DevNotes_Processeses_Signing_and_Notarization

In order to perform Signing and Notarization we need to use a "Developer ID Application" certificate. This can be created by the account holder from the Apple approved organization e.g. International Scattering Alliance

Once the certificate is created, open your terminal and encode the certificate to base64, you can also copy it to the clipboard at the same time by running:

base64 -i Certificates.p12 | bcopy

On macOS this would be:

base64 -i Certificates.p12 -o certb64

You then need to open the file and copy the contents.

Go to your Github project and navigate to Settings -> Secrets where you can add new secrets. Create a new repository secret, I’ve called it MACOS_CERTIFICATE, and paste the encoded certificate. Create another secret name, for example MAOS_CERTIFICATE_PWD, where you store the certificate password (created by you or someone else).

Note that repository secrets are only usable in actions when the action is triggered by the repository itself. For example, they are not usable by PRs that originate from forks, only from PRs that originate from the original SasView/sasview repository.

In order to perform notarization one also needs to create app-specific passwords.

How to generate an app-specific password:

• Sign in to appleid.apple.com.
• In the Sign-In and Security section, select App-Specific Passwords.
• Select Generate an app-specific password or select the Add buttonBlue plus sign icon., then follow the steps on your screen.
• Enter or paste the app-specific password into the password field of the app.