From 4673b995799e5726bcb52371a9a6f36173fcafab Mon Sep 17 00:00:00 2001
From: David Dworken <david@daviddworken.com>
Date: Fri, 3 Nov 2023 22:16:11 -0700
Subject: [PATCH] Add integration to validate macos signers too

---
 .github/workflows/slsa-releaser.yml | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/slsa-releaser.yml b/.github/workflows/slsa-releaser.yml
index a80e0c9..0e4d2cf 100644
--- a/.github/workflows/slsa-releaser.yml
+++ b/.github/workflows/slsa-releaser.yml
@@ -115,7 +115,8 @@ jobs:
   macos_signer:
     runs-on: macos-11.0
     needs: 
-      - upload 
+      - build-darwin-amd64 
+      - build-darwin-arm64 
     permissions:
       contents: write
     steps:
@@ -151,6 +152,7 @@ jobs:
       - build-linux-amd64 
       - build-darwin-amd64 
       - build-darwin-arm64 
+      - macos_signer
     steps:
       - uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741
         with:
@@ -170,6 +172,12 @@ jobs:
       - uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741
         with:
           name: hishtory-darwin-arm64.intoto.jsonl
+      - uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741
+        with:
+          name: hishtory-darwin-arm64-unsigned
+      - uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741
+        with:
+          name: hishtory-darwin-amd64-unsigned
       - name: Validate Release
         run: |
           curl https://hishtory.dev/install.py | python3 -
@@ -179,5 +187,6 @@ jobs:
           which hishtory
           echo $PATH
           hishtory validate-binary v0.`cat VERSION` hishtory-linux-amd64 hishtory-linux-amd64.intoto.jsonl
+          hishtory validate-binary v0.`cat VERSION` hishtory-linux-amd64 hishtory-linux-amd64.intoto.jsonl
           # TODO: Validate other binaries here
     
\ No newline at end of file