diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 67d6fa62c45a7e643c7e7ded0c11e7fd752d11c7..f2749ebf6f4506cfb76fc53480018241f8b60903 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -64,6 +64,11 @@ jobs:
           target: aarch64-apple-darwin
           profile: minimal
 
+      - name: Install Node
+        uses: actions/setup-node@v2
+        with:
+          node-version: '14'
+
       - name: Checkout repo
         uses: actions/checkout@v2
         with:
diff --git a/script/bundle b/script/bundle
index 274ed0c883e927ab5775be516581165de6534e05..bcaa68c1e9c04c9d6aaa7379a5b2de5e82920a93 100755
--- a/script/bundle
+++ b/script/bundle
@@ -2,4 +2,58 @@
 
 set -e
 
-echo $PATH
+export ZED_BUNDLE=true
+
+# Install cargo-bundle 0.5.0 if it's not already installed
+cargo install cargo-bundle --version 0.5.0
+
+# Deal with versions of macOS that don't include libstdc++ headers
+export CXXFLAGS="-stdlib=libc++"
+
+# Build the app bundle for x86_64
+pushd crates/zed > /dev/null
+cargo bundle --release --target x86_64-apple-darwin
+popd > /dev/null
+
+# Build the binary for aarch64 (Apple M1)
+cargo build --release --target aarch64-apple-darwin
+
+# Replace the bundle's binary with a "fat binary" that combines the two architecture-specific binaries
+lipo -create target/x86_64-apple-darwin/release/Zed target/aarch64-apple-darwin/release/Zed -output target/x86_64-apple-darwin/release/bundle/osx/Zed.app/Contents/MacOS/zed
+
+# Sign the app bundle with an ad-hoc signature so it runs on the M1. We need a real certificate but this works for now.
+if [[ -n $MACOS_CERTIFICATE && -n $MACOS_CERTIFICATE_PASSWORD && -n $APPLE_NOTARIZATION_USERNAME && -n $APPLE_NOTARIZATION_PASSWORD ]]; then
+    echo "Signing bundle with Apple-issued certificate"
+    security create-keychain -p $MACOS_CERTIFICATE_PASSWORD zed.keychain || echo ""
+    security default-keychain -s zed.keychain
+    security unlock-keychain -p $MACOS_CERTIFICATE_PASSWORD zed.keychain
+    echo $MACOS_CERTIFICATE | base64 --decode > /tmp/zed-certificate.p12
+    security import /tmp/zed-certificate.p12 -k zed.keychain -P $MACOS_CERTIFICATE_PASSWORD -T /usr/bin/codesign
+    rm /tmp/zed-certificate.p12
+    security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k $MACOS_CERTIFICATE_PASSWORD zed.keychain
+    /usr/bin/codesign --force --deep --timestamp --options runtime --sign "Zed Industries, Inc." target/x86_64-apple-darwin/release/bundle/osx/Zed.app -v
+    security default-keychain -s login.keychain
+else
+    echo "One or more of the following variables are missing: MACOS_CERTIFICATE, MACOS_CERTIFICATE_PASSWORD, APPLE_NOTARIZATION_USERNAME, APPLE_NOTARIZATION_PASSWORD"
+    echo "Performing an ad-hoc signature, but this bundle should not be distributed"
+    codesign --force --deep --sign - target/x86_64-apple-darwin/release/bundle/osx/Zed.app -v
+fi
+
+# Create a DMG
+echo "Creating DMG"
+mkdir -p target/release
+hdiutil create -volname Zed -srcfolder target/x86_64-apple-darwin/release/bundle/osx -ov -format UDZO target/release/Zed.dmg
+
+if [[ -n $MACOS_CERTIFICATE && -n $MACOS_CERTIFICATE_PASSWORD && -n $APPLE_NOTARIZATION_USERNAME && -n $APPLE_NOTARIZATION_PASSWORD ]]; then
+    echo "Notarizing DMG with Apple"
+    npm install -g notarize-cli
+    npx notarize-cli --file target/release/Zed.dmg --bundle-id dev.zed.Zed --username $APPLE_NOTARIZATION_USERNAME --password $APPLE_NOTARIZATION_PASSWORD
+fi
+
+# If -o option is specified, open the target/release directory in Finder to reveal the DMG
+while getopts o flag
+do
+    case "${flag}" in
+        o) open target/release;;
+    esac
+done