FGFS-4.1/fgmeta
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

macOS: code-signing changes

Browse Source
This commit is contained in:
James Turner 2020-03-17 16:33:27 +00:00
parent 5d5e58e3b9
commit 7e14b07a6b
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
hudson_mac_package_release.rb
View File

@ -31,6 +31,8 @@ $osgSoVersion=runOsgVersion('so-number')
$openThreadsSoVersion=runOsgVersion('openthreads-soversion-number') $openThreadsSoVersion=runOsgVersion('openthreads-soversion-number')
$codeSignIdentity = ENV['FG_CODESIGN_IDENTITY'] $codeSignIdentity = ENV['FG_CODESIGN_IDENTITY']
$keychain = ENV['FG_KEYCHAIN']
puts "Code signing identity is #{$codeSignIdentity}" puts "Code signing identity is #{$codeSignIdentity}"
puts "osgVersion=#{osgVersion}, so-number=#{$osgSoVersion}" puts "osgVersion=#{osgVersion}, so-number=#{$osgSoVersion}"
@ -134,13 +136,16 @@ File.open("#{contents}/Info.plist", 'w') { |f|
createArgs = "-format UDBZ -imagekey bzip2-level=9 -quiet -volname #{volName}" createArgs = "-format UDBZ -imagekey bzip2-level=9 -quiet -volname #{volName}"
# enable the hardened runtime and timestamp options, so notarization works
codeSignArgs = "--deep --options=runtime --timestamp"
if !$isRelease if !$isRelease
# create the 'lite' DMG without the base files # create the 'lite' DMG without the base files
# code sign the entire bundle once complete - v2 code-signing # code sign the entire bundle once complete - v2 code-signing
puts "Signing #{bundle}" puts "Signing #{bundle}"
`codesign --deep -s "#{$codeSignIdentity}" #{bundle}` `codesign #{codeSignArgs} --keychain #{$keychain} -s "#{$codeSignIdentity}" #{bundle}`
puts "Creating DMG without base-files" puts "Creating DMG without base-files"
`rm -f #{dmgPath}` `rm -f #{dmgPath}`
@ -160,7 +165,7 @@ puts "Creating full image with data"
# re-sign the entire bundle # re-sign the entire bundle
puts "Re-signing full app: #{bundle}" puts "Re-signing full app: #{bundle}"
`codesign --force --deep -s "#{$codeSignIdentity}" #{bundle}` `codesign --force #{codeSignArgs} --keychain #{$keychain} -s "#{$codeSignIdentity}" #{bundle}`
`rm -f #{dmgFullPath}` `rm -f #{dmgFullPath}`
`hdiutil create -srcfolder #{dmgDir} #{createArgs} #{dmgFullPath}` `hdiutil create -srcfolder #{dmgDir} #{createArgs} #{dmgFullPath}`