konsthol/shattered-pixel-dungeon-web-port
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

v1.4.0: updated notarize.sh to use notarytool

Browse Source
This commit is contained in:
Evan Debenham
2022-09-08 14:44:01 -04:00
parent aa567b61ac
commit 973a455c28
1 changed files with 25 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

51
desktop/notarize.sh
View File

@@ -12,9 +12,13 @@ CERT="$3"
USER="$4" USER="$4"
PASS="$5" PASS="$5"
#extracts the team ID from the certification name
TEAM="${CERT#*(}"
TEAM="${TEAM%)}"
#first sign the naked dylib in /Contents/runtime/Contents/MacOS/libjli.dylib #first sign the naked dylib in /Contents/runtime/Contents/MacOS/libjli.dylib
codesign --force --options runtime --timestamp --sign "$CERT" \ codesign --force --options runtime --timestamp --sign "$CERT" \
--entitlements "$PLIST" "${APP}/Contents/runtime/Contents/MacOS/libjli.dylib" --entitlements "$PLIST" "${APP}/Contents/runtime/Contents/MacOS/libjli.dylib"
#then iterate over each jar and sign all .dylib files within it #then iterate over each jar and sign all .dylib files within it
# to do this we have to unzip each JAR, sign the files and re-zip =/ # to do this we have to unzip each JAR, sign the files and re-zip =/
@@ -23,45 +27,40 @@ pushd "${APP}"/Contents/app/ > /dev/null
rm -rf jar/ rm -rf jar/
for JAR in *.jar; do for JAR in *.jar; do
mkdir jar mkdir jar
mv "$JAR" jar/ mv "$JAR" jar/
pushd jar/ > /dev/null pushd jar/ > /dev/null
unzip "${JAR}" > /dev/null unzip "${JAR}" > /dev/null
rm "${JAR}" rm "${JAR}"
for LIB in `find . -name '*.dylib'`; do for LIB in `find . -name '*.dylib'`; do
codesign --force --options runtime --timestamp --sign "$CERT" \ codesign --force --options runtime --timestamp --sign "$CERT" \
--entitlements "$PLIST" "${LIB}" --entitlements "$PLIST" "${LIB}"
done done
zip -r "../${JAR}" * > /dev/null zip -r "../${JAR}" * > /dev/null
popd > /dev/null popd > /dev/null
rm -rf jar/ rm -rf jar/
done done
popd > /dev/null popd > /dev/null
#finally do one more deep sign on the whole .app #finally do one more deep sign on the whole .app
codesign --deep --force --options runtime --timestamp --sign "$CERT" \ codesign --deep --force --options runtime --timestamp --sign "$CERT" \
--entitlements "$PLIST" "${APP}" --entitlements "$PLIST" "${APP}"
#zip it up and send it to apple! #zip it up and send it to apple!
rm -rf "${APP}".zip rm -rf "${APP}".zip
zip -r "${APP}".zip "${APP}" > /dev/null zip -r "${APP}".zip "${APP}" > /dev/null
echo "Uploading to apple, this may take a minute." echo "Uploading to apple, this may take a few minutes:"
xcrun altool -t osx -f "${APP}".zip \ xcrun notarytool submit "${APP}".zip \
--primary-bundle-id com.shatteredpixel.shatteredpixeldungeon.apple --notarize-app \ --apple-id "$USER" \
--username "$USER" \ --password "$PASS" \
--password "$PASS" --team-id "$TEAM" \
--wait
rm -rf "${APP}".zip rm -rf "${APP}".zip
echo "Upload finished, if it worked, wait for an email and then run: xcrun stapler staple \"${APP}\"" echo "Notarizing finished, if it worked, run: xcrun stapler staple \"${APP}\""
# If notarizing failed, you can run this command to get info:
# xcrun altool --notarization-info <UUID that this script printed> \
# --username "$USER" \
# --password "$PASS"