From db3af19c462d112c9ba72d0a19dad0ed04160bc3 Mon Sep 17 00:00:00 2001 From: Vitor Mattos <1079143+vitormattos@users.noreply.github.com> Date: Tue, 31 Mar 2026 17:36:57 -0300 Subject: [PATCH] fix(actions): use absolute paths when signing app Signed-off-by: Vitor Mattos <1079143+vitormattos@users.noreply.github.com> --- .github/workflows/appstore-build-publish.yml | 16 ++++++++++------ .github/workflows/nightly-release.yml | 16 ++++++++++------ 2 files changed, 20 insertions(+), 12 deletions(-) diff --git a/.github/workflows/appstore-build-publish.yml b/.github/workflows/appstore-build-publish.yml index b70163d..498fb8d 100644 --- a/.github/workflows/appstore-build-publish.yml +++ b/.github/workflows/appstore-build-publish.yml @@ -122,14 +122,18 @@ jobs: - name: Sign app run: | - printf '%s' '${{ secrets.APP_PRIVATE_KEY }}' > "${{ env.APP_NAME }}.key" - chmod 600 "${{ env.APP_NAME }}.key" - wget --quiet "https://github.com/nextcloud/app-certificate-requests/raw/master/${{ env.APP_NAME }}/${{ env.APP_NAME }}.crt" + KEY_PATH="${GITHUB_WORKSPACE}/${{ env.APP_NAME }}.key" + CERT_PATH="${GITHUB_WORKSPACE}/${{ env.APP_NAME }}.crt" + APP_PATH="${GITHUB_WORKSPACE}/${{ env.APP_NAME }}/build/artifacts/${{ env.APP_NAME }}" + + printf '%s' '${{ secrets.APP_PRIVATE_KEY }}' > "${KEY_PATH}" + chmod 600 "${KEY_PATH}" + wget --quiet -O "${CERT_PATH}" "https://github.com/nextcloud/app-certificate-requests/raw/master/${{ env.APP_NAME }}/${{ env.APP_NAME }}.crt" php nextcloud/occ integrity:sign-app \ - --privateKey="${{ env.APP_NAME }}.key" \ - --certificate="${{ env.APP_NAME }}.crt" \ - --path="${{ env.APP_NAME }}/build/artifacts/${{ env.APP_NAME }}" + --privateKey="${KEY_PATH}" \ + --certificate="${CERT_PATH}" \ + --path="${APP_PATH}" tar -C "${{ env.APP_NAME }}/build/artifacts" -zcf "${{ env.APP_NAME }}/build/artifacts/${{ env.APP_NAME }}.tar.gz" "${{ env.APP_NAME }}" diff --git a/.github/workflows/nightly-release.yml b/.github/workflows/nightly-release.yml index 5774444..df63ee1 100644 --- a/.github/workflows/nightly-release.yml +++ b/.github/workflows/nightly-release.yml @@ -152,14 +152,18 @@ jobs: - name: Sign app run: | - printf '%s' '${{ secrets.APP_PRIVATE_KEY }}' > "${{ env.APP_NAME }}.key" - chmod 600 "${{ env.APP_NAME }}.key" - wget --quiet "https://github.com/nextcloud/app-certificate-requests/raw/master/${{ env.APP_NAME }}/${{ env.APP_NAME }}.crt" + KEY_PATH="${GITHUB_WORKSPACE}/${{ env.APP_NAME }}.key" + CERT_PATH="${GITHUB_WORKSPACE}/${{ env.APP_NAME }}.crt" + APP_PATH="${GITHUB_WORKSPACE}/${{ env.APP_NAME }}/build/artifacts/${{ env.APP_NAME }}" + + printf '%s' '${{ secrets.APP_PRIVATE_KEY }}' > "${KEY_PATH}" + chmod 600 "${KEY_PATH}" + wget --quiet -O "${CERT_PATH}" "https://github.com/nextcloud/app-certificate-requests/raw/master/${{ env.APP_NAME }}/${{ env.APP_NAME }}.crt" php nextcloud/occ integrity:sign-app \ - --privateKey="${{ env.APP_NAME }}.key" \ - --certificate="${{ env.APP_NAME }}.crt" \ - --path="${{ env.APP_NAME }}/build/artifacts/${{ env.APP_NAME }}" + --privateKey="${KEY_PATH}" \ + --certificate="${CERT_PATH}" \ + --path="${APP_PATH}" tar -C "${{ env.APP_NAME }}/build/artifacts" -zcf "${{ env.APP_NAME }}/build/artifacts/${{ env.APP_NAME }}.tar.gz" "${{ env.APP_NAME }}"