Added mac signing

.github/workflows/README-tauri.md

@@ -79,9 +79,43 @@ This directory contains GitHub Actions workflows for building Tauri desktop appl
 
 ## Configuration
 
-### Required Secrets (Optional)
+### Required Secrets
 
-For signed builds, configure these secrets in your repository:
+#### For macOS Code Signing (Required for distribution)
+
+Configure these secrets in your repository for macOS app signing:
+
+- `APPLE_CERTIFICATE`: Base64-encoded .p12 certificate file
+- `APPLE_CERTIFICATE_PASSWORD`: Password for the .p12 certificate
+- `APPLE_SIGNING_IDENTITY`: Certificate name (e.g., "Developer ID Application: Your Name")
+- `APPLE_ID`: Your Apple ID email
+- `APPLE_PASSWORD`: App-specific password for your Apple ID
+- `APPLE_TEAM_ID`: Your Apple Developer Team ID
+
+#### Setting Up Apple Code Signing
+
+1. **Get a Developer ID Certificate**:
+   - Join the Apple Developer Program ($99/year)
+   - Create a "Developer ID Application" certificate in Apple Developer portal
+   - Download the certificate as a .p12 file
+
+2. **Convert Certificate to Base64**:
+   ```bash
+   base64 -i certificate.p12 | pbcopy
+   ```
+
+3. **Create App-Specific Password**:
+   - Go to appleid.apple.com → Sign-In and Security → App-Specific Passwords
+   - Generate a new password for "Tauri CI"
+
+4. **Find Your Team ID**:
+   - Apple Developer portal → Membership → Team ID
+
+5. **Add to GitHub Secrets**:
+   - Repository → Settings → Secrets and variables → Actions
+   - Add each secret with the exact names listed above
+
+#### For General Tauri Signing (Optional)
 
 - `TAURI_SIGNING_PRIVATE_KEY`: Private key for signing Tauri applications
 - `TAURI_SIGNING_PRIVATE_KEY_PASSWORD`: Password for the signing private key

.github/workflows/tauri-test.yml

@@ -193,11 +193,48 @@ jobs:
       - name: Install frontend dependencies
         working-directory: ./frontend
         run: npm install
+
+      - name: Import Apple Developer Certificate
+        if: matrix.platform == 'macos-latest'
+        env:
+          APPLE_ID: ${{ secrets.APPLE_ID }}
+          APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }}
+          APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }}
+          APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }}
+          KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
+        run: |
+          echo "Importing Apple Developer Certificate..."
+          echo $APPLE_CERTIFICATE | base64 --decode > certificate.p12
+          security create-keychain -p "$KEYCHAIN_PASSWORD" build.keychain
+          security default-keychain -s build.keychain
+          security unlock-keychain -p "$KEYCHAIN_PASSWORD" build.keychain
+          security set-keychain-settings -t 3600 -u build.keychain
+          security import certificate.p12 -k build.keychain -P "$APPLE_CERTIFICATE_PASSWORD" -T /usr/bin/codesign
+          security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k "$KEYCHAIN_PASSWORD" build.keychain
+          security find-identity -v -p codesigning build.keychain
+      - name: Verify Certificate
+        if: matrix.platform == 'macos-latest'
+        run: |
+          echo "Verifying Apple Developer Certificate..."
+          CERT_INFO=$(security find-identity -v -p codesigning build.keychain | grep "Developer ID Application")
+          echo "Certificate Info: $CERT_INFO"
+          CERT_ID=$(echo "$CERT_INFO" | awk -F'"' '{print $2}')
+          echo "Certificate ID: $CERT_ID"
+          echo "CERT_ID=$CERT_ID" >> $GITHUB_ENV
+          echo "Certificate imported."
+
       
       - name: Build Tauri app (test mode)
         uses: tauri-apps/tauri-action@v0
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }}
+          APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }}
+          APPLE_SIGNING_IDENTITY: ${{ env.CERT_ID }}
+          APPLE_ID: ${{ secrets.APPLE_ID }}
+          APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }}
+          APPLE_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }}
+          APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} 
         with:
           projectPath: ./frontend
           tauriScript: npx tauri