1

我正在尝试使用 goreleaser 签署我的 golang - 并最终使用 Homebrew 分发。但这需要使用 Apple Developer ID 签名才能分发给 MacO。

您是否使用gon看到以下错误并修复它?

来自这里的 yaml 样本

# This is an example .goreleaser.yml file with some sane defaults.
# Make sure to check the documentation at http://goreleaser.com
before:
  hooks:
    # You may remove this if you don't use go modules.
    - go mod tidy
    # you may remove this if you don't need go generate
    - go generate ./...

builds:
- binary: foo
  id: foo
  goos:
  - linux
  goarch:
  - amd64
# notice that we need a separated build for the MacOS binary only:
- binary: foo
  id: appbrew-macos
  goos:
  - darwin
  goarch:
  - amd64
  hooks:
    post: gon gon.hcl

gon.hcl 文件

# The path follows a pattern
# ./dist/BUILD-ID_TARGET/BINARY-NAME

source = ["."]
bundle_id = "com.mydomain.mybrew"

apple_id {
    username = "<my_developer_id@application.com>"
    password = "@keychain:developer_id_application"
}

sign {
  application_identity = "Developer ID Application: my name (452534542)"
}

我可以使用以下方法验证是否检索了密码:

security find-generic-password -w -s 'developer_id_application' -a '<my_developer_id@application.com>'

错误:

   • archives         
      • creating                  archive=dist/appbrew_0.1.19_Darwin_x86_64.tar.gz
      • creating                  archive=dist/appbrew_0.1.19_Darwin_arm64.tar.gz
      • creating                  archive=dist/appbrew_0.1.19_Linux_i386.tar.gz
      • creating                  archive=dist/appbrew_0.1.19_Linux_x86_64.tar.gz
      • creating                  archive=dist/appbrew_0.1.19_Linux_arm64.tar.gz
   • creating source archive
   • linux packages   
   • snapcraft packages
   • calculating checksums
      • checksumming              file=appbrew_0.1.19_Linux_arm64.tar.gz
      • checksumming              file=appbrew_0.1.19_Darwin_arm64.tar.gz
      • checksumming              file=appbrew_0.1.19_Linux_x86_64.tar.gz
      • checksumming              file=appbrew_0.1.19_Darwin_x86_64.tar.gz
      • checksumming              file=appbrew_0.1.19_Linux_i386.tar.gz
   • signing artifacts
      • signing                   cmd=[gon gon.hcl]
      • ==> ✏️  Signing files...
 cmd=gon
      • ❗️ Error signing files:

error signing:

.: bundle format unrecognized, invalid, or unsuitable

 cmd=gon
   ⨯ release failed after 3.49s error=sign: gon failed
4

1 回答 1

1

你的配置应该是这样的:

builds:
- binary: foo
  id: foo
  goos:
  - linux
  - windows
  goarch:
  - amd64
# separated build for macos only
- binary: foo
  id: foo-macos
  goos:
  - darwin
  goarch:
  - amd64
signs:
  - signature: "${artifact}.dmg"
    ids:
    - foo-macos
    cmd: gon
    args:
    - gon.hcl
    artifacts: all

请注意,签名是在signs步骤中完成的,而不是在builds您的配置中。

更多信息在Gon 的存储库中。

于 2021-07-28T02:32:23.683 回答