[release/v7.5.7] Add macOS binary code signing and package notarization by adityapatwardhan · Pull Request #27467 · PowerShell/PowerShell
and others added 2 commits
We still need to apply the template signing so that Guardian tasks pass and so that script files are signed. After doing what's essentially Windows signing, we sign and harden the binaries for macOS. Then we do the same for the PKG installer, and finally notarize it. The ESRP signing service requires a zip of files for Apple signing at all stages. Now that we can use it via the OneBranch signing task we no longer need the service connection or variable group that was trying to set it up. Notarization requires the BundleId from Get-MacOSPackageIdentifierInfo. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Copilot AI review requested due to automatic review settings
Backport 27347
[release/v7.5.7] Add macOS binary code signing and package notarization
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters