From 7122309df14f4854e31c6b09bb915d319bcd0aaa Mon Sep 17 00:00:00 2001
From: Alphrag <34252790+Alphrag@users.noreply.github.com>
Date: Tue, 21 Jun 2022 01:17:33 +0100
Subject: Update build process to sign mac releases

---
 .github/workflows/builds.yml | 20 +++++++++-----------
 build-helpers/notarize.js    |  2 +-
 electron-builder.yml         |  4 +---
 3 files changed, 11 insertions(+), 15 deletions(-)

diff --git a/.github/workflows/builds.yml b/.github/workflows/builds.yml
index 7af56cb51..c1e7b162b 100644
--- a/.github/workflows/builds.yml
+++ b/.github/workflows/builds.yml
@@ -171,23 +171,21 @@ jobs:
         env:
           GH_TOKEN: ${{ secrets.FERDIUM_PUBLISH_TOKEN }}
           CSC_IDENTITY_AUTO_DISCOVERY: true
-          # TODO: Commented out the code signing process for now (so as to at least get unsigned nightlies available for testing)
-          # APPLEID: ${{ secrets.APPLEID }}
-          # APPLEID_PASSWORD: ${{ secrets.APPLEID_PASSWORD }}
-          # CSC_LINK: ${{ secrets.CSC_LINK }}
-          # CSC_KEY_PASSWORD: ${{ secrets.CSC_KEY_PASSWORD }}
+          APPLEID: ${{ secrets.APPLEID }}
+          APPLEID_PASSWORD: ${{ secrets.APPLEID_PASSWORD }}
+          CSC_LINK: ${{ secrets.CSC_LINK }}
+          CSC_KEY_PASSWORD: ${{ secrets.CSC_KEY_PASSWORD }}
       - name: Build Ferdium with publish for 'release' branch
         if: ${{ env.GIT_BRANCH_NAME == 'release' }}
         run: npm run build -- --publish always
         shell: bash
         env:
           GH_TOKEN: ${{ secrets.FERDIUM_PUBLISH_TOKEN }}
-          CSC_IDENTITY_AUTO_DISCOVERY: false
-          # TODO: Commented out the code signing process for now (so as to at least get unsigned nightlies available for testing)
-          # APPLEID: ${{ secrets.APPLEID }}
-          # APPLEID_PASSWORD: ${{ secrets.APPLEID_PASSWORD }}
-          # CSC_LINK: ${{ secrets.CSC_LINK }}
-          # CSC_KEY_PASSWORD: ${{ secrets.CSC_KEY_PASSWORD }}
+          CSC_IDENTITY_AUTO_DISCOVERY: true
+          APPLEID: ${{ secrets.APPLEID }}
+          APPLEID_PASSWORD: ${{ secrets.APPLEID_PASSWORD }}
+          CSC_LINK: ${{ secrets.CSC_LINK }}
+          CSC_KEY_PASSWORD: ${{ secrets.CSC_KEY_PASSWORD }}
 
   build_linux:
     name: "ubuntu ${{ github.event.inputs.message }}"
diff --git a/build-helpers/notarize.js b/build-helpers/notarize.js
index bbd81c7b6..21b1466e7 100644
--- a/build-helpers/notarize.js
+++ b/build-helpers/notarize.js
@@ -12,7 +12,7 @@ exports.default = async function notarizing(context) {
   await notarize({
     appBundleId: 'org.ferdium.ferdium-app',
     appPath: `${appOutDir}/${appName}.app`,
-    ascProvider: 'B6J9X9DWFL',
+    ascProvider: '55E9FPJ93P',
     appleId: process.env.APPLEID,
     appleIdPassword: process.env.APPLEID_PASSWORD,
   });
diff --git a/electron-builder.yml b/electron-builder.yml
index 142d3e2c3..d864a1848 100644
--- a/electron-builder.yml
+++ b/electron-builder.yml
@@ -26,9 +26,7 @@ dmg:
       { x: 122, y: 240, type: file },
     ]
 
-# TODO: When we have a registered developer account we need to uncomment this line so that the signing process can occur but without the notarization.
-# This is the notarization which would allow to have the DMG analysed so that it can be opened straight away after download.
-# afterSign: ./build-helpers/notarize.js
+afterSign: ./build-helpers/notarize.js
 
 protocols:
   name: Ferdium
-- 
cgit v1.2.3-70-g09d2