Simplify building on macOS
Simplify macOS building by signing macOS app bundle anonymously by default.
This commit is contained in:
Mark Kim
parent
43a253fd4f
commit
cfc76eb698
4 changed files with 39 additions and 18 deletions
|
|
@ -76,3 +76,21 @@ for i in "$CONF_FILES"; do
|
|||
cp -p "$i" "$CONFDIR"
|
||||
done
|
||||
|
||||
# Re-sign the bundle
|
||||
#
|
||||
# Apple Silicon requires all binaries that run natively to be signed. For this
|
||||
# reason, Xcode automatically signs all binaries built for Apple Silicon,
|
||||
# anonymously if needed. However, install_name_tool, which we use above,
|
||||
# breaks the signature, so we need to resign the combined bundle. We sign it
|
||||
# anonymously using the identity named "-" (hyphen). If the user has their own
|
||||
# identity, they will need to sign it manually (after building the universal
|
||||
# bundle, if one is being built).
|
||||
#
|
||||
# For more information on signature requirement on Apple Silicon, see:
|
||||
# https://developer.apple.com/documentation/macos-release-notes/macos-big-sur-11_0_1-universal-apps-release-notes#:~:text=New%20in%20macOS,pass%20through%20Gatekeeper.
|
||||
#
|
||||
echo " * Sign the app bundle with default identity..."
|
||||
codesign --remove-signature "$BUNDLE"
|
||||
codesign -s - "$BUNDLE"
|
||||
echo " -> Done!"
|
||||
|
||||
|
|
|
|||
|
|
@ -17,6 +17,8 @@ Usage: ${SCRIPTNAME} [OPTIONS] TuxPaint-1.app TuxPaint-2.app ...
|
|||
|
||||
-o OUTBUNDLE Bundle to create. [Default=${OUTBUNDLE}]
|
||||
|
||||
-s IDENTITY Re-sign the bundle with IDENTITY. [Default=${IDENTITY}]
|
||||
|
||||
EOF
|
||||
}
|
||||
|
||||
|
|
@ -27,6 +29,7 @@ EOF
|
|||
ARCHS=( arm64 x86_64 )
|
||||
BUNDLES=( $(printf "TuxPaint-%s.app\n" "${ARCHS[@]}") )
|
||||
OUTBUNDLE=TuxPaint.app
|
||||
IDENTITY="-"
|
||||
FORCE=0
|
||||
|
||||
|
||||
|
|
@ -39,10 +42,11 @@ function main() {
|
|||
local isok=1
|
||||
|
||||
# Process arguments
|
||||
while getopts "fo:h" opt; do
|
||||
while getopts "fo:s:h" opt; do
|
||||
case "$opt" in
|
||||
f) FORCE=1 ;;
|
||||
o) OUTBUNDLE=$OPTARG ;;
|
||||
s) IDENTITY=$OPTARG ;;
|
||||
h) usage && exit 0 ;;
|
||||
*) isok=0
|
||||
esac
|
||||
|
|
@ -83,6 +87,7 @@ function main() {
|
|||
(( isok )) || exit 1
|
||||
|
||||
build-universal
|
||||
resign-bundle
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -136,6 +141,14 @@ function build-universal() {
|
|||
}
|
||||
|
||||
|
||||
function resign-bundle() {
|
||||
echo " * Sign $OUTBUNDLE..."
|
||||
codesign --remove-signature "$OUTBUNDLE"
|
||||
codesign -s "$IDENTITY" "$OUTBUNDLE"
|
||||
echo " -> Done!"
|
||||
}
|
||||
|
||||
|
||||
##############################################################################
|
||||
# ENTRY POINT
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue