diff options
| author | Jan Holthuis <jan.holthuis@ruhr-uni-bochum.de> | 2020-12-29 01:38:28 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-12-29 01:38:28 +0100 |
| commit | 0ab9386eb107ac8de3a52e3f58eb9b68eb4545d8 (patch) | |
| tree | bb17be5a6eeb4e848da31677aa0637930f6ca8cd /packaging/macos/sign_notarize_staple.sh | |
| parent | 2b0af622f3fe99829d9a639f33f7ec0b45a24f60 (diff) | |
| parent | 0c688066ec7ae17842e8160350041ab05994d351 (diff) | |
Merge pull request #3490 from mixxxdj/macos_notorize
notarize & staple macOS builds
Diffstat (limited to 'packaging/macos/sign_notarize_staple.sh')
| -rwxr-xr-x | packaging/macos/sign_notarize_staple.sh | 52 |
1 files changed, 52 insertions, 0 deletions
diff --git a/packaging/macos/sign_notarize_staple.sh b/packaging/macos/sign_notarize_staple.sh new file mode 100755 index 0000000000..b24e3cad57 --- /dev/null +++ b/packaging/macos/sign_notarize_staple.sh @@ -0,0 +1,52 @@ +#!/bin/bash + +DMG_FILE="${1}" +[ -z "${DMG_FILE}" ] && echo "Pass DMG file name as first argument." >&2 && exit 1 +[ -z "${APPLE_CODESIGN_IDENTITY}" ] && echo "Please set the $APPLE_CODESIGN_IDENTITY env var." >&2 && exit 1 +[ -z "${APPLE_BUNDLE_ID}" ] && echo "Please set the $APPLE_BUNDLE_ID env var." >&2 && exit 1 +[ -z "${APPLE_ID_USERNAME}" ] && echo "Please set the $APPLE_ID_USERNAME env var." >&2 && exit 1 +[ -z "${APPLE_APP_SPECIFIC_PASSWORD}" ] && echo "Please set the $APPLE_APP_SPECIFIC_PASSWORD env var." >&2 && exit 1 +[ -z "${ASC_PROVIDER}" ] && echo "Please set the $ASC_PROVIDER env var." >&2 && exit 1 + +echo "Signing $DMG_FILE" +codesign --verbose=4 --options runtime \ + --sign "${APPLE_CODESIGN_IDENTITY}" "$(dirname "$0")/entitlements.plist" "${DMG_FILE}" + +echo "Notarizing $DMG_FILE" +xcrun altool --notarize-app --primary-bundle-id "${APPLE_BUNDLE_ID}" --username "${APPLE_ID_USERNAME}" \ + --password "${APPLE_APP_SPECIFIC_PASSWORD}" --asc-provider "${ASC_PROVIDER}" --file "${DMG_FILE}" \ + --output-format xml > notarize_result.plist +UUID="$(/usr/libexec/PlistBuddy -c 'Print notarization-upload:RequestUUID' notarize_result.plist)" +echo "Notorization UUID: $UUID" +rm notarize_result.plist + +# wait for confirmation that notarization finished +while true; do + xcrun altool --notarization-info "$UUID" \ + --username "${APPLE_ID_USERNAME}" --password "${APPLE_APP_SPECIFIC_PASSWORD}" \ + --output-format xml > notarize_status.plist + + # shellcheck disable=SC2181 + if [ "$?" != "0" ]; then + echo "Notarization failed:" + cat notarize_status.plist + curl "$(/usr/libexec/PlistBuddy -c 'Print notarization-info:LogFileURL' notarize_status.plist)" + exit 1 + fi + + NOTARIZATION_STATUS="$(/usr/libexec/PlistBuddy -c 'Print notarization-info:Status' notarize_status.plist)" + if [ "${NOTARIZATION_STATUS}" == "in progress" ]; then + echo "Waiting another 10 seconds for notarization to complete" + sleep 10 + elif [ "${NOTARIZATION_STATUS}" == "success" ]; then + echo "Notarization succeeded" + break + else + echo "Notarization status: ${NOTARIZATION_STATUS}" + fi +done + +rm notarize_status.plist + +echo "Stapling $DMG_FILE" +xcrun stapler staple -q "${DMG_FILE}" |