Fix certificate verification to handle GitHub secret masking

2026-01-05 12:59:58 -06:00 · 2025-06-16 17:45:33 -07:00
parent dad7d4c303
commit 8ccee43460
1 changed files with 9 additions and 6 deletions
--- a/.github/workflows/publish-lume.yml
+++ b/.github/workflows/publish-lume.yml
@@ -116,19 +116,22 @@ jobs:
          
          # Verify certificates were imported
          echo "Verifying signing identities..."
-          security find-identity -v -p codesigning build.keychain
+          CERT_COUNT=$(security find-identity -v -p codesigning build.keychain | grep -c "Developer ID Application" || echo "0")
+          INSTALLER_COUNT=$(security find-identity -v build.keychain | grep -c "Developer ID Installer" || echo "0")
          
-          # Verify specific certificates exist
-          if ! security find-identity -v -p codesigning build.keychain | grep -q "Developer ID Application: ${{ secrets.DEVELOPER_NAME }}"; then
-            echo "Error: Developer ID Application certificate not found"
+          if [ "$CERT_COUNT" -eq 0 ]; then
+            echo "Error: No Developer ID Application certificate found"
+            security find-identity -v -p codesigning build.keychain
            exit 1
          fi
          
-          if ! security find-identity -v -p codesigning build.keychain | grep -q "Developer ID Installer: ${{ secrets.DEVELOPER_NAME }}"; then
-            echo "Error: Developer ID Installer certificate not found"
+          if [ "$INSTALLER_COUNT" -eq 0 ]; then
+            echo "Error: No Developer ID Installer certificate found"  
+            security find-identity -v build.keychain
            exit 1
          fi
          
+          echo "Found $CERT_COUNT Developer ID Application certificate(s) and $INSTALLER_COUNT Developer ID Installer certificate(s)"
          echo "All required certificates verified successfully"
          
          # Clean up certificate files