Mercurial > hg > sonic-annotator
changeset 380:e4c3c99d219c
Provisional notarization step
author | Chris Cannam |
---|---|
date | Fri, 05 Jun 2020 15:22:15 +0100 |
parents | 276c3764ab10 |
children | 3aeed28d584b |
files | deploy/clean-build-and-package deploy/osx/notarize.sh |
diffstat | 2 files changed, 83 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/deploy/clean-build-and-package Fri Jun 05 15:10:22 2020 +0100 +++ b/deploy/clean-build-and-package Fri Jun 05 15:22:15 2020 +0100 @@ -31,6 +31,8 @@ make clean make -j3 + deploy/osx/notarize.sh sonic-annotator + else echo -n "Proceed to rebuild and package version $version [Yn] ? "
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/deploy/osx/notarize.sh Fri Jun 05 15:22:15 2020 +0100 @@ -0,0 +1,81 @@ +#!/bin/bash + +## The following assumes we have generated an app password at +## appleid.apple.com and then stored it to keychain id "altool" using +## e.g. +## security add-generic-password -a "cannam+apple@all-day-breakfast.com" \ +## -w "generated-app-password" -s "altool" + +user="cannam+apple@all-day-breakfast.com" +bundleid="org.sonicvisualiser.SonicAnnotator" + +set -e + +exe="$1" + +if [ ! -f "$exe" ] || [ -n "$2" ]; then + echo "Usage: $0 <executable>" + echo " e.g. $0 my-program" + exit 2 +fi + +set -u + +echo +echo "Uploading for notarization..." + +uuidfile=.notarization-uuid +statfile=.notarization-status +rm -f "$uuidfile" "$statfile" + +rm -f bundle.zip +ditto -c -k "$exe" bundle.zip + +xcrun altool --notarize-app \ + -f "$bundle.zip" \ + --primary-bundle-id "$bundleid" \ + -u "$user" \ + -p @keychain:altool 2>&1 | tee "$uuidfile" + +uuid=$(cat "$uuidfile" | grep RequestUUID | awk '{ print $3; }') + +if [ -z "$uuid" ]; then + echo + echo "Failed (no UUID returned, check output)" + exit 1 +fi + +echo "Done, UUID is $uuid" + +echo +echo "Waiting and checking for completion..." + +while true ; do + sleep 30 + + xcrun altool --notarization-info \ + "$uuid" \ + -u "$user" \ + -p @keychain:altool 2>&1 | tee "$statfile" + + if grep -q 'Package Approved' "$statfile"; then + echo + echo "Approved! Status output is:" + cat "$statfile" + break + elif grep -q 'in progress' "$statfile" ; then + echo + echo "Still in progress... Status output is:" + cat "$statfile" + echo "Waiting..." + else + echo + echo "Failure or unknown status in output:" + cat "$statfile" + exit 2 + fi +done + +echo +echo "Done, not stapling as just an executable" +