aesthetic.computer / core
Monorepo for Aesthetic.Computer aesthetic.computer
fork atom
core / ac-electron / README.md
at main 73 lines 2.5 kB view raw view rendered
Jeffrey Alan Scudder restore 4270 files deleted by papers oven auto-build (aaa62f4a1)
ea1fd8af
1# Aesthetic Computer Electron Build Credentials 2 3This directory contains signing certificates and credentials for building and distributing the Aesthetic Computer desktop app across all platforms. 4 5## Contents 6 7### macOS Code Signing 8- `mac-developer-id.p12` - Apple Developer ID certificate (export from Xcode/Keychain) 9- `mac-developer-id-password.txt` - Password for the .p12 file 10- `mac-provisioning-profile.provisionprofile` - Provisioning profile (if needed) 11- `apple-id.txt` - Apple ID email for notarization 12- `apple-app-specific-password.txt` - App-specific password for notarization 13 14### Windows Code Signing 15- `windows-code-signing.pfx` - Windows Authenticode certificate 16- `windows-code-signing-password.txt` - Password for the .pfx file 17 18### Linux 19No signing required for Linux builds (AppImage, deb, rpm are unsigned by default) 20 21### Build Secrets 22- `.env` - Environment variables for build process: 23 ```bash 24 # macOS 25 CSC_LINK=./mac-developer-id.p12 26 CSC_KEY_PASSWORD=<from mac-developer-id-password.txt> 27 APPLE_ID=<from apple-id.txt> 28 APPLE_APP_SPECIFIC_PASSWORD=<from apple-app-specific-password.txt> 29 APPLE_TEAM_ID=<your Apple Team ID> 30 31 # Windows 32 WIN_CSC_LINK=./windows-code-signing.pfx 33 WIN_CSC_KEY_PASSWORD=<from windows-code-signing-password.txt> 34 35 # Publishing 36 GH_TOKEN=<GitHub Personal Access Token with repo scope> 37 ``` 38 39## Usage 40 41The `build-all-platforms.fish` script in the parent `ac-electron/` directory will: 421. Source credentials from this vault 432. Build for all platforms using Docker containers 443. Sign apps with appropriate certificates 454. Publish to GitHub releases 46 47## Getting Certificates 48 49### macOS Developer ID Certificate 501. Log into https://developer.apple.com 512. Go to Certificates, Identifiers & Profiles 523. Create a Developer ID Application certificate 534. Download and install in Keychain Access 545. Export as .p12 with a strong password 556. Store .p12 and password in vault 56 57### Windows Code Signing Certificate 581. Purchase from a CA (DigiCert, Sectigo, etc.) 592. Download the .pfx file 603. Store .pfx and password in vault 61 62### Apple App-Specific Password 631. Log into https://appleid.apple.com 642. Go to Security > App-Specific Passwords 653. Generate a new password for "Aesthetic Computer Electron Builder" 664. Store in vault 67 68## Security Notes 69 70- **NEVER commit certificates to git** 71- `.p12` and `.pfx` files should be mode 600 (owner read/write only) 72- Passwords stored in separate files for easier rotation 73- This directory is gitignored in the parent repo