@@ -78,54 +78,18 @@ jobs:
7878 MACOS_CERTIFICATE_PASSWORD : ${{ secrets.MACOS_CERTIFICATE_PASSWORD }}
7979 run : .github/scripts/release/sign-macos-binaries.sh bin
8080
81- - name : Verify signed binaries before upload
81+ - name : Verify codesign signatures
8282 run : |
8383 # Get list of expected macOS binaries from config
8484 macos_binaries=$(jq -r '.platforms[] | select(.os == "darwin") | .binary' .github/assets/release-assets-config.json)
8585
86- echo "Expected macOS binaries from config:"
87- echo "$macos_binaries"
88- echo ""
89-
90- echo "Listing expected files in bin/:"
91- for binary in $macos_binaries; do
92- if [[ -f "bin/$binary" ]]; then
93- ls -lh "bin/$binary"
94- fi
95- if [[ -f "bin/$binary.zip" ]]; then
96- ls -lh "bin/$binary.zip"
97- fi
98- done
99- echo ""
100-
101- echo "Checking signatures of binaries to be uploaded:"
10286 for binary in $macos_binaries; do
103- echo "Checking bin/$binary:"
104-
105- [[ -f "bin/$binary" ]] || {
106- echo " ERROR: Binary bin/$binary not found"
107- exit 1
108- }
109-
11087 codesign -dv --verbose=4 "bin/$binary" 2>&1 || {
111- echo " ERROR: No valid signature found for bin/$binary"
88+ echo "ERROR: No valid signature found for bin/$binary"
11289 exit 1
11390 }
114-
115- echo " Signature verified"
116-
117- # Also check that ZIP file exists
118- [[ -f "bin/$binary.zip" ]] || {
119- echo " ERROR: ZIP file bin/$binary.zip not found"
120- exit 1
121- }
122-
123- echo " ZIP file present: bin/$binary.zip"
124- echo ""
12591 done
12692
127- echo "All expected binaries and ZIP files verified successfully"
128-
12993name : Upload Signed MacOS Binaries
13094 uses : actions/upload-artifact@v5
13195 with :
0 commit comments