Mercurial > hg > sonic-annotator
comparison deploy/osx/notarize.sh @ 380:e4c3c99d219c
Provisional notarization step
| author | Chris Cannam |
|---|---|
| date | Fri, 05 Jun 2020 15:22:15 +0100 |
| parents | |
| children | 3aeed28d584b |
comparison
equal
deleted
inserted
replaced
| 379:276c3764ab10 | 380:e4c3c99d219c |
|---|---|
| 1 #!/bin/bash | |
| 2 | |
| 3 ## The following assumes we have generated an app password at | |
| 4 ## appleid.apple.com and then stored it to keychain id "altool" using | |
| 5 ## e.g. | |
| 6 ## security add-generic-password -a "cannam+apple@all-day-breakfast.com" \ | |
| 7 ## -w "generated-app-password" -s "altool" | |
| 8 | |
| 9 user="cannam+apple@all-day-breakfast.com" | |
| 10 bundleid="org.sonicvisualiser.SonicAnnotator" | |
| 11 | |
| 12 set -e | |
| 13 | |
| 14 exe="$1" | |
| 15 | |
| 16 if [ ! -f "$exe" ] || [ -n "$2" ]; then | |
| 17 echo "Usage: $0 <executable>" | |
| 18 echo " e.g. $0 my-program" | |
| 19 exit 2 | |
| 20 fi | |
| 21 | |
| 22 set -u | |
| 23 | |
| 24 echo | |
| 25 echo "Uploading for notarization..." | |
| 26 | |
| 27 uuidfile=.notarization-uuid | |
| 28 statfile=.notarization-status | |
| 29 rm -f "$uuidfile" "$statfile" | |
| 30 | |
| 31 rm -f bundle.zip | |
| 32 ditto -c -k "$exe" bundle.zip | |
| 33 | |
| 34 xcrun altool --notarize-app \ | |
| 35 -f "$bundle.zip" \ | |
| 36 --primary-bundle-id "$bundleid" \ | |
| 37 -u "$user" \ | |
| 38 -p @keychain:altool 2>&1 | tee "$uuidfile" | |
| 39 | |
| 40 uuid=$(cat "$uuidfile" | grep RequestUUID | awk '{ print $3; }') | |
| 41 | |
| 42 if [ -z "$uuid" ]; then | |
| 43 echo | |
| 44 echo "Failed (no UUID returned, check output)" | |
| 45 exit 1 | |
| 46 fi | |
| 47 | |
| 48 echo "Done, UUID is $uuid" | |
| 49 | |
| 50 echo | |
| 51 echo "Waiting and checking for completion..." | |
| 52 | |
| 53 while true ; do | |
| 54 sleep 30 | |
| 55 | |
| 56 xcrun altool --notarization-info \ | |
| 57 "$uuid" \ | |
| 58 -u "$user" \ | |
| 59 -p @keychain:altool 2>&1 | tee "$statfile" | |
| 60 | |
| 61 if grep -q 'Package Approved' "$statfile"; then | |
| 62 echo | |
| 63 echo "Approved! Status output is:" | |
| 64 cat "$statfile" | |
| 65 break | |
| 66 elif grep -q 'in progress' "$statfile" ; then | |
| 67 echo | |
| 68 echo "Still in progress... Status output is:" | |
| 69 cat "$statfile" | |
| 70 echo "Waiting..." | |
| 71 else | |
| 72 echo | |
| 73 echo "Failure or unknown status in output:" | |
| 74 cat "$statfile" | |
| 75 exit 2 | |
| 76 fi | |
| 77 done | |
| 78 | |
| 79 echo | |
| 80 echo "Done, not stapling as just an executable" | |
| 81 |