-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathnotarize.sh
executable file
·174 lines (111 loc) · 3.29 KB
/
notarize.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
#!/bin/bash
set -e
ROOT=$(dirname "$0")
. "$ROOT/config.txt"
if [ -e "$ROOT/config.local.txt" ]; then
. "$ROOT/config.local.txt"
fi
if [ -z "$APPLEID" ]; then
echo "Please edit config.txt to add information about your own accounts."
exit 1
fi
project="$1"
command="$2"
app=$(find $project -name \*.app || true)
case "$command" in
unpack_app)
if [ -e "$project" ]; then
echo "$project already exists, please remove it."
exit 1
fi
if [ ! -e "$project.zip" ]; then
echo "$project.zip doesn't exist."
exit 1
fi
mkdir "$project"
unzip -d "$project" "$project.zip"
echo "Next, run $0 $project sign_app"
;;
sign_app)
cat >entitlements.plist <<EOT
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>com.apple.security.cs.allow-unsigned-executable-memory</key>
<true/>
</dict>
</plist>
EOT
codesign --entitlements=entitlements.plist --options=runtime --timestamp --verbose -s "$IDENTITY" -f --deep --no-strict "$app"
echo "Next, run $0 $project notarize_app"
;;
notarize_app)
zip -r "$project-app.zip" "$app"
xcrun altool $ALTOOL_EXTRA -u "$APPLEID" -p "$PASSWORD" \
--notarize-app --primary-bundle-id "$BUNDLE" -f "$project-app.zip"
echo "Wait for notarization to finish, then run $0 $project staple_app"
;;
staple_app)
xcrun stapler staple "$app"
echo "Next, run $0 $project pack_dmg"
;;
pack_dmg)
hdiutil create -fs 'HFS+' -format UDBZ -ov -volname "$project" -srcfolder "$project" "$project.dmg"
echo "Next, run $0 $project sign_dmg"
;;
sign_dmg)
codesign --timestamp --verbose -s "$IDENTITY" -f "$project.dmg"
echo "Next, run $0 $project notarize_dmg"
;;
notarize_dmg)
xcrun altool $ALTOOL_EXTRA -u "$APPLEID" -p "$PASSWORD" \
--notarize-app --primary-bundle-id "$BUNDLE.dmg" -f "$project.dmg"
echo "Wait for notarization to finish, then run $0 $project staple_dmg"
;;
staple_dmg)
xcrun stapler staple "$project.dmg"
echo "All done. You can give $project.dmg to anyone who wants it."
;;
status)
xcrun altool $ALTOOL_EXTRA -u "$APPLEID" -p "$PASSWORD" \
--notarization-history 0
;;
step1)
"$0" "$project" unpack_app
"$0" "$project" sign_app
"$0" "$project" notarize_app
echo "or run $0 $project step2"
;;
step2)
"$0" "$project" staple_app
"$0" "$project" pack_dmg
"$0" "$project" sign_dmg
"$0" "$project" notarize_dmg
echo "or run $0 $project step3"
;;
step3)
"$0" "$project" staple_dmg
;;
shiro)
echo "There are no easter eggs in this project."
;;
*)
cat <<EOT
usage: $0 <project> <command>
Possible commands are:
step1
unpack_app
sign_app
notarize_app
step2
staple_app
pack_dmg
sign_dmg
notarize_dmg
step3
staple_dmg
status
EOT
;;
esac