gitea-mirror/immich
1
0
Fork 0
mirror of https://github.com/immich-app/immich.git synced 2026-01-13 05:26:35 -08:00
Code Issues Packages Projects Releases Wiki Activity

fix(mobile): fix keychain setup - add all WWDR certs and set partition after match import

Browse Source
This commit is contained in:
Alex
2026-01-05 22:56:55 -06:00
parent b24f1b31fb
commit fe8cc89e44
2 changed files with 21 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
.github/workflows/build-mobile.yml vendored
View File

@@ -251,7 +251,7 @@ jobs:
security create-keychain -p "$KEYCHAIN_PASSWORD" build.keychain
security default-keychain -s build.keychain
security unlock-keychain -p "$KEYCHAIN_PASSWORD" build.keychain
security set-keychain-settings -t 3600 -u build.keychain
security set-keychain-settings -t 3600 -l -u build.keychain
# Add keychain to search list (required for codesign to find certificates)
security list-keychains -d user -s build.keychain login.keychain
@@ -259,20 +259,23 @@ jobs:
# Download and install Apple WWDR certificates (required for code signing)
curl -sL https://developer.apple.com/certificationauthority/AppleWWDRCA.cer -o AppleWWDRCA.cer
curl -sL https://www.apple.com/certificateauthority/AppleWWDRCAG3.cer -o AppleWWDRCAG3.cer
security import AppleWWDRCA.cer -k build.keychain -T /usr/bin/codesign
security import AppleWWDRCAG3.cer -k build.keychain -T /usr/bin/codesign
# Set key partition list to allow codesign access
security set-key-partition-list -S apple-tool:,apple: -s -k "$KEYCHAIN_PASSWORD" build.keychain
curl -sL https://www.apple.com/certificateauthority/AppleWWDRCAG4.cer -o AppleWWDRCAG4.cer
curl -sL https://www.apple.com/certificateauthority/AppleWWDRCAG5.cer -o AppleWWDRCAG5.cer
curl -sL https://www.apple.com/certificateauthority/AppleWWDRCAG6.cer -o AppleWWDRCAG6.cer
security import AppleWWDRCA.cer -k build.keychain -T /usr/bin/codesign || true
security import AppleWWDRCAG3.cer -k build.keychain -T /usr/bin/codesign || true
security import AppleWWDRCAG4.cer -k build.keychain -T /usr/bin/codesign || true
security import AppleWWDRCAG5.cer -k build.keychain -T /usr/bin/codesign || true
security import AppleWWDRCAG6.cer -k build.keychain -T /usr/bin/codesign || true
- name: Build and deploy to TestFlight
env:
FASTLANE_TEAM_ID: ${{ secrets.FASTLANE_TEAM_ID }}
MATCH_PASSWORD: ${{ secrets.MATCH_PASSWORD }}
MATCH_GIT_BASIC_AUTHORIZATION: ${{ steps.match-auth.outputs.base64_token }}
KEYCHAIN_NAME: build.keychain-db
KEYCHAIN_NAME: build.keychain
KEYCHAIN_PASSWORD: ${{ github.run_id }}
MATCH_KEYCHAIN_NAME: build.keychain-db
MATCH_KEYCHAIN_NAME: build.keychain
MATCH_KEYCHAIN_PASSWORD: ${{ github.run_id }}
APP_STORE_CONNECT_API_KEY_ID: ${{ secrets.APP_STORE_CONNECT_API_KEY_ID }}
APP_STORE_CONNECT_API_KEY_ISSUER_ID: ${{ secrets.APP_STORE_CONNECT_API_KEY_ISSUER_ID }}