Expand description
macOS code-signing + notarization stage.
Split into focused submodules:
- [
secret] — checksum refresh, skip/id gating, base64 secret materialization + arg redaction. - [
retry] — notarytool / rcodesign invocation with bounded transient retry and output checking. - [
run] — the cross-platform (rcodesign) and native (codesign + xcrun notarytool) per-config run paths.
The NotarizeStage entry point and its Stage impl live here.
Structs§
Functions§
- env_
requirements - Environment requirements for the notarize stage, mirroring its run
gates: nothing when the top-level
skip:is truthy; per activemacos:entry the cross-platformrcodesignplus the env refs of the templated certificate / password / App Store Connect fields; per activemacos_native:entrycodesign+xcrunplus the env refs of the templated identity / keychain / profile fields. Both toolchains run on whatever host executes the release (rcodesign is cross-platform; amacos_nativeconfig on a non-mac host would fail at run time, and preflight reports exactly that). Values are never echoed — only referenced env-var names.