v1.4.0: updated notarize.sh to use notarytool
This commit is contained in:
Evan Debenham
@@ -12,9 +12,13 @@ CERT="$3"
|
||||
USER="$4"
|
||||
PASS="$5"
|
||||
|
||||
#extracts the team ID from the certification name
|
||||
TEAM="${CERT#*(}"
|
||||
TEAM="${TEAM%)}"
|
||||
|
||||
#first sign the naked dylib in /Contents/runtime/Contents/MacOS/libjli.dylib
|
||||
codesign --force --options runtime --timestamp --sign "$CERT" \
|
||||
--entitlements "$PLIST" "${APP}/Contents/runtime/Contents/MacOS/libjli.dylib"
|
||||
--entitlements "$PLIST" "${APP}/Contents/runtime/Contents/MacOS/libjli.dylib"
|
||||
|
||||
#then iterate over each jar and sign all .dylib files within it
|
||||
# to do this we have to unzip each JAR, sign the files and re-zip =/
|
||||
@@ -23,45 +27,40 @@ pushd "${APP}"/Contents/app/ > /dev/null
|
||||
rm -rf jar/
|
||||
for JAR in *.jar; do
|
||||
|
||||
mkdir jar
|
||||
mv "$JAR" jar/
|
||||
pushd jar/ > /dev/null
|
||||
unzip "${JAR}" > /dev/null
|
||||
rm "${JAR}"
|
||||
mkdir jar
|
||||
mv "$JAR" jar/
|
||||
pushd jar/ > /dev/null
|
||||
unzip "${JAR}" > /dev/null
|
||||
rm "${JAR}"
|
||||
|
||||
for LIB in `find . -name '*.dylib'`; do
|
||||
codesign --force --options runtime --timestamp --sign "$CERT" \
|
||||
--entitlements "$PLIST" "${LIB}"
|
||||
done
|
||||
for LIB in `find . -name '*.dylib'`; do
|
||||
codesign --force --options runtime --timestamp --sign "$CERT" \
|
||||
--entitlements "$PLIST" "${LIB}"
|
||||
done
|
||||
|
||||
zip -r "../${JAR}" * > /dev/null
|
||||
popd > /dev/null
|
||||
rm -rf jar/
|
||||
zip -r "../${JAR}" * > /dev/null
|
||||
popd > /dev/null
|
||||
rm -rf jar/
|
||||
|
||||
done
|
||||
popd > /dev/null
|
||||
|
||||
#finally do one more deep sign on the whole .app
|
||||
codesign --deep --force --options runtime --timestamp --sign "$CERT" \
|
||||
--entitlements "$PLIST" "${APP}"
|
||||
--entitlements "$PLIST" "${APP}"
|
||||
|
||||
#zip it up and send it to apple!
|
||||
rm -rf "${APP}".zip
|
||||
zip -r "${APP}".zip "${APP}" > /dev/null
|
||||
|
||||
echo "Uploading to apple, this may take a minute."
|
||||
echo "Uploading to apple, this may take a few minutes:"
|
||||
|
||||
xcrun altool -t osx -f "${APP}".zip \
|
||||
--primary-bundle-id com.shatteredpixel.shatteredpixeldungeon.apple --notarize-app \
|
||||
--username "$USER" \
|
||||
--password "$PASS"
|
||||
xcrun notarytool submit "${APP}".zip \
|
||||
--apple-id "$USER" \
|
||||
--password "$PASS" \
|
||||
--team-id "$TEAM" \
|
||||
--wait
|
||||
|
||||
rm -rf "${APP}".zip
|
||||
|
||||
echo "Upload finished, if it worked, wait for an email and then run: xcrun stapler staple \"${APP}\""
|
||||
|
||||
# If notarizing failed, you can run this command to get info:
|
||||
# xcrun altool --notarization-info <UUID that this script printed> \
|
||||
# --username "$USER" \
|
||||
# --password "$PASS"
|
||||
|
||||
echo "Notarizing finished, if it worked, run: xcrun stapler staple \"${APP}\""
|
||||
Reference in New Issue
Block a user