wip

caarlos0 · caarlos0 · commit ecf0c9d67c3a · 2025-02-22T14:05:58.000-03:00
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -0,0 +1,67 @@
+name: release
+
+on:
+  pull_request:
+  push:
+  workflow_dispatch:
+
+permissions:
+  contents: write
+
+
+jobs:
+  goreleaser:
+    runs-on: macos-latest 
+    env:
+      MACOS_SIGN_P12: ${{ secrets.MACOS_SIGN_P12 }} # base64 .p12 key
+      MACOS_SIGN_PASSWORD: ${{ secrets.MACOS_SIGN_PASSWORD }} # password to open the .p12 file
+      KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }} # a password for our temporary keychain
+      MACOS_NOTARY_KEYCHAIN_PROFILE: ${{ secrets.MACOS_NOTARY_KEYCHAIN_PROFILE }} # the profile name to create and use for notarization
+      MACOS_NOTARY_KEY: ${{ secrets.MACOS_NOTARY_KEY }} # base64 .p8 key
+      MACOS_NOTARY_KEY_ID: ${{ secrets.MACOS_NOTARY_KEY_ID }} # the .p8 key ID
+      MACOS_NOTARY_ISSUER_ID: ${{ secrets.MACOS_NOTARY_ISSUER_ID }} # the issuer UUID
+      GORELEASER_KEY: ${{ secrets.GORELEASER_KEY }}
+    steps:
+      - if: ${{ !startsWith(github.ref, 'refs/tags/v') }}
+        run: echo "flags=--snapshot" >> $GITHUB_ENV
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - uses: actions/setup-go@v5
+        with:
+          go-version: stable
+      - name: 'setup-keychain'
+        run: |
+          # create variables
+          CERTIFICATE_PATH=$RUNNER_TEMP/goreleaser.p12
+          KEY_PATH=$RUNNER_TEMP/goreleaser.p8
+          KEYCHAIN_PATH=$RUNNER_TEMP/goreleaser.keychain-db
+
+          # import certificate and key from secrets
+          echo -n "$MACOS_SIGN_P12" | base64 --decode -o $CERTIFICATE_PATH
+          echo -n "$MACOS_NOTARY_KEY" | base64 --decode -o $KEY_PATH
+
+          # create temporary keychain
+          security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
+          security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
+          security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
+
+          # import certificate to keychain
+          security import $CERTIFICATE_PATH -P "$MACOS_SIGN_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
+          security set-key-partition-list -S apple-tool:,apple: -k "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
+          security list-keychain -d user -s $KEYCHAIN_PATH
+
+          # create notary profile
+          xcrun notarytool store-credentials $MACOS_NOTARY_KEYCHAIN_PROFILE \
+            --key $KEY_PATH \
+            --key-id $MACOS_NOTARY_KEY_ID \
+            --issuer $MACOS_NOTARY_ISSUER_ID \
+            --keychain $KEYCHAIN_PATH
+
+          # export the keychain path
+          echo "KEYCHAIN_PATH=$KEYCHAIN_PATH" >>$GITHUB_ENV
+      - uses: goreleaser/goreleaser-action@v6
+        with:
+          distribution: goreleaser-pro
+          version: "nightly"
+          args: release --clean ${{ env.flags }}
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1,2 @@
+# Added by goreleaser init:
+dist/
diff --git a/.goreleaser.yaml b/.goreleaser.yaml
@@ -0,0 +1,58 @@
+# This is an example .goreleaser.yml file with some sensible defaults.
+# Make sure to check the documentation at https://goreleaser.com
+
+# The lines below are called `modelines`. See `:help modeline`
+# Feel free to remove those if you don't want/need to use them.
+# yaml-language-server: $schema=https://goreleaser.com/static/schema-pro.json
+# vim: set ts=2 sw=2 tw=0 fo=cnqoj
+
+version: 2
+pro: true
+
+project_name: example
+before:
+  hooks:
+    - go mod tidy
+
+builds:
+  - env:
+      - CGO_ENABLED=0
+    goos:
+      - linux
+      - darwin
+
+universal_binaries:
+  - name_template: example
+    replace: true
+
+app_bundles:
+  - icon: icon.icns
+    bundle: com.goreleaser.example
+
+dmg:
+  - name: Example
+    replace: true
+
+notarize:
+  macos_native:
+    - enabled: '{{ isEnvSet "MACOS_SIGN_P12" }}'
+      sign:
+        identity: "Developer ID Application: Carlos Becker"
+        keychain: "{{ .Env.KEYCHAIN_PATH }}"
+      notarize:
+        wait: true
+        profile_name: "{{ .Env.MACOS_NOTARY_KEYCHAIN_PROFILE }}"
+
+changelog:
+  sort: asc
+  filters:
+    exclude:
+      - "^docs:"
+      - "^test:"
+
+release:
+  footer: >-
+
+    ---
+
+    Released by [GoReleaser](https://github.com/goreleaser/goreleaser).
diff --git a/go.mod b/go.mod
@@ -0,0 +1,3 @@
+module github.com/goreleaser/example-notarized-apps
+
+go 1.22.12
diff --git a/main.go b/main.go
@@ -0,0 +1,7 @@
+package main
+
+import "fmt"
+
+func main() {
+	fmt.Println("Hello World")
+}

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+# Added by goreleaser init:`
	`2`	`+dist/`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+module github.com/goreleaser/example-notarized-apps`
	`2`	`+`
	`3`	`+go 1.22.12`