Here I give an example for CircleCI, in a step prior to using the certificate, let's say for code-signing, make sure you have installed the certificate on your macOS executor, otherwise you may get error while executing code signing.
See sample commands below for your reference:
sign-app-on-macOS: macos: xcode: 15.2.0 resource_class: macos.m1.medium.gen1 steps: - run: name: Download and install P12 certificate on macOS command: | aws s3 cp s3://bucket/certificates/Certificates.p12 Certificates.p12 security create-keychain -p "password" ci.keychain security default-keychain -s ci.keychain security unlock-keychain -p "password" ci.keychain security import Certificates.p12 -k ci.keychain -P $CSC_KEY_PASSWORD -T /usr/bin/codesign security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k "password" ci.keychain security find-identity -p codesigning -v - run: codesign --deep blah blah ... Steps are as followed:
- Download Certificates.p12 from cloud store
- Create keychain and import certificate into it
- Verify installed certificate that's valid
Note that CSC_KEY_PASSWORD environment variable is set for importing the password protected cert.
Top comments (0)