-
Notifications
You must be signed in to change notification settings - Fork 86
Expand file tree
/
Copy pathapple_package_notarize.sh
More file actions
executable file
·177 lines (156 loc) · 5.33 KB
/
Copy pathapple_package_notarize.sh
File metadata and controls
executable file
·177 lines (156 loc) · 5.33 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
#!/bin/bash
# =============================================================================
# Apple Package and Notarize Script for LSL
# =============================================================================
# Creates a macOS installer package (.pkg) and optionally notarizes it.
#
# Usage:
# ./scripts/apple_package_notarize.sh <framework_path> [--notarize] [--output <dir>]
#
# Environment Variables:
# APPLE_CODE_SIGN_IDENTITY_INST - Installer signing identity (default: "Developer ID Installer")
# APPLE_DEVELOPMENT_TEAM - Team ID for notarization (required for --notarize)
# APPLE_NOTARIZE_USERNAME - Apple ID for notarization (required for --notarize)
# APPLE_NOTARIZE_PASSWORD - App-specific password (required for --notarize)
#
# Examples:
# # Create signed installer package (no notarization)
# ./scripts/apple_package_notarize.sh install/Frameworks/lsl.framework
#
# # Create and notarize installer package
# ./scripts/apple_package_notarize.sh install/Frameworks/lsl.framework --notarize
#
# # Specify output directory
# ./scripts/apple_package_notarize.sh install/Frameworks/lsl.framework --output package/
# =============================================================================
set -e
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
PROJECT_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)"
# Default configuration
SIGN_IDENTITY="${APPLE_CODE_SIGN_IDENTITY_INST:-Developer ID Installer}"
TEAM_ID="${APPLE_DEVELOPMENT_TEAM:-}"
NOTARIZE_USERNAME="${APPLE_NOTARIZE_USERNAME:-}"
NOTARIZE_PASSWORD="${APPLE_NOTARIZE_PASSWORD:-}"
OUTPUT_DIR="."
DO_NOTARIZE=false
# Parse arguments
FRAMEWORK_PATH=""
while [[ $# -gt 0 ]]; do
case $1 in
--notarize)
DO_NOTARIZE=true
shift
;;
--output)
OUTPUT_DIR="$2"
shift 2
;;
--identity)
SIGN_IDENTITY="$2"
shift 2
;;
-h|--help)
echo "Usage: $0 <framework_path> [--notarize] [--output <dir>]"
echo ""
echo "Options:"
echo " --notarize Submit to Apple for notarization and staple the ticket"
echo " --output <dir> Output directory for the .pkg file (default: current directory)"
echo " --identity Override installer signing identity"
echo ""
echo "Environment Variables:"
echo " APPLE_CODE_SIGN_IDENTITY_INST - Installer signing identity"
echo " APPLE_DEVELOPMENT_TEAM - Team ID for notarization"
echo " APPLE_NOTARIZE_USERNAME - Apple ID for notarization"
echo " APPLE_NOTARIZE_PASSWORD - App-specific password for notarization"
exit 0
;;
-*)
echo "Unknown option: $1"
exit 1
;;
*)
FRAMEWORK_PATH="$1"
shift
;;
esac
done
if [[ -z "$FRAMEWORK_PATH" ]]; then
echo "Error: Framework path required"
echo "Usage: $0 <framework_path> [--notarize] [--output <dir>]"
exit 1
fi
if [[ ! -d "$FRAMEWORK_PATH" ]]; then
echo "Error: Framework not found at: $FRAMEWORK_PATH"
exit 1
fi
# Get version from framework's Info.plist
INFO_PLIST="$FRAMEWORK_PATH/Versions/A/Resources/Info.plist"
if [[ ! -f "$INFO_PLIST" ]]; then
# Try alternative location
INFO_PLIST="$FRAMEWORK_PATH/Resources/Info.plist"
fi
if [[ -f "$INFO_PLIST" ]]; then
LSL_VERSION=$(/usr/libexec/PlistBuddy -c "Print CFBundleShortVersionString" "$INFO_PLIST")
else
echo "Warning: Could not find Info.plist, using 'unknown' as version"
LSL_VERSION="unknown"
fi
# Create output directory
mkdir -p "$OUTPUT_DIR"
# Package filename
PKG_NAME="liblsl-${LSL_VERSION}-Darwin-universal.pkg"
PKG_PATH="$OUTPUT_DIR/$PKG_NAME"
echo "=== Apple Package Creation ==="
echo "Framework: $FRAMEWORK_PATH"
echo "Version: $LSL_VERSION"
echo "Output: $PKG_PATH"
echo "Identity: $SIGN_IDENTITY"
echo ""
# Create the installer package
echo "Creating installer package..."
productbuild --sign "$SIGN_IDENTITY" \
--component "$FRAMEWORK_PATH" \
/Library/Frameworks \
"$PKG_PATH"
echo "Package created: $PKG_PATH"
# Notarization
if [[ "$DO_NOTARIZE" == true ]]; then
echo ""
echo "=== Notarization ==="
# Check required environment variables
if [[ -z "$NOTARIZE_USERNAME" ]]; then
echo "Error: APPLE_NOTARIZE_USERNAME not set"
exit 1
fi
if [[ -z "$NOTARIZE_PASSWORD" ]]; then
echo "Error: APPLE_NOTARIZE_PASSWORD not set"
exit 1
fi
if [[ -z "$TEAM_ID" ]]; then
echo "Error: APPLE_DEVELOPMENT_TEAM not set"
exit 1
fi
echo "Submitting to Apple notarization service..."
echo " Apple ID: $NOTARIZE_USERNAME"
echo " Team ID: $TEAM_ID"
echo ""
xcrun notarytool submit "$PKG_PATH" \
--apple-id "$NOTARIZE_USERNAME" \
--password "$NOTARIZE_PASSWORD" \
--team-id "$TEAM_ID" \
--wait
echo ""
echo "Stapling notarization ticket..."
xcrun stapler staple "$PKG_PATH"
echo ""
echo "Validating stapled ticket..."
xcrun stapler validate "$PKG_PATH"
fi
echo ""
echo "=== Package Complete ==="
echo "Output: $PKG_PATH"
# Export for use in CI
if [[ -n "$GITHUB_ENV" ]]; then
echo "LSL_VERSION=$LSL_VERSION" >> "$GITHUB_ENV"
echo "PKG_PATH=$PKG_PATH" >> "$GITHUB_ENV"
fi