mirror of
https://github.com/TrustTunnel/TrustTunnel.git
synced 2026-04-26 10:51:04 +00:00
4b9aa62600
Squashed commit of the following: commit |
||
|---|---|---|
| .. | ||
| .env.default | ||
| .gitignore | ||
| Fastfile | ||
| Matchfile | ||
| README.md | ||
| Subroutings | ||
fastlane for vpn-libs-endpoint
Purpose
This directory contains the fastlane automation used for macOS release signing and notarization of:
trusttunnel_endpointsetup_wizard
The flow was adapted from trusttunnel-client to fit the Cargo-based endpoint
repository.
Prerequisites
Make sure the macOS build environment provides:
- Xcode command line tools
- Ruby with Bundler support
- access to the signing certificate repository used by
match - App Store Connect API credentials via Bamboo environment variables
If Xcode command line tools are missing, install them with:
xcode-select --install
Install Ruby dependencies with:
bundle config --local path '.bundle/vendor'
bundle install
Environment
Example defaults are provided in .env.default.
Important environment variables include:
BUILD_DIRMATCH_GIT_URLMATCH_PASSWORDMATCH_KEYCHAIN_PASSWORDMATCH_KEYCHAIN_NAMEMATCH_APP_IDENTIFIERbamboo_appStoreConnectApiKeyIdbamboo_appStoreConnectApiKeyIssuerIdbamboo_appStoreConnectApiKeyBase64Password
Available lanes
certs
[bundle exec] fastlane certs
Syncs the Developer ID signing identity required for macOS release signing.
remove_certs
[bundle exec] fastlane remove_certs
Removes the temporary local keychain created for signing.
notari
[bundle exec] fastlane notari id:"<bundle_id>" bundle:"<path_to_binary>"
Notarizes the specified binary using the default App Store Connect credentials.
Required options:
id: bundle identifier used for notarizationbundle: path to the signed binary
Notes
- Executables are compressed into a temporary archive before notarization.
- Stapling is intentionally skipped for executables.
- This directory is maintained manually for the endpoint repository and is not auto-generated.