WIP

Signed-off-by: Joaquim Rocha <joaquim.rocha@microsoft.com>

.github/workflows/app-artifacts-mac.yml

@@ -12,68 +12,68 @@ on:
         default: false
         type: boolean
 jobs:
-  build-mac:
-    runs-on: macos-latest
-    steps:
-    - uses: actions/checkout@v4
-      with:
-        ref: ${{ github.event.inputs.buildBranch }}
-    - name: Setup nodejs
-      uses: actions/setup-node@v4
-      with:
-        node-version: 18.x
-        cache: 'npm'
-        cache-dependency-path: |
-          app/package-lock.json
-          frontend/package-lock.json
-    - uses: actions/setup-go@v5
-      with:
-        go-version: '1.20.*'
-        cache-dependency-path: |
-          backend/go.sum
-    - name: Dependencies
-      run: brew install make
-    - name: Build Backend and Frontend
-      run: |
-        make
-    - name: Add MacOS certs
-      run: cd ./app/mac/scripts/ && sh ./setup-certificate.sh
-      env:
-        APPLE_CERTIFICATE: ${{ secrets.TEST_APPLE_DEV_CERT }}
-        APPLE_CERTIFICATE_PASSWORD: ${{ secrets.TEST_APPLE_DEV_CERT_PASS }}
-    - name: Build Notarized App Mac
-      if: ${{ inputs.signBinaries }}
-      env:
-        APPLE_TEAM_ID: ${{ secrets.TEST_APPLE_TEAM_ID }}
-      run: |
-        make app-mac
-        ls ./app
-        ls ./app/dist
-        ls ./app/dist/mac*
-      # env:
-      #   APPLEID: ${{ secrets.APPLEID }}
-      #   APPLEIDPASS: ${{ secrets.APPLEIDPASS }}
-      #   APPLETEAMID: ${{ secrets.APPLETEAMID }}
-    # - name: Build App Mac
-    #   if: ${{ ! inputs.signBinaries }}
-    #   run: |
-    #     make app-mac
-    # - name: CodeSign
-    #   run: |
-    #     cd ./app/dist/mac && codesign -s ${{ secrets.TEST_APPLE_TEAM_ID }} --deep --force --options runtime --entitlements ../../mac/entitlements.mac.plist ./Headlamp.app
-    # - name: Zip Artifact
-    #   run: |
-    #     cd ./app/dist/mac/ && ditto -c -k --sequesterRsrc --keepParent Headlamp.app ./Headlamp.zip
-    - name: Upload artifact
-      uses: actions/upload-artifact@v4
-      with:
-        name: dmg
-        path: ./app/dist/Headlamp*.dmg
-        if-no-files-found: error
-        retention-days: 1
+  # build-mac:
+  #   runs-on: macos-latest
+  #   steps:
+  #   - uses: actions/checkout@v4
+  #     with:
+  #       ref: ${{ github.event.inputs.buildBranch }}
+  #   - name: Setup nodejs
+  #     uses: actions/setup-node@v4
+  #     with:
+  #       node-version: 18.x
+  #       cache: 'npm'
+  #       cache-dependency-path: |
+  #         app/package-lock.json
+  #         frontend/package-lock.json
+  #   - uses: actions/setup-go@v5
+  #     with:
+  #       go-version: '1.20.*'
+  #       cache-dependency-path: |
+  #         backend/go.sum
+  #   - name: Dependencies
+  #     run: brew install make
+  #   - name: Build Backend and Frontend
+  #     run: |
+  #       make
+  #   - name: Add MacOS certs
+  #     run: cd ./app/mac/scripts/ && sh ./setup-certificate.sh
+  #     env:
+  #       APPLE_CERTIFICATE: ${{ secrets.TEST_APPLE_DEV_CERT }}
+  #       APPLE_CERTIFICATE_PASSWORD: ${{ secrets.TEST_APPLE_DEV_CERT_PASS }}
+  #   - name: Build Notarized App Mac
+  #     if: ${{ inputs.signBinaries }}
+  #     env:
+  #       APPLE_TEAM_ID: ${{ secrets.TEST_APPLE_TEAM_ID }}
+  #     run: |
+  #       make app-mac
+  #       ls ./app
+  #       ls ./app/dist
+  #       ls ./app/dist/mac*
+  #     # env:
+  #     #   APPLEID: ${{ secrets.APPLEID }}
+  #     #   APPLEIDPASS: ${{ secrets.APPLEIDPASS }}
+  #     #   APPLETEAMID: ${{ secrets.APPLETEAMID }}
+  #   # - name: Build App Mac
+  #   #   if: ${{ ! inputs.signBinaries }}
+  #   #   run: |
+  #   #     make app-mac
+  #   # - name: CodeSign
+  #   #   run: |
+  #   #     cd ./app/dist/mac && codesign -s ${{ secrets.TEST_APPLE_TEAM_ID }} --deep --force --options runtime --entitlements ../../mac/entitlements.mac.plist ./Headlamp.app
+  #   # - name: Zip Artifact
+  #   #   run: |
+  #   #     cd ./app/dist/mac/ && ditto -c -k --sequesterRsrc --keepParent Headlamp.app ./Headlamp.zip
+  #   - name: Upload artifact
+  #     uses: actions/upload-artifact@v4
+  #     with:
+  #       name: dmg
+  #       path: ./app/dist/Headlamp*.dmg
+  #       if-no-files-found: error
+  #       retention-days: 1
   notarize:
     runs-on: windows-latest
-    needs: build-mac
+    # needs: build-mac
     if: ${{ inputs.signBinaries }}
     steps:
     - uses: actions/checkout@v4
@@ -87,20 +87,19 @@ jobs:
         cache-dependency-path: |
           app/package-lock.json
           frontend/package-lock.json
-    # - name: Download artifact
-    #   id: download-artifact
-    #   uses: dawidd6/action-download-artifact@v3
-    #   with:
-    #     # Optional, GitHub token, a Personal Access Token with `public_repo` scope if needed
-    #     # Required, if the artifact is from a different repo
-    #     # Required, if the repo is private a Personal Access Token with `repo` scope is needed or GitHub token in a job where the permissions `action` scope set to `read`
-    #     github_token: ${{secrets.GITHUB_TOKEN}}
-    #     run_id: 8008311826
-
     - name: Download artifact
-      uses: actions/download-artifact@v2
+      id: download-artifact
+      uses: dawidd6/action-download-artifact@v3
       with:
-        name: dmg
+        # Optional, GitHub token, a Personal Access Token with `public_repo` scope if needed
+        # Required, if the artifact is from a different repo
+        # Required, if the repo is private a Personal Access Token with `repo` scope is needed or GitHub token in a job where the permissions `action` scope set to `read`
+        github_token: ${{secrets.GITHUB_TOKEN}}
+        run_id: 8018373845
+
+    # - name: Download artifact
+    #   uses: actions/download-artifact@v2
+    #     name: dmg
     - name: Fetch certificates
       if: ${{ inputs.signBinaries }}
       shell: pwsh
@@ -127,6 +126,7 @@ jobs:
       run: |
         ls app/mac/scripts
         ls
+        ls dmg*
         if ("${{ inputs.signBinaries }}" -eq "true") {
           $env:ESRP_PATH="$(Get-Location)\Microsoft.EsrpClient.1.2.87\tools\EsrpClient.exe"
           $env:HEADLAMP_WINDOWS_CLIENT_ID="${{ secrets.WINDOWS_CLIENT_ID }}"