annotate deploy/osx/notarize.sh @ 380:e4c3c99d219c

Provisional notarization step
author Chris Cannam
date Fri, 05 Jun 2020 15:22:15 +0100
parents
children 3aeed28d584b
rev   line source
Chris@380 1 #!/bin/bash
Chris@380 2
Chris@380 3 ## The following assumes we have generated an app password at
Chris@380 4 ## appleid.apple.com and then stored it to keychain id "altool" using
Chris@380 5 ## e.g.
Chris@380 6 ## security add-generic-password -a "cannam+apple@all-day-breakfast.com" \
Chris@380 7 ## -w "generated-app-password" -s "altool"
Chris@380 8
Chris@380 9 user="cannam+apple@all-day-breakfast.com"
Chris@380 10 bundleid="org.sonicvisualiser.SonicAnnotator"
Chris@380 11
Chris@380 12 set -e
Chris@380 13
Chris@380 14 exe="$1"
Chris@380 15
Chris@380 16 if [ ! -f "$exe" ] || [ -n "$2" ]; then
Chris@380 17 echo "Usage: $0 <executable>"
Chris@380 18 echo " e.g. $0 my-program"
Chris@380 19 exit 2
Chris@380 20 fi
Chris@380 21
Chris@380 22 set -u
Chris@380 23
Chris@380 24 echo
Chris@380 25 echo "Uploading for notarization..."
Chris@380 26
Chris@380 27 uuidfile=.notarization-uuid
Chris@380 28 statfile=.notarization-status
Chris@380 29 rm -f "$uuidfile" "$statfile"
Chris@380 30
Chris@380 31 rm -f bundle.zip
Chris@380 32 ditto -c -k "$exe" bundle.zip
Chris@380 33
Chris@380 34 xcrun altool --notarize-app \
Chris@380 35 -f "$bundle.zip" \
Chris@380 36 --primary-bundle-id "$bundleid" \
Chris@380 37 -u "$user" \
Chris@380 38 -p @keychain:altool 2>&1 | tee "$uuidfile"
Chris@380 39
Chris@380 40 uuid=$(cat "$uuidfile" | grep RequestUUID | awk '{ print $3; }')
Chris@380 41
Chris@380 42 if [ -z "$uuid" ]; then
Chris@380 43 echo
Chris@380 44 echo "Failed (no UUID returned, check output)"
Chris@380 45 exit 1
Chris@380 46 fi
Chris@380 47
Chris@380 48 echo "Done, UUID is $uuid"
Chris@380 49
Chris@380 50 echo
Chris@380 51 echo "Waiting and checking for completion..."
Chris@380 52
Chris@380 53 while true ; do
Chris@380 54 sleep 30
Chris@380 55
Chris@380 56 xcrun altool --notarization-info \
Chris@380 57 "$uuid" \
Chris@380 58 -u "$user" \
Chris@380 59 -p @keychain:altool 2>&1 | tee "$statfile"
Chris@380 60
Chris@380 61 if grep -q 'Package Approved' "$statfile"; then
Chris@380 62 echo
Chris@380 63 echo "Approved! Status output is:"
Chris@380 64 cat "$statfile"
Chris@380 65 break
Chris@380 66 elif grep -q 'in progress' "$statfile" ; then
Chris@380 67 echo
Chris@380 68 echo "Still in progress... Status output is:"
Chris@380 69 cat "$statfile"
Chris@380 70 echo "Waiting..."
Chris@380 71 else
Chris@380 72 echo
Chris@380 73 echo "Failure or unknown status in output:"
Chris@380 74 cat "$statfile"
Chris@380 75 exit 2
Chris@380 76 fi
Chris@380 77 done
Chris@380 78
Chris@380 79 echo
Chris@380 80 echo "Done, not stapling as just an executable"
Chris@380 81