Skip to content

Commit

Permalink
Add codesign step
Browse files Browse the repository at this point in the history 
Signed-off-by: falkTX <falktx@falktx.com>
  • Loading branch information
@falkTX
falkTX committed Mar 11, 2024
1 parent 13eaef5 commit 01c245e
Show file tree
Hide file tree
Showing 3 changed files with 114 additions and 1 deletion.
2 changes: 1 addition & 1 deletion src/mod-ui
Submodule mod-ui updated from 661518 to 059578
86 changes: 86 additions & 0 deletions utils/macos/macos-dmg.sh
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,86 @@
#!/bin/bash

set -e

if [ ! -d build ]; then
echo "Please run this script from the root folder"
exit
fi

if [ "$(uname -m)" = "x86_64" ] && [ x"${1}" != x"macos-universal-10.15" ]; then
PAWPAW_PREFIX="${HOME}/PawPawBuilds/targets/macos-10.15"
else
PAWPAW_PREFIX="${HOME}/PawPawBuilds/targets/macos-universal-10.15"
fi

rm -rf build/dmg build/*.dmg
rm -rf mod-ui/mod/__pycache__
rm -rf mod-ui/mod/communication/__pycache__
rm -rf mod-ui/modtools/__pycache__
./utils/pack-html.sh

# create dmg dir for placing patched app bundle inside
mkdir build/dmg
gcp -rL "build/mod-desktop.app" "build/dmg/MOD Desktop.app"

# patch rpath for Qt libs and jack tools
pushd "build/dmg/MOD Desktop.app/Contents"

rm -rf Frameworks/*/*.prl
rm -rf Frameworks/*/Headers
rm -rf Frameworks/*/Versions
rm -rf MacOS/data

QTLIBS=("Core" "Gui" "OpenGL" "PrintSupport" "Svg" "Widgets")

for f in $(ls Frameworks/*/Qt* PlugIns/*/libq*.dylib); do
for q in "${QTLIBS[@]}"; do
install_name_tool -change "@rpath/Qt${q}.framework/Versions/5/Qt${q}" "@executable_path/../Frameworks/Qt${q}.framework/Qt${q}" "${f}"
done
done

for f in $(ls MacOS/lib/libmod_utils.so MacOS/libjack*.dylib); do
install_name_tool -change "${PAWPAW_PREFIX}/lib/libjack.0.1.0.dylib" "@executable_path/libjack.0.dylib" "${f}"
install_name_tool -change "${PAWPAW_PREFIX}/lib/libjackserver.0.1.0.dylib" "@executable_path/libjackserver.0.dylib" "${f}"
done

for f in $(ls MacOS/jackd MacOS/jack/*.so); do
install_name_tool -change "${PAWPAW_PREFIX}/lib/libjack.0.1.0.dylib" "@executable_path/libjackserver.0.dylib" "${f}"
install_name_tool -change "${PAWPAW_PREFIX}/lib/libjackserver.0.1.0.dylib" "@executable_path/libjackserver.0.dylib" "${f}"
done

popd

# sign app bundle
if [ -n "${CODESIGN_IDENTITY}" ]; then
security create-keychain -p dummypassword build.keychain
security unlock-keychain -p dummypassword build.keychain

echo "${CODESIGN_P12_CONTENTS}" | base64 -D -o codesign.p12
security import codesign.p12 -f pkcs12 -P "${CODESIGN_P12_PASSWORD}" -k build.keychain -T /usr/bin/codesign
rm codesign.p12

# security add-trusted-cert -d -r trustRoot -k build.keychain xyz.cer

# security set-key-partition-list -S apple-tool:,apple: -k dummypassword build.keychain
# -s apple-tool:,apple:,codesign:
# security list-keychains -d user -s build.keychain
# security list-keychains -d user -s build.keychain login.keychain
# security find-identity -p codesigning

codesign -s "${CODESIGN_IDENTITY}" --deep --force --verbose --option=runtime build/dmg/*.app
fi

# create dmg
hdiutil create "mod-desktop-$(cat VERSION)-macOS.dmg" -srcfolder build/dmg -volname "MOD Desktop" -fs HFS+ -ov

if [ -n "${CODESIGN_IDENTITY}" ]; then
codesign -s "${MACOS_APP_DEV_ID}" --force --verbose --option=runtime "mod-desktop-$(cat VERSION)-macOS.dmg"
security delete-keychain build.keychain
fi

# cleanup
rm -rf build/dmg

# xcrun notarytool store-credentials build-notary --apple-id xyz --team-id xyz --password xyz
# xcrun notarytool submit choptones-amps-macOS.pkg --keychain-profile "build-notary" --wait
27 changes: 27 additions & 0 deletions utils/macos/macos-pkg.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,12 +51,35 @@ done

popd

# sign app bundle
if [ -n "${CODESIGN_IDENTITY}" ]; then
security create-keychain -p dummypassword build.keychain
security unlock-keychain -p dummypassword build.keychain

echo "${CODESIGN_P12_CONTENTS}" | base64 -D -o codesign.p12
security import codesign.p12 -f pkcs12 -P "${CODESIGN_P12_PASSWORD}" -k build.keychain -T /usr/bin/codesign
rm codesign.p12

# security add-trusted-cert -d -r trustRoot -k build.keychain xyz.cer

# security set-key-partition-list -S apple-tool:,apple: -k dummypassword build.keychain
# -s apple-tool:,apple:,codesign:
# security list-keychains -d user -s build.keychain
# security list-keychains -d user -s build.keychain login.keychain
# security find-identity -p codesigning

codesign -s "${CODESIGN_IDENTITY}" --deep --force --verbose --option=runtime "build/pkg/MOD Desktop.app"

PKG_SIGN_ARGS=(--sign "${CODESIGN_IDENTITY}")
fi

# create base app pkg
pkgbuild \
--identifier "audio.mod.desktop-app" \
--component-plist "utils/macos/build.plist" \
--install-location "/Applications/" \
--root "${PWD}/build/pkg/" \
"${PKG_SIGN_ARGS[@]}" \
build/mod-desktop.pkg

# create final pkg
Expand All @@ -68,7 +91,11 @@ productbuild \
--identifier "audio.mod.desktop-app" \
--package-path "${PWD}/build" \
--version 0 \
"${PKG_SIGN_ARGS[@]}" \
mod-desktop-$(cat VERSION)-macOS.pkg

# cleanup
rm -rf build/pkg
[ -n "${CODESIGN_IDENTITY}" ] && security delete-keychain build.keychain

exit 0

0 comments on commit 01c245e

Please sign in to comment.