From 3e5ed408011c8f6a0d89d7a7c63b87f30ec84b6c Mon Sep 17 00:00:00 2001
From: jcm <6864788+jcm93@users.noreply.github.com>
Date: Sun, 5 Jan 2025 23:34:12 -0800
Subject: [PATCH] CI: fixups (#1754)

First commit stops notarizing the legacy build; for some reason
notarization currently
[fails](https://github.com/ares-emulator/ares/actions/runs/12626365618/job/35179407527)
only with the legacy build, despite us not having modified the legacy
workflow. In any case it seems fine to no longer notarize this artifact.

Second commit allows the new build CI to continue if the repository it
is being run on does not have macOS codesigning set up. This means CI
won't automatically fail on your fork if you do not have macOS
codesigning set up on your repository.
---
 .github/workflows/build.yml     | 2 +-
 .github/workflows/build_new.yml | 2 ++
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 4516e724c..537c61b54 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -161,7 +161,7 @@ jobs:
         folder: 'desktop-ui/out'
         timestampUrl: 'http://timestamp.digicert.com' 
     - name: "macOS: notarize"
-      if: runner.os == 'macOS' && github.event_name != 'pull_request'
+      if: false
       continue-on-error: ${{ github.repository != 'ares-emulator/ares' }}
       run: |
         ditto -c -k --keepParent desktop-ui/out/ares.app /tmp/ares.zip
diff --git a/.github/workflows/build_new.yml b/.github/workflows/build_new.yml
index 06340fa8a..852bb06ba 100644
--- a/.github/workflows/build_new.yml
+++ b/.github/workflows/build_new.yml
@@ -76,6 +76,7 @@ jobs:
     - name: "macOS: Import Certificate"
       if: runner.os == 'macOS'
       uses: apple-actions/import-codesign-certs@v3
+      continue-on-error: ${{ github.repository != 'ares-emulator/ares' }}
       with:
         p12-file-base64: ${{ secrets.MACOS_CERTIFICATE_DATA }}
         p12-password: ${{ secrets.MACOS_CERTIFICATE_PASSPHRASE }}
@@ -126,6 +127,7 @@ jobs:
         timestampUrl: 'http://timestamp.digicert.com'
     - name: "macOS: notarize"
       if: runner.os == 'macOS' && (github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/tags/'))
+      continue-on-error: ${{ github.repository != 'ares-emulator/ares' }}
       run: |
         ditto -c -k --keepParent ${{ github.workspace }}/build/desktop-ui/RelWithDebInfo/ares.app /tmp/ares.zip
         xcrun notarytool submit /tmp/ares.zip --apple-id "$MACOS_NOTARIZATION_USERNAME" --password "$MACOS_NOTARIZATION_PASSWORD" --team-id "$MACOS_NOTARIZATION_TEAMID" --wait