From c440418ce6c1f9c271d59133cb12fafa2edb7fba Mon Sep 17 00:00:00 2001 From: Junegunn Choi Date: Tue, 6 Apr 2021 18:09:06 +0900 Subject: [PATCH] Sign and notarize macOS binaries Close #2408 --- .goreleaser.yml | 78 ++++++++++++++++++++++++++++++++++++++----------- CHANGELOG.md | 1 + 2 files changed, 62 insertions(+), 17 deletions(-) diff --git a/.goreleaser.yml b/.goreleaser.yml index 62b985d..cb14e71 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -12,27 +12,20 @@ builds: - darwin goarch: - amd64 + ldflags: + - "-s -w -X main.version={{ .Version }} -X main.revision={{ .ShortCommit }}" + + - id: fzf-macos-arm + binary: fzf + goos: + - darwin + goarch: - arm64 ldflags: - "-s -w -X main.version={{ .Version }} -X main.revision={{ .ShortCommit }}" - hooks: - post: |- - sh -c ' - cat > /tmp/fzf-gon.hcl << EOF - source = ["./dist/fzf-macos_darwin_{{ .Arch }}/fzf"] - bundle_id = "kr.junegunn.fzf" - apple_id { - username = "junegunn.c@gmail.com" - password = "@env:AC_PASSWORD" - } - sign { - application_identity = "Apple Development: junegunn.c@gmail.com" - } - EOF - gon /tmp/fzf-gon.hcl - ' - - goos: + - id: fzf + goos: - linux - windows - freebsd @@ -59,6 +52,8 @@ builds: archives: - name_template: "{{ .ProjectName }}-{{ .Version }}-{{ .Os }}_{{ .Arch }}{{ if .Arm }}v{{ .Arm }}{{ end }}" + builds: + - fzf format: tar.gz format_overrides: - goos: windows @@ -66,12 +61,61 @@ archives: files: - non-existent* +signs: + - id: fzf-macos-sign + ids: [fzf-macos] + artifacts: all + cmd: sh + args: + - "-c" + - |- + cat > /tmp/fzf-gon-amd64.hcl << EOF + source = ["./dist/fzf-macos_darwin_amd64/fzf"] + bundle_id = "kr.junegunn.fzf" + apple_id { + username = "junegunn.c@gmail.com" + password = "@env:AC_PASSWORD" + } + sign { + application_identity = "Developer ID Application: Junegunn Choi (Y254DRW44Z)" + } + zip { + output_path = "./dist/fzf-{{ .Version }}-darwin_amd64.zip" + } + EOF + gon /tmp/fzf-gon-amd64.hcl + + - id: fzf-macos-arm-sign + ids: [fzf-macos-arm] + artifacts: all + cmd: sh + args: + - "-c" + - |- + cat > /tmp/fzf-gon-arm64.hcl << EOF + source = ["./dist/fzf-macos-arm_darwin_arm64/fzf"] + bundle_id = "kr.junegunn.fzf" + apple_id { + username = "junegunn.c@gmail.com" + password = "@env:AC_PASSWORD" + } + sign { + application_identity = "Developer ID Application: Junegunn Choi (Y254DRW44Z)" + } + zip { + output_path = "./dist/fzf-{{ .Version }}-darwin_arm64.zip" + } + EOF + gon /tmp/fzf-gon-arm64.hcl + release: github: owner: junegunn name: fzf prerelease: auto name_template: '{{ .Tag }}' + extra_files: + - glob: ./dist/fzf-*darwin*.zip snapshot: name_template: "{{ .Tag }}-devel" diff --git a/CHANGELOG.md b/CHANGELOG.md index 1840abb..c606bf2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,6 +9,7 @@ CHANGELOG fzf --preview 'cat {}' --preview-window top:border-bottom fzf --preview 'cat {}' --preview-window top:border-horizontal ``` +- Signed and notarized macOS binaries (thanks to [BACKERS.md](https://github.com/junegunn/junegunn/blob/main/BACKERS.md)) 0.26.0 ------