
• building target=pkg arch=x64 file=dist/setup-app.pkg
Signing /Users/runner/work/path/dist/setup-app.pkg...
⨯ Failed to sign /Users/runner/work/path/dist/setup-app.pkg
Command failed with exit code 1: productsign --sign *** /Users/runner/work/path/dist/setup-app.pkg /Users/runner/work/path/dist/setup-app-signed.pkg
productsign: error: Could not find appropriate signing identity for “***”. stackTrace=
Error: Failed to sign /Users/runner/work/path/dist/setup-app.pkg
Command failed with exit code 1: productsign --sign *** /Users/runner/work/path/dist/app.pkg /Users/runner/work/path/dist/setup-app-signed.pkg
productsign: error: Could not find appropriate signing identity for “***”.
The reason PSC_NAME
is looking as ***
is that it was given as a secret and GitHub hides it in the logs. It looks like this: Developer ID Installer: Name (ID)
.
Do you have any idea how I can make this work in the action? It looks like locally the package can find the certificate through Keychain but in the action somehow it is not available although electron-builder can access the certificate through its ENV variable CSC_LINK
.
Thanks much in advance.
Edit:
The part of the workflow that does the building:
- name: Prepare for app notarization (macOS)
if: startsWith(matrix.os, 'macos')
# Import Apple API key for app notarization on macOS
run: |
mkdir -p ~/private_keys/
echo '${{ secrets.MAC_API_KEY }}' > ~/private_keys/AuthKey_${{ secrets.MAC_API_KEY_ID }}.p8
- name: Build and release app
uses: samuelmeuli/action-electron-builder@v1
with:
build_script_name: "compile-test"
args: "-c.publish.provider=generic -c.publish.url=url"
# GitHub token, automatically provided to the action
# (No need to define this secret in the repo settings)
github_token: ${{ secrets.github_token }}
# macOS code signing certificate
mac_certs: ${{ secrets.MAC_CERTS }}
mac_certs_password: ${{ secrets.MAC_CERTS_PASSWORD }}
# If the commit is tagged with a version (e.g. "v1.0.0"),
# release the app after building
# release: ${{ startsWith(github.ref, 'refs/tags/test-v') }}
env:
# macOS notarization API key
API_KEY_ID: ${{ secrets.MAC_API_KEY_ID }}
API_KEY_ISSUER_ID: ${{ secrets.MAC_API_KEY_ISSUER_ID }}
# macOS installer notarization requirements
PSC_NAME: ${{ secrets.MAC_PSC_NAME }}
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.