fix: Update release builds with the new notarytool tool

.github/workflows/ci_release.yml

@@ -29,7 +29,7 @@ jobs:
         export JARSIGNER_ALIAS=${{secrets.JARSIGNER_REL_ALIAS}}
         KEYSTORE_FILE="${PWD}/{{secrets.JARSIGNER_KEYSTORE}}"
         echo "${KEYSTORE_FILE}"
-        printf "%s" "${JARSIGNER_KEYSTORE_B64}" | base64 -d - > "${KEYSTORE_FILE}"
+        printf "%s" "${JARSIGNER_KEYSTORE_B64}" | base64 -d > "${KEYSTORE_FILE}"
         mvn -e -X clean install -Djarsigner.keystore="${KEYSTORE_FILE}" -Djarsigner.alias="${JARSIGNER_ALIAS}" -Djarsigner.storepass="${JARSIGNER_STOREPASS}" -DskipTests=true
         rm -v "${KEYSTORE_FILE}"
     
@@ -63,22 +63,31 @@ jobs:
         /usr/bin/codesign --options runtime --force -s "ESPRESSIF SYSTEMS (SHANGHAI) CO., LTD. (QWXF6GB4AV)" $PWD/releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-aarch64.dmg -v
         /usr/bin/codesign -v -vvv --deep $PWD/releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-aarch64.dmg
     
-    - name: Notarize Espressif-IDE-macosx-cocoa-x86_64.dmg
+    - name: Notarization of Espressif-IDE dmg files
       env: 
-        NOTARIZATION_USERNAME: ${{ secrets.NOTARIZATION_USERNAME }}
-        NOTARIZATION_PASSWORD: ${{ secrets.NOTARIZATION_PASSWORD }}
-      run: |
-        echo "Notarization of Espressif-IDE-macosx-cocoa-x86_64.dmg"
-        xcrun altool --notarize-app -f $PWD/releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-x86_64.dmg -u $NOTARIZATION_USERNAME -p $NOTARIZATION_PASSWORD --primary-bundle-id Espressif-ide.app
-
-    - name: Notarize Espressif-IDE-macosx-cocoa-aarch64.dmg
-      env: 
-        NOTARIZATION_USERNAME: ${{ secrets.NOTARIZATION_USERNAME }}
-        NOTARIZATION_PASSWORD: ${{ secrets.NOTARIZATION_PASSWORD }}
-      run: |
-        echo "Notarization of Espressif-IDE-macosx-cocoa-aarch64.dmg"
-        xcrun altool --notarize-app -f $PWD/releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-aarch64.dmg -u $NOTARIZATION_USERNAME -p $NOTARIZATION_PASSWORD --primary-bundle-id Espressif-ide.app
-
+          NOTARIZATION_USERNAME: ${{ secrets.NOTARIZATION_USERNAME }}
+          NOTARIZATION_PASSWORD: ${{ secrets.NOTARIZATION_PASSWORD }}
+          NOTARIZATION_TEAM_ID: ${{ secrets.NOTARIZATION_TEAM_ID }}
+        run: |
+          echo "Create notary keychain"
+          /usr/bin/security create-keychain -p espressif notary.keychain
+          /usr/bin/security default-keychain -s notary.keychain
+          /usr/bin/security unlock-keychain -p espressif notary.keychain
+  
+          echo "Create keychain profile"
+          xcrun notarytool store-credentials "ide-notarytool-profile" --apple-id $NOTARIZATION_USERNAME --team-id $NOTARIZATION_TEAM_ID --password $NOTARIZATION_PASSWORD
+          xcrun notarytool submit $PWD/releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-x86_64.dmg --keychain-profile "ide-notarytool-profile" --wait
+
+          echo "Attach staple for x86_64.dmg"
+          xcrun stapler staple $PWD/releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-x86_64.dmg
+
+          echo "Unlock the notary keychain"
+          /usr/bin/security unlock-keychain -p espressif notary.keychain
+
+          xcrun notarytool submit $PWD/releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-aarch64.dmg --keychain-profile "ide-notarytool-profile" --wait
+          echo "Attach staple for aarch64.dmg"
+          xcrun stapler staple $PWD/releng/ide-dmg-builder/Espressif-IDE-macosx-cocoa-aarch64.dmg
+
     - name: Upload Espressif-IDE-macosx-cocoa-x86_64.dmg
       if: ${{ !cancelled() }}
       uses: actions/upload-artifact@v2