Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow packaging without certificates #154

Closed
Keith-CY opened this issue May 23, 2023 · 7 comments
Closed

Allow packaging without certificates #154

Keith-CY opened this issue May 23, 2023 · 7 comments
Assignees
@yanguoyu
Labels
enhancement New feature or request question Further information is requested

Comments

@Keith-CY
Copy link
Member

Keith-CY commented May 23, 2023
edited
Loading

This suggestion is from nervosnetwork/neuron#2674 (comment)

PRs come from other repo will not package apps because the certificates for package is only accessible inside nervosnetwork/neuron.

But PRs from other contributors are welcome, and allowing packaging for test facilitates verification.

So we may update the workflow of https://github.com/nervosnetwork/neuron/blob/develop/.github/workflows/package_for_test.yml to make it available without certificates.

Following are the ideas proposed in the original comment

  1. use fail-fast: false
  2. Check if it is the main repository before executing Package for MacOS, and automatically skip if it is not
  3. Check for the presence of necessary secrets before executing Package for MacOS, and output a warning message if they are missing
  4. Automatically switch to non-signing mode and output a warning when the required signing secrets are missing

I think option 4 is more reasonable because package for macos is necessary during verification, so it can not be skipped.

Any idea from contributors? @WhiteMinds @yanguoyu @JeffreyMa597 @devchenyan @homura @zhangyouxin @IronLu233
@Keith-CY Keith-CY added the question Further information is requested label May 23, 2023
@Keith-CY Keith-CY self-assigned this May 23, 2023
@Keith-CY Keith-CY added this to Neuron May 23, 2023
@Keith-CY Keith-CY mentioned this issue May 23, 2023
Merged
@Keith-CY Keith-CY moved this to 🆕 New in Neuron May 23, 2023
@homura
Copy link

homura commented May 23, 2023

Vote up for option 4, I also suggest that we should only sign when releasing, not every push, to avoid the case of a canary version but with a signature

@Keith-CY
Copy link
Member Author

Keith-CY commented May 23, 2023
edited
Loading

Vote up for option 4, I also suggest that we should only sign when releasing, not every push, to avoid the case of a canary version but with a signature

I think signature on apps(exclude releases) from our team is still necessary because these packages may be distributed as insider ones for feedback, and signature guarantees the distributor.

Checksums in the release note can be used to distinguish release. How to check checksum will be delivered on the download page(https://lb84z6.axshare.com/#g=1&p=%E4%B8%8B%E8%BD%BD%E9%92%B1%E5%8C%85)

@Danie0918 Danie0918 moved this from 🆕 New to 🏗 In Progress in Neuron May 25, 2023
@Danie0918 Danie0918 added the enhancement New feature or request label May 25, 2023
@yanguoyu
Copy link

nervosnetwork/neuron#2693

@Keith-CY Keith-CY mentioned this issue Jun 1, 2023
Merged
@yanguoyu
Copy link

Open an unsigned App on Mac os:

  1. After opening an unsigned App, the system will notice that you can not open the App because the system cannot verify the developer. Then you can open System Preferences ▸ Security & Privacy -> General -> Still Open
image

There seems to be no problem with Windows.

If you encounter any issues that cannot be opened with the unsigned package, please append a comment.

@yanguoyu yanguoyu moved this from 🏗 In Progress to 👀 Testing in Neuron Jun 13, 2023
@yanguoyu yanguoyu mentioned this issue Jun 13, 2023
Merged
@FrederLu
Copy link

https://github.com/nervosnetwork/neuron/actions/runs/5251984962
Download Neuron-Mac-arm64.zip, after unzipping, it will prompt that the package is damaged.
image

@yanguoyu
Copy link

yanguoyu commented Jun 13, 2023
edited
Loading

https://github.com/nervosnetwork/neuron/actions/runs/5251984962 Download Neuron-Mac-arm64.zip, after unzipping, it will prompt that the package is damaged. image

Try these steps:

  1. Open a terminal
  2. type sudo xattr -d com.apple.quarantine /Applications/Neuron.app. (warning: if the opened Neuron was not moved to Application, replace /Applications/Neuron.app as you opened Neuron.app path)
  3. restart Neuron

@Danie0918 Danie0918 moved this from 👀 Testing to ✅ Done in Neuron Jun 19, 2023
@Danie0918 Danie0918 removed the status in Neuron Jun 19, 2023
@Danie0918 Danie0918 moved this to ✅ Done in Neuron Jun 19, 2023
@Keith-CY
Copy link
Member Author

CI blames about the permission at https://github.com/nervosnetwork/neuron/actions/runs/5347657156/jobs/9696452185?pr=2740#step:10:173

@Keith-CY Keith-CY reopened this Jun 25, 2023
@Keith-CY Keith-CY moved this from ✅ Done to 🏗 In Progress in Neuron Jun 25, 2023
@Danie0918 Danie0918 moved this from 🏗 In Progress to 👀 Testing in Neuron Jun 26, 2023
@Danie0918 Danie0918 moved this from 👀 Testing to 🏗 In Progress in Neuron Jul 3, 2023
@Danie0918 Danie0918 moved this from 🏗 In Progress to ✅ Done in Neuron Jul 3, 2023
@yanguoyu yanguoyu mentioned this issue Mar 6, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@yanguoyu yanguoyu

Labels
enhancement New feature or request question Further information is requested
Projects
Neuron
Archived in project
Milestone
No milestone
Development

No branches or pull requests
5 participants
@Keith-CY @homura @yanguoyu @FrederLu @Danie0918