From 11bb52fd9d0b04317a786e2f3f829407423735fa Mon Sep 17 00:00:00 2001
From: Service Account <service@jan.ai>
Date: Tue, 24 Oct 2023 20:49:51 +0700
Subject: [PATCH] Update code siging for new data plugin

---
 .github/scripts/auto-sign.sh             | 5 +++++
 .github/workflows/jan-electron-build.yml | 5 ++++-
 .github/workflows/jan-plugins.yml        | 4 +++-
 electron/auto-sign.sh                    | 5 -----
 package.json                             | 2 +-
 5 files changed, 13 insertions(+), 8 deletions(-)
 create mode 100755 .github/scripts/auto-sign.sh
 delete mode 100755 electron/auto-sign.sh

diff --git a/.github/scripts/auto-sign.sh b/.github/scripts/auto-sign.sh
new file mode 100755
index 0000000000..bd55034db7
--- /dev/null
+++ b/.github/scripts/auto-sign.sh
@@ -0,0 +1,5 @@
+#!/bin/bash
+
+APP_PATH=${APP_PATH}
+DEVELOPER_ID=${DEVELOPER_ID}
+find $APP_PATH -type f -perm +111 -exec codesign -s "$DEVELOPER_ID" --options=runtime {} \;
\ No newline at end of file
diff --git a/.github/workflows/jan-electron-build.yml b/.github/workflows/jan-electron-build.yml
index 8483df303d..3c7913e6b4 100644
--- a/.github/workflows/jan-electron-build.yml
+++ b/.github/workflows/jan-electron-build.yml
@@ -6,7 +6,7 @@ on:
 
 jobs:
   build-macos:
-    runs-on: macos-latest
+    runs-on: macos-silicon
     environment: production
     permissions:
       contents: write
@@ -52,6 +52,9 @@ jobs:
         run: |
           yarn install
           yarn build:plugins-darwin
+        env:
+          APP_PATH: electron
+          DEVELOPER_ID: ${{ secrets.DEVELOPER_ID }}
 
       - name: Build and publish app
         run: |
diff --git a/.github/workflows/jan-plugins.yml b/.github/workflows/jan-plugins.yml
index 38287c9282..1b0511ab61 100644
--- a/.github/workflows/jan-plugins.yml
+++ b/.github/workflows/jan-plugins.yml
@@ -76,7 +76,7 @@ jobs:
           do
             echo $dir
             cd $dir
-            npm install && npm run build
+            npm install && npm run build && ../../.github/scripts/auto-sign.sh
             if [[ $GITHUB_EVENT_NAME == 'push' && $GITHUB_EVENT_PULL_REQUEST_HEAD_REPO_FULL_NAME != $GITHUB_REPOSITORY ]]; then
               npm publish --access public
             fi
@@ -84,6 +84,8 @@ jobs:
           done
         env:
           NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+          DEVELOPER_ID: ${{ secrets.DEVELOPER_ID }}
+          APP_PATH: "."
 
       - name: "Commit new version to main and create tag"
         id: commit_and_tag
diff --git a/electron/auto-sign.sh b/electron/auto-sign.sh
deleted file mode 100755
index 302f3e1356..0000000000
--- a/electron/auto-sign.sh
+++ /dev/null
@@ -1,5 +0,0 @@
-#!/bin/bash
-
-DEVELOPER_ID="Developer ID Application: Eigenvector Pte Ltd"
-
-find electron -type f -perm +111 -exec codesign -s "Developer ID Application: Eigenvector Pte Ltd (YT49P7GXG4)" --options=runtime {} \;
\ No newline at end of file
diff --git a/package.json b/package.json
index 4ae433b2c5..f3147b0425 100644
--- a/package.json
+++ b/package.json
@@ -24,7 +24,7 @@
     "build:web": "yarn workspace jan-web build && cpx \"web/out/**\" \"electron/renderer/\"",
     "build:electron": "yarn workspace jan build",
     "build:plugins": "rimraf ./electron/core/pre-install/*.tgz && concurrently --kill-others-on-fail \"cd ./plugins/data-plugin && npm install && npm run postinstall\" \"cd ./plugins/inference-plugin && npm install && npm run postinstall\" \"cd ./plugins/model-management-plugin && npm install && npm run postinstall\" \"cd ./plugins/monitoring-plugin && npm install && npm run postinstall\" && concurrently --kill-others-on-fail \"cd ./plugins/data-plugin && npm run build:publish\" \"cd ./plugins/inference-plugin && npm run build:publish\" \"cd ./plugins/model-management-plugin && npm run build:publish\" \"cd ./plugins/monitoring-plugin && npm run build:publish\"",
-    "build:plugins-darwin": "rimraf ./electron/core/pre-install/*.tgz && concurrently \"cd ./plugins/data-plugin && npm install && npm run postinstall\" \"cd ./plugins/inference-plugin && npm install && npm run postinstall\" \"cd ./plugins/model-management-plugin && npm install && npm run postinstall\" \"cd ./plugins/monitoring-plugin && npm install && npm run postinstall\" && chmod +x ./electron/auto-sign.sh && ./electron/auto-sign.sh && concurrently \"cd ./plugins/data-plugin && npm run build:publish\" \"cd ./plugins/inference-plugin && npm run build:publish\" \"cd ./plugins/model-management-plugin && npm run build:publish\" \"cd ./plugins/monitoring-plugin && npm run build:publish\"",
+    "build:plugins-darwin": "rimraf ./electron/core/pre-install/*.tgz && concurrently \"cd ./plugins/data-plugin && npm install && npm run postinstall\" \"cd ./plugins/inference-plugin && npm install && npm run postinstall\" \"cd ./plugins/model-management-plugin && npm install && npm run postinstall\" \"cd ./plugins/monitoring-plugin && npm install && npm run postinstall\" && chmod +x ./.github/scripts/auto-sign.sh && ./.github/scripts/auto-sign.sh && concurrently \"cd ./plugins/data-plugin && npm run build:publish\" \"cd ./plugins/inference-plugin && npm run build:publish\" \"cd ./plugins/model-management-plugin && npm run build:publish\" \"cd ./plugins/monitoring-plugin && npm run build:publish\"",
     "build": "yarn build:web && yarn build:electron",
     "build:darwin": "yarn build:web && yarn workspace jan build:darwin",
     "build:win32": "yarn build:web && yarn workspace jan build:win32",