From e5281d8b214567ce4e8c922dcb0a0b47bbe93e7f Mon Sep 17 00:00:00 2001
From: AltCode <12354672+AlternateRT@users.noreply.github.com>
Date: Fri, 12 Sep 2025 08:03:39 -0500
Subject: [PATCH] Staple macOS notarization (#3062)

---
 elixirkit/elixirkit_swift/Scripts/build_macos_dmg.sh | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/elixirkit/elixirkit_swift/Scripts/build_macos_dmg.sh b/elixirkit/elixirkit_swift/Scripts/build_macos_dmg.sh
index d453cb537..2403c4c20 100644
--- a/elixirkit/elixirkit_swift/Scripts/build_macos_dmg.sh
+++ b/elixirkit/elixirkit_swift/Scripts/build_macos_dmg.sh
@@ -37,12 +37,12 @@ cp -r $app_dir $dmg_dir/
 
 hdiutil create $dmg_path -ov -volname ${app_name}Install -fs HFS+ -srcfolder $dmg_dir
 
-if [ -n "$team_id" ]; then
-  codesign --verify --verbose=4 "${app_dir}"
-
-  codesign --sign="$identity" "$dmg_path"
+if [ -n "$identity" ]; then
+  codesign --sign "$identity" "$dmg_path"
   codesign --verify --verbose=4 "$dmg_path"
+fi
 
+if [ -n "$team_id" ]; then
   xcrun notarytool submit \
     --team-id "${team_id}" \
     --apple-id "${apple_id}" \
@@ -51,6 +51,8 @@ if [ -n "$team_id" ]; then
     --wait \
     "$dmg_path"
 
+  xcrun stapler staple "$dmg_path"
+  xcrun stapler staple "$app_dir"
   spctl -a -t exec -vvv "$app_dir"
 else
   echo "[warning] skipping notarization. Please set ELIXIRKIT_NOTARY_{TEAM_ID,APPLE_ID,PASSWORD} environment variables"