Skip to content

feat: Enhanced certificate handling, improved ergonomics, and documentation#13

Merged
nodeselector merged 10 commits into
mainfrom
feat/misc-enhancements
Feb 27, 2026
Merged

feat: Enhanced certificate handling, improved ergonomics, and documentation#13
nodeselector merged 10 commits into
mainfrom
feat/misc-enhancements

Conversation

@nsakaimbo
Copy link
Copy Markdown
Collaborator

@nsakaimbo nsakaimbo commented Feb 26, 2026

Summary

This PR consolidates enhancements across three key areas: documentation, certificate handling, and action ergonomics.

Documentation

  • New apple_codesigning_overview.md: Comprehensive guide explaining Apple code signing concepts, certificate types, provisioning profiles, and common workflows
  • Updated README.md: Improved usage examples and clearer documentation of action inputs/outputs

Enhanced Certificate Handling

P12 and PEM Format Support

  • Support for both P12 (PKCS#12) and PEM certificate formats
  • Automatic format detection based on certificate content

Encrypted Private Key Support

  • Handle password-protected private keys seamlessly
  • Secure passphrase handling during certificate import

Smart Base64 Detection

  • Intelligent detection of base64-encoded vs raw certificate data
  • Eliminates need for users to manually specify encoding format
  • Graceful handling of certificates with or without base64 encoding

Simplified P12 to PEM Conversion

  • Refactored to use OpenSSL exclusively for P12 to PEM conversion
  • Removed unused importCertificateFromP12Buffer method for cleaner codebase

Action Ergonomics

Default Combined Setup Mode

  • No longer requires explicit asset-type input
  • Action now defaults to combined certificate + provisioning profile setup
  • Reduces boilerplate configuration for common use cases

Automatic Keychain Password Generation

  • Auto-generates secure keychain passwords when not explicitly provided
  • Improves security by encouraging unique passwords per workflow run

Some CI Fixes

  • Resolved super-linter CI errors
  • Fixed markdown blockquote formatting issues
  • Corrected API key validation path in CI tests
  • ESLint/Prettier checks are clean

Testing

npm run lint      # ✅ Pass
npm run format:check  # ✅ Pass
npm test          # ✅ 22/22 tests pass

@nsakaimbo
docs: update README, add code signing overview
239dbad
@nsakaimbo
fix: convert blockquotes to regular text formatting
a872a35
@nsakaimbo
fix: resolve super-linter CI errors
6f8998d 
- Quote shell variables in ci.yml to fix shellcheck warnings (GITHUB_ACTIONS)
- Disable TYPESCRIPT_STANDARD validation since project uses ESLint+Prettier
@nsakaimbo
fix: correct API key validation path in CI test
3fe9269 
The test was checking $RUNNER_TEMP but the action writes to ~/.appstoreconnect/private_keys/
Now uses the action's output to get the correct key path
@nsakaimbo
feat: support P12, password encrypted private key, better base64 hand…
8a54e2d 
…ling
@nsakaimbo
refactor: simplify P12 to PEM conversion to use OpenSSL only
e1b3a97 
Remove node-forge fallback - OpenSSL is more robust and available on all
macOS runners. Version detection for -legacy flag is preserved.
@nsakaimbo
chore: reset dist to main (build in final PR only)
dc14e85
@nsakaimbo
refactor: remove unused importCertificateFromP12Buffer method
fb16533
@nsakaimbo
feat: udpate action ergonomics
b9b2629
@nsakaimbo nsakaimbo requested review from nodeselector and removed request for nodeselector February 26, 2026 20:49
@nsakaimbo nsakaimbo force-pushed the feat/misc-enhancements branch from 2873c09 to 6314bea Compare February 26, 2026 22:14
@nodeselector nodeselector merged commit 309922b into main Feb 27, 2026
18 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@nodeselector nodeselector nodeselector approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@nsakaimbo @nodeselector