Mercurial > dwindows
comparison mac/finishup.sh @ 2966:48cfd7cb37a6
Add MacOS signing support with environment variable: CODESIGNIDENTITY.
Remove the old code to attempt to sign it manually.
Instead just specify the signing identity in CODESIGNIDENTITY.
Most apps sign it in the "installer" rule, but since we don't have a DMG
installer rule for the library, we instead sign it in the finishup script.
| author | bsmith@81767d24-ef19-dc11-ae90-00e081727c95 |
|---|---|
| date | Sun, 12 Mar 2023 22:34:00 +0000 |
| parents | 3dde7456c9f6 |
| children | fec8528fcbe8 |
comparison
equal
deleted
inserted
replaced
| 2965:e400d349aca5 | 2966:48cfd7cb37a6 |
|---|---|
| 1 #!/bin/sh | 1 #!/bin/sh |
| 2 PLATFORM=`uname -s` | 2 PLATFORM=`uname -s` |
| 3 SRCDIR=$1 | |
| 4 BINNAME=$2 | |
| 5 IDENTITY=$3 | |
| 3 | 6 |
| 4 if [ $PLATFORM = "Darwin" ] | 7 if [ $PLATFORM = "Darwin" ] |
| 5 then | 8 then |
| 6 mkdir -p $2.app/Contents/MacOS | 9 mkdir -p $2.app/Contents/MacOS |
| 7 mkdir -p $2.app/Contents/Resources | 10 mkdir -p $2.app/Contents/Resources |
| 8 | 11 |
| 9 cat $1/mac/Info.template | sed s/APPNAME/$2/ > $2.app/Contents/Info.plist | 12 cat $SRCDIR/mac/Info.template | sed s/APPNAME/$BINNAME/ > $BINNAME.app/Contents/Info.plist |
| 10 cp -f $1/mac/PkgInfo $2.app/Contents | 13 cp -f $SRCDIR/mac/PkgInfo $BINNAME.app/Contents |
| 11 cp -f $1/mac/file.png $2.app/Contents/Resources | 14 cp -f $SRCDIR/mac/file.png $BINNAME.app/Contents/Resources |
| 12 cp -f $1/mac/folder.png $2.app/Contents/Resources | 15 cp -f $SRCDIR/mac/folder.png $BINNAME.app/Contents/Resources |
| 13 cp -f $1/image/test.png $2.app/Contents/Resources | 16 cp -f $SRCDIR/image/test.png $BINNAME.app/Contents/Resources |
| 14 cp -f $2 $2.app/Contents/MacOS | 17 cp -f $BINNAME $BINNAME.app/Contents/MacOS |
| 15 # Check if there is a certificate to sign with... | 18 # Check if there is a certificate to sign with... |
| 16 if [ ! -f mac/key.crt ]; then | 19 if [ -z "$IDENTITY" ]; then |
| 17 if [ -f mac/key.rsa ]; then | 20 echo "No identity set signing AdHoc." |
| 18 # If not we generate a self-signed one for testing purposes | 21 codesign --deep -s "-" $BINNAME.app |
| 19 echo "No certificate in mac/key.crt so generating self-signed certificate..." | 22 else |
| 20 openssl req -new -key mac/key.rsa -out mac/key.csr -config mac/openssl.cnf | 23 echo "Signing code with identity: $IDENTITY" |
| 21 openssl x509 -req -days 3650 -in mac/key.csr -signkey mac/key.rsa -out mac/key.crt -extfile mac/openssl.cnf -extensions codesign | 24 codesign --deep -s "$IDENTITY" $BINNAME.app |
| 22 certtool i mac/key.crt k="`pwd`/mac/key.keychain" r=mac/key.rsa c p=moof | |
| 23 else | |
| 24 echo "No key pair found, cannot generate certificate... signing AdHoc." | |
| 25 codesign -s "-" $2.app/Contents/MacOS/$2 | |
| 26 fi | |
| 27 fi | |
| 28 if [ -f mac/key.keychain ]; then | |
| 29 echo "Signing the apllication with certificate in mac/key.crt" | |
| 30 codesign -s my-signing-identity --keychain mac/key.keychain $2.app/Contents/MacOS/$2 | |
| 31 fi | 25 fi |
| 32 fi | 26 fi |