Also as an addition to the steps above, the only way that we have been able to get the build out of Xcode cloud was using an AWS S3 bucket. You can do upload it to your instance after you have compressed the stapled version of your app.

Hello, I have encountered the same issue and I have found this work around: Within your workflow add the Notarize - macOS step Add this in your ci_post_xcodebuild.sh script: #!/bin/bash -x # Set the directory paths and versions APP_PATH="${CI_DEVELOPER_ID_SIGNED_APP_PATH}/<YOUR-APP.APP>" INFO_PLIST_PATH="${APP_PATH}/Contents/Info.plist" APP_VERSION=$(/usr/libexec/PlistBuddy -c "Print CFBundleShortVersionString" "$INFO_PLIST_PATH") ZIP_PATH=/Volumes/workspace/YOUR-APP-$APP_VERSION-$CI_BUILD_NUMBER.zip echo "Post-build script started." # Compress the application for notarization ditto -c -k --keepParent "$APP_PATH" "$ZIP_PATH" notary_output=$(xcrun notarytool submit "$ZIP_PATH" --apple-id "$XCODE_CLOUD_ID" --password "$APP_SPECIFIC_PASSWORD" --team-id "$TEAM_ID" --wait 2>&1) # Staple notarization echo "Notarization succeeded" xcrun stapler staple "$APP_PATH" exit_status=$? # Check if the command failed if [ $exit_status -ne 0 ]; then echo "Notary tool submission failed with exit status $exit_status" echo "Output: $notary_output" exit 1 fi echo "Party time!" Within your workflow secrets add these values: XCODE_CLOUD_ID APP_SPECIFIC_PASSWORD TEAM_ID It should now work :) it all hangs based on the location of your signed app at this path CI_DEVELOPER_ID_SIGNED_APP_PATH and that path variable is only populated when the Notarize step is added into the workflow