1Password/load-secrets-action
1
0
Fork 0
mirror of https://github.com/1Password/load-secrets-action.git synced 2026-06-21 14:23:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add check for macos signature

Browse Source
This commit is contained in:
Jill Regan
2026-05-20 14:35:25 -04:00
parent 908aabfade
commit 6ec01615e5
3 changed files with 231 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/op-cli-installer/github-action/cli-installer/macos.ts
+4
View File
@@ -12,6 +12,7 @@ import {
type SupportedPlatform,
} from "./cli-installer";
import { type Installer } from "./installer";
import { verifyMacOsPackageSignature } from "./signature";
const execFileAsync = promisify(execFile);
@@ -34,6 +35,9 @@ export class MacOsInstaller extends CliInstaller implements Installer {
const pkgWithExtension = `${pkgPath}.pkg`;
fs.renameSync(pkgPath, pkgWithExtension);
core.info("Verifying 1Password CLI signature");
await verifyMacOsPackageSignature(pkgWithExtension);
const expandDir = "temp-pkg";
await execFileAsync("pkgutil", ["--expand", pkgWithExtension, expandDir]);
const payloadPath = path.join(expandDir, "op.pkg", "Payload");