From 66c441b17fd64ad98e9a4295cabd491865bf531b Mon Sep 17 00:00:00 2001
From: Developer <dev@local-transcription.local>
Date: Fri, 10 Apr 2026 19:41:46 -0700
Subject: [PATCH] Revert macOS workflow to pre-signing state

Remove all signing env vars and setup steps. The local act runner's
keychain interferes with Tauri's auto-detection. Will re-add signing
once Apple Developer verification is complete.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .gitea/workflows/build-app-macos.yml | 31 +---------------------------
 1 file changed, 1 insertion(+), 30 deletions(-)

diff --git a/.gitea/workflows/build-app-macos.yml b/.gitea/workflows/build-app-macos.yml
index def71b1..c5d2a25 100644
--- a/.gitea/workflows/build-app-macos.yml
+++ b/.gitea/workflows/build-app-macos.yml
@@ -39,34 +39,8 @@ jobs:
       - name: Install npm dependencies
         run: npm ci
 
-      - name: Setup code signing
-        env:
-          APPLE_API_KEY: ${{ secrets.APPLE_API_KEY }}
-          APPLE_API_KEY_CONTENT: ${{ secrets.APPLE_API_KEY_CONTENT }}
-        run: |
-          if [ -n "${APPLE_API_KEY_CONTENT}" ]; then
-            echo "Setting up notarization API key..."
-            mkdir -p ~/private_keys
-            echo "${APPLE_API_KEY_CONTENT}" > ~/private_keys/AuthKey_${APPLE_API_KEY}.p8
-          else
-            echo "No signing secrets configured, skipping code signing setup"
-          fi
-
       - name: Build Tauri app
-        env:
-          APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }}
-          APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }}
-          APPLE_SIGNING_IDENTITY: ${{ secrets.APPLE_SIGNING_IDENTITY }}
-          APPLE_API_KEY: ${{ secrets.APPLE_API_KEY }}
-          APPLE_API_ISSUER: ${{ secrets.APPLE_API_ISSUER }}
-          APPLE_API_KEY_PATH: ~/private_keys/AuthKey_${{ secrets.APPLE_API_KEY }}.p8
-        run: |
-          # If no signing identity is configured, use ad-hoc signing to prevent
-          # Tauri from auto-detecting local keychain certificates
-          if [ -z "${APPLE_SIGNING_IDENTITY}" ]; then
-            export APPLE_SIGNING_IDENTITY="-"
-          fi
-          npm run tauri build
+        run: npm run tauri build
 
       - name: Upload to release
         env:
@@ -117,6 +91,3 @@ jobs:
               "${REPO_API}/releases/${RELEASE_ID}/assets?name=${encoded_name}")
             echo "Upload response: HTTP ${HTTP_CODE}"
           done
-
-      - name: Cleanup signing artifacts
-        run: rm -rf ~/private_keys