Skip to content

Add Mac Catalyst TestFlight deployment#541

Merged
jfversluis merged 2 commits intomainfrom
feature/maccatalyst-testflight
Apr 8, 2026
Merged

Add Mac Catalyst TestFlight deployment#541
jfversluis merged 2 commits intomainfrom
feature/maccatalyst-testflight

Conversation

@jfversluis
Copy link
Copy Markdown
Collaborator

@jfversluis jfversluis commented Apr 8, 2026

Adds Mac Catalyst as a TestFlight target alongside existing iOS and Android pipelines in release-apps.yml. The Developer ID / Homebrew distribution in build.yml is untouched.

Changes

New file: Entitlements.AppStore. sandbox enabled (required by TestFlight) with targeted exceptions for network, microphone, user-selected files, and home-relative paths (~/.polypilot/, ~/.copilot/).plist

New jobs in release-apps.yml:

  • build- signed .pkg with CreatePackage=true and App Store entitlementsmaccatalyst
  • deploy- uploads to TestFlight, distributes to MAUI Team beta groupmaccatalyst

New secrets required

  • MACCATALYST_CERTIFICATE_BASE64 / Apple Distribution cert (P12)PASSWORD
  • MACCATALYST_CODESIGN_ signing identityKEY
  • MACCATALYST_PROVISIONING_PROFILE_BASE64 / Mac Catalyst App Store profileNAME
  • MACCATALYST_INSTALLER_SIGNING_ 3rd Party Mac Developer Installer identityKEY

Apple Developer Portal setup needed

  1. Ensure nl.versluis.polypilot App ID has Mac Catalyst enabled
  2. Create a Mac Catalyst App Store provisioning profile
  3. In App Store Connect, add Mac Catalyst as a platform

What is NOT changed

  • build.yml (Developer ID, notarization, GitHub Releases, Homebrew)
  • Entitlements.plist (sandbox-disabled for direct distribution)

jfversluis and others added 2 commits April 8, 2026 09:11
@jfversluis
Add Mac Catalyst TestFlight deployment
abaedf1 
Add build-maccatalyst and deploy-maccatalyst jobs to release-apps.yml,
mirroring the existing iOS TestFlight pipeline. The Mac Catalyst build
produces a signed .pkg and uploads it via the same
apple-actions/upload-testflight-build action.

Add Entitlements.AppStore.plist with sandbox enabled (required by
TestFlight/App Store) plus temporary exceptions for ~/.polypilot/ and
~/.copilot/ read-write access. The existing Entitlements.plist with
sandbox disabled is  it continues to be used by theunchanged
Developer ID / Homebrew distribution in build.yml.

New secrets required:
- MACCATALYST_CERTIFICATE_BASE64 (Apple Distribution cert, p12)
- MACCATALYST_CERTIFICATE_PASSWORD
- MACCATALYST_CODESIGN_KEY (signing identity name)
- MACCATALYST_PROVISIONING_PROFILE_BASE64 (.provisionprofile)
- MACCATALYST_PROVISIONING_PROFILE_NAME
- MACCATALYST_INSTALLER_SIGNING_KEY (3rd Party Mac Developer Installer)

New environment: maccatalyst-release

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@jfversluis
Reuse iOS signing secrets for Mac Catalyst build
63542c8 
Mac Catalyst uses the same Apple Distribution certificate and App Store
Connect provisioning profile as iOS. Replace the 6 separate
MACCATALYST_* secrets with the existing IOS_* secrets and drop the
maccatalyst-release environment requirement.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@jfversluis jfversluis merged commit b884b74 into main Apr 8, 2026
@jfversluis jfversluis deleted the feature/maccatalyst-testflight branch April 8, 2026 08:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jfversluis