Chris@380: #!/bin/bash Chris@380: Chris@380: ## The following assumes we have generated an app password at Chris@380: ## appleid.apple.com and then stored it to keychain id "altool" using Chris@380: ## e.g. Chris@380: ## security add-generic-password -a "cannam+apple@all-day-breakfast.com" \ Chris@380: ## -w "generated-app-password" -s "altool" Chris@380: Chris@380: user="cannam+apple@all-day-breakfast.com" Chris@380: bundleid="org.sonicvisualiser.SonicAnnotator" Chris@380: Chris@380: set -e Chris@380: Chris@380: exe="$1" Chris@380: Chris@380: if [ ! -f "$exe" ] || [ -n "$2" ]; then Chris@380: echo "Usage: $0 " Chris@380: echo " e.g. $0 my-program" Chris@380: exit 2 Chris@380: fi Chris@380: Chris@380: set -u Chris@380: Chris@380: echo Chris@380: echo "Uploading for notarization..." Chris@380: Chris@380: uuidfile=.notarization-uuid Chris@380: statfile=.notarization-status Chris@380: rm -f "$uuidfile" "$statfile" Chris@380: Chris@380: rm -f bundle.zip Chris@382: rm -rf bundle Chris@382: mkdir bundle Chris@382: cp "$exe" bundle/ Chris@382: ditto -c -k bundle bundle.zip Chris@380: Chris@380: xcrun altool --notarize-app \ Chris@381: -f "bundle.zip" \ Chris@380: --primary-bundle-id "$bundleid" \ Chris@380: -u "$user" \ Chris@380: -p @keychain:altool 2>&1 | tee "$uuidfile" Chris@380: Chris@380: uuid=$(cat "$uuidfile" | grep RequestUUID | awk '{ print $3; }') Chris@380: Chris@380: if [ -z "$uuid" ]; then Chris@380: echo Chris@380: echo "Failed (no UUID returned, check output)" Chris@380: exit 1 Chris@380: fi Chris@380: Chris@380: echo "Done, UUID is $uuid" Chris@380: Chris@380: echo Chris@380: echo "Waiting and checking for completion..." Chris@380: Chris@380: while true ; do Chris@380: sleep 30 Chris@380: Chris@380: xcrun altool --notarization-info \ Chris@380: "$uuid" \ Chris@380: -u "$user" \ Chris@380: -p @keychain:altool 2>&1 | tee "$statfile" Chris@380: Chris@380: if grep -q 'Package Approved' "$statfile"; then Chris@380: echo Chris@380: echo "Approved! Status output is:" Chris@380: cat "$statfile" Chris@380: break Chris@380: elif grep -q 'in progress' "$statfile" ; then Chris@380: echo Chris@380: echo "Still in progress... Status output is:" Chris@380: cat "$statfile" Chris@380: echo "Waiting..." Chris@380: else Chris@380: echo Chris@380: echo "Failure or unknown status in output:" Chris@380: cat "$statfile" Chris@380: exit 2 Chris@380: fi Chris@380: done Chris@380: Chris@380: echo Chris@380: echo "Done, not stapling as just an executable" Chris@380: