From eeffbe8936eae1627277b6f1e07f85cbb08f2ead Mon Sep 17 00:00:00 2001 From: Guillaume Bougard Date: Thu, 20 Feb 2025 13:08:31 +0100 Subject: [PATCH] build: Will try now to not abort nightly builds on MacOSX notarization failure --- .github/workflows/glpi-agent-packaging.yml | 1 + contrib/macosx/glpi-agent-packaging.sh | 20 ++++++++++++++++++++ 2 files changed, 21 insertions(+) diff --git a/.github/workflows/glpi-agent-packaging.yml b/.github/workflows/glpi-agent-packaging.yml index b711609ca..00f8e14b7 100644 --- a/.github/workflows/glpi-agent-packaging.yml +++ b/.github/workflows/glpi-agent-packaging.yml @@ -429,6 +429,7 @@ jobs: NOTARIZE_PASSWORD: ${{ secrets.MACOSX_NOTARIZE_PASSWORD }} NOTARIZE_TEAMID: ${{ vars.MACOSX_NOTARIZE_TEAMID }} MACOSX_NOTARIZE: ${{ needs.setup-release.outputs.macosx-notarization }} + TAGNAME: ${{ needs.setup-release.outputs.tag_name }} shell: bash - name: List generated files if: success() || failure() diff --git a/contrib/macosx/glpi-agent-packaging.sh b/contrib/macosx/glpi-agent-packaging.sh index bf9b27495..7e90beea4 100755 --- a/contrib/macosx/glpi-agent-packaging.sh +++ b/contrib/macosx/glpi-agent-packaging.sh @@ -586,9 +586,29 @@ cat >pkg/payload/Applications/GLPI-Agent/Contents/Info.plist <<-INFO_PLIST INFO_PLIST +# Disable aborting on error to handle notarization failure +[ "$NOTARIZE" == "yes" ] && set +e + echo "Build package" ./munkipkg pkg +# Analyze return code +if [ "$?" != "0" ]; then + # If pkg file was generated, it means we failed on notarization + # Then we can forget notarization unless on release (nightly build case) + if [ -s "$PKG" -a "$NOTARIZE" == "yes" -a -z "${TAGNAME##nightly-*}" ]; then + echo "By-passing notarization check" + # On Github Actions run, add a warning to the build workflow + [ -n "$GITHUB_REF" ] && echo "::warning title=Notarization failure for MacOSX $PKG build::By-passing notarization check" + NOTARIZE="no" + else + exit 7 + fi +fi + +# Enable back shell aborting on error +set -e + mv -vf "pkg/build/$PKG" "build/$PKG" # Signature check