Skip to content

Configure macOS Developer ID signing and notarization #27

Description

@volodymyr-yelisieiev

Public macOS distribution is not production-ready until Developer ID signing and Apple notarization are configured and verified on release artifacts. Local ad-hoc signing is suitable only for private review.

Checklist:

  • Configure Apple Developer ID certificate import secrets.
  • Configure either Apple ID/app-password notarization secrets or App Store Connect API key notarization secrets.
  • Build the macOS DMG through the release workflow.
  • Verify codesign --verify --deep --strict, spctl, xcrun stapler validate, and hdiutil verify on the shipped app/DMG.
  • Validate first launch from a clean macOS profile.
  • Decide and verify Intel/universal build coverage.

Metadata

Metadata

Assignees

No one assigned

    Labels

    blockedBlocked by external dependency or required accessqaManual or environment-specific validationreleaseRelease readiness and distribution work

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions