OpenLens Mac app is not trusted

The mac .dmg package can easily be installed by dropping the app into /Applications, but then most users won't be able to run it due to lack of trusted signature. Is there a way for the GitHub action to pick up some credential for a Mac developer during build?

May 31 '22 16:05 janhoy

It seems it is possible to produce a signed package, however someone needs to arrange certificates with developer account. Example : https://localazy.com/blog/how-to-automatically-sign-macos-apps-using-github-actions

May 31 '22 16:05 MuhammedKalkan

Do you have a Mac? If not, I could probably help with the cert.

May 31 '22 17:05 janhoy

Problem seems to be the developer account. i dont have one. İf you have one , i think it is more convenient to create a dev installer certificate for .dmg ones. Not really experienced with mac cert processes.

May 31 '22 17:05 MuhammedKalkan

I have an Apple dev account, currently investigating the steps involved. If you are willing to grant me maintainer access to this repo, I can try to add my certificate as a github secret and test the flow in a new branch.

Jun 01 '22 18:06 janhoy

Sure, check inv

Jun 01 '22 18:06 MuhammedKalkan

That would be awesome. Thanks for your initiative folks.

Jun 06 '22 15:06 Punkoivan

@MuhammedKalkan I can also provide a signature through @xavierLowmiller apple developer Account. Good point to move forward here since its blocking the M1 builds here.

Aug 01 '22 16:08 jkroepke

@MuhammedKalkan I can also provide a signature through @xavierLowmiller apple developer Account. Good point to move forward here since its blocking the M1 builds here.

That would be the fastest solution right now.On top of signing also notarization needs to take place. @janhoy tried the same approach but could not see it through i guess. if you can make a PR after signing and confirming, we can merge back here

Aug 01 '22 16:08 MuhammedKalkan

@MuhammedKalkan PR opened. binaries can be tested.

Aug 02 '22 12:08 jkroepke