annotate deploy/osx/sign.sh @ 1505:298651b1a002 3.0-integration

Try a deep codesign instead
author Chris Cannam <cannam@all-day-breakfast.com>
date Mon, 09 Jan 2017 16:09:17 +0000
parents 2d48532a074b
children 4f4eb416fcb4
rev   line source
Chris@680 1 #!/bin/bash
Chris@514 2
cannam@1286 3 set -eu
cannam@1286 4
Chris@514 5 # Execute this from the top-level directory of the project (the one
Chris@514 6 # that contains the .app bundle). Supply the name of the .app bundle
Chris@514 7 # as argument
Chris@514 8 dir="$1"
Chris@514 9 if [ -z "$dir" ] || [ ! -d "$dir" ]; then
Chris@514 10 echo "Usage: $0 <pkgdir>"
Chris@514 11 echo "Where pkgdir is the directory containing <MyApplication>.app"
Chris@514 12 echo "All .app bundles in pkgdir will be signed"
Chris@514 13 exit 2
Chris@514 14 fi
Chris@514 15 for app in "$dir"/*.app; do
cannam@1505 16 codesign -s "Developer ID Application: Chris Cannam" -fv --deep "$app"
cannam@1505 17 # find "$app" -name Qt\* -print | while read fr; do
cannam@1505 18 # codesign -s "Developer ID Application: Chris Cannam" -fv "$fr"
cannam@1505 19 # done
cannam@1505 20 # find "$app" -name \*.dylib -print | while read fr; do
cannam@1505 21 # codesign -s "Developer ID Application: Chris Cannam" -fv "$fr"
cannam@1505 22 # done
cannam@1505 23 # find "$app/Contents/MacOS" -type f -print | while read fr; do
cannam@1505 24 # codesign -s "Developer ID Application: Chris Cannam" -fv "$fr"
cannam@1505 25 # done
Chris@514 26 codesign -s "Developer ID Application: Chris Cannam" -fv \
Chris@680 27 --requirements '=designated => identifier "org.sonicvisualiser.SonicVisualiser" and ( (anchor apple generic and certificate leaf[field.1.2.840.113635.100.6.1.9] ) or (anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] and certificate leaf[field.1.2.840.113635.100.6.1.13] and certificate leaf[subject.OU] = "M2H8666U82"))' \
Chris@514 28 "$app"
Chris@516 29 done
Chris@516 30