From ca342ee9d3b8955e6f945c56929122ccbac6966d Mon Sep 17 00:00:00 2001 From: rly Date: Thu, 14 Sep 2023 05:14:10 -0400 Subject: [PATCH 1/6] Update mac deploy docs and build for x64 and arm64 --- .github/workflows/Build-and-deploy-mac.yml | 14 +++++++++++++- package.json | 16 ++++++++++++++-- 2 files changed, 27 insertions(+), 3 deletions(-) diff --git a/.github/workflows/Build-and-deploy-mac.yml b/.github/workflows/Build-and-deploy-mac.yml index dd7a77988..7bd6e14c1 100644 --- a/.github/workflows/Build-and-deploy-mac.yml +++ b/.github/workflows/Build-and-deploy-mac.yml @@ -50,6 +50,18 @@ jobs: # Use Keychain Access to export the certificate as a .p12 # base64 -i cent.p12 -o base64.txt # Open base64.txt and copy the contents to the nwb-guide repository secret for MACOS_CERTIFICATE + # For local development, download the appropriate Apple Intermediate Certificate + # from https://www.apple.com/certificateauthority/ to make certificate trusted/valid + # See https://developer.apple.com/forums/thread/705473 + # For this, it is Worldwide Developer Relations - G3 + # Confirm that the certificate now shows up as trusted in Keychain Access + # Then go to https://appleid.apple.com/account/manage + # and create an App-Specific Password + # Use that for local building and in the secrets.APPLE_PASSWORD repository secret + # Also review and agree to any pending agreements in + # https://appstoreconnect.apple.com/agreements/#/ for Free Apps + # and the Apple Developer Program License Agreement, which updates periodically + # Currently this is set up to use Ryan's account and certificate p12-file-base64: ${{ secrets.MACOS_CERTIFICATE }} p12-password: ${{ secrets.MACOS_CERTIFICATE_PWD }} @@ -57,6 +69,6 @@ jobs: - name: Build and deploy on MAC env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - appleId: ${{ secrets.APPLE_ID }} # currently this is set to Ryan's Apple ID and password + appleId: ${{ secrets.APPLE_ID }} # currently this is set to Ryan's Apple ID and app-specific password appleIdPassword: ${{ secrets.APPLE_PASSWORD }} run: npm run deploy:mac diff --git a/package.json b/package.json index 3bcb3133a..dd1038059 100644 --- a/package.json +++ b/package.json @@ -76,8 +76,20 @@ "mac": { "asar": true, "target": [ - "dmg", - "zip" + { + "target": "dmg", + "arch": [ + "x64", + "arm64" + ] + }, + { + "target": "zip", + "arch": [ + "x64", + "arm64" + ] + } ], "icon": "src/renderer/assets/img/logo-guide-draft.png", "darkModeSupport": false, From fdaaf79b9c56f873cbdbd8065dbe6f84a0ee5829 Mon Sep 17 00:00:00 2001 From: rly Date: Mon, 18 Sep 2023 14:15:21 -0400 Subject: [PATCH 2/6] Move documentation on codesigning --- .github/workflows/Build-and-deploy-mac.yml | 29 ++------------ docs/developer_guide.rst | 46 ++++++++++++++++++++++ 2 files changed, 49 insertions(+), 26 deletions(-) diff --git a/.github/workflows/Build-and-deploy-mac.yml b/.github/workflows/Build-and-deploy-mac.yml index b3c6282dd..310b5cc2d 100644 --- a/.github/workflows/Build-and-deploy-mac.yml +++ b/.github/workflows/Build-and-deploy-mac.yml @@ -37,37 +37,14 @@ jobs: - uses: apple-actions/import-codesign-certs@v1 with: - # https://developer.apple.com/account/resources/certificates/add - # Sign up for an Apple Developer account (annual fee) - # Create a new certificate for Mac development at website above (max 1 certificate) - # Create a Certificate Signing Request (CSR) on your Mac -- - # see https://developer.apple.com/help/account/create-certificates/create-a-certificate-signing-request - # Keychain Access > Certificate Assistant > Request a Certificate from a Certificate Authority... - # Enter email address, common name - # Download the new certificate (.cer file) - # Double click the .cer file to install in Keychain Access - # Use Keychain Access to export the certificate as a .p12 - # base64 -i cent.p12 -o base64.txt - # Open base64.txt and copy the contents to the nwb-guide repository secret for MACOS_CERTIFICATE - # For local development, download the appropriate Apple Intermediate Certificate - # from https://www.apple.com/certificateauthority/ to make certificate trusted/valid - # See https://developer.apple.com/forums/thread/705473 - # For this, it is Worldwide Developer Relations - G3 - # Confirm that the certificate now shows up as trusted in Keychain Access - # Then go to https://appleid.apple.com/account/manage - # and create an App-Specific Password - # Use that for local building and in the secrets.APPLE_PASSWORD repository secret - # Also review and agree to any pending agreements in - # https://appstoreconnect.apple.com/agreements/#/ for Free Apps - # and the Apple Developer Program License Agreement, which updates periodically - - # Currently this is set up to use Ryan's account and certificate + # Currently this is set to Ryan's Developer ID certificate p12-file-base64: ${{ secrets.MACOS_CERTIFICATE }} p12-password: ${{ secrets.MACOS_CERTIFICATE_PWD }} - name: Build and deploy on MAC env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - appleId: ${{ secrets.APPLE_ID }} # currently this is set to Ryan's Apple ID and app-specific password + # Currently this is set to Ryan's Apple ID and app-specific password + appleId: ${{ secrets.APPLE_ID }} appleIdPassword: ${{ secrets.APPLE_PASSWORD }} run: npm run deploy:mac diff --git a/docs/developer_guide.rst b/docs/developer_guide.rst index eb206f426..0602e31a1 100644 --- a/docs/developer_guide.rst +++ b/docs/developer_guide.rst @@ -125,3 +125,49 @@ Pre-Commit We use an automated pre-commit bot to enforce these on the main repo, but contributions from external forks would either have to grant bot permissions on their own fork (via :pre-commit-bot:`the pre-commit bot website <>`) or run pre-commit manually. For instructions to install pre-commit, as well as some other minor coding styles we follow, refer to the :neuroconv-coding-style:`NeuroConv style guide <>`. + +Code signing on Mac OS +--------------------------- + +1. Sign up for an Apple Developer account (99 USD annual fee). + +2. Follow steps in https://developer.apple.com/help/account/create-certificates/create-developer-id-certificates/ + a. Browse current Certificates at https://developer.apple.com/account/resources/certificates/list. + b. Click Certificates in the sidebar. On the top left, click the add button (+). + c. Under Software, select Developer ID Application. + d. Select Profile Type: G2 Sub-CA (Xcode 11.4.1 or later). + e. Create a certificate signing request (CSR) by following the steps in https://developer.apple.com/help/account/create-certificates/create-a-certificate-signing-request + i. Open Keychain Access. + ii. Choose Keychain Access > Certificate Assistant > Request a Certificate from a Certificate Authority. + iii. In the Certificate Assistant dialog, enter an email address in the User Email Address field. + iv. In the Common Name field, enter a name for the key (for example, John Doe Dev Key). Ryan entered "Ryan Ly". + v. Leave the CA Email Address field empty. + vi. Choose “Saved to disk”, and click Continue. + vii. Save the certificate request file to disk. + f. Select the certificate request file (a file with a .certSigningRequest file extension), then click Choose. + g. Click Continue, click Download - The certificate file (.cer file) appears in your Downloads folder. + h. To install the certificate in your keychain, double-click the downloaded certificate file. + i. The certificate appears in the My Certificates category in Keychain Access, but may not be trusted. + j. For local development, download the appropriate Apple Intermediate Certificate. + k. from https://www.apple.com/certificateauthority/ to make certificate trusted/valid. + l. For this, it is Developer ID - G2 (Expiring 09/17/2031 00:00:00 UTC). + m. Double-click the downloaded file. + n. Confirm that the certificate now shows up as trusted in Keychain Access. + +3. Provide a p12 file for notarizing via GitHub Action. + a. Open Keychain Access. + b. Select the Developer ID Application certificate. + c. Choose Keychain Access > Export Items... + d. Export the certificate to a file with a password. + e. Get a base64 version of the certificate by running: base64 -i Certificate.p12 -o base64.txt + f. Open base64.txt and copy the contents to the nwb-guide repository secret MACOS_CERTIFICATE. + g. Set the password for the certificate in the nwb-guide repository secret MACOS_CERTIFICATE_PASSWORD. + +4. Create an app-specific password for building locally and via the GitHub Action. + a. Go to https://appleid.apple.com/account/manage. + b. Follow the steps to create an App-Specific Password. + c. Use that for local building and in the secrets.APPLE_PASSWORD repository secret. + +5. Review and agree to any pending agreements. + a. Go to https://appstoreconnect.apple.com/agreements/#/ and agree to pending agreements for Free Apps. + b. Review and agree to the Apple Developer Program License Agreement, which updates periodically. \ No newline at end of file From d34dd90ada331b9af12a169a13478640c479ff86 Mon Sep 17 00:00:00 2001 From: rly Date: Mon, 18 Sep 2023 14:15:41 -0400 Subject: [PATCH 3/6] Update version to 0.0.6 --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 3653a3054..9d3d15ed8 100644 --- a/package.json +++ b/package.json @@ -1,7 +1,7 @@ { "name": "nwb-guide", "productName": "NWB GUIDE", - "version": "0.0.5", + "version": "0.0.6", "description": "", "main": "./build/main/main.js", "scripts": { From 8a97fa1be0e828ff1820b5fa6d7110db95da6748 Mon Sep 17 00:00:00 2001 From: "pre-commit-ci[bot]" <66853113+pre-commit-ci[bot]@users.noreply.github.com> Date: Mon, 18 Sep 2023 18:16:43 +0000 Subject: [PATCH 4/6] [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci --- docs/developer_guide.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/developer_guide.rst b/docs/developer_guide.rst index 0602e31a1..e191ff894 100644 --- a/docs/developer_guide.rst +++ b/docs/developer_guide.rst @@ -170,4 +170,4 @@ Code signing on Mac OS 5. Review and agree to any pending agreements. a. Go to https://appstoreconnect.apple.com/agreements/#/ and agree to pending agreements for Free Apps. - b. Review and agree to the Apple Developer Program License Agreement, which updates periodically. \ No newline at end of file + b. Review and agree to the Apple Developer Program License Agreement, which updates periodically. From 61be1292d7b72f06f7ac2fc25f1c3e4994ae0750 Mon Sep 17 00:00:00 2001 From: Ryan Ly Date: Mon, 18 Sep 2023 11:20:24 -0700 Subject: [PATCH 5/6] Revert version bump --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 9d3d15ed8..3653a3054 100644 --- a/package.json +++ b/package.json @@ -1,7 +1,7 @@ { "name": "nwb-guide", "productName": "NWB GUIDE", - "version": "0.0.6", + "version": "0.0.5", "description": "", "main": "./build/main/main.js", "scripts": { From dd7abc81476672e248c75b1609c12d6106cdcb4e Mon Sep 17 00:00:00 2001 From: "pre-commit-ci[bot]" <66853113+pre-commit-ci[bot]@users.noreply.github.com> Date: Mon, 18 Sep 2023 19:21:57 +0000 Subject: [PATCH 6/6] [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci --- src/renderer/src/stories/pages/Page.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/renderer/src/stories/pages/Page.js b/src/renderer/src/stories/pages/Page.js index cfd4cc474..49b22071b 100644 --- a/src/renderer/src/stories/pages/Page.js +++ b/src/renderer/src/stories/pages/Page.js @@ -64,7 +64,7 @@ export class Page extends LitElement { this.beforeTransition(); // Otherwise note unsaved updates if present - if (this.unsavedUpdates || ('states' in this.info && !this.info.states.saved)) { + if (this.unsavedUpdates || ("states" in this.info && !this.info.states.saved)) { if (transition === 1) await this.save(); // Save before a single forward transition else { Swal.fire({